Please wait while the connection...
Fermé
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
-
6 mai 2012 à 10:26
kelfonsby Messages postés 22 Date d'inscription dimanche 6 mai 2012 Statut Membre Dernière intervention 7 mai 2012 - 7 mai 2012 à 10:49
kelfonsby Messages postés 22 Date d'inscription dimanche 6 mai 2012 Statut Membre Dernière intervention 7 mai 2012 - 7 mai 2012 à 10:49
Bonjour chers internautes
Au démarrage de mon portable un écran blanc se fige et l'écriture suivante :"please wait hile the connection "apparaît.
Je n'ai accès à Windows par aucun moyen(mode sans échec..)
J'ai suivi le tutoriel expliquant l'utilisation de OTLPE et je joins les liens des deux fichiers obtenus.
Je compte sur la réactivité de tout un chacun
Merci d'avance
https://pjjoint.malekal.com/files.php?id=20120506_s8k7y6g12k14
https://pjjoint.malekal.com/files.php?id=20120506_e8b8h14b6x13
Au démarrage de mon portable un écran blanc se fige et l'écriture suivante :"please wait hile the connection "apparaît.
Je n'ai accès à Windows par aucun moyen(mode sans échec..)
J'ai suivi le tutoriel expliquant l'utilisation de OTLPE et je joins les liens des deux fichiers obtenus.
Je compte sur la réactivité de tout un chacun
Merci d'avance
https://pjjoint.malekal.com/files.php?id=20120506_s8k7y6g12k14
https://pjjoint.malekal.com/files.php?id=20120506_e8b8h14b6x13
A voir également:
- Please wait while the connection...
- Gmail connection - Guide
- Facebook connection - Guide
- Connection chromecast - Guide
- Connection privée - Guide
- Hotmail connection - Guide
15 réponses
Utilisateur anonyme
6 mai 2012 à 11:45
6 mai 2012 à 11:45
Re
Impeccable;-) il y a du mieux
[*] Télécharger sur le bureau https://www.luanagames.com/index.fr.html (by tigzy)
[*] Quitter tous les programmes
[*] Lancer RogueKiller.exe.
[*] Attendre que le Prescan ait fini ...
[*] Cliquer sur Scan. Cliquer sur Rapport et copier coller le contenu du rapport
Ensuite tu le relances option Racc RAZ
Poste moi ces deux rapports;merci
@+
Impeccable;-) il y a du mieux
[*] Télécharger sur le bureau https://www.luanagames.com/index.fr.html (by tigzy)
[*] Quitter tous les programmes
[*] Lancer RogueKiller.exe.
[*] Attendre que le Prescan ait fini ...
[*] Cliquer sur Scan. Cliquer sur Rapport et copier coller le contenu du rapport
Ensuite tu le relances option Racc RAZ
Poste moi ces deux rapports;merci
@+
Utilisateur anonyme
6 mai 2012 à 10:39
6 mai 2012 à 10:39
Bonjour
* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK
http://imagesup.org/image
* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX
:OTL
O4 - HKLM..\Run: [Boxore Client] D:\Program Files\Boxore\BoxoreClient\boxore.exe (Boxore OU)
O4 - HKLM..\Run: [EBna3b8YWnMKP0e] D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
O4 - HKLM..\Run: [Iminent] D:\Program Files\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] D:\Program Files\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [offerbox] D:\Program Files\OfferBox\OfferBox.exe (Aedge Performance BCN SL)
O4 - HKU\.DEFAULT..\Run: [EBna3b8YWnMKP0e] D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe ()
O4 - HKU\kerfi_ON_D..\Run: [EBna3b8YWnMKP0e] D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
O20 - HKLM Winlogon: Shell - (C:\Users\kerfi\AppData\Roaming\syncservicex86.exe) - D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
O20 - HKLM Winlogon: UserInit - (C:\Users\kerfi\AppData\Roaming\syncservicex86.exe) - D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\windows\system32\config\systemprofile\AppData\Roaming\syncservicex86.exe) - D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe ()
O20 - HKU\.DEFAULT Winlogon: UserInit - (C:\windows\system32\config\systemprofile\AppData\Roaming\syncservicex86.exe) - D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe ()
O20 - HKU\kerfi_ON_D Winlogon: Shell - (C:\Users\kerfi\AppData\Roaming\syncservicex86.exe) - D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
O20 - HKU\kerfi_ON_D Winlogon: UserInit - (C:\Users\kerfi\AppData\Roaming\syncservicex86.exe) - D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
:Files
D:\Users\kerfi\AppData\Roaming\syncservicex86.exe
tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse
@+
* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK
http://imagesup.org/image
* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX
:OTL
O4 - HKLM..\Run: [Boxore Client] D:\Program Files\Boxore\BoxoreClient\boxore.exe (Boxore OU)
O4 - HKLM..\Run: [EBna3b8YWnMKP0e] D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
O4 - HKLM..\Run: [Iminent] D:\Program Files\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] D:\Program Files\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [offerbox] D:\Program Files\OfferBox\OfferBox.exe (Aedge Performance BCN SL)
O4 - HKU\.DEFAULT..\Run: [EBna3b8YWnMKP0e] D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe ()
O4 - HKU\kerfi_ON_D..\Run: [EBna3b8YWnMKP0e] D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
O20 - HKLM Winlogon: Shell - (C:\Users\kerfi\AppData\Roaming\syncservicex86.exe) - D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
O20 - HKLM Winlogon: UserInit - (C:\Users\kerfi\AppData\Roaming\syncservicex86.exe) - D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\windows\system32\config\systemprofile\AppData\Roaming\syncservicex86.exe) - D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe ()
O20 - HKU\.DEFAULT Winlogon: UserInit - (C:\windows\system32\config\systemprofile\AppData\Roaming\syncservicex86.exe) - D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe ()
O20 - HKU\kerfi_ON_D Winlogon: Shell - (C:\Users\kerfi\AppData\Roaming\syncservicex86.exe) - D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
O20 - HKU\kerfi_ON_D Winlogon: UserInit - (C:\Users\kerfi\AppData\Roaming\syncservicex86.exe) - D:\Users\kerfi\AppData\Roaming\syncservicex86.exe ()
:Files
D:\Users\kerfi\AppData\Roaming\syncservicex86.exe
tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 10:52
6 mai 2012 à 10:52
Merci Guillaume de la réactivité
j'ai déjà fait ce que tu m'indiques dans ton post et ai obtenu les deux fichiers dont j'ai mis le lien
je te les ecris :
*********************************Rapport OTL********************************************
OTL logfile created on: 5/6/2012 11:46:01 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\windows | %ProgramFiles% = D:\Program Files
Drive C: | 100.00 Mb Total Space | 75.74 Mb Free Space | 75.75% Space Free | Partition Type: NTFS
Drive D: | 156.59 Gb Total Space | 27.84 Gb Free Space | 17.78% Space Free | Partition Type: NTFS
Drive E: | 3.74 Gb Total Space | 3.74 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
[color=#E56717]========== Win32 Services (All) ==========[/color]
SRV - File not found [Auto] -- -- (vsdatant)
SRV - File not found [Auto] -- -- (vaiomediaplatform-videoserver-appserver)
SRV - File not found [Auto] -- -- (TSHWMDTCP)
SRV - File not found [Auto] -- -- (ssfs0509)
SRV - File not found [Auto] -- -- (SPService)
SRV - File not found [Disabled] -- -- (OracleDBConsoleoracleci)
SRV - File not found [Auto] -- -- (hpqcxs08)
SRV - File not found [Auto] -- -- (cqmgserv)
SRV - File not found [Auto] -- -- (atierecord)
SRV - [2012/04/17 08:55:02 | 000,334,184 | ---- | M] (Aedge Performance BCN SL) [Auto] -- D:\Program Files\OfferBox\OfferBoxUpdateService.exe -- (OfferBox update service)
SRV - [2012/04/14 17:03:34 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 09:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/02/29 02:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto] -- D:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/23 19:07:36 | 000,138,416 | ---- | M] (Boxore OU.) [Auto] -- D:\Program Files\Software\Update\SoftwareUpdate.exe -- (supdate) Software Update Service (supdate)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lsass.exe -- (VaultSvc)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lsass.exe -- (Netlogon)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lsass.exe -- (EFS)
SRV - [2011/10/24 13:25:58 | 000,235,232 | ---- | M] () [Disabled] -- D:\Program Files\Accelerer PC\PCSUService.exe -- (PCSUService)
SRV - [2011/10/21 09:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto] -- D:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 11:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/07/19 23:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/05/24 06:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2011/05/04 00:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\windows\System32\SearchIndexer.exe -- (WSearch)
SRV - [2011/04/27 09:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 09:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/03 03:50:02 | 000,214,888 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe -- (MsDtsServer100)
SRV - [2011/03/03 01:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2011/02/19 02:30:54 | 000,805,376 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010/11/20 08:21:40 | 001,914,368 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/20 08:21:40 | 000,067,584 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2010/11/20 08:21:39 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\WsmSvc.dll -- (WinRM)
SRV - [2010/11/20 08:21:37 | 000,085,504 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2010/11/20 08:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\windows\System32\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/11/20 08:21:36 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2010/11/20 08:21:35 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/20 08:21:35 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/20 08:21:35 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wcncsvc.dll -- (wcncsvc)
SRV - [2010/11/20 08:21:35 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\WebClnt.dll -- (WebClient)
SRV - [2010/11/20 08:21:33 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\umpo.dll -- (Power)
SRV - [2010/11/20 08:21:28 | 000,521,216 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\termsrv.dll -- (TermService)
SRV - [2010/11/20 08:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 08:21:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\TabSvc.dll -- (TabletInputService)
SRV - [2010/11/20 08:21:27 | 001,159,168 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\sysmain.dll -- (SysMain)
SRV - [2010/11/20 08:21:26 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/20 08:21:24 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2010/11/20 08:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 08:21:08 | 000,113,664 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\SessEnv.dll -- (SessionEnv)
SRV - [2010/11/20 08:21:06 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2010/11/20 08:21:05 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/20 08:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2010/11/20 08:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/20 08:21:00 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/20 08:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/20 08:20:57 | 000,330,240 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\QAGENTRT.DLL -- (napagent)
SRV - [2010/11/20 08:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2010/11/20 08:20:57 | 000,164,352 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/20 08:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pla.dll -- (pla)
SRV - [2010/11/20 08:20:30 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2010/11/20 08:19:33 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2010/11/20 08:19:28 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2010/11/20 08:19:26 | 000,071,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2010/11/20 08:19:23 | 000,350,208 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2010/11/20 08:19:21 | 000,674,304 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2010/11/20 08:19:09 | 000,593,408 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\gpsvc.dll -- (gpsvc)
SRV - [2010/11/20 08:18:34 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2010/11/20 08:18:34 | 000,144,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\dps.dll -- (DPS)
SRV - [2010/11/20 08:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 08:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 08:18:12 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\certprop.dll -- (SCPolicySvc)
SRV - [2010/11/20 08:18:12 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\certprop.dll -- (CertPropSvc)
SRV - [2010/11/20 08:18:09 | 000,102,400 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\browser.dll -- (Browser)
SRV - [2010/11/20 08:18:06 | 000,088,064 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\AxInstSv.dll -- (AxInstSV)
SRV - [2010/11/20 08:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2010/11/20 08:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/20 08:18:03 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2010/11/20 08:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010/11/20 08:17:52 | 001,203,200 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\windows\System32\wbengine.exe -- (wbengine)
SRV - [2010/11/20 08:17:51 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2010/11/20 08:17:49 | 000,453,632 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\vds.exe -- (vds)
SRV - [2010/11/20 08:17:48 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2010/11/20 08:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2010/11/20 08:17:30 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2010/11/20 08:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\windows\System32\msiexec.exe -- (msiserver)
SRV - [2010/11/20 08:17:11 | 000,523,264 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\FXSSVC.exe -- (Fax)
SRV - [2010/11/20 08:17:07 | 000,556,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2010/11/04 21:52:39 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/11/04 21:52:36 | 000,878,416 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2010/09/17 04:16:58 | 000,097,624 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010/05/21 04:35:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/04/28 02:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/04/01 02:14:38 | 000,345,368 | ---- | M] () [Disabled] -- D:\Program Files\SAS\PCFilesServer\9.2\pcfservice.exe -- (SAS PC Files Server)
SRV - [2010/03/24 03:14:08 | 000,135,664 | ---- | M] (Google Inc.) [On_Demand] -- D:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem) Service Google Update (gupdatem)
SRV - [2010/03/24 03:14:08 | 000,135,664 | ---- | M] (Google Inc.) [Auto] -- D:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Service Google Update (gupdate)
SRV - [2010/03/09 13:06:22 | 000,061,440 | ---- | M] (Apache Software Foundation) [Disabled] -- D:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe -- (Tomcat6)
SRV - [2009/12/04 20:23:23 | 000,182,768 | ---- | M] (Google) [On_Demand] -- D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/11/04 19:15:00 | 000,219,752 | ---- | M] (NVIDIA Corporation) [Auto] -- D:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2009/07/13 21:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 21:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\wpcsvc.dll -- (WPCSvc)
SRV - [2009/07/13 21:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/07/13 21:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009/07/13 21:16:18 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wecsvc.dll -- (Wecsvc)
SRV - [2009/07/13 21:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wdi.dll -- (WdiSystemHost)
SRV - [2009/07/13 21:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wdi.dll -- (WdiServiceHost)
SRV - [2009/07/13 21:16:18 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wersvc.dll -- (WerSvc)
SRV - [2009/07/13 21:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2009/07/13 21:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2009/07/13 21:16:17 | 000,288,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\w32time.dll -- (W32Time)
SRV - [2009/07/13 21:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\upnphost.dll -- (upnphost)
SRV - [2009/07/13 21:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 21:16:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\uxsms.dll -- (UxSms)
SRV - [2009/07/13 21:16:16 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\trkwks.dll -- (TrkWks)
SRV - [2009/07/13 21:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 21:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/13 21:16:15 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2009/07/13 21:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2009/07/13 21:16:15 | 000,055,808 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\tbssvc.dll -- (TBS)
SRV - [2009/07/13 21:16:13 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2009/07/13 21:16:13 | 000,112,640 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2009/07/13 21:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\Sens.dll -- (SENS)
SRV - [2009/07/13 21:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2009/07/13 21:16:12 | 000,327,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\p2psvc.dll -- (p2psvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 21:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2009/07/13 21:16:12 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pcasvc.dll -- (PcaSvc)
SRV - [2009/07/13 21:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/07/13 21:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 21:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2009/07/13 21:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/13 21:15:43 | 000,308,736 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\msdtckrm.dll -- (KtmRm)
SRV - [2009/07/13 21:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2009/07/13 21:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\mmcss.dll -- (THREADORDER)
SRV - [2009/07/13 21:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/13 21:15:36 | 000,189,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2009/07/13 21:15:36 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\lmhsvc.dll -- (lmhosts)
SRV - [2009/07/13 21:15:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2009/07/13 21:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/07/13 21:15:33 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:20 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\FDResPub.dll -- (FDResPub)
SRV - [2009/07/13 21:15:20 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\fdPHost.dll -- (fdPHost)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\es.dll -- (EventSystem)
SRV - [2009/07/13 21:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/13 21:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 21:15:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\bthserv.dll -- (bthserv)
SRV - [2009/07/13 21:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 21:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2009/07/13 21:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 21:14:46 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2009/07/13 21:14:43 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2009/07/13 21:14:41 | 000,005,632 | ---- | M] (Oak Technology Inc.) [Auto] -- D:\Windows\System32\fa_scheduler.dll -- (pcouffin)
SRV - [2009/07/13 21:14:39 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2009/07/13 21:14:25 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\msdtc.exe -- (MSDTC)
SRV - [2009/07/13 21:14:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\Locator.exe -- (RpcLocator)
SRV - [2009/07/13 21:14:19 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009/07/13 21:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2009/07/13 21:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\alg.exe -- (ALG)
SRV - [2009/07/07 14:23:08 | 000,247,152 | ---- | M] () [Disabled] -- D:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 17:14:51 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/03/29 21:23:32 | 000,254,808 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2009/02/26 12:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/07/29 07:10:46 | 003,201,024 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2008/07/10 05:49:38 | 040,999,448 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSQLSERVER2) SQL Server (MSSQLSERVER2)
SRV - [2008/07/10 05:49:34 | 000,369,688 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$MSSQLSERVER2) Agent SQL Server (MSSQLSERVER2)
SRV - [2008/07/10 05:49:34 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)
SRV - [2008/07/09 20:22:18 | 001,106,968 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER2\Reporting Services\ReportServer\bin\ReportingServicesService.exe -- (ReportServer$MSSQLSERVER2) SQL Server Reporting Services (MSSQLSERVER2)
SRV - [2008/07/09 19:22:40 | 021,945,368 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\MSAS10.MSSQLSERVER2\OLAP\bin\msmdsrv.exe -- (MSOLAP$MSSQLSERVER2) SQL Server Analysis Services (MSSQLSERVER2)
SRV - [2008/07/09 19:15:32 | 000,031,256 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2\MSSQL\Binn\fdlauncher.exe -- (MSSQLFDLauncher$MSSQLSERVER2) SQL Full-text Filter Daemon Launcher (MSSQLSERVER2)
SRV - [2006/11/13 07:23:40 | 000,142,128 | ---- | M] (VMware, Inc.) [Auto] -- D:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2006/11/13 07:23:26 | 000,113,456 | ---- | M] (VMware, Inc.) [Auto] -- D:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2006/11/13 07:23:16 | 000,224,048 | ---- | M] (VMware, Inc.) [Auto] -- D:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2006/11/13 06:39:22 | 000,269,104 | ---- | M] (VMware, Inc.) [Auto] -- D:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe -- (vmount2)
SRV - [2006/10/26 09:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/08/29 18:03:50 | 059,027,456 | ---- | M] (Oracle Corporation) [Disabled] -- D:\oracle\product\10.2.0\db_4\bin\ORACLE.EXE -- (OracleServiceTEST)
SRV - [2005/08/29 18:03:50 | 059,027,456 | ---- | M] (Oracle Corporation) [Disabled] -- D:\oracle\product\10.2.0\db_1\bin\ORACLE.EXE -- (OracleServiceORCL)
SRV - [2005/08/29 18:03:50 | 059,027,456 | ---- | M] (Oracle Corporation) [Disabled] -- D:\oracle\product\10.2.0\db_4\bin\ORACLE.EXE -- (OracleServiceORACLEKE)
SRV - [2005/08/29 15:32:22 | 000,102,400 | ---- | M] () [Disabled] -- D:\oracle\product\10.2.0\db_4\Bin\extjob.exe -- (OracleJobSchedulerTEST)
SRV - [2005/08/29 15:32:22 | 000,102,400 | ---- | M] () [Auto] -- D:\oracle\product\10.2.0\db_1\Bin\extjob.exe -- (OracleJobSchedulerORCL)
SRV - [2005/08/29 15:32:22 | 000,102,400 | ---- | M] () [Auto] -- D:\oracle\product\10.2.0\db_4\Bin\extjob.exe -- (OracleJobSchedulerORACLEKE)
SRV - [2005/08/16 08:21:06 | 000,024,064 | ---- | M] (Oracle Corporation) [Auto] -- D:\oracle\product\10.2.0\db_1\BIN\nmesrvc.exe -- (OracleDBConsoleorcl)
SRV - [2005/08/16 08:21:06 | 000,024,064 | ---- | M] (Oracle Corporation) [Disabled] -- D:\oracle\product\10.2.0\db_4\BIN\nmesrvc.exe -- (OracleDBConsoleoracleke)
SRV - [2005/08/15 21:23:02 | 000,053,248 | ---- | M] (Oracle) [Disabled] -- D:\oracle\product\10.2.0\db_1\BIN\isqlplussvc.exe -- (OracleOraDb10g_home1iSQL*Plus)
SRV - [2005/08/15 19:57:48 | 000,204,800 | ---- | M] () [Disabled] -- D:\oracle\product\10.2.0\db_1\BIN\TNSLSNR.exe -- (OracleOraDb10g_home1TNSListener)
SRV - [2005/04/03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
[color=#E56717]========== Driver Services (All) ==========[/color]
DRV - File not found [Kernel | Boot] -- -- (vrpmdif)
DRV - File not found [Kernel | Boot] -- -- (vmci)
DRV - [2012/04/04 09:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/01 01:46:57 | 000,019,824 | ---- | M] (Microsoft Corporation) [Recognizer | Boot] -- D:\windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2012/02/17 00:14:08 | 000,183,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2012/02/17 00:13:22 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2011/11/17 01:41:52 | 000,067,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2011/11/17 01:41:51 | 000,134,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2011/11/17 01:39:24 | 000,369,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\cng.sys -- (CNG)
DRV - [2011/10/07 07:43:30 | 000,443,448 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- D:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/09/29 12:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tcpip.sys -- (TCPIP6)
DRV - [2011/09/29 12:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2011/07/08 22:30:00 | 000,223,744 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/04/28 22:46:33 | 000,311,808 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2011/04/28 22:46:15 | 000,310,272 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/04/28 22:46:10 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/04/27 09:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/26 22:17:28 | 000,096,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/04/26 22:17:22 | 000,123,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/04/24 22:18:03 | 000,338,944 | ---- | M] () [Kernel | System] -- D:\windows\system32\drivers\afd.sys -- (AFD)
DRV - [2011/04/18 07:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011/03/24 22:58:37 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2011/03/24 22:58:06 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2011/03/24 22:57:58 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2011/03/24 22:57:56 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2011/03/11 01:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2011/03/11 01:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2011/03/11 01:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2011/03/11 01:38:51 | 000,332,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2011/03/11 01:38:37 | 000,080,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- D:\windows\system32\drivers\amdsata.sys -- (amdsata)
DRV - [2011/03/11 01:38:37 | 000,022,400 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- D:\Windows\System32\drivers\amdxata.sys -- (amdxata)
DRV - [2011/03/11 00:01:12 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2011/02/23 00:47:33 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2010/11/20 08:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2010/11/20 08:30:16 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2010/11/20 08:30:14 | 000,160,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\vhdmp.sys -- (vhdmp)
DRV - [2010/11/20 08:30:12 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\windows\system32\drivers\termdd.sys -- (TermDD)
DRV - [2010/11/20 08:30:10 | 000,173,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2010/11/20 08:30:10 | 000,085,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2010/11/20 08:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\ndis.sys -- (NDIS)
DRV - [2010/11/20 08:30:06 | 000,153,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\pci.sys -- (pci)
DRV - [2010/11/20 08:30:06 | 000,056,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2010/11/20 08:30:05 | 000,233,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2010/11/20 08:30:04 | 000,116,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\msdsm.sys -- (msdsm)
DRV - [2010/11/20 08:30:01 | 000,130,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\mpio.sys -- (mpio)
DRV - [2010/11/20 08:30:01 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2010/11/20 08:30:00 | 000,078,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\mountmgr.sys -- (mountmgr)
DRV - [2010/11/20 08:29:53 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2010/11/20 08:29:47 | 000,728,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2010/11/20 08:29:15 | 000,274,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\acpi.sys -- (ACPI)
DRV - [2010/11/20 08:24:30 | 000,194,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\fvevol.sys -- (fvevol)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 06:22:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2010/11/20 06:22:19 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2010/11/20 06:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2010/11/20 06:07:50 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2010/11/20 06:07:45 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2010/11/20 06:07:45 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\wanarp.sys -- (WANARP)
DRV - [2010/11/20 06:07:39 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/11/20 06:07:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2010/11/20 06:06:41 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2010/11/20 06:06:36 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2010/11/20 06:01:12 | 000,164,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2010/11/20 06:00:24 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\umbus.sys -- (umbus)
DRV - [2010/11/20 06:00:21 | 000,304,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2010/11/20 06:00:21 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbvideo.sys -- (usbvideo) Périphérique vidéo USB (WDM)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:59:38 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2010/11/20 05:59:29 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\HDAudBus.sys -- (HDAudBus)
DRV - [2010/11/20 05:59:20 | 000,132,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2010/11/20 05:58:59 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)
DRV - [2010/11/20 05:50:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2010/11/20 05:50:21 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2010/11/20 05:50:10 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2010/11/20 05:29:49 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\appid.sys -- (AppID)
DRV - [2010/11/20 05:24:56 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2010/11/20 05:19:15 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2010/11/20 04:47:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\acpipmi.sys -- (AcpiPmi)
DRV - [2010/11/20 04:44:05 | 000,242,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- D:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2010/11/20 04:42:43 | 000,115,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2010/11/20 04:42:32 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | System] -- D:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2010/11/20 04:42:28 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- D:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2010/11/20 04:40:21 | 000,513,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2010/11/20 04:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\netbt.sys -- (NetBT)
DRV - [2010/11/20 04:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2010/11/20 04:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2010/04/12 04:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System] -- D:\windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/11/20 22:33:28 | 002,811,296 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/11/06 16:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/11/06 00:07:10 | 009,923,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/10/12 22:09:36 | 000,331,288 | ---- | M] (Intel Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2009/10/09 23:16:30 | 000,229,424 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2009/09/28 05:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/08/05 17:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/07/13 21:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\clfs.sys -- (CLFS)
DRV - [2009/07/13 21:26:21 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2009/07/13 21:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand] -- D:\windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2009/07/13 21:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 21:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 21:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 21:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 21:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 21:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 21:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2009/07/13 21:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\agp440.sys -- (agp440)
DRV - [2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\atapi.sys -- (atapi)
DRV - [2009/07/13 21:26:15 | 000,014,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\amdide.sys -- (amdide)
DRV - [2009/07/13 21:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand] -- D:\windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2009/07/13 21:20:45 | 000,012,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\pciide.sys -- (pciide)
DRV - [2009/07/13 21:20:44 | 000,162,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009/07/13 21:20:44 | 000,105,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\nv_agp.sys -- (nv_agp)
DRV - [2009/07/13 21:20:44 | 000,049,728 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- D:\Windows\System32\drivers\mup.sys -- (Mup)
DRV - [2009/07/13 21:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 21:20:44 | 000,041,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2009/07/13 21:20:44 | 000,028,240 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\windows\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2009/07/13 21:20:43 | 000,013,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2009/07/13 21:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 21:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 21:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 21:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 21:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 21:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2009/07/13 21:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2009/07/13 21:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 21:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 21:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\intelide.sys -- (intelide)
DRV - [2009/07/13 21:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 21:20:28 | 000,198,208 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- D:\Windows\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2009/07/13 21:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 21:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- D:\windows\system32\drivers\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 21:20:28 | 000,058,448 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- D:\Windows\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2009/07/13 21:20:28 | 000,057,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\gagp30kx.sys -- (gagp30kx)
DRV - [2009/07/13 21:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 21:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- D:\windows\system32\DRIVERS\crcdisk.sys -- (crcdisk)
DRV - [2009/07/13 21:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\disk.sys -- (Disk)
DRV - [2009/07/13 21:19:11 | 000,297,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009/07/13 21:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 21:19:11 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\uliagpkx.sys -- (uliagpkx)
DRV - [2009/07/13 21:19:11 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\wd.sys -- (Wd)
DRV - [2009/07/13 21:19:10 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2009/07/13 21:19:10 | 000,055,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\uagp35.sys -- (uagp35)
DRV - [2009/07/13 21:19:10 | 000,053,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\viaagp.sys -- (viaagp)
DRV - [2009/07/13 21:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- D:\windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2009/07/13 21:19:10 | 000,012,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\swenum.sys -- (swenum)
DRV - [2009/07/13 21:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 21:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 21:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 21:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 21:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 21:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 21:19:03 | 000,180,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\pcmcia.sys -- (pcmcia)
DRV - [2009/07/13 21:19:03 | 000,052,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\sisagp.sys -- (sisagp)
DRV - [2009/07/13 21:19:03 | 000,017,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2009/07/13 20:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- D:\windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 20:41:15 | 000,586,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2009/07/13 20:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2009/07/13 20:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 20:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 20:01:39 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2009/07/13 19:55:24 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2009/07/13 19:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- D:\windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2009/07/13 19:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 19:54:58 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009/07/13 19:54:53 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009/07/13 19:54:48 | 000,073,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2009/07/13 19:54:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2009/07/13 19:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2009/07/13 19:54:34 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2009/07/13 19:54:29 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2009/07/13 19:54:29 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2009/07/13 19:54:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2009/07/13 19:54:13 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2009/07/13 19:53:58 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\pacer.sys -- (Psched)
DRV - [2009/07/13 19:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System] -- D:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2009/07/13 19:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 19:53:41 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2009/07/13 19:53:27 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2009/07/13 19:53:20 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2009/07/13 19:53:19 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2009/07/13 19:52:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2009/07/13 19:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 19:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 19:52:03 | 000,267,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/07/13 19:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 19:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 19:51:34 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\bthmodem.sys -- (BTHMODEM)
DRV - [2009/07/13 19:51:33 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\hidbth.sys -- (HidBth)
DRV - [2009/07/13 19:51:29 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\ohci1394.sys -- (ohci1394) Contrôleur d'hôte compatible OHCI 1394 (hérité)
DRV - [2009/07/13 19:51:18 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\usbcir.sys -- (usbcir) Récepteur infrarouge eHome (USBCIR)
DRV - [2009/07/13 19:51:17 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\circlass.sys -- (circlass)
DRV - [2009/07/13 19:51:14 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\usbohci.sys -- (usbohci)
DRV - [2009/07/13 19:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 19:51:05 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\hidir.sys -- (HidIr)
DRV - [2009/07/13 19:50:57 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2009/07/13 19:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 19:46:53 | 000,021,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\wacompen.sys -- (WacomPen)
DRV - [2009/07/13 19:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2009/07/13 19:45:52 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2009/07/13 19:45:52 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2009/07/13 19:45:45 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\fdc.sys -- (fdc)
DRV - [2009/07/13 19:45:45 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\flpydisk.sys -- (flpydisk)
DRV - [2009/07/13 19:45:35 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\parport.sys -- (Parport)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\serial.sys -- (Serial)
DRV - [2009/07/13 19:45:29 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\windows\system32\DRIVERS\parvdm.sys -- (Parvdm)
DRV - [2009/07/13 19:45:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\serenum.sys -- (Serenum)
DRV - [2009/07/13 19:45:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2009/07/13 19:45:08 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\sermouse.sys -- (sermouse)
DRV - [2009/07/13 19:45:08 | 000,008,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2009/07/13 19:45:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2009/07/13 19:45:08 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2009/07/13 19:45:07 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2009/07/13 19:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\windows\System32\drivers\beep.sys -- (Beep)
DRV - [2009/07/13 19:25:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2009/07/13 19:25:51 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2009/07/13 19:25:49 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2009/07/13 19:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 19:23:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/07/13 19:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 19:19:19 | 000,007,168
j'ai déjà fait ce que tu m'indiques dans ton post et ai obtenu les deux fichiers dont j'ai mis le lien
je te les ecris :
*********************************Rapport OTL********************************************
OTL logfile created on: 5/6/2012 11:46:01 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\windows | %ProgramFiles% = D:\Program Files
Drive C: | 100.00 Mb Total Space | 75.74 Mb Free Space | 75.75% Space Free | Partition Type: NTFS
Drive D: | 156.59 Gb Total Space | 27.84 Gb Free Space | 17.78% Space Free | Partition Type: NTFS
Drive E: | 3.74 Gb Total Space | 3.74 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
[color=#E56717]========== Win32 Services (All) ==========[/color]
SRV - File not found [Auto] -- -- (vsdatant)
SRV - File not found [Auto] -- -- (vaiomediaplatform-videoserver-appserver)
SRV - File not found [Auto] -- -- (TSHWMDTCP)
SRV - File not found [Auto] -- -- (ssfs0509)
SRV - File not found [Auto] -- -- (SPService)
SRV - File not found [Disabled] -- -- (OracleDBConsoleoracleci)
SRV - File not found [Auto] -- -- (hpqcxs08)
SRV - File not found [Auto] -- -- (cqmgserv)
SRV - File not found [Auto] -- -- (atierecord)
SRV - [2012/04/17 08:55:02 | 000,334,184 | ---- | M] (Aedge Performance BCN SL) [Auto] -- D:\Program Files\OfferBox\OfferBoxUpdateService.exe -- (OfferBox update service)
SRV - [2012/04/14 17:03:34 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 09:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/02/29 02:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto] -- D:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/23 19:07:36 | 000,138,416 | ---- | M] (Boxore OU.) [Auto] -- D:\Program Files\Software\Update\SoftwareUpdate.exe -- (supdate) Software Update Service (supdate)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lsass.exe -- (VaultSvc)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lsass.exe -- (Netlogon)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lsass.exe -- (EFS)
SRV - [2011/10/24 13:25:58 | 000,235,232 | ---- | M] () [Disabled] -- D:\Program Files\Accelerer PC\PCSUService.exe -- (PCSUService)
SRV - [2011/10/21 09:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto] -- D:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 11:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/07/19 23:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/05/24 06:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2011/05/04 00:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\windows\System32\SearchIndexer.exe -- (WSearch)
SRV - [2011/04/27 09:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 09:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/03 03:50:02 | 000,214,888 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe -- (MsDtsServer100)
SRV - [2011/03/03 01:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2011/02/19 02:30:54 | 000,805,376 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010/11/20 08:21:40 | 001,914,368 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/20 08:21:40 | 000,067,584 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2010/11/20 08:21:39 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\WsmSvc.dll -- (WinRM)
SRV - [2010/11/20 08:21:37 | 000,085,504 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2010/11/20 08:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\windows\System32\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/11/20 08:21:36 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2010/11/20 08:21:35 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/20 08:21:35 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/20 08:21:35 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wcncsvc.dll -- (wcncsvc)
SRV - [2010/11/20 08:21:35 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\WebClnt.dll -- (WebClient)
SRV - [2010/11/20 08:21:33 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\umpo.dll -- (Power)
SRV - [2010/11/20 08:21:28 | 000,521,216 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\termsrv.dll -- (TermService)
SRV - [2010/11/20 08:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 08:21:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\TabSvc.dll -- (TabletInputService)
SRV - [2010/11/20 08:21:27 | 001,159,168 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\sysmain.dll -- (SysMain)
SRV - [2010/11/20 08:21:26 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/20 08:21:24 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2010/11/20 08:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 08:21:08 | 000,113,664 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\SessEnv.dll -- (SessionEnv)
SRV - [2010/11/20 08:21:06 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2010/11/20 08:21:05 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/20 08:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2010/11/20 08:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/20 08:21:00 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/20 08:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/20 08:20:57 | 000,330,240 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\QAGENTRT.DLL -- (napagent)
SRV - [2010/11/20 08:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2010/11/20 08:20:57 | 000,164,352 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/20 08:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pla.dll -- (pla)
SRV - [2010/11/20 08:20:30 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2010/11/20 08:19:33 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2010/11/20 08:19:28 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2010/11/20 08:19:26 | 000,071,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2010/11/20 08:19:23 | 000,350,208 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2010/11/20 08:19:21 | 000,674,304 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2010/11/20 08:19:09 | 000,593,408 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\gpsvc.dll -- (gpsvc)
SRV - [2010/11/20 08:18:34 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2010/11/20 08:18:34 | 000,144,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\dps.dll -- (DPS)
SRV - [2010/11/20 08:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 08:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 08:18:12 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\certprop.dll -- (SCPolicySvc)
SRV - [2010/11/20 08:18:12 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\certprop.dll -- (CertPropSvc)
SRV - [2010/11/20 08:18:09 | 000,102,400 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\browser.dll -- (Browser)
SRV - [2010/11/20 08:18:06 | 000,088,064 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\AxInstSv.dll -- (AxInstSV)
SRV - [2010/11/20 08:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2010/11/20 08:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/20 08:18:03 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2010/11/20 08:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010/11/20 08:17:52 | 001,203,200 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\windows\System32\wbengine.exe -- (wbengine)
SRV - [2010/11/20 08:17:51 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2010/11/20 08:17:49 | 000,453,632 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\vds.exe -- (vds)
SRV - [2010/11/20 08:17:48 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2010/11/20 08:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2010/11/20 08:17:30 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2010/11/20 08:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\windows\System32\msiexec.exe -- (msiserver)
SRV - [2010/11/20 08:17:11 | 000,523,264 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\FXSSVC.exe -- (Fax)
SRV - [2010/11/20 08:17:07 | 000,556,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2010/11/04 21:52:39 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/11/04 21:52:36 | 000,878,416 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2010/09/17 04:16:58 | 000,097,624 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2010/05/21 04:35:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/04/28 02:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/04/01 02:14:38 | 000,345,368 | ---- | M] () [Disabled] -- D:\Program Files\SAS\PCFilesServer\9.2\pcfservice.exe -- (SAS PC Files Server)
SRV - [2010/03/24 03:14:08 | 000,135,664 | ---- | M] (Google Inc.) [On_Demand] -- D:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdatem) Service Google Update (gupdatem)
SRV - [2010/03/24 03:14:08 | 000,135,664 | ---- | M] (Google Inc.) [Auto] -- D:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Service Google Update (gupdate)
SRV - [2010/03/09 13:06:22 | 000,061,440 | ---- | M] (Apache Software Foundation) [Disabled] -- D:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe -- (Tomcat6)
SRV - [2009/12/04 20:23:23 | 000,182,768 | ---- | M] (Google) [On_Demand] -- D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/11/04 19:15:00 | 000,219,752 | ---- | M] (NVIDIA Corporation) [Auto] -- D:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2009/07/13 21:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 21:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\wpcsvc.dll -- (WPCSvc)
SRV - [2009/07/13 21:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/07/13 21:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009/07/13 21:16:18 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wecsvc.dll -- (Wecsvc)
SRV - [2009/07/13 21:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wdi.dll -- (WdiSystemHost)
SRV - [2009/07/13 21:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wdi.dll -- (WdiServiceHost)
SRV - [2009/07/13 21:16:18 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wersvc.dll -- (WerSvc)
SRV - [2009/07/13 21:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2009/07/13 21:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2009/07/13 21:16:17 | 000,288,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\w32time.dll -- (W32Time)
SRV - [2009/07/13 21:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\upnphost.dll -- (upnphost)
SRV - [2009/07/13 21:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 21:16:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\uxsms.dll -- (UxSms)
SRV - [2009/07/13 21:16:16 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\trkwks.dll -- (TrkWks)
SRV - [2009/07/13 21:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 21:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/13 21:16:15 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2009/07/13 21:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2009/07/13 21:16:15 | 000,055,808 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\tbssvc.dll -- (TBS)
SRV - [2009/07/13 21:16:13 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2009/07/13 21:16:13 | 000,112,640 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2009/07/13 21:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\Sens.dll -- (SENS)
SRV - [2009/07/13 21:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2009/07/13 21:16:12 | 000,327,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\p2psvc.dll -- (p2psvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 21:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2009/07/13 21:16:12 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pcasvc.dll -- (PcaSvc)
SRV - [2009/07/13 21:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/07/13 21:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 21:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2009/07/13 21:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/13 21:15:43 | 000,308,736 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\msdtckrm.dll -- (KtmRm)
SRV - [2009/07/13 21:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2009/07/13 21:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\mmcss.dll -- (THREADORDER)
SRV - [2009/07/13 21:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/13 21:15:36 | 000,189,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2009/07/13 21:15:36 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\lmhsvc.dll -- (lmhosts)
SRV - [2009/07/13 21:15:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2009/07/13 21:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/07/13 21:15:33 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:20 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\FDResPub.dll -- (FDResPub)
SRV - [2009/07/13 21:15:20 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\fdPHost.dll -- (fdPHost)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\System32\es.dll -- (EventSystem)
SRV - [2009/07/13 21:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/13 21:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 21:15:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\bthserv.dll -- (bthserv)
SRV - [2009/07/13 21:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 21:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2009/07/13 21:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 21:14:46 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2009/07/13 21:14:43 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2009/07/13 21:14:41 | 000,005,632 | ---- | M] (Oak Technology Inc.) [Auto] -- D:\Windows\System32\fa_scheduler.dll -- (pcouffin)
SRV - [2009/07/13 21:14:39 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2009/07/13 21:14:25 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\msdtc.exe -- (MSDTC)
SRV - [2009/07/13 21:14:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\Locator.exe -- (RpcLocator)
SRV - [2009/07/13 21:14:19 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009/07/13 21:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2009/07/13 21:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\System32\alg.exe -- (ALG)
SRV - [2009/07/07 14:23:08 | 000,247,152 | ---- | M] () [Disabled] -- D:\Program Files\CyberLink\Shared files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 17:14:51 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/03/29 21:23:32 | 000,254,808 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2009/02/26 12:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008/07/29 07:10:46 | 003,201,024 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2008/07/10 05:49:38 | 040,999,448 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSQLSERVER2) SQL Server (MSSQLSERVER2)
SRV - [2008/07/10 05:49:34 | 000,369,688 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$MSSQLSERVER2) Agent SQL Server (MSSQLSERVER2)
SRV - [2008/07/10 05:49:34 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)
SRV - [2008/07/09 20:22:18 | 001,106,968 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER2\Reporting Services\ReportServer\bin\ReportingServicesService.exe -- (ReportServer$MSSQLSERVER2) SQL Server Reporting Services (MSSQLSERVER2)
SRV - [2008/07/09 19:22:40 | 021,945,368 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Program Files\Microsoft SQL Server\MSAS10.MSSQLSERVER2\OLAP\bin\msmdsrv.exe -- (MSOLAP$MSSQLSERVER2) SQL Server Analysis Services (MSSQLSERVER2)
SRV - [2008/07/09 19:15:32 | 000,031,256 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2\MSSQL\Binn\fdlauncher.exe -- (MSSQLFDLauncher$MSSQLSERVER2) SQL Full-text Filter Daemon Launcher (MSSQLSERVER2)
SRV - [2006/11/13 07:23:40 | 000,142,128 | ---- | M] (VMware, Inc.) [Auto] -- D:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2006/11/13 07:23:26 | 000,113,456 | ---- | M] (VMware, Inc.) [Auto] -- D:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2006/11/13 07:23:16 | 000,224,048 | ---- | M] (VMware, Inc.) [Auto] -- D:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2006/11/13 06:39:22 | 000,269,104 | ---- | M] (VMware, Inc.) [Auto] -- D:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe -- (vmount2)
SRV - [2006/10/26 09:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/08/29 18:03:50 | 059,027,456 | ---- | M] (Oracle Corporation) [Disabled] -- D:\oracle\product\10.2.0\db_4\bin\ORACLE.EXE -- (OracleServiceTEST)
SRV - [2005/08/29 18:03:50 | 059,027,456 | ---- | M] (Oracle Corporation) [Disabled] -- D:\oracle\product\10.2.0\db_1\bin\ORACLE.EXE -- (OracleServiceORCL)
SRV - [2005/08/29 18:03:50 | 059,027,456 | ---- | M] (Oracle Corporation) [Disabled] -- D:\oracle\product\10.2.0\db_4\bin\ORACLE.EXE -- (OracleServiceORACLEKE)
SRV - [2005/08/29 15:32:22 | 000,102,400 | ---- | M] () [Disabled] -- D:\oracle\product\10.2.0\db_4\Bin\extjob.exe -- (OracleJobSchedulerTEST)
SRV - [2005/08/29 15:32:22 | 000,102,400 | ---- | M] () [Auto] -- D:\oracle\product\10.2.0\db_1\Bin\extjob.exe -- (OracleJobSchedulerORCL)
SRV - [2005/08/29 15:32:22 | 000,102,400 | ---- | M] () [Auto] -- D:\oracle\product\10.2.0\db_4\Bin\extjob.exe -- (OracleJobSchedulerORACLEKE)
SRV - [2005/08/16 08:21:06 | 000,024,064 | ---- | M] (Oracle Corporation) [Auto] -- D:\oracle\product\10.2.0\db_1\BIN\nmesrvc.exe -- (OracleDBConsoleorcl)
SRV - [2005/08/16 08:21:06 | 000,024,064 | ---- | M] (Oracle Corporation) [Disabled] -- D:\oracle\product\10.2.0\db_4\BIN\nmesrvc.exe -- (OracleDBConsoleoracleke)
SRV - [2005/08/15 21:23:02 | 000,053,248 | ---- | M] (Oracle) [Disabled] -- D:\oracle\product\10.2.0\db_1\BIN\isqlplussvc.exe -- (OracleOraDb10g_home1iSQL*Plus)
SRV - [2005/08/15 19:57:48 | 000,204,800 | ---- | M] () [Disabled] -- D:\oracle\product\10.2.0\db_1\BIN\TNSLSNR.exe -- (OracleOraDb10g_home1TNSListener)
SRV - [2005/04/03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
[color=#E56717]========== Driver Services (All) ==========[/color]
DRV - File not found [Kernel | Boot] -- -- (vrpmdif)
DRV - File not found [Kernel | Boot] -- -- (vmci)
DRV - [2012/04/04 09:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/01 01:46:57 | 000,019,824 | ---- | M] (Microsoft Corporation) [Recognizer | Boot] -- D:\windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2012/02/17 00:14:08 | 000,183,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2012/02/17 00:13:22 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2011/11/17 01:41:52 | 000,067,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2011/11/17 01:41:51 | 000,134,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2011/11/17 01:39:24 | 000,369,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\cng.sys -- (CNG)
DRV - [2011/10/07 07:43:30 | 000,443,448 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- D:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/09/29 12:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tcpip.sys -- (TCPIP6)
DRV - [2011/09/29 12:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2011/07/08 22:30:00 | 000,223,744 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/04/28 22:46:33 | 000,311,808 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2011/04/28 22:46:15 | 000,310,272 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/04/28 22:46:10 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/04/27 09:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/26 22:17:28 | 000,096,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/04/26 22:17:22 | 000,123,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/04/24 22:18:03 | 000,338,944 | ---- | M] () [Kernel | System] -- D:\windows\system32\drivers\afd.sys -- (AFD)
DRV - [2011/04/18 07:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011/03/24 22:58:37 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2011/03/24 22:58:06 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2011/03/24 22:57:58 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2011/03/24 22:57:56 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2011/03/11 01:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2011/03/11 01:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2011/03/11 01:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2011/03/11 01:38:51 | 000,332,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2011/03/11 01:38:37 | 000,080,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- D:\windows\system32\drivers\amdsata.sys -- (amdsata)
DRV - [2011/03/11 01:38:37 | 000,022,400 | ---- | M] (Advanced Micro Devices) [Kernel | Boot] -- D:\Windows\System32\drivers\amdxata.sys -- (amdxata)
DRV - [2011/03/11 00:01:12 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2011/02/23 00:47:33 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2010/11/20 08:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2010/11/20 08:30:16 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2010/11/20 08:30:14 | 000,160,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\vhdmp.sys -- (vhdmp)
DRV - [2010/11/20 08:30:12 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\windows\system32\drivers\termdd.sys -- (TermDD)
DRV - [2010/11/20 08:30:10 | 000,173,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2010/11/20 08:30:10 | 000,085,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2010/11/20 08:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\ndis.sys -- (NDIS)
DRV - [2010/11/20 08:30:06 | 000,153,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\pci.sys -- (pci)
DRV - [2010/11/20 08:30:06 | 000,056,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2010/11/20 08:30:05 | 000,233,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2010/11/20 08:30:04 | 000,116,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\msdsm.sys -- (msdsm)
DRV - [2010/11/20 08:30:01 | 000,130,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\mpio.sys -- (mpio)
DRV - [2010/11/20 08:30:01 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2010/11/20 08:30:00 | 000,078,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\mountmgr.sys -- (mountmgr)
DRV - [2010/11/20 08:29:53 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2010/11/20 08:29:47 | 000,728,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2010/11/20 08:29:15 | 000,274,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\acpi.sys -- (ACPI)
DRV - [2010/11/20 08:24:30 | 000,194,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\fvevol.sys -- (fvevol)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 06:22:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2010/11/20 06:22:19 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2010/11/20 06:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2010/11/20 06:07:50 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2010/11/20 06:07:45 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2010/11/20 06:07:45 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\wanarp.sys -- (WANARP)
DRV - [2010/11/20 06:07:39 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/11/20 06:07:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2010/11/20 06:06:41 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2010/11/20 06:06:36 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2010/11/20 06:01:12 | 000,164,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2010/11/20 06:00:24 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\umbus.sys -- (umbus)
DRV - [2010/11/20 06:00:21 | 000,304,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2010/11/20 06:00:21 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbvideo.sys -- (usbvideo) Périphérique vidéo USB (WDM)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:59:38 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2010/11/20 05:59:29 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\HDAudBus.sys -- (HDAudBus)
DRV - [2010/11/20 05:59:20 | 000,132,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2010/11/20 05:58:59 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)
DRV - [2010/11/20 05:50:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2010/11/20 05:50:21 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2010/11/20 05:50:10 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2010/11/20 05:29:49 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\appid.sys -- (AppID)
DRV - [2010/11/20 05:24:56 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2010/11/20 05:19:15 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2010/11/20 04:47:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\acpipmi.sys -- (AcpiPmi)
DRV - [2010/11/20 04:44:05 | 000,242,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- D:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2010/11/20 04:42:43 | 000,115,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\windows\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2010/11/20 04:42:32 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | System] -- D:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2010/11/20 04:42:28 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- D:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2010/11/20 04:40:21 | 000,513,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2010/11/20 04:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\netbt.sys -- (NetBT)
DRV - [2010/11/20 04:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2010/11/20 04:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2010/04/12 04:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System] -- D:\windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/11/20 22:33:28 | 002,811,296 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/11/06 16:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/11/06 00:07:10 | 009,923,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/10/12 22:09:36 | 000,331,288 | ---- | M] (Intel Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2009/10/09 23:16:30 | 000,229,424 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand] -- D:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2009/09/28 05:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/08/05 17:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/07/13 21:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\clfs.sys -- (CLFS)
DRV - [2009/07/13 21:26:21 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2009/07/13 21:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand] -- D:\windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2009/07/13 21:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 21:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 21:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 21:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 21:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 21:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 21:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2009/07/13 21:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\agp440.sys -- (agp440)
DRV - [2009/07/13 21:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\atapi.sys -- (atapi)
DRV - [2009/07/13 21:26:15 | 000,014,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\amdide.sys -- (amdide)
DRV - [2009/07/13 21:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand] -- D:\windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2009/07/13 21:20:45 | 000,012,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\pciide.sys -- (pciide)
DRV - [2009/07/13 21:20:44 | 000,162,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2009/07/13 21:20:44 | 000,105,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\nv_agp.sys -- (nv_agp)
DRV - [2009/07/13 21:20:44 | 000,049,728 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- D:\Windows\System32\drivers\mup.sys -- (Mup)
DRV - [2009/07/13 21:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 21:20:44 | 000,041,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2009/07/13 21:20:44 | 000,028,240 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\windows\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2009/07/13 21:20:43 | 000,013,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2009/07/13 21:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 21:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 21:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 21:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 21:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 21:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2009/07/13 21:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2009/07/13 21:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 21:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 21:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\intelide.sys -- (intelide)
DRV - [2009/07/13 21:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 21:20:28 | 000,198,208 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- D:\Windows\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2009/07/13 21:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 21:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- D:\windows\system32\drivers\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 21:20:28 | 000,058,448 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- D:\Windows\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2009/07/13 21:20:28 | 000,057,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\gagp30kx.sys -- (gagp30kx)
DRV - [2009/07/13 21:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 21:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- D:\windows\system32\DRIVERS\crcdisk.sys -- (crcdisk)
DRV - [2009/07/13 21:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\disk.sys -- (Disk)
DRV - [2009/07/13 21:19:11 | 000,297,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2009/07/13 21:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 21:19:11 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\uliagpkx.sys -- (uliagpkx)
DRV - [2009/07/13 21:19:11 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\wd.sys -- (Wd)
DRV - [2009/07/13 21:19:10 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2009/07/13 21:19:10 | 000,055,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\uagp35.sys -- (uagp35)
DRV - [2009/07/13 21:19:10 | 000,053,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\viaagp.sys -- (viaagp)
DRV - [2009/07/13 21:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- D:\windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2009/07/13 21:19:10 | 000,012,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\swenum.sys -- (swenum)
DRV - [2009/07/13 21:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 21:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 21:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 21:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 21:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 21:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 21:19:03 | 000,180,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\pcmcia.sys -- (pcmcia)
DRV - [2009/07/13 21:19:03 | 000,052,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\sisagp.sys -- (sisagp)
DRV - [2009/07/13 21:19:03 | 000,017,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2009/07/13 20:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- D:\windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 20:41:15 | 000,586,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2009/07/13 20:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2009/07/13 20:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 20:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 20:01:39 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2009/07/13 19:55:24 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2009/07/13 19:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- D:\windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2009/07/13 19:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 19:54:58 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2009/07/13 19:54:53 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2009/07/13 19:54:48 | 000,073,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2009/07/13 19:54:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2009/07/13 19:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2009/07/13 19:54:34 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2009/07/13 19:54:29 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2009/07/13 19:54:29 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2009/07/13 19:54:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2009/07/13 19:54:13 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2009/07/13 19:53:58 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\pacer.sys -- (Psched)
DRV - [2009/07/13 19:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System] -- D:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2009/07/13 19:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 19:53:41 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2009/07/13 19:53:27 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2009/07/13 19:53:20 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2009/07/13 19:53:19 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2009/07/13 19:52:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2009/07/13 19:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 19:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 19:52:03 | 000,267,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/07/13 19:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 19:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 19:51:34 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\bthmodem.sys -- (BTHMODEM)
DRV - [2009/07/13 19:51:33 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\hidbth.sys -- (HidBth)
DRV - [2009/07/13 19:51:29 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\ohci1394.sys -- (ohci1394) Contrôleur d'hôte compatible OHCI 1394 (hérité)
DRV - [2009/07/13 19:51:18 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\usbcir.sys -- (usbcir) Récepteur infrarouge eHome (USBCIR)
DRV - [2009/07/13 19:51:17 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\circlass.sys -- (circlass)
DRV - [2009/07/13 19:51:14 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\usbohci.sys -- (usbohci)
DRV - [2009/07/13 19:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 19:51:05 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\hidir.sys -- (HidIr)
DRV - [2009/07/13 19:50:57 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2009/07/13 19:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 19:46:53 | 000,021,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\wacompen.sys -- (WacomPen)
DRV - [2009/07/13 19:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2009/07/13 19:45:52 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2009/07/13 19:45:52 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2009/07/13 19:45:45 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\fdc.sys -- (fdc)
DRV - [2009/07/13 19:45:45 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\flpydisk.sys -- (flpydisk)
DRV - [2009/07/13 19:45:35 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\parport.sys -- (Parport)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\serial.sys -- (Serial)
DRV - [2009/07/13 19:45:29 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- D:\windows\system32\DRIVERS\parvdm.sys -- (Parvdm)
DRV - [2009/07/13 19:45:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\serenum.sys -- (Serenum)
DRV - [2009/07/13 19:45:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2009/07/13 19:45:08 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\sermouse.sys -- (sermouse)
DRV - [2009/07/13 19:45:08 | 000,008,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2009/07/13 19:45:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2009/07/13 19:45:08 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2009/07/13 19:45:07 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2009/07/13 19:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\windows\System32\drivers\beep.sys -- (Beep)
DRV - [2009/07/13 19:25:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2009/07/13 19:25:51 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2009/07/13 19:25:49 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2009/07/13 19:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 19:23:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/07/13 19:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 19:19:19 | 000,007,168
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 10:55
6 mai 2012 à 10:55
je t'informe que le 1er bout de code que j'avais mis dans Custom/scan fixe est
md5start
explorer.exe
winlogon.exe
wininit.exe
md5stop
netsvcs
safebootminimal
safebootnetwork
%systemroot%system32.dll lockedfiles
%systemroot%system32.ini
%systemroot%Tasks.
%systemroot%system32Tasks.
%systemroot%system32drivers.sys lockedfiles
%systemroot%System32config.sav
%systemroot%system32config.exe s
%systemroot%system32.sys
HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa s
HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon
Dois-je mettre à nouveau celui que tu m'as mis ?
Merci d'avance
md5start
explorer.exe
winlogon.exe
wininit.exe
md5stop
netsvcs
safebootminimal
safebootnetwork
%systemroot%system32.dll lockedfiles
%systemroot%system32.ini
%systemroot%Tasks.
%systemroot%system32Tasks.
%systemroot%system32drivers.sys lockedfiles
%systemroot%System32config.sav
%systemroot%system32config.exe s
%systemroot%system32.sys
HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa s
HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon
Dois-je mettre à nouveau celui que tu m'as mis ?
Merci d'avance
Utilisateur anonyme
Modifié par Guillaume5188 le 6/05/2012 à 10:57
Modifié par Guillaume5188 le 6/05/2012 à 10:57
Re
Tu n'as pas fait ce qui était demandé.
Prend le temps de lire mon post.
@+
---------Contributeur Sécurité---------
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.
Tu n'as pas fait ce qui était demandé.
Prend le temps de lire mon post.
@+
---------Contributeur Sécurité---------
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 11:28
6 mai 2012 à 11:28
désolé je n'avais pas tout lu.
j'ai fait ce que tu suggérais et voici le résultat obtenu:
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Boxore Client deleted successfully.
D:\Program Files\Boxore\BoxoreClient\boxore.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\EBna3b8YWnMKP0e deleted successfully.
D:\Users\kerfi\AppData\Roaming\syncservicex86.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Iminent deleted successfully.
D:\Program Files\Iminent\Iminent.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IminentMessenger deleted successfully.
D:\Program Files\Iminent\Iminent.Messengers.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\offerbox deleted successfully.
D:\Program Files\OfferBox\OfferBox.exe moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\EBna3b8YWnMKP0e deleted successfully.
D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe moved successfully.
Registry value HKEY_USERS\kerfi_ON_D\Software\Microsoft\Windows\CurrentVersion\Run\\EBna3b8YWnMKP0e deleted successfully.
File D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\kerfi\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Users\kerfi\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\windows\system32\config\systemprofile\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\windows\system32\config\systemprofile\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_USERS\kerfi_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\kerfi\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_USERS\kerfi_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Users\kerfi\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
========== FILES ==========
File\Folder D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 05062012_132300
merci de ta réactivité
j'ai fait ce que tu suggérais et voici le résultat obtenu:
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Boxore Client deleted successfully.
D:\Program Files\Boxore\BoxoreClient\boxore.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\EBna3b8YWnMKP0e deleted successfully.
D:\Users\kerfi\AppData\Roaming\syncservicex86.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Iminent deleted successfully.
D:\Program Files\Iminent\Iminent.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IminentMessenger deleted successfully.
D:\Program Files\Iminent\Iminent.Messengers.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\offerbox deleted successfully.
D:\Program Files\OfferBox\OfferBox.exe moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\EBna3b8YWnMKP0e deleted successfully.
D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe moved successfully.
Registry value HKEY_USERS\kerfi_ON_D\Software\Microsoft\Windows\CurrentVersion\Run\\EBna3b8YWnMKP0e deleted successfully.
File D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\kerfi\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Users\kerfi\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\windows\system32\config\systemprofile\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\windows\system32\config\systemprofile\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_USERS\kerfi_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\kerfi\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
Registry value HKEY_USERS\kerfi_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Users\kerfi\AppData\Roaming\syncservicex86.exe deleted successfully.
File D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
========== FILES ==========
File\Folder D:\Users\kerfi\AppData\Roaming\syncservicex86.exe not found.
OTLPE by OldTimer - Version 3.1.48.0 log created on 05062012_132300
merci de ta réactivité
Utilisateur anonyme
6 mai 2012 à 11:31
6 mai 2012 à 11:31
Re
Redémarre ton PC normalement.
Dis moi si cela fonctionne.
@+
Redémarre ton PC normalement.
Dis moi si cela fonctionne.
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 11:42
6 mai 2012 à 11:42
je viens de redémarrer le PC.
l'écran blanc qui se figeait avant a disparu et le bureau s'affiche correctement mais tous mes dossiers, toutes les îcones qui éait dessus ont disparu.
Comment pourrais-je les recuperer
Merci d'avance
l'écran blanc qui se figeait avant a disparu et le bureau s'affiche correctement mais tous mes dossiers, toutes les îcones qui éait dessus ont disparu.
Comment pourrais-je les recuperer
Merci d'avance
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
6 mai 2012 à 13:02
6 mai 2012 à 13:02
Re
1)Relance Roguekiller option suppression
2)Télécharge Malwaresbytes anti malware ici
http://www.malwarebytes.org/mbam.php
Bouton »Download free version »
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)
*Procèdes à une mise à jour
*Fais un examen dit "Complet"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
@+
1)Relance Roguekiller option suppression
2)Télécharge Malwaresbytes anti malware ici
http://www.malwarebytes.org/mbam.php
Bouton »Download free version »
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)
*Procèdes à une mise à jour
*Fais un examen dit "Complet"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 13:36
6 mai 2012 à 13:36
En relançant avec l'option suppression, j'obtiens :
RogueKiller V7.4.3 [04/05/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: kerfi [Droits d'admin]
Mode: Suppression -- Date: 06/05/2012 13:05:58
¤¤¤ Processus malicieux: 1 ¤¤¤
[SUSP PATH] setup.exe -- C:\windows\TEMP\ihdmvh\setup.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 9 ¤¤¤
[ROGUE ST] HKLM\[...]\Policies\Explorer\Run : 24060 (C:\PROGRA~2\LOCALS~1\Temp\msiaozu.bat) -> DELETED
[HJPOL] HKCU\[...]\System : DisableRegistryTools (1) -> DELETED
[HJPOL] HKCU\[...]\Policies\Explorer\Explorer : NoDesktop (1) -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[SCRSV] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\windows\CRYSTA~1.SCR) -> REPLACED (c:\windows\system32\logon.scr)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
[FAKED] afd.sys : c:\windows\system32\drivers\afd.sys --> CANNOT FIX
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM320II +++++
--- User ---
[MBR] ffb6cee6602719e2501c323b8be826ea
[BSP] 819d19b9a2c4df11147701cda0456161 : Linux MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 160351 Mo
3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 360064845 | Size: 129429 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
La suite des étapes est cours
RogueKiller V7.4.3 [04/05/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: kerfi [Droits d'admin]
Mode: Suppression -- Date: 06/05/2012 13:05:58
¤¤¤ Processus malicieux: 1 ¤¤¤
[SUSP PATH] setup.exe -- C:\windows\TEMP\ihdmvh\setup.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 9 ¤¤¤
[ROGUE ST] HKLM\[...]\Policies\Explorer\Run : 24060 (C:\PROGRA~2\LOCALS~1\Temp\msiaozu.bat) -> DELETED
[HJPOL] HKCU\[...]\System : DisableRegistryTools (1) -> DELETED
[HJPOL] HKCU\[...]\Policies\Explorer\Explorer : NoDesktop (1) -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[SCRSV] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\windows\CRYSTA~1.SCR) -> REPLACED (c:\windows\system32\logon.scr)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
[FAKED] afd.sys : c:\windows\system32\drivers\afd.sys --> CANNOT FIX
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM320II +++++
--- User ---
[MBR] ffb6cee6602719e2501c323b8be826ea
[BSP] 819d19b9a2c4df11147701cda0456161 : Linux MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 160351 Mo
3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 360064845 | Size: 129429 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
La suite des étapes est cours
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 15:45
6 mai 2012 à 15:45
fin du scan. ci-dessous le résultant.
Malwarebytes Anti-Malware (Essai) 1.61.0.1400
www.malwarebytes.org
Version de la base de données: v2012.05.06.03
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
kerfi :: KERFI-PC [administrateur]
Protection: Désactivé
06/05/2012 13:34:42
mbam-log-2012-05-06 (13-34-42).txt
Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 559567
Temps écoulé: 2 heure(s), 2 minute(s), 13 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 1
C:\Windows\System32\fa_scheduler.dll (RootKit.0Access.H) -> Suppression au redémarrage.
Clé(s) du Registre détectée(s): 20
HKCR\CLSID\{9193fbaf-bdaf-4751-a99a-1f5ef255c35b} (PUP.FCTPlugin) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facetheme-apl (PUP.FCTPlugin) -> Aucune action effectuée.
HKCR\CLSID\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} (PUP.BFlix) -> Aucune action effectuée.
HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Aucune action effectuée.
HKCR\CLSID\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{SNW43X81-y3rC-Qwwg-9OWX-rh0AZjiySgPp} (Backdoor.Agent) -> Mis en quarantaine et supprimé avec succès.
HKCR\sp (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKLM\System\CurrentControlSet\Services\SPService (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{96AFBE69-C3B0-4B00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Données: sp -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Données: -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|netsvc (TrojanProxy.Agent) -> Données: SPService^^ -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 11
C:\Program Files\Object (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\skin (PUP.FCTPlugin) -> Aucune action effectuée.
C:\ProgramData\TheBflix (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data (PUP.BFlix) -> Aucune action effectuée.
Fichier(s) détecté(s): 89
C:\Program Files\Object\bho_project.dll (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (1).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (10).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (11).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (2).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (3).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (4).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (5).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (6).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (7).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (8).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (9).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup.exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Program Files\Object\status.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon.crx (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\ChromeAddon.pem (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\config.ini (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\enable.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme-apl_uninstall.exe (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\status2.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\._included.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\background.html (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\included.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\manifest.json (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\build.sh (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\chrome.manifest (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\config_build.sh (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\files (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\install.rdf (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\readme.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\firefoxOverlay.xul (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\installid.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\overlay.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\._sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\sudoku.dtd (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\sudoku.properties (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\skin\overlay.css (PUP.FCTPlugin) -> Aucune action effectuée.
C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\bhoclass.dll (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\hpilclpacieflhmobalmaccogiioldoo.crx (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\uninstall.exe (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\content.js (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\epoch (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\jsondb.js (PUP.BFlix) -> Aucune action effectuée.
C:\Windows\System32\fa_scheduler.dll (RootKit.0Access.H) -> Suppression au redémarrage.
C:\Users\kerfi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FAMVEDKL\1[1] (Trojan.FakeFolder) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FAMVEDKL\bb1[1] (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\BO\Bonnes pratiques BO.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\BO\bo_faq.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\BO\cours_admin_Bo.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\BO\cours_Bo.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\BO\utilisation_infoview_creation_rapports_webi.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\CV_LM\cv_cisse_kerfalla.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\CV_LM\cv_pole_emploi.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\R-SI-PSI-CIMPSI-DPOI-PAM2-11-00136 PTI Biar SIDONI IL V6.40.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Archives-LIVRAISONS-SIDONI-MCO-S11-R12-13-S12-13.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Copie de TMA_PE-SIDONI - Actions_20111214.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\dmr_hier_ss_equip_cc_ipsam_insert1.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Doc_analyse_ticket.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Livraison.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Nouveau document texte.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\script_plan.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\sidoni_complet.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\SIDONI_Dictionnaires BO.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Sidoni_generalite.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Spec_fonctionnelle.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Spec_technique.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\tache_a_faire.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\TMA_PE-CR_COSUI_SIDONI_20111214_v1 0.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\doc_perso\carte vitale.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\bc_ip_f.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\Defrag32b.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\mssqlserverolapservice.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\MSTAPE.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\tnidriver.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\X4HSX32.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\avgarcln.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\qcaoks\setup.exe (Trojan.Winlock.P) -> Mis en quarantaine et supprimé avec succès.
C:\_OTL\MovedFiles\05062012_132300\D_Users\kerfi\AppData\Roaming\syncservicex86.exe (Trojan.Winlock.P) -> Mis en quarantaine et supprimé avec succès.
C:\_OTL\MovedFiles\05062012_132300\D_Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe (Trojan.Winlock.P) -> Mis en quarantaine et supprimé avec succès.
(fin)
Malwarebytes Anti-Malware (Essai) 1.61.0.1400
www.malwarebytes.org
Version de la base de données: v2012.05.06.03
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
kerfi :: KERFI-PC [administrateur]
Protection: Désactivé
06/05/2012 13:34:42
mbam-log-2012-05-06 (13-34-42).txt
Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 559567
Temps écoulé: 2 heure(s), 2 minute(s), 13 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 1
C:\Windows\System32\fa_scheduler.dll (RootKit.0Access.H) -> Suppression au redémarrage.
Clé(s) du Registre détectée(s): 20
HKCR\CLSID\{9193fbaf-bdaf-4751-a99a-1f5ef255c35b} (PUP.FCTPlugin) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facetheme-apl (PUP.FCTPlugin) -> Aucune action effectuée.
HKCR\CLSID\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} (PUP.BFlix) -> Aucune action effectuée.
HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Aucune action effectuée.
HKCR\CLSID\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{SNW43X81-y3rC-Qwwg-9OWX-rh0AZjiySgPp} (Backdoor.Agent) -> Mis en quarantaine et supprimé avec succès.
HKCR\sp (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKLM\System\CurrentControlSet\Services\SPService (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{96AFBE69-C3B0-4B00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Données: sp -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Données: -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|netsvc (TrojanProxy.Agent) -> Données: SPService^^ -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 11
C:\Program Files\Object (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\skin (PUP.FCTPlugin) -> Aucune action effectuée.
C:\ProgramData\TheBflix (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data (PUP.BFlix) -> Aucune action effectuée.
Fichier(s) détecté(s): 89
C:\Program Files\Object\bho_project.dll (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (1).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (10).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (11).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (2).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (3).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (4).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (5).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (6).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (7).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (8).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (9).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup.exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Program Files\Object\status.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon.crx (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\ChromeAddon.pem (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\config.ini (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\enable.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme-apl_uninstall.exe (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\status2.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\._included.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\background.html (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\included.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\manifest.json (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\build.sh (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\chrome.manifest (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\config_build.sh (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\files (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\install.rdf (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\readme.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\firefoxOverlay.xul (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\installid.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\overlay.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\._sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\sudoku.dtd (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\sudoku.properties (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\skin\overlay.css (PUP.FCTPlugin) -> Aucune action effectuée.
C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\bhoclass.dll (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\hpilclpacieflhmobalmaccogiioldoo.crx (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\uninstall.exe (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\content.js (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\epoch (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\jsondb.js (PUP.BFlix) -> Aucune action effectuée.
C:\Windows\System32\fa_scheduler.dll (RootKit.0Access.H) -> Suppression au redémarrage.
C:\Users\kerfi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FAMVEDKL\1[1] (Trojan.FakeFolder) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FAMVEDKL\bb1[1] (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\BO\Bonnes pratiques BO.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\BO\bo_faq.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\BO\cours_admin_Bo.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\BO\cours_Bo.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\BO\utilisation_infoview_creation_rapports_webi.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\CV_LM\cv_cisse_kerfalla.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\CV_LM\cv_pole_emploi.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\R-SI-PSI-CIMPSI-DPOI-PAM2-11-00136 PTI Biar SIDONI IL V6.40.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Archives-LIVRAISONS-SIDONI-MCO-S11-R12-13-S12-13.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Copie de TMA_PE-SIDONI - Actions_20111214.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\dmr_hier_ss_equip_cc_ipsam_insert1.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Doc_analyse_ticket.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Livraison.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Nouveau document texte.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\script_plan.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\sidoni_complet.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\SIDONI_Dictionnaires BO.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Sidoni_generalite.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Spec_fonctionnelle.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\Spec_technique.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\tache_a_faire.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\SIDONI\TMA_PE-CR_COSUI_SIDONI_20111214_v1 0.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Desktop\doc_perso\carte vitale.exe (Worm.Obfuscated) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\bc_ip_f.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\Defrag32b.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\mssqlserverolapservice.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\MSTAPE.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\tnidriver.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\X4HSX32.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\avgarcln.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\Temp\qcaoks\setup.exe (Trojan.Winlock.P) -> Mis en quarantaine et supprimé avec succès.
C:\_OTL\MovedFiles\05062012_132300\D_Users\kerfi\AppData\Roaming\syncservicex86.exe (Trojan.Winlock.P) -> Mis en quarantaine et supprimé avec succès.
C:\_OTL\MovedFiles\05062012_132300\D_Windows\System32\config\systemprofile\AppData\Roaming\syncservicex86.exe (Trojan.Winlock.P) -> Mis en quarantaine et supprimé avec succès.
(fin)
Utilisateur anonyme
6 mai 2012 à 15:47
6 mai 2012 à 15:47
Re
Poste moi un nouveau rapport Malwaresbytes et supprime bien tout ce qu'il trouve.
@+
Poste moi un nouveau rapport Malwaresbytes et supprime bien tout ce qu'il trouve.
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 16:11
6 mai 2012 à 16:11
Nouveau rapport :
Malwarebytes Anti-Malware (Essai) 1.61.0.1400
www.malwarebytes.org
Version de la base de données: v2012.04.14.04
Windows 7 Service Pack 1 x86 NTFS (Mode sans échec/Réseau)
Internet Explorer 9.0.8112.16421
kerfi :: KERFI-PC [administrateur]
Protection: Désactivé
14/04/2012 16:02:45
mbam-log-2012-04-14 (16-02-45).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 199178
Temps écoulé: 6 minute(s), 51 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 1
C:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\sp.DLL (TrojanProxy.Agent) -> Suppression au redémarrage.
Clé(s) du Registre détectée(s): 21
HKCR\CLSID\{9193fbaf-bdaf-4751-a99a-1f5ef255c35b} (PUP.FCTPlugin) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facetheme-apl (PUP.FCTPlugin) -> Aucune action effectuée.
HKCR\CLSID\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} (PUP.BFlix) -> Aucune action effectuée.
HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Aucune action effectuée.
HKCR\CLSID\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKCR\TypeLib\{E3CC058C-84F9-4B53-BEA9-F3A6EF30F97F} (Trojan.ZADrop1) -> Mis en quarantaine et supprimé avec succès.
HKCR\Interface\{43CE8A8C-81BA-4888-884C-5B63187EF39B} (Trojan.ZADrop1) -> Mis en quarantaine et supprimé avec succès.
HKCR\sp (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKLM\System\CurrentControlSet\Services\SPService (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 8
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Time (Trojan.Clicker) -> Données: rundll32.exe "C:\ProgramData\UmwarvAxwiyv.dll",EntryPoint -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Init (Trojan.Agent) -> Données: "C:\Users\kerfi\AppData\Roaming\x1kiigftxdlponzcqglwzjcibjprwhbd2\svcnost.exe" -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WGZC6D2B0F7C2I5ESBRFRGJJLKCILO (Trojan.Agent.TKH) -> Données: C:\Recycle.bin\B62B2F3AF38.exe /q -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|engel (Trojan.Agent) -> Données: C:\Users\kerfi\AppData\Roaming\updates\updates.exe -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{96AFBE69-C3B0-4B00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Données: sp -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Données: -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|netsvc (TrojanProxy.Agent) -> Données: SPService^^ -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|24060 (Trojan.Agent) -> Données: C:\PROGRA~2\LOCALS~1\Temp\msiaozu.bat -> Suppression au redémarrage.
Elément(s) de données du Registre détecté(s): 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
Dossier(s) détecté(s): 12
C:\Program Files\Object (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\skin (PUP.FCTPlugin) -> Aucune action effectuée.
C:\ProgramData\TheBflix (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data (PUP.BFlix) -> Aucune action effectuée.
C:\Recycle.bin (Trojan.Spyeyes) -> Mis en quarantaine et supprimé avec succès.
Fichier(s) détecté(s): 80
C:\Program Files\Object\bho_project.dll (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (1).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (10).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (11).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (2).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (3).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (4).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (5).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (6).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (7).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (8).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (9).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup.exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Program Files\Object\status.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon.crx (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\ChromeAddon.pem (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\config.ini (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\enable.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme-apl_uninstall.exe (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\status2.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\._included.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\background.html (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\included.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\manifest.json (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\build.sh (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\chrome.manifest (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\config_build.sh (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\files (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\install.rdf (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\readme.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\firefoxOverlay.xul (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\installid.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\overlay.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\._sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\sudoku.dtd (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\sudoku.properties (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\skin\overlay.css (PUP.FCTPlugin) -> Aucune action effectuée.
C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\bhoclass.dll (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\hpilclpacieflhmobalmaccogiioldoo.crx (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\uninstall.exe (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\content.js (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\epoch (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\jsondb.js (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\UmwarvAxwiyv.dll (Trojan.Clicker) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Roaming\x1kiigftxdlponzcqglwzjcibjprwhbd2\svcnost.exe (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Recycle.bin\B62B2F3AF38.exe (Trojan.Agent.TKH) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Roaming\updates\updates.exe (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\bcm43xx.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\sp.DLL (TrojanProxy.Agent) -> Suppression au redémarrage.
C:\ProgramData\F4D55F3B0001C317000B1B07B4EB23C1\F4D55F3B0001C317000B1B07B4EB23C1.exe (Rogue.SmartFortress) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Roaming\x3xfinufnvt322np2tzjjjrx2jmzallm2\svcnost.exe (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YOUTUBE.PLAYER.exe (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\00041c94.tmp (Trojan.FakeAlert) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\0004561b.tmp (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\000493e5.tmp (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\0007cc53.tmp (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\00196f27.tmp (Trojan.FakeAlert) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\1095a192.tmp (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\cgs8h0.exe (Trojan.Downloader.Gen) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\1bk.exe (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\neibic.com (Spyware.PWS) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\zex.exe (Trojan.ZADrop.Gen1) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\zhn.exe (Trojan.ZADrop.Gen1) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\zow.exe (Trojan.ZADrop.Gen1) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\ztb.exe (Trojan.ZADrop.Gen1) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Local Settings\Temporary Internet Files\Content.IE5\XENA6EJY\bb1[1] (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\start1.exe (Trojan.ZADrop1) -> Mis en quarantaine et supprimé avec succès.
C:\ProgramData\Local Settings\Temp\msiaozu.bat (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Recycle.bin\E3D9E87A4A21B5F (Trojan.Spyeyes) -> Mis en quarantaine et supprimé avec succès.
(fin)
Malwarebytes Anti-Malware (Essai) 1.61.0.1400
www.malwarebytes.org
Version de la base de données: v2012.04.14.04
Windows 7 Service Pack 1 x86 NTFS (Mode sans échec/Réseau)
Internet Explorer 9.0.8112.16421
kerfi :: KERFI-PC [administrateur]
Protection: Désactivé
14/04/2012 16:02:45
mbam-log-2012-04-14 (16-02-45).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 199178
Temps écoulé: 6 minute(s), 51 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 1
C:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\sp.DLL (TrojanProxy.Agent) -> Suppression au redémarrage.
Clé(s) du Registre détectée(s): 21
HKCR\CLSID\{9193fbaf-bdaf-4751-a99a-1f5ef255c35b} (PUP.FCTPlugin) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9193FBAF-BDAF-4751-A99A-1F5EF255C35B} (PUP.FCTPlugin) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facetheme-apl (PUP.FCTPlugin) -> Aucune action effectuée.
HKCR\CLSID\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A2346CE-B0FA-4220-A339-B2F17B746045} (PUP.BFlix) -> Aucune action effectuée.
HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} (PUP.BFlix) -> Aucune action effectuée.
HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4} (PUP.BFlix) -> Aucune action effectuée.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Aucune action effectuée.
HKCR\CLSID\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKCR\TypeLib\{E3CC058C-84F9-4B53-BEA9-F3A6EF30F97F} (Trojan.ZADrop1) -> Mis en quarantaine et supprimé avec succès.
HKCR\Interface\{43CE8A8C-81BA-4888-884C-5B63187EF39B} (Trojan.ZADrop1) -> Mis en quarantaine et supprimé avec succès.
HKCR\sp (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\sp (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
HKLM\System\CurrentControlSet\Services\SPService (TrojanProxy.Agent) -> Mis en quarantaine et supprimé avec succès.
Valeur(s) du Registre détectée(s): 8
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Time (Trojan.Clicker) -> Données: rundll32.exe "C:\ProgramData\UmwarvAxwiyv.dll",EntryPoint -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Init (Trojan.Agent) -> Données: "C:\Users\kerfi\AppData\Roaming\x1kiigftxdlponzcqglwzjcibjprwhbd2\svcnost.exe" -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WGZC6D2B0F7C2I5ESBRFRGJJLKCILO (Trojan.Agent.TKH) -> Données: C:\Recycle.bin\B62B2F3AF38.exe /q -> Mis en quarantaine et supprimé avec succès.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|engel (Trojan.Agent) -> Données: C:\Users\kerfi\AppData\Roaming\updates\updates.exe -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{96AFBE69-C3B0-4B00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Données: sp -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{96AFBE69-C3B0-4b00-8578-D933D2896EE2} (TrojanProxy.Agent) -> Données: -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost|netsvc (TrojanProxy.Agent) -> Données: SPService^^ -> Mis en quarantaine et supprimé avec succès.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|24060 (Trojan.Agent) -> Données: C:\PROGRA~2\LOCALS~1\Temp\msiaozu.bat -> Suppression au redémarrage.
Elément(s) de données du Registre détecté(s): 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Mauvais: (1) Bon: (0) -> Mis en quarantaine et réparé avec succès
Dossier(s) détecté(s): 12
C:\Program Files\Object (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\skin (PUP.FCTPlugin) -> Aucune action effectuée.
C:\ProgramData\TheBflix (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data (PUP.BFlix) -> Aucune action effectuée.
C:\Recycle.bin (Trojan.Spyeyes) -> Mis en quarantaine et supprimé avec succès.
Fichier(s) détecté(s): 80
C:\Program Files\Object\bho_project.dll (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (1).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (10).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (11).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (2).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (3).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (4).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (5).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (6).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (7).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (8).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup (9).exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Users\kerfi\Downloads\GinoPlayer_Setup.exe (PUP.Adware.Ginoplayer.ScamLotto) -> Aucune action effectuée.
C:\Program Files\Object\status.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon.crx (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\ChromeAddon.pem (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\config.ini (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\enable.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme-apl_uninstall.exe (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\status2.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\._included.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\background.html (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\included.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\chromeaddon\manifest.json (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\build.sh (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\chrome.manifest (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\config_build.sh (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\files (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\install.rdf (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\readme.txt (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\firefoxOverlay.xul (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\installid.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\overlay.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\content\sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\._sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\defaults\preferences\sudoku.js (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\.DS_Store (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\sudoku.dtd (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\locale\en-US\sudoku.properties (PUP.FCTPlugin) -> Aucune action effectuée.
C:\Program Files\Object\facetheme\skin\overlay.css (PUP.FCTPlugin) -> Aucune action effectuée.
C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\bhoclass.dll (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\content.js (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\hpilclpacieflhmobalmaccogiioldoo.crx (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\settings.ini (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\uninstall.exe (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\content.js (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\epoch (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\TheBflix\data\jsondb.js (PUP.BFlix) -> Aucune action effectuée.
C:\ProgramData\UmwarvAxwiyv.dll (Trojan.Clicker) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Roaming\x1kiigftxdlponzcqglwzjcibjprwhbd2\svcnost.exe (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Recycle.bin\B62B2F3AF38.exe (Trojan.Agent.TKH) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Roaming\updates\updates.exe (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\bcm43xx.dll (RootKit.0Access.H) -> Mis en quarantaine et supprimé avec succès.
C:\Windows\System32\config\systemprofile\AppData\Roaming\Adobe\sp.DLL (TrojanProxy.Agent) -> Suppression au redémarrage.
C:\ProgramData\F4D55F3B0001C317000B1B07B4EB23C1\F4D55F3B0001C317000B1B07B4EB23C1.exe (Rogue.SmartFortress) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Roaming\x3xfinufnvt322np2tzjjjrx2jmzallm2\svcnost.exe (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YOUTUBE.PLAYER.exe (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\00041c94.tmp (Trojan.FakeAlert) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\0004561b.tmp (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\000493e5.tmp (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\0007cc53.tmp (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\00196f27.tmp (Trojan.FakeAlert) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\1095a192.tmp (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\AppData\Local\Temp\cgs8h0.exe (Trojan.Downloader.Gen) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\1bk.exe (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\neibic.com (Spyware.PWS) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\zex.exe (Trojan.ZADrop.Gen1) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\zhn.exe (Trojan.ZADrop.Gen1) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\zow.exe (Trojan.ZADrop.Gen1) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\ztb.exe (Trojan.ZADrop.Gen1) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\Local Settings\Temporary Internet Files\Content.IE5\XENA6EJY\bb1[1] (Rootkit.0Access) -> Mis en quarantaine et supprimé avec succès.
C:\Users\kerfi\start1.exe (Trojan.ZADrop1) -> Mis en quarantaine et supprimé avec succès.
C:\ProgramData\Local Settings\Temp\msiaozu.bat (Trojan.Agent) -> Mis en quarantaine et supprimé avec succès.
C:\Recycle.bin\E3D9E87A4A21B5F (Trojan.Spyeyes) -> Mis en quarantaine et supprimé avec succès.
(fin)
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 16:21
6 mai 2012 à 16:21
ok, je suis entrain de reprendre
je t'enverrai le dernier rapport sauvegardé dès la fin de l'opération
A toute
je t'enverrai le dernier rapport sauvegardé dès la fin de l'opération
A toute
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 18:51
6 mai 2012 à 18:51
Le scan vient de se terminer. le rapport donne :
2012/05/06 16:26:07 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\JavaQuickStarterService.dll RootKit.0Access.H QUARANTINE
2012/05/06 16:41:08 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\mnmdd.dll RootKit.0Access.H QUARANTINE
2012/05/06 16:56:04 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\MTsensor.dll RootKit.0Access.H QUARANTINE
2012/05/06 17:27:40 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\bgsvcgen.dll RootKit.0Access.H QUARANTINE
2012/05/06 17:41:03 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\NVXBAR.dll RootKit.0Access.H QUARANTINE
2012/05/06 17:56:06 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\CdaD10BA.dll RootKit.0Access.H QUARANTINE
2012/05/06 18:11:02 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\purendis.dll RootKit.0Access.H QUARANTINE
2012/05/06 18:26:03 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\OneCareMP.dll RootKit.0Access.H QUARANTINE
2012/05/06 18:47:55 +0200 KERFI-PC kerfi MESSAGE Starting protection
2012/05/06 18:48:00 +0200 KERFI-PC kerfi MESSAGE Protection started successfully
2012/05/06 18:48:03 +0200 KERFI-PC kerfi MESSAGE Starting IP protection
2012/05/06 18:48:03 +0200 KERFI-PC kerfi ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/05/06 16:26:07 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\JavaQuickStarterService.dll RootKit.0Access.H QUARANTINE
2012/05/06 16:41:08 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\mnmdd.dll RootKit.0Access.H QUARANTINE
2012/05/06 16:56:04 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\MTsensor.dll RootKit.0Access.H QUARANTINE
2012/05/06 17:27:40 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\bgsvcgen.dll RootKit.0Access.H QUARANTINE
2012/05/06 17:41:03 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\NVXBAR.dll RootKit.0Access.H QUARANTINE
2012/05/06 17:56:06 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\CdaD10BA.dll RootKit.0Access.H QUARANTINE
2012/05/06 18:11:02 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\purendis.dll RootKit.0Access.H QUARANTINE
2012/05/06 18:26:03 +0200 KERFI-PC kerfi DETECTION C:\Windows\System32\OneCareMP.dll RootKit.0Access.H QUARANTINE
2012/05/06 18:47:55 +0200 KERFI-PC kerfi MESSAGE Starting protection
2012/05/06 18:48:00 +0200 KERFI-PC kerfi MESSAGE Protection started successfully
2012/05/06 18:48:03 +0200 KERFI-PC kerfi MESSAGE Starting IP protection
2012/05/06 18:48:03 +0200 KERFI-PC kerfi ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
Utilisateur anonyme
6 mai 2012 à 18:56
6 mai 2012 à 18:56
Re
Ok;on avance.
Télécharge TDSSKiller
*Créez un nouveau dossier sur votre bureau puis décompressez l'archive dedans
* Lancez le programme en cliquant sur TDSSKiller.exe, l'analyse se fait automatiquement, si l'infection est détectée, des éléments cachés (= hidden) seront alors affichés.
Si TDSS.tdl2 est détecté: l'option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté: assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté: assure toi que Cure est bien cochée.
Si Rootkit.Win32.ZAccess.* est détecté : règle sur "cure" en haut , et "delete" en bas
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
une fois qu'il a terminé , redémarre s'il te le demande pour finir de nettoyer
sinon , ferme TDSSKiller et le rapport s'affichera sur le bureau
Sinon il est enregistré ici : C:\TDSSKiller_N°Version_Date_Heure.txt
Poste moi son rapport à l'issue; merci
@+
Ok;on avance.
Télécharge TDSSKiller
*Créez un nouveau dossier sur votre bureau puis décompressez l'archive dedans
* Lancez le programme en cliquant sur TDSSKiller.exe, l'analyse se fait automatiquement, si l'infection est détectée, des éléments cachés (= hidden) seront alors affichés.
Si TDSS.tdl2 est détecté: l'option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté: assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté: assure toi que Cure est bien cochée.
Si Rootkit.Win32.ZAccess.* est détecté : règle sur "cure" en haut , et "delete" en bas
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
une fois qu'il a terminé , redémarre s'il te le demande pour finir de nettoyer
sinon , ferme TDSSKiller et le rapport s'affichera sur le bureau
Sinon il est enregistré ici : C:\TDSSKiller_N°Version_Date_Heure.txt
Poste moi son rapport à l'issue; merci
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 19:18
6 mai 2012 à 19:18
je ne peux créer un dossier visible sur mon bureau. rien ne s'y affiche actuellement.
j'ai decompressé le dossier ailleurs
je te donne le rapport :
2012/05/06 19:09:03.0029 4600 TDSS rootkit removing tool 2.5.1.0 May 13 2011 13:20:29
2012/05/06 19:09:09.0997 4600 ================================================================================
2012/05/06 19:09:09.0997 4600 SystemInfo:
2012/05/06 19:09:09.0997 4600
2012/05/06 19:09:09.0997 4600 OS Version: 6.1.7601 ServicePack: 1.0
2012/05/06 19:09:09.0997 4600 Product type: Workstation
2012/05/06 19:09:09.0998 4600 ComputerName: KERFI-PC
2012/05/06 19:09:09.0998 4600 UserName: kerfi
2012/05/06 19:09:09.0998 4600 Windows directory: C:\windows
2012/05/06 19:09:09.0998 4600 System windows directory: C:\windows
2012/05/06 19:09:09.0998 4600 Processor architecture: Intel x86
2012/05/06 19:09:09.0998 4600 Number of processors: 2
2012/05/06 19:09:09.0998 4600 Page size: 0x1000
2012/05/06 19:09:09.0998 4600 Boot type: Normal boot
2012/05/06 19:09:09.0998 4600 ================================================================================
2012/05/06 19:09:10.0457 4600 Initialize success
2012/05/06 19:10:13.0160 5652 ================================================================================
2012/05/06 19:10:13.0160 5652 Scan started
2012/05/06 19:10:13.0160 5652 Mode: Manual;
2012/05/06 19:10:13.0160 5652 ================================================================================
2012/05/06 19:10:14.0037 5652 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
2012/05/06 19:10:14.0116 5652 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
2012/05/06 19:10:14.0183 5652 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
2012/05/06 19:10:14.0321 5652 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2012/05/06 19:10:14.0357 5652 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2012/05/06 19:10:14.0418 5652 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2012/05/06 19:10:14.0503 5652 AFD (287cfdacbda65fcc6d7a95bdee9ec570) C:\windows\system32\drivers\afd.sys
2012/05/06 19:10:14.0506 5652 Suspicious file (Forged): C:\windows\system32\drivers\afd.sys. Real md5: 287cfdacbda65fcc6d7a95bdee9ec570, Fake md5: 9ebbba55060f786f0fcaa3893bfa2806
2012/05/06 19:10:14.0517 5652 AFD - detected ForgedFile.Multi.Generic (1)
2012/05/06 19:10:14.0586 5652 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
2012/05/06 19:10:14.0669 5652 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2012/05/06 19:10:14.0729 5652 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
2012/05/06 19:10:14.0754 5652 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
2012/05/06 19:10:14.0820 5652 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
2012/05/06 19:10:14.0873 5652 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2012/05/06 19:10:14.0908 5652 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2012/05/06 19:10:14.0988 5652 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
2012/05/06 19:10:15.0026 5652 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2012/05/06 19:10:15.0056 5652 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
2012/05/06 19:10:15.0122 5652 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
2012/05/06 19:10:15.0218 5652 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2012/05/06 19:10:15.0267 5652 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2012/05/06 19:10:15.0328 5652 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2012/05/06 19:10:15.0391 5652 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
2012/05/06 19:10:15.0515 5652 athr (0f4b6b99d6cdc1d93df1fa690796b2f7) C:\windows\system32\DRIVERS\athr.sys
2012/05/06 19:10:15.0717 5652 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2012/05/06 19:10:15.0774 5652 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2012/05/06 19:10:15.0878 5652 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2012/05/06 19:10:15.0920 5652 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2012/05/06 19:10:15.0977 5652 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
2012/05/06 19:10:16.0005 5652 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2012/05/06 19:10:16.0039 5652 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2012/05/06 19:10:16.0083 5652 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2012/05/06 19:10:16.0124 5652 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2012/05/06 19:10:16.0161 5652 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2012/05/06 19:10:16.0193 5652 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2012/05/06 19:10:16.0224 5652 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2012/05/06 19:10:16.0293 5652 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2012/05/06 19:10:16.0418 5652 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\DRIVERS\cdrom.sys
2012/05/06 19:10:16.0501 5652 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2012/05/06 19:10:16.0544 5652 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2012/05/06 19:10:16.0626 5652 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2012/05/06 19:10:16.0670 5652 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
2012/05/06 19:10:16.0746 5652 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
2012/05/06 19:10:16.0818 5652 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2012/05/06 19:10:16.0891 5652 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
2012/05/06 19:10:17.0001 5652 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2012/05/06 19:10:17.0129 5652 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
2012/05/06 19:10:17.0170 5652 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2012/05/06 19:10:17.0233 5652 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2012/05/06 19:10:17.0324 5652 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2012/05/06 19:10:17.0413 5652 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
2012/05/06 19:10:17.0570 5652 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2012/05/06 19:10:17.0769 5652 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2012/05/06 19:10:17.0847 5652 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
2012/05/06 19:10:17.0909 5652 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2012/05/06 19:10:17.0970 5652 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2012/05/06 19:10:18.0039 5652 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2012/05/06 19:10:18.0101 5652 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2012/05/06 19:10:18.0142 5652 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2012/05/06 19:10:18.0168 5652 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2012/05/06 19:10:18.0226 5652 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2012/05/06 19:10:18.0271 5652 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2012/05/06 19:10:18.0341 5652 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
2012/05/06 19:10:18.0383 5652 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
2012/05/06 19:10:18.0453 5652 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
2012/05/06 19:10:18.0524 5652 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2012/05/06 19:10:18.0657 5652 hcmon (4841aa8ae7f4ce516281a9640e2ae983) C:\windows\system32\Drivers\hcmon.sys
2012/05/06 19:10:18.0690 5652 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2012/05/06 19:10:18.0773 5652 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
2012/05/06 19:10:18.0823 5652 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
2012/05/06 19:10:18.0865 5652 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2012/05/06 19:10:18.0896 5652 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2012/05/06 19:10:18.0932 5652 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2012/05/06 19:10:18.0984 5652 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys
2012/05/06 19:10:19.0066 5652 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
2012/05/06 19:10:19.0160 5652 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
2012/05/06 19:10:19.0219 5652 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
2012/05/06 19:10:19.0265 5652 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
2012/05/06 19:10:19.0307 5652 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\windows\system32\DRIVERS\iaStor.sys
2012/05/06 19:10:19.0375 5652 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
2012/05/06 19:10:19.0587 5652 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
2012/05/06 19:10:19.0841 5652 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2012/05/06 19:10:19.0974 5652 IntcAzAudAddService (3202e26501e5e18c35dc2cc74709a704) C:\windows\system32\drivers\RTKVHDA.sys
2012/05/06 19:10:20.0112 5652 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
2012/05/06 19:10:20.0177 5652 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2012/05/06 19:10:20.0233 5652 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
2012/05/06 19:10:20.0281 5652 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
2012/05/06 19:10:20.0323 5652 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2012/05/06 19:10:20.0392 5652 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2012/05/06 19:10:20.0425 5652 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
2012/05/06 19:10:20.0475 5652 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
2012/05/06 19:10:20.0549 5652 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
2012/05/06 19:10:20.0631 5652 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
2012/05/06 19:10:20.0693 5652 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
2012/05/06 19:10:20.0747 5652 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
2012/05/06 19:10:20.0845 5652 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2012/05/06 19:10:20.0912 5652 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2012/05/06 19:10:20.0950 5652 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2012/05/06 19:10:21.0005 5652 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2012/05/06 19:10:21.0039 5652 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2012/05/06 19:10:21.0108 5652 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2012/05/06 19:10:21.0193 5652 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys
2012/05/06 19:10:21.0264 5652 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\windows\system32\DRIVERS\mcdbus.sys
2012/05/06 19:10:21.0303 5652 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2012/05/06 19:10:21.0346 5652 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2012/05/06 19:10:21.0410 5652 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2012/05/06 19:10:21.0453 5652 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2012/05/06 19:10:21.0514 5652 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2012/05/06 19:10:21.0581 5652 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2012/05/06 19:10:21.0637 5652 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
2012/05/06 19:10:21.0675 5652 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
2012/05/06 19:10:21.0769 5652 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\windows\system32\DRIVERS\MpNWMon.sys
2012/05/06 19:10:21.0806 5652 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2012/05/06 19:10:21.0874 5652 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
2012/05/06 19:10:21.0952 5652 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
2012/05/06 19:10:22.0023 5652 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
2012/05/06 19:10:22.0064 5652 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
2012/05/06 19:10:22.0127 5652 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
2012/05/06 19:10:22.0180 5652 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
2012/05/06 19:10:22.0274 5652 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2012/05/06 19:10:22.0298 5652 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2012/05/06 19:10:22.0340 5652 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
2012/05/06 19:10:22.0439 5652 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2012/05/06 19:10:22.0501 5652 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2012/05/06 19:10:22.0525 5652 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2012/05/06 19:10:22.0569 5652 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2012/05/06 19:10:22.0647 5652 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
2012/05/06 19:10:22.0734 5652 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2012/05/06 19:10:22.0785 5652 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2012/05/06 19:10:22.0816 5652 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2012/05/06 19:10:22.0883 5652 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2012/05/06 19:10:22.0942 5652 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
2012/05/06 19:10:22.0971 5652 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2012/05/06 19:10:23.0018 5652 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
2012/05/06 19:10:23.0086 5652 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
2012/05/06 19:10:23.0134 5652 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
2012/05/06 19:10:23.0184 5652 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
2012/05/06 19:10:23.0269 5652 Net6IM (99433503102c7fd14a44e672011fd991) C:\windows\system32\DRIVERS\net6im51.sys
2012/05/06 19:10:23.0331 5652 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
2012/05/06 19:10:23.0384 5652 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
2012/05/06 19:10:23.0450 5652 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
2012/05/06 19:10:23.0522 5652 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\windows\system32\DRIVERS\NisDrvWFP.sys
2012/05/06 19:10:23.0585 5652 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
2012/05/06 19:10:23.0609 5652 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
2012/05/06 19:10:23.0685 5652 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
2012/05/06 19:10:23.0730 5652 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
2012/05/06 19:10:23.0795 5652 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys
2012/05/06 19:10:24.0051 5652 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys
2012/05/06 19:10:24.0215 5652 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
2012/05/06 19:10:24.0259 5652 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
2012/05/06 19:10:24.0329 5652 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
2012/05/06 19:10:24.0409 5652 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
2012/05/06 19:10:24.0663 5652 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
2012/05/06 19:10:24.0727 5652 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
2012/05/06 19:10:24.0761 5652 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
2012/05/06 19:10:24.0801 5652 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
2012/05/06 19:10:24.0843 5652 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
2012/05/06 19:10:24.0869 5652 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
2012/05/06 19:10:24.0974 5652 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
2012/05/06 19:10:25.0029 5652 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
2012/05/06 19:10:25.0126 5652 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
2012/05/06 19:10:25.0161 5652 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
2012/05/06 19:10:25.0216 5652 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
2012/05/06 19:10:25.0273 5652 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
2012/05/06 19:10:25.0328 5652 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
2012/05/06 19:10:25.0363 5652 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
2012/05/06 19:10:25.0405 5652 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
2012/05/06 19:10:25.0451 5652 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
2012/05/06 19:10:25.0489 5652 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
2012/05/06 19:10:25.0528 5652 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
2012/05/06 19:10:25.0582 5652 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
2012/05/06 19:10:25.0633 5652 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
2012/05/06 19:10:25.0677 5652 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
2012/05/06 19:10:25.0718 5652 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
2012/05/06 19:10:25.0765 5652 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
2012/05/06 19:10:25.0792 5652 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
2012/05/06 19:10:25.0847 5652 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
2012/05/06 19:10:25.0916 5652 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
2012/05/06 19:10:26.0035 5652 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\windows\system32\DRIVERS\RsFx0102.sys
2012/05/06 19:10:26.0095 5652 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
2012/05/06 19:10:26.0149 5652 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
2012/05/06 19:10:26.0209 5652 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
2012/05/06 19:10:26.0320 5652 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
2012/05/06 19:10:26.0426 5652 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\windows\system32\drivers\SCDEmu.sys
2012/05/06 19:10:26.0476 5652 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
2012/05/06 19:10:26.0558 5652 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2012/05/06 19:10:26.0653 5652 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
2012/05/06 19:10:26.0707 5652 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
2012/05/06 19:10:26.0750 5652 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
2012/05/06 19:10:26.0820 5652 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
2012/05/06 19:10:26.0840 5652 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
2012/05/06 19:10:26.0872 5652 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
2012/05/06 19:10:26.0913 5652 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
2012/05/06 19:10:26.0957 5652 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
2012/05/06 19:10:26.0994 5652 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
2012/05/06 19:10:27.0022 5652 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
2012/05/06 19:10:27.0084 5652 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
2012/05/06 19:10:27.0134 5652 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
2012/05/06 19:10:27.0255 5652 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\windows\System32\Drivers\sptd.sys
2012/05/06 19:10:27.0255 5652 Suspicious file (NoAccess): C:\windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
2012/05/06 19:10:27.0262 5652 sptd - detected LockedFile.Multi.Generic (1)
2012/05/06 19:10:27.0383 5652 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
2012/05/06 19:10:27.0441 5652 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
2012/05/06 19:10:27.0525 5652 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
2012/05/06 19:10:27.0639 5652 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
2012/05/06 19:10:27.0737 5652 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
2012/05/06 19:10:27.0827 5652 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
2012/05/06 19:10:27.0967 5652 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
2012/05/06 19:10:28.0030 5652 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
2012/05/06 19:10:28.0076 5652 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
2012/05/06 19:10:28.0120 5652 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
2012/05/06 19:10:28.0161 5652 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
2012/05/06 19:10:28.0200 5652 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
2012/05/06 19:10:28.0248 5652 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
2012/05/06 19:10:28.0372 5652 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys
2012/05/06 19:10:28.0427 5652 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
2012/05/06 19:10:28.0514 5652 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
2012/05/06 19:10:28.0595 5652 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
2012/05/06 19:10:28.0647 5652 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
2012/05/06 19:10:28.0699 5652 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
2012/05/06 19:10:28.0769 5652 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
2012/05/06 19:10:28.0816 5652 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
2012/05/06 19:10:28.0858 5652 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
2012/05/06 19:10:28.0911 5652 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
2012/05/06 19:10:28.0957 5652 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
2012/05/06 19:10:28.0996 5652 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
2012/05/06 19:10:29.0034 5652 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
2012/05/06 19:10:29.0062 5652 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
2012/05/06 19:10:29.0108 5652 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
2012/05/06 19:10:29.0146 5652 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
2012/05/06 19:10:29.0194 5652 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys
2012/05/06 19:10:29.0256 5652 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\system32\Drivers\usbvideo.sys
2012/05/06 19:10:29.0319 5652 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
2012/05/06 19:10:29.0367 5652 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
2012/05/06 19:10:29.0402 5652 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
2012/05/06 19:10:29.0431 5652 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
2012/05/06 19:10:29.0474 5652 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
2012/05/06 19:10:29.0501 5652 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
2012/05/06 19:10:29.0546 5652 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
2012/05/06 19:10:29.0655 5652 vmm (590c7a3a1133e51a7e1cef67366e75af) C:\windows\system32\Drivers\vmm.sys
2012/05/06 19:10:29.0708 5652 VMnetAdapter (7b7d197c9074d50cf1fe0c2372c477db) C:\windows\system32\DRIVERS\vmnetadapter.sys
2012/05/06 19:10:29.0766 5652 VMnetBridge (293e35fe56ba37de21006a185724cbea) C:\windows\system32\DRIVERS\vmnetbridge.sys
2012/05/06 19:10:29.0808 5652 VMnetuserif (e8872062a9d87f05ce5d6e0a92bdfc81) C:\windows\system32\drivers\vmnetuserif.sys
2012/05/06 19:10:29.0906 5652 vmx86 (7b473c148190443354d23dce9ec58ac3) C:\windows\system32\Drivers\vmx86.sys
2012/05/06 19:10:29.0955 5652 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
2012/05/06 19:10:30.0011 5652 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
2012/05/06 19:10:30.0046 5652 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
2012/05/06 19:10:30.0112 5652 VPCNetS2 (f96a678debdccb0b4bb7f38cb2580589) C:\windows\system32\DRIVERS\VMNetSrv.sys
2012/05/06 19:10:30.0190 5652 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
2012/05/06 19:10:30.0310 5652 vstor2 (e9bad7038ec1c22fa64e0a3459ded897) C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys
2012/05/06 19:10:30.0373 5652 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
2012/05/06 19:10:30.0445 5652 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
2012/05/06 19:10:30.0504 5652 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
2012/05/06 19:10:30.0589 5652 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
2012/05/06 19:10:30.0603 5652 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
2012/05/06 19:10:30.0708 5652 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
2012/05/06 19:10:30.0765 5652 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
2012/05/06 19:10:30.0862 5652 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
2012/05/06 19:10:30.0888 5652 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
2012/05/06 19:10:30.0988 5652 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
2012/05/06 19:10:31.0022 5652 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
2012/05/06 19:10:31.0093 5652 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
2012/05/06 19:10:31.0157 5652 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
2012/05/06 19:10:31.0191 5652 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
2012/05/06 19:10:31.0285 5652 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\windows\system32\DRIVERS\yk62x86.sys
2012/05/06 19:10:31.0363 5652 ================================================================================
2012/05/06 19:10:31.0363 5652 Scan finished
2012/05/06 19:10:31.0363 5652 ================================================================================
2012/05/06 19:10:31.0390 4420 Detected object count: 2
2012/05/06 19:13:26.0094 4420 ForgedFile.Multi.Generic(AFD) - User select action: Skip
2012/05/06 19:13:26.0098 4420 LockedFile.Multi.Generic(sptd) - User select action: Skip
2012/05/06 19:14:21.0740 5628 ================================================================================
2012/05/06 19:14:21.0740 5628 Scan started
2012/05/06 19:14:21.0740 5628 Mode: Manual;
2012/05/06 19:14:21.0740 5628 ================================================================================
2012/05/06 19:14:22.0184 5628 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
2012/05/06 19:14:22.0253 5628 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
2012/05/06 19:14:22.0297 5628 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
2012/05/06 19:14:22.0358 5628 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2012/05/06 19:14:22.0405 5628 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2012/05/06 19:14:22.0444 5628 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2012/05/06 19:14:22.0517 5628 AFD (287cfdacbda65fcc6d7a95bdee9ec570) C:\windows\system32\drivers\afd.sys
2012/05/06 19:14:22.0518 5628 Suspicious file (Forged): C:\windows\system32\drivers\afd.sys. Real md5: 287cfdacbda65fcc6d7a95bdee9ec570, Fake md5: 9ebbba55060f786f0fcaa3893bfa2806
2012/05/06 19:14:22.0525 5628 AFD - detected ForgedFile.Multi.Generic (1)
2012/05/06 19:14:22.0578 5628 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
2012/05/06 19:14:22.0639 5628 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2012/05/06 19:14:22.0676 5628 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
2012/05/06 19:14:22.0713 5628 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
2012/05/06 19:14:22.0746 5628 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
2012/05/06 19:14:22.0777 5628 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2012/05/06 19:14:22.0833 5628 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2012/05/06 19:14:22.0880 5628 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
2012/05/06 19:14:22.0918 5628 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2012/05/06 19:14:22.0948 5628 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
2012/05/06 19:14:22.0992 5628 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
2012/05/06 19:14:23.0032 5628 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2012/05/06 19:14:23.0071 5628 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2012/05/06 19:14:23.0109 5628 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2012/05/06 19:14:23.0162 5628 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
2012/05/06 19:14:23.0238 5628 athr (0f4b6b99d6cdc1d93df1fa690796b2f7) C:\windows\system32\DRIVERS\athr.sys
2012/05/06 19:14:23.0320 5628 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2012/05/06 19:14:23.0356 5628 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2012/05/06 19:14:23.0427 5628 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2012/05/06 19:14:23.0468 5628 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2012/05/06 19:14:23.0515 5628 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
2012/05/06 19:14:23.0554 5628 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2012/05/06 19:14:23.0599 5628 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2012/05/06 19:14:23.0642 5628 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2012/05/06 19:14:23.0673 5628 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2012/05/06 19:14:23.0710 5628 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2012/05/06 19:14:23.0742 5628 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2012/05/06 19:14:23.0784 5628 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2012/05/06 19:14:23.0842 5628 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2012/05/06 19:14:23.0911 5628 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\DRIVERS\cdrom.sys
2012/05/06 19:14:23.0961 5628 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2012/05/06 19:14:24.0026 5628 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2012/05/06 19:14:24.0075 5628 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2012/05/06 19:14:24.0107 5628 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
2012/05/06 19:14:24.0161 5628 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
2012/05/06 19:14:24.0189 5628 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2012/05/06 19:14:24.0240 5628 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
2012/05/06 19:14:24.0305 5628 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2012/05/06 19:14:24.0388 5628 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
2012/05/06 19:14:24.0441 5628 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2012/05/06 19:14:24.0471 5628 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2012/05/06 19:14:24.0528 5628 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2012/05/06 19:14:24.0596 5628 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
2012/05/06 19:14:24.0731 5628 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2012/05/06 19:14:24.0951 5628 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2012/05/06 19:14:24.0996 5628 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
2012/05/06 19:14:25.0047 5628 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2012/05/06 19:14:25.0085 5628 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2012/05/06 19:14:25.0132 5628 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2012/05/06 19:14:25.0184 5628 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2012/05/06 19:14:25.0212 5628 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2012/05/06 19:14:25.0239 5628 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2012/05/06 19:14:25.0286 5628 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2012/05/06 19:14:25.0331 5628 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2012/05/06 19:14:25.0378 5628 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
2012/05/06 19:14:25.0420 5628 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
2012/05/06 19:14:25.0467 5628 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
2012/05/06 19:14:25.0516 5628 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2012/05/06 19:14:25.0583 5628 hcmon (4841aa8ae7f4ce516281a9640e2ae983) C:\windows\system32\Drivers\hcmon.sys
2012/05/06 19:14:25.0615 5628 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2012/05/06 19:14:25.0676 5628 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
2012/05/06 19:14:25.0704 5628 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
2012/05/06 19:14:25.0735 5628 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2012/05/06 19:14:25.0766 5628 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2012/05/06 19:14:25.0802 5628 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2012/05/06 19:14:25.0832 5628 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys
2012/05/06 19:14:25.0881 5628 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
2012/05/06 19:14:25.0929 5628 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
2012/05/06 19:14:25.0977 5628 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
2012/05/06 19:14:26.0024 5628 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
2012/05/06 19:14:26.0066 5628 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\windows\system32\DRIVERS\iaStor.sys
2012/05/06 19:14:26.0122 5628 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
2012/05/06 19:14:26.0275 5628 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
2012/05/06 19:14:26.0511 5628 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2012/05/06 19:14:26.0646 5628 IntcAzAudAddService (3202e26501e5e18c35dc2cc74709a704) C:\windows\system32\drivers\RTKVHDA.sys
2012/05/06 19:14:26.0782 5628 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
2012/05/06 19:14:26.0838 5628 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2012/05/06 19:14:26.0881 5628 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
2012/05/06 19:14:26.0929 5628 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
2012/05/06 19:14:26.0971 5628 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2012/05/06 19:14:26.0995 5628 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2012/05/06 19:14:27.0028 5628 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
2012/05/06 19:14:27.0067 5628 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
2012/05/06 19:14:27.0119 5628 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
2012/05/06 19:14:27.0168 5628 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
2012/05/06 19:14:27.0219 5628 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
2012/05/06 19:14:27.0250 5628 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
2012/05/06 19:14:27.0315 5628 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2012/05/06 19:14:27.0371 5628 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2012/05/06 19:14:27.0420 5628 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2012/05/06 19:14:27.0464 5628 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2012/05/06 19:14:27.0509 5628 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2012/05/06 19:14:27.0533 5628 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2012/05/06 19:14:27.0585 5628 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys
2012/05/06 19:14:27.0634 5628 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\windows\system32\DRIVERS\mcdbus.sys
2012/05/06 19:14:27.0673 5628 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2012/05/06 19:14:27.0705 5628 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2012/05/06 19:14:27.0758 5628 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2012/05/06 19:14:27.0779 5628 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2012/05/06 19:14:27.0829 5628 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2012/05/06 19:14:27.0872 5628 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2012/05/06 19:14:27.0918 5628 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
2012/05/06 19:14:27.0957 5628 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
2012/05/06 19:14:27.0995 5628 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\windows\system32\DRIVERS\MpNWMon.sys
2012/05/06 19:14:28.0021 5628 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2012/05/06 19:14:28.0067 5628 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
2012/05/06 19:14:28.0111 5628 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
2012/05/06 19:14:28.0172 5628 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
2012/05/06 19:14:28.0201 5628 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
2012/05/06 19:14:28.0253 5628 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
2012/05/06 19:14:28.0306 5628 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
2012/05/06 19:14:28.0366 5628 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2012/05/06 19:14:28.0390 5628 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2012/05/06 19:14:28.0444 5628 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
2012/05/06 19:14:28.0486 5628 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2012/05/06 19:14:28.0549 5628 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2012/05/06 19:14:28.0595 5628 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2012/05/06 19:14:28.0628 5628 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2012/05/06 19:14:28.0684 5628 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
2012/05/06 19:14:28.0726 5628 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2012/05/06 19:14:28.0766 5628 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2012/05/06 19:14:28.0797 5628 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2012/05/06 19:14:28.0887 5628 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2012/05/06 19:14:28.0946 5628 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
2012/05/06 19:14:28.0975 5628 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2012/05/06 19:14:29.0000 5628 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
2012/05/06 19:14:29.0045 5628 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
2012/05/06 19:14:29.0093 5628 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
2012/05/06 19:14:29.0143 5628 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
2012/05/06 19:14:29.0195 5628 Net6IM (99433503102c7fd14a44e672011fd991) C:\windows\system32\DRIVERS\net6im51.sys
2012/05/06 19:14:29.0235 5628 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
2012/05/06 19:14:29.0287 5628 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
2012/05/06 19:14:29.0342 5628 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
2012/05/06 19:14:29.0392 5628 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\windows\system32\DRIVERS\NisDrvWFP.sys
2012/05/06 19:14:29.0432 5628 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
2012/05/06 19:14:29.0457 5628 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
2012/05/06 19:14:29.0532 5628 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
2012/05/06 19:14:29.0578 5628 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
2012/05/06 19:14:29.0621 5628 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys
2012/05/06 19:14:29.0868 5628 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys
2012/05/06 19:14:30.0030 5628 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
2012/05/06 19:14:30.0084 5628 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
2012/05/06 19:14:30.0143 5628 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
2012/05/06 19:14:30.0190 5628 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
2012/05/06 19:14:30.0322 5628 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
2012/05/06 19:14:30.0387 5628 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
2012/05/06 19:14:30.0420 5628 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
2012/05/06 19:14:30.0460 5628 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
2012/05/06 19:14:30.0491 5628 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
2012/05/06 19:14:30.0517 5628 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
2012/05/06 19:14:30.0555 5628 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
2012/05/06 19:14:30.0587 5628 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
2012/05/06 19:14:30.0697 5628 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
2012/05/06 19:14:30.0720 5628 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
2012/05/06 19:14:30.0764 5628 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
2012/05/06 19:14:30.0821 5628 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
2012/05/06 19:14:30.0854 5628 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
2012/05/06 19:14:30.0889 5628 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
2012/05/06 19:14:30.0919 5628 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
2012/05/06 19:14:30.0955 5628 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
2012/05/06 19:14:30.0982 5628 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
2012/05/06 19:14:31.0009 5628 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
2012/05/06 19:14:31.0052 5628 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
2012/05/06 19:14:31.0103 5628 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
2012/05/06 19:14:31.0136 5628 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
2012/05/06 19:14:31.0177 5628 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
2012/05/06 19:14:31.0202 5628 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
2012/05/06 19:14:31.0229 5628 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
2012/05/06 19:14:31.0272 5628 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
2012/05/06 19:14:31.0319 5628 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
2012/05/06 19:14:31.0405 5628 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\windows\system32\DRIVERS\RsFx0102.sys
2012/05/06 19:14:31.0443 5628 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
2012/05/06 19:14:31.0486 5628 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
2012/05/06 19:14:31.0524 5628 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
2012/05/06 19:14:31.0590 5628 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
2012/05/06 19:14:31.0629 5628 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\windows\system32\drivers\SCDEmu.sys
2012/05/06 19:14:31.0680 5628 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
2012/05/06 19:14:31.0773 5628 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2012/05/06 19:14:31.0824 5628 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
2012/05/06 19:14:31.0855 5628 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
2012/05/06 19:14:31.0887 5628 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
2012/05/06 19:14:31.0957 5628 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
2012/05/06 19:14:31.0977 5628 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
2012/05/06 19:14:32.0009 5628 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
2012/05/06 19:14:32.0050 5628 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
2012/05/06 19:14:32.0094 5628 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
2012/05/06 19:14:32.0120 5628 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
2012/05/06 19:14:32.0159 5628 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
2012/05/06 19:14:32.0188 5628 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
2012/05/06 19:14:32.0238 5628 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
2012/05/06 19:14:32.0308 5628 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\windows\System32\Drivers\sptd.sys
2012/05/06 19:14:32.0309 5628 Suspicious file (NoAccess): C:\windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
2012/05/06 19:14:32.0323 5628 sptd - detected LockedFile.Multi.Generic (1)
2012/05/06 19:14:32.0386 5628 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
2012/05/06 19:14:32.0456 5628 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
2012/05/06 19:14:32.0496 5628 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
2012/05/06 19:14:32.0543 5628 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
2012/05/06 19:14:32.0608 5628 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
2012/05/06 19:14:32.0663 5628 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
2012/05/06 19:14:32.0767 5628 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
2012/05/06 19:14:32.0803 5628 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
2012/05/06 19:14:32.0858 5628 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
2012/05/06 19:14:32.0902 5628 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
2012/05/06 19:14:32.0942 5628 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
2012/05/06 19:14:32.0982 5628 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
2012/05/06 19:14:33.0029 5628 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
2012/05/06 19:14:33.0109 5628 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys
2012/05/06 19:14:33.0164 5628 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
2012/05/06 19:14:33.0207 5628 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
2012/05/06 19:14:33.0254 5628 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
2012/05/06 19:14:33.0295 5628 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
2012/05/06 19:14:33.0347 5628 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
2012/05/06 19:14:33.0429 5628 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
2012/05/06 19:14:33.0464 5628 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
2012/05/06 19:14:33.0495 5628 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
2012/05/06 19:14:33.0548 5628 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
2012/05/06 19:14:33.0583 5628 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
2012/05/06 19:14:33.0611 5628 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
2012/05/06 19:14:33.0637 5628 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
2012/05/06 19:14:33.0677 5628 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\syste
j'ai decompressé le dossier ailleurs
je te donne le rapport :
2012/05/06 19:09:03.0029 4600 TDSS rootkit removing tool 2.5.1.0 May 13 2011 13:20:29
2012/05/06 19:09:09.0997 4600 ================================================================================
2012/05/06 19:09:09.0997 4600 SystemInfo:
2012/05/06 19:09:09.0997 4600
2012/05/06 19:09:09.0997 4600 OS Version: 6.1.7601 ServicePack: 1.0
2012/05/06 19:09:09.0997 4600 Product type: Workstation
2012/05/06 19:09:09.0998 4600 ComputerName: KERFI-PC
2012/05/06 19:09:09.0998 4600 UserName: kerfi
2012/05/06 19:09:09.0998 4600 Windows directory: C:\windows
2012/05/06 19:09:09.0998 4600 System windows directory: C:\windows
2012/05/06 19:09:09.0998 4600 Processor architecture: Intel x86
2012/05/06 19:09:09.0998 4600 Number of processors: 2
2012/05/06 19:09:09.0998 4600 Page size: 0x1000
2012/05/06 19:09:09.0998 4600 Boot type: Normal boot
2012/05/06 19:09:09.0998 4600 ================================================================================
2012/05/06 19:09:10.0457 4600 Initialize success
2012/05/06 19:10:13.0160 5652 ================================================================================
2012/05/06 19:10:13.0160 5652 Scan started
2012/05/06 19:10:13.0160 5652 Mode: Manual;
2012/05/06 19:10:13.0160 5652 ================================================================================
2012/05/06 19:10:14.0037 5652 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
2012/05/06 19:10:14.0116 5652 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
2012/05/06 19:10:14.0183 5652 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
2012/05/06 19:10:14.0321 5652 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2012/05/06 19:10:14.0357 5652 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2012/05/06 19:10:14.0418 5652 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2012/05/06 19:10:14.0503 5652 AFD (287cfdacbda65fcc6d7a95bdee9ec570) C:\windows\system32\drivers\afd.sys
2012/05/06 19:10:14.0506 5652 Suspicious file (Forged): C:\windows\system32\drivers\afd.sys. Real md5: 287cfdacbda65fcc6d7a95bdee9ec570, Fake md5: 9ebbba55060f786f0fcaa3893bfa2806
2012/05/06 19:10:14.0517 5652 AFD - detected ForgedFile.Multi.Generic (1)
2012/05/06 19:10:14.0586 5652 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
2012/05/06 19:10:14.0669 5652 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2012/05/06 19:10:14.0729 5652 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
2012/05/06 19:10:14.0754 5652 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
2012/05/06 19:10:14.0820 5652 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
2012/05/06 19:10:14.0873 5652 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2012/05/06 19:10:14.0908 5652 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2012/05/06 19:10:14.0988 5652 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
2012/05/06 19:10:15.0026 5652 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2012/05/06 19:10:15.0056 5652 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
2012/05/06 19:10:15.0122 5652 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
2012/05/06 19:10:15.0218 5652 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2012/05/06 19:10:15.0267 5652 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2012/05/06 19:10:15.0328 5652 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2012/05/06 19:10:15.0391 5652 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
2012/05/06 19:10:15.0515 5652 athr (0f4b6b99d6cdc1d93df1fa690796b2f7) C:\windows\system32\DRIVERS\athr.sys
2012/05/06 19:10:15.0717 5652 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2012/05/06 19:10:15.0774 5652 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2012/05/06 19:10:15.0878 5652 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2012/05/06 19:10:15.0920 5652 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2012/05/06 19:10:15.0977 5652 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
2012/05/06 19:10:16.0005 5652 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2012/05/06 19:10:16.0039 5652 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2012/05/06 19:10:16.0083 5652 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2012/05/06 19:10:16.0124 5652 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2012/05/06 19:10:16.0161 5652 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2012/05/06 19:10:16.0193 5652 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2012/05/06 19:10:16.0224 5652 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2012/05/06 19:10:16.0293 5652 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2012/05/06 19:10:16.0418 5652 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\DRIVERS\cdrom.sys
2012/05/06 19:10:16.0501 5652 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2012/05/06 19:10:16.0544 5652 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2012/05/06 19:10:16.0626 5652 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2012/05/06 19:10:16.0670 5652 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
2012/05/06 19:10:16.0746 5652 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
2012/05/06 19:10:16.0818 5652 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2012/05/06 19:10:16.0891 5652 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
2012/05/06 19:10:17.0001 5652 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2012/05/06 19:10:17.0129 5652 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
2012/05/06 19:10:17.0170 5652 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2012/05/06 19:10:17.0233 5652 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2012/05/06 19:10:17.0324 5652 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2012/05/06 19:10:17.0413 5652 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
2012/05/06 19:10:17.0570 5652 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2012/05/06 19:10:17.0769 5652 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2012/05/06 19:10:17.0847 5652 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
2012/05/06 19:10:17.0909 5652 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2012/05/06 19:10:17.0970 5652 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2012/05/06 19:10:18.0039 5652 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2012/05/06 19:10:18.0101 5652 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2012/05/06 19:10:18.0142 5652 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2012/05/06 19:10:18.0168 5652 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2012/05/06 19:10:18.0226 5652 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2012/05/06 19:10:18.0271 5652 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2012/05/06 19:10:18.0341 5652 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
2012/05/06 19:10:18.0383 5652 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
2012/05/06 19:10:18.0453 5652 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
2012/05/06 19:10:18.0524 5652 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2012/05/06 19:10:18.0657 5652 hcmon (4841aa8ae7f4ce516281a9640e2ae983) C:\windows\system32\Drivers\hcmon.sys
2012/05/06 19:10:18.0690 5652 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2012/05/06 19:10:18.0773 5652 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
2012/05/06 19:10:18.0823 5652 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
2012/05/06 19:10:18.0865 5652 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2012/05/06 19:10:18.0896 5652 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2012/05/06 19:10:18.0932 5652 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2012/05/06 19:10:18.0984 5652 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys
2012/05/06 19:10:19.0066 5652 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
2012/05/06 19:10:19.0160 5652 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
2012/05/06 19:10:19.0219 5652 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
2012/05/06 19:10:19.0265 5652 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
2012/05/06 19:10:19.0307 5652 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\windows\system32\DRIVERS\iaStor.sys
2012/05/06 19:10:19.0375 5652 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
2012/05/06 19:10:19.0587 5652 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
2012/05/06 19:10:19.0841 5652 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2012/05/06 19:10:19.0974 5652 IntcAzAudAddService (3202e26501e5e18c35dc2cc74709a704) C:\windows\system32\drivers\RTKVHDA.sys
2012/05/06 19:10:20.0112 5652 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
2012/05/06 19:10:20.0177 5652 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2012/05/06 19:10:20.0233 5652 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
2012/05/06 19:10:20.0281 5652 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
2012/05/06 19:10:20.0323 5652 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2012/05/06 19:10:20.0392 5652 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2012/05/06 19:10:20.0425 5652 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
2012/05/06 19:10:20.0475 5652 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
2012/05/06 19:10:20.0549 5652 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
2012/05/06 19:10:20.0631 5652 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
2012/05/06 19:10:20.0693 5652 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
2012/05/06 19:10:20.0747 5652 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
2012/05/06 19:10:20.0845 5652 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2012/05/06 19:10:20.0912 5652 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2012/05/06 19:10:20.0950 5652 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2012/05/06 19:10:21.0005 5652 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2012/05/06 19:10:21.0039 5652 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2012/05/06 19:10:21.0108 5652 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2012/05/06 19:10:21.0193 5652 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys
2012/05/06 19:10:21.0264 5652 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\windows\system32\DRIVERS\mcdbus.sys
2012/05/06 19:10:21.0303 5652 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2012/05/06 19:10:21.0346 5652 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2012/05/06 19:10:21.0410 5652 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2012/05/06 19:10:21.0453 5652 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2012/05/06 19:10:21.0514 5652 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2012/05/06 19:10:21.0581 5652 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2012/05/06 19:10:21.0637 5652 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
2012/05/06 19:10:21.0675 5652 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
2012/05/06 19:10:21.0769 5652 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\windows\system32\DRIVERS\MpNWMon.sys
2012/05/06 19:10:21.0806 5652 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2012/05/06 19:10:21.0874 5652 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
2012/05/06 19:10:21.0952 5652 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
2012/05/06 19:10:22.0023 5652 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
2012/05/06 19:10:22.0064 5652 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
2012/05/06 19:10:22.0127 5652 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
2012/05/06 19:10:22.0180 5652 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
2012/05/06 19:10:22.0274 5652 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2012/05/06 19:10:22.0298 5652 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2012/05/06 19:10:22.0340 5652 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
2012/05/06 19:10:22.0439 5652 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2012/05/06 19:10:22.0501 5652 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2012/05/06 19:10:22.0525 5652 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2012/05/06 19:10:22.0569 5652 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2012/05/06 19:10:22.0647 5652 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
2012/05/06 19:10:22.0734 5652 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2012/05/06 19:10:22.0785 5652 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2012/05/06 19:10:22.0816 5652 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2012/05/06 19:10:22.0883 5652 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2012/05/06 19:10:22.0942 5652 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
2012/05/06 19:10:22.0971 5652 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2012/05/06 19:10:23.0018 5652 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
2012/05/06 19:10:23.0086 5652 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
2012/05/06 19:10:23.0134 5652 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
2012/05/06 19:10:23.0184 5652 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
2012/05/06 19:10:23.0269 5652 Net6IM (99433503102c7fd14a44e672011fd991) C:\windows\system32\DRIVERS\net6im51.sys
2012/05/06 19:10:23.0331 5652 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
2012/05/06 19:10:23.0384 5652 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
2012/05/06 19:10:23.0450 5652 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
2012/05/06 19:10:23.0522 5652 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\windows\system32\DRIVERS\NisDrvWFP.sys
2012/05/06 19:10:23.0585 5652 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
2012/05/06 19:10:23.0609 5652 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
2012/05/06 19:10:23.0685 5652 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
2012/05/06 19:10:23.0730 5652 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
2012/05/06 19:10:23.0795 5652 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys
2012/05/06 19:10:24.0051 5652 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys
2012/05/06 19:10:24.0215 5652 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
2012/05/06 19:10:24.0259 5652 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
2012/05/06 19:10:24.0329 5652 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
2012/05/06 19:10:24.0409 5652 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
2012/05/06 19:10:24.0663 5652 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
2012/05/06 19:10:24.0727 5652 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
2012/05/06 19:10:24.0761 5652 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
2012/05/06 19:10:24.0801 5652 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
2012/05/06 19:10:24.0843 5652 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
2012/05/06 19:10:24.0869 5652 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
2012/05/06 19:10:24.0974 5652 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
2012/05/06 19:10:25.0029 5652 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
2012/05/06 19:10:25.0126 5652 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
2012/05/06 19:10:25.0161 5652 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
2012/05/06 19:10:25.0216 5652 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
2012/05/06 19:10:25.0273 5652 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
2012/05/06 19:10:25.0328 5652 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
2012/05/06 19:10:25.0363 5652 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
2012/05/06 19:10:25.0405 5652 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
2012/05/06 19:10:25.0451 5652 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
2012/05/06 19:10:25.0489 5652 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
2012/05/06 19:10:25.0528 5652 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
2012/05/06 19:10:25.0582 5652 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
2012/05/06 19:10:25.0633 5652 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
2012/05/06 19:10:25.0677 5652 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
2012/05/06 19:10:25.0718 5652 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
2012/05/06 19:10:25.0765 5652 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
2012/05/06 19:10:25.0792 5652 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
2012/05/06 19:10:25.0847 5652 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
2012/05/06 19:10:25.0916 5652 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
2012/05/06 19:10:26.0035 5652 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\windows\system32\DRIVERS\RsFx0102.sys
2012/05/06 19:10:26.0095 5652 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
2012/05/06 19:10:26.0149 5652 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
2012/05/06 19:10:26.0209 5652 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
2012/05/06 19:10:26.0320 5652 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
2012/05/06 19:10:26.0426 5652 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\windows\system32\drivers\SCDEmu.sys
2012/05/06 19:10:26.0476 5652 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
2012/05/06 19:10:26.0558 5652 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2012/05/06 19:10:26.0653 5652 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
2012/05/06 19:10:26.0707 5652 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
2012/05/06 19:10:26.0750 5652 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
2012/05/06 19:10:26.0820 5652 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
2012/05/06 19:10:26.0840 5652 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
2012/05/06 19:10:26.0872 5652 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
2012/05/06 19:10:26.0913 5652 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
2012/05/06 19:10:26.0957 5652 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
2012/05/06 19:10:26.0994 5652 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
2012/05/06 19:10:27.0022 5652 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
2012/05/06 19:10:27.0084 5652 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
2012/05/06 19:10:27.0134 5652 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
2012/05/06 19:10:27.0255 5652 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\windows\System32\Drivers\sptd.sys
2012/05/06 19:10:27.0255 5652 Suspicious file (NoAccess): C:\windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
2012/05/06 19:10:27.0262 5652 sptd - detected LockedFile.Multi.Generic (1)
2012/05/06 19:10:27.0383 5652 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
2012/05/06 19:10:27.0441 5652 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
2012/05/06 19:10:27.0525 5652 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
2012/05/06 19:10:27.0639 5652 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
2012/05/06 19:10:27.0737 5652 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
2012/05/06 19:10:27.0827 5652 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
2012/05/06 19:10:27.0967 5652 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
2012/05/06 19:10:28.0030 5652 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
2012/05/06 19:10:28.0076 5652 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
2012/05/06 19:10:28.0120 5652 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
2012/05/06 19:10:28.0161 5652 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
2012/05/06 19:10:28.0200 5652 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
2012/05/06 19:10:28.0248 5652 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
2012/05/06 19:10:28.0372 5652 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys
2012/05/06 19:10:28.0427 5652 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
2012/05/06 19:10:28.0514 5652 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
2012/05/06 19:10:28.0595 5652 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
2012/05/06 19:10:28.0647 5652 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
2012/05/06 19:10:28.0699 5652 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
2012/05/06 19:10:28.0769 5652 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
2012/05/06 19:10:28.0816 5652 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
2012/05/06 19:10:28.0858 5652 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
2012/05/06 19:10:28.0911 5652 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
2012/05/06 19:10:28.0957 5652 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
2012/05/06 19:10:28.0996 5652 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
2012/05/06 19:10:29.0034 5652 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
2012/05/06 19:10:29.0062 5652 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
2012/05/06 19:10:29.0108 5652 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
2012/05/06 19:10:29.0146 5652 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
2012/05/06 19:10:29.0194 5652 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys
2012/05/06 19:10:29.0256 5652 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\system32\Drivers\usbvideo.sys
2012/05/06 19:10:29.0319 5652 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
2012/05/06 19:10:29.0367 5652 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
2012/05/06 19:10:29.0402 5652 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
2012/05/06 19:10:29.0431 5652 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
2012/05/06 19:10:29.0474 5652 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
2012/05/06 19:10:29.0501 5652 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
2012/05/06 19:10:29.0546 5652 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
2012/05/06 19:10:29.0655 5652 vmm (590c7a3a1133e51a7e1cef67366e75af) C:\windows\system32\Drivers\vmm.sys
2012/05/06 19:10:29.0708 5652 VMnetAdapter (7b7d197c9074d50cf1fe0c2372c477db) C:\windows\system32\DRIVERS\vmnetadapter.sys
2012/05/06 19:10:29.0766 5652 VMnetBridge (293e35fe56ba37de21006a185724cbea) C:\windows\system32\DRIVERS\vmnetbridge.sys
2012/05/06 19:10:29.0808 5652 VMnetuserif (e8872062a9d87f05ce5d6e0a92bdfc81) C:\windows\system32\drivers\vmnetuserif.sys
2012/05/06 19:10:29.0906 5652 vmx86 (7b473c148190443354d23dce9ec58ac3) C:\windows\system32\Drivers\vmx86.sys
2012/05/06 19:10:29.0955 5652 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
2012/05/06 19:10:30.0011 5652 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
2012/05/06 19:10:30.0046 5652 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
2012/05/06 19:10:30.0112 5652 VPCNetS2 (f96a678debdccb0b4bb7f38cb2580589) C:\windows\system32\DRIVERS\VMNetSrv.sys
2012/05/06 19:10:30.0190 5652 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
2012/05/06 19:10:30.0310 5652 vstor2 (e9bad7038ec1c22fa64e0a3459ded897) C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys
2012/05/06 19:10:30.0373 5652 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
2012/05/06 19:10:30.0445 5652 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
2012/05/06 19:10:30.0504 5652 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
2012/05/06 19:10:30.0589 5652 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
2012/05/06 19:10:30.0603 5652 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
2012/05/06 19:10:30.0708 5652 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
2012/05/06 19:10:30.0765 5652 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
2012/05/06 19:10:30.0862 5652 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
2012/05/06 19:10:30.0888 5652 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
2012/05/06 19:10:30.0988 5652 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
2012/05/06 19:10:31.0022 5652 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
2012/05/06 19:10:31.0093 5652 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
2012/05/06 19:10:31.0157 5652 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
2012/05/06 19:10:31.0191 5652 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
2012/05/06 19:10:31.0285 5652 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\windows\system32\DRIVERS\yk62x86.sys
2012/05/06 19:10:31.0363 5652 ================================================================================
2012/05/06 19:10:31.0363 5652 Scan finished
2012/05/06 19:10:31.0363 5652 ================================================================================
2012/05/06 19:10:31.0390 4420 Detected object count: 2
2012/05/06 19:13:26.0094 4420 ForgedFile.Multi.Generic(AFD) - User select action: Skip
2012/05/06 19:13:26.0098 4420 LockedFile.Multi.Generic(sptd) - User select action: Skip
2012/05/06 19:14:21.0740 5628 ================================================================================
2012/05/06 19:14:21.0740 5628 Scan started
2012/05/06 19:14:21.0740 5628 Mode: Manual;
2012/05/06 19:14:21.0740 5628 ================================================================================
2012/05/06 19:14:22.0184 5628 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
2012/05/06 19:14:22.0253 5628 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
2012/05/06 19:14:22.0297 5628 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
2012/05/06 19:14:22.0358 5628 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2012/05/06 19:14:22.0405 5628 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2012/05/06 19:14:22.0444 5628 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2012/05/06 19:14:22.0517 5628 AFD (287cfdacbda65fcc6d7a95bdee9ec570) C:\windows\system32\drivers\afd.sys
2012/05/06 19:14:22.0518 5628 Suspicious file (Forged): C:\windows\system32\drivers\afd.sys. Real md5: 287cfdacbda65fcc6d7a95bdee9ec570, Fake md5: 9ebbba55060f786f0fcaa3893bfa2806
2012/05/06 19:14:22.0525 5628 AFD - detected ForgedFile.Multi.Generic (1)
2012/05/06 19:14:22.0578 5628 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
2012/05/06 19:14:22.0639 5628 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2012/05/06 19:14:22.0676 5628 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
2012/05/06 19:14:22.0713 5628 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
2012/05/06 19:14:22.0746 5628 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
2012/05/06 19:14:22.0777 5628 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2012/05/06 19:14:22.0833 5628 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2012/05/06 19:14:22.0880 5628 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
2012/05/06 19:14:22.0918 5628 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2012/05/06 19:14:22.0948 5628 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
2012/05/06 19:14:22.0992 5628 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
2012/05/06 19:14:23.0032 5628 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2012/05/06 19:14:23.0071 5628 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2012/05/06 19:14:23.0109 5628 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2012/05/06 19:14:23.0162 5628 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
2012/05/06 19:14:23.0238 5628 athr (0f4b6b99d6cdc1d93df1fa690796b2f7) C:\windows\system32\DRIVERS\athr.sys
2012/05/06 19:14:23.0320 5628 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2012/05/06 19:14:23.0356 5628 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2012/05/06 19:14:23.0427 5628 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2012/05/06 19:14:23.0468 5628 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2012/05/06 19:14:23.0515 5628 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
2012/05/06 19:14:23.0554 5628 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2012/05/06 19:14:23.0599 5628 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2012/05/06 19:14:23.0642 5628 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2012/05/06 19:14:23.0673 5628 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2012/05/06 19:14:23.0710 5628 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2012/05/06 19:14:23.0742 5628 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2012/05/06 19:14:23.0784 5628 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2012/05/06 19:14:23.0842 5628 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2012/05/06 19:14:23.0911 5628 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\DRIVERS\cdrom.sys
2012/05/06 19:14:23.0961 5628 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2012/05/06 19:14:24.0026 5628 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2012/05/06 19:14:24.0075 5628 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2012/05/06 19:14:24.0107 5628 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
2012/05/06 19:14:24.0161 5628 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
2012/05/06 19:14:24.0189 5628 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2012/05/06 19:14:24.0240 5628 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
2012/05/06 19:14:24.0305 5628 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2012/05/06 19:14:24.0388 5628 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
2012/05/06 19:14:24.0441 5628 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2012/05/06 19:14:24.0471 5628 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2012/05/06 19:14:24.0528 5628 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2012/05/06 19:14:24.0596 5628 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
2012/05/06 19:14:24.0731 5628 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2012/05/06 19:14:24.0951 5628 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2012/05/06 19:14:24.0996 5628 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
2012/05/06 19:14:25.0047 5628 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2012/05/06 19:14:25.0085 5628 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2012/05/06 19:14:25.0132 5628 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2012/05/06 19:14:25.0184 5628 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2012/05/06 19:14:25.0212 5628 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2012/05/06 19:14:25.0239 5628 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2012/05/06 19:14:25.0286 5628 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2012/05/06 19:14:25.0331 5628 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2012/05/06 19:14:25.0378 5628 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
2012/05/06 19:14:25.0420 5628 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
2012/05/06 19:14:25.0467 5628 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
2012/05/06 19:14:25.0516 5628 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2012/05/06 19:14:25.0583 5628 hcmon (4841aa8ae7f4ce516281a9640e2ae983) C:\windows\system32\Drivers\hcmon.sys
2012/05/06 19:14:25.0615 5628 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2012/05/06 19:14:25.0676 5628 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
2012/05/06 19:14:25.0704 5628 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
2012/05/06 19:14:25.0735 5628 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2012/05/06 19:14:25.0766 5628 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2012/05/06 19:14:25.0802 5628 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2012/05/06 19:14:25.0832 5628 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys
2012/05/06 19:14:25.0881 5628 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
2012/05/06 19:14:25.0929 5628 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
2012/05/06 19:14:25.0977 5628 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
2012/05/06 19:14:26.0024 5628 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
2012/05/06 19:14:26.0066 5628 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\windows\system32\DRIVERS\iaStor.sys
2012/05/06 19:14:26.0122 5628 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
2012/05/06 19:14:26.0275 5628 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
2012/05/06 19:14:26.0511 5628 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2012/05/06 19:14:26.0646 5628 IntcAzAudAddService (3202e26501e5e18c35dc2cc74709a704) C:\windows\system32\drivers\RTKVHDA.sys
2012/05/06 19:14:26.0782 5628 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
2012/05/06 19:14:26.0838 5628 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2012/05/06 19:14:26.0881 5628 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
2012/05/06 19:14:26.0929 5628 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
2012/05/06 19:14:26.0971 5628 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2012/05/06 19:14:26.0995 5628 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2012/05/06 19:14:27.0028 5628 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
2012/05/06 19:14:27.0067 5628 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
2012/05/06 19:14:27.0119 5628 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
2012/05/06 19:14:27.0168 5628 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
2012/05/06 19:14:27.0219 5628 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
2012/05/06 19:14:27.0250 5628 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
2012/05/06 19:14:27.0315 5628 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2012/05/06 19:14:27.0371 5628 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2012/05/06 19:14:27.0420 5628 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2012/05/06 19:14:27.0464 5628 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2012/05/06 19:14:27.0509 5628 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2012/05/06 19:14:27.0533 5628 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2012/05/06 19:14:27.0585 5628 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys
2012/05/06 19:14:27.0634 5628 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\windows\system32\DRIVERS\mcdbus.sys
2012/05/06 19:14:27.0673 5628 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2012/05/06 19:14:27.0705 5628 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2012/05/06 19:14:27.0758 5628 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2012/05/06 19:14:27.0779 5628 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2012/05/06 19:14:27.0829 5628 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2012/05/06 19:14:27.0872 5628 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2012/05/06 19:14:27.0918 5628 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
2012/05/06 19:14:27.0957 5628 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
2012/05/06 19:14:27.0995 5628 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\windows\system32\DRIVERS\MpNWMon.sys
2012/05/06 19:14:28.0021 5628 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2012/05/06 19:14:28.0067 5628 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
2012/05/06 19:14:28.0111 5628 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
2012/05/06 19:14:28.0172 5628 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
2012/05/06 19:14:28.0201 5628 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
2012/05/06 19:14:28.0253 5628 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
2012/05/06 19:14:28.0306 5628 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
2012/05/06 19:14:28.0366 5628 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2012/05/06 19:14:28.0390 5628 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2012/05/06 19:14:28.0444 5628 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
2012/05/06 19:14:28.0486 5628 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2012/05/06 19:14:28.0549 5628 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2012/05/06 19:14:28.0595 5628 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2012/05/06 19:14:28.0628 5628 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2012/05/06 19:14:28.0684 5628 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
2012/05/06 19:14:28.0726 5628 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2012/05/06 19:14:28.0766 5628 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2012/05/06 19:14:28.0797 5628 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2012/05/06 19:14:28.0887 5628 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2012/05/06 19:14:28.0946 5628 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
2012/05/06 19:14:28.0975 5628 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2012/05/06 19:14:29.0000 5628 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
2012/05/06 19:14:29.0045 5628 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
2012/05/06 19:14:29.0093 5628 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
2012/05/06 19:14:29.0143 5628 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
2012/05/06 19:14:29.0195 5628 Net6IM (99433503102c7fd14a44e672011fd991) C:\windows\system32\DRIVERS\net6im51.sys
2012/05/06 19:14:29.0235 5628 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
2012/05/06 19:14:29.0287 5628 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
2012/05/06 19:14:29.0342 5628 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
2012/05/06 19:14:29.0392 5628 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\windows\system32\DRIVERS\NisDrvWFP.sys
2012/05/06 19:14:29.0432 5628 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
2012/05/06 19:14:29.0457 5628 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
2012/05/06 19:14:29.0532 5628 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
2012/05/06 19:14:29.0578 5628 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
2012/05/06 19:14:29.0621 5628 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys
2012/05/06 19:14:29.0868 5628 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys
2012/05/06 19:14:30.0030 5628 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
2012/05/06 19:14:30.0084 5628 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
2012/05/06 19:14:30.0143 5628 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
2012/05/06 19:14:30.0190 5628 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
2012/05/06 19:14:30.0322 5628 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
2012/05/06 19:14:30.0387 5628 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
2012/05/06 19:14:30.0420 5628 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
2012/05/06 19:14:30.0460 5628 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
2012/05/06 19:14:30.0491 5628 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
2012/05/06 19:14:30.0517 5628 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
2012/05/06 19:14:30.0555 5628 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
2012/05/06 19:14:30.0587 5628 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
2012/05/06 19:14:30.0697 5628 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
2012/05/06 19:14:30.0720 5628 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
2012/05/06 19:14:30.0764 5628 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
2012/05/06 19:14:30.0821 5628 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
2012/05/06 19:14:30.0854 5628 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
2012/05/06 19:14:30.0889 5628 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
2012/05/06 19:14:30.0919 5628 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
2012/05/06 19:14:30.0955 5628 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
2012/05/06 19:14:30.0982 5628 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
2012/05/06 19:14:31.0009 5628 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
2012/05/06 19:14:31.0052 5628 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
2012/05/06 19:14:31.0103 5628 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
2012/05/06 19:14:31.0136 5628 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
2012/05/06 19:14:31.0177 5628 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
2012/05/06 19:14:31.0202 5628 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
2012/05/06 19:14:31.0229 5628 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
2012/05/06 19:14:31.0272 5628 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
2012/05/06 19:14:31.0319 5628 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
2012/05/06 19:14:31.0405 5628 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\windows\system32\DRIVERS\RsFx0102.sys
2012/05/06 19:14:31.0443 5628 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
2012/05/06 19:14:31.0486 5628 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
2012/05/06 19:14:31.0524 5628 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
2012/05/06 19:14:31.0590 5628 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
2012/05/06 19:14:31.0629 5628 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\windows\system32\drivers\SCDEmu.sys
2012/05/06 19:14:31.0680 5628 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
2012/05/06 19:14:31.0773 5628 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2012/05/06 19:14:31.0824 5628 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
2012/05/06 19:14:31.0855 5628 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
2012/05/06 19:14:31.0887 5628 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
2012/05/06 19:14:31.0957 5628 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
2012/05/06 19:14:31.0977 5628 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
2012/05/06 19:14:32.0009 5628 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
2012/05/06 19:14:32.0050 5628 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
2012/05/06 19:14:32.0094 5628 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
2012/05/06 19:14:32.0120 5628 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
2012/05/06 19:14:32.0159 5628 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
2012/05/06 19:14:32.0188 5628 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
2012/05/06 19:14:32.0238 5628 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
2012/05/06 19:14:32.0308 5628 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\windows\System32\Drivers\sptd.sys
2012/05/06 19:14:32.0309 5628 Suspicious file (NoAccess): C:\windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
2012/05/06 19:14:32.0323 5628 sptd - detected LockedFile.Multi.Generic (1)
2012/05/06 19:14:32.0386 5628 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
2012/05/06 19:14:32.0456 5628 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
2012/05/06 19:14:32.0496 5628 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
2012/05/06 19:14:32.0543 5628 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
2012/05/06 19:14:32.0608 5628 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
2012/05/06 19:14:32.0663 5628 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
2012/05/06 19:14:32.0767 5628 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
2012/05/06 19:14:32.0803 5628 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
2012/05/06 19:14:32.0858 5628 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
2012/05/06 19:14:32.0902 5628 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
2012/05/06 19:14:32.0942 5628 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
2012/05/06 19:14:32.0982 5628 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
2012/05/06 19:14:33.0029 5628 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
2012/05/06 19:14:33.0109 5628 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys
2012/05/06 19:14:33.0164 5628 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
2012/05/06 19:14:33.0207 5628 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
2012/05/06 19:14:33.0254 5628 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
2012/05/06 19:14:33.0295 5628 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
2012/05/06 19:14:33.0347 5628 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
2012/05/06 19:14:33.0429 5628 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
2012/05/06 19:14:33.0464 5628 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
2012/05/06 19:14:33.0495 5628 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
2012/05/06 19:14:33.0548 5628 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
2012/05/06 19:14:33.0583 5628 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
2012/05/06 19:14:33.0611 5628 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
2012/05/06 19:14:33.0637 5628 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
2012/05/06 19:14:33.0677 5628 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\syste
Utilisateur anonyme
6 mai 2012 à 20:26
6 mai 2012 à 20:26
Re
Met à jour TDSSkiller.
@+
Met à jour TDSSkiller.
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 21:09
6 mai 2012 à 21:09
Après avoir mis à jour le logiciel et le relancer, j'obtiens :
20:44:51.0811 5928 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
20:44:52.0081 5928 ============================================================
20:44:52.0081 5928 Current date / time: 2012/05/06 20:44:52.0081
20:44:52.0081 5928 SystemInfo:
20:44:52.0081 5928
20:44:52.0081 5928 OS Version: 6.1.7601 ServicePack: 1.0
20:44:52.0081 5928 Product type: Workstation
20:44:52.0082 5928 ComputerName: KERFI-PC
20:44:52.0082 5928 UserName: kerfi
20:44:52.0082 5928 Windows directory: C:\windows
20:44:52.0082 5928 System windows directory: C:\windows
20:44:52.0082 5928 Processor architecture: Intel x86
20:44:52.0082 5928 Number of processors: 2
20:44:52.0082 5928 Page size: 0x1000
20:44:52.0082 5928 Boot type: Normal boot
20:44:52.0082 5928 ============================================================
20:44:52.0530 5928 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:44:52.0533 5928 ============================================================
20:44:52.0533 5928 \Device\Harddisk0\DR0:
20:44:52.0533 5928 MBR partitions:
20:44:52.0533 5928 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
20:44:52.0533 5928 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x1392F8AC
20:44:52.0577 5928 ============================================================
20:44:52.0643 5928 C: <-> \Device\Harddisk0\DR0\Partition1
20:44:52.0644 5928 ============================================================
20:44:52.0644 5928 Initialize success
20:44:52.0644 5928 ============================================================
20:45:06.0523 2592 ============================================================
20:45:06.0523 2592 Scan started
20:45:06.0523 2592 Mode: Manual;
20:45:06.0523 2592 ============================================================
20:45:07.0125 2592 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
20:45:07.0130 2592 1394ohci - ok
20:45:07.0154 2592 abiosdsk - ok
20:45:07.0197 2592 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
20:45:07.0200 2592 ACPI - ok
20:45:07.0243 2592 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
20:45:07.0245 2592 AcpiPmi - ok
20:45:07.0381 2592 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:45:07.0383 2592 AdobeARMservice - ok
20:45:07.0493 2592 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:45:07.0498 2592 AdobeFlashPlayerUpdateSvc - ok
20:45:07.0574 2592 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
20:45:07.0579 2592 adp94xx - ok
20:45:07.0616 2592 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
20:45:07.0620 2592 adpahci - ok
20:45:07.0651 2592 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
20:45:07.0653 2592 adpu320 - ok
20:45:07.0693 2592 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
20:45:07.0695 2592 AeLookupSvc - ok
20:45:07.0774 2592 AFD (287cfdacbda65fcc6d7a95bdee9ec570) C:\windows\system32\drivers\afd.sys
20:45:07.0776 2592 Suspicious file (Forged): C:\windows\system32\drivers\afd.sys. Real md5: 287cfdacbda65fcc6d7a95bdee9ec570, Fake md5: 9ebbba55060f786f0fcaa3893bfa2806
20:45:07.0779 2592 AFD ( Virus.Win32.ZAccess.aml ) - infected
20:45:07.0780 2592 AFD - detected Virus.Win32.ZAccess.aml (0)
20:45:07.0825 2592 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
20:45:07.0826 2592 agp440 - ok
20:45:07.0888 2592 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
20:45:07.0889 2592 aic78xx - ok
20:45:07.0923 2592 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
20:45:07.0924 2592 ALG - ok
20:45:07.0946 2592 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
20:45:07.0947 2592 aliide - ok
20:45:07.0961 2592 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
20:45:07.0962 2592 amdagp - ok
20:45:07.0992 2592 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
20:45:07.0994 2592 amdide - ok
20:45:08.0058 2592 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
20:45:08.0059 2592 AmdK8 - ok
20:45:08.0070 2592 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
20:45:08.0071 2592 AmdPPM - ok
20:45:08.0129 2592 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
20:45:08.0131 2592 amdsata - ok
20:45:08.0159 2592 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
20:45:08.0162 2592 amdsbs - ok
20:45:08.0184 2592 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
20:45:08.0185 2592 amdxata - ok
20:45:08.0239 2592 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
20:45:08.0241 2592 AppID - ok
20:45:08.0294 2592 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
20:45:08.0296 2592 AppIDSvc - ok
20:45:08.0338 2592 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
20:45:08.0339 2592 Appinfo - ok
20:45:08.0381 2592 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
20:45:08.0383 2592 arc - ok
20:45:08.0442 2592 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
20:45:08.0443 2592 arcsas - ok
20:45:08.0478 2592 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
20:45:08.0479 2592 AsyncMac - ok
20:45:08.0563 2592 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
20:45:08.0564 2592 atapi - ok
20:45:08.0678 2592 athr (0f4b6b99d6cdc1d93df1fa690796b2f7) C:\windows\system32\DRIVERS\athr.sys
20:45:08.0691 2592 athr - ok
20:45:08.0823 2592 atierecord - ok
20:45:08.0891 2592 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
20:45:08.0896 2592 AudioEndpointBuilder - ok
20:45:08.0904 2592 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
20:45:08.0907 2592 Audiosrv - ok
20:45:08.0959 2592 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
20:45:08.0961 2592 AxInstSV - ok
20:45:09.0056 2592 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
20:45:09.0062 2592 b06bdrv - ok
20:45:09.0120 2592 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
20:45:09.0124 2592 b57nd60x - ok
20:45:09.0151 2592 backupclientsvc - ok
20:45:09.0314 2592 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
20:45:09.0317 2592 BBSvc - ok
20:45:09.0381 2592 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
20:45:09.0384 2592 BBUpdate - ok
20:45:09.0444 2592 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
20:45:09.0445 2592 BDESVC - ok
20:45:09.0494 2592 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
20:45:09.0495 2592 Beep - ok
20:45:09.0561 2592 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll
20:45:09.0566 2592 BITS - ok
20:45:09.0592 2592 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
20:45:09.0593 2592 blbdrive - ok
20:45:09.0640 2592 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
20:45:09.0641 2592 bowser - ok
20:45:09.0666 2592 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
20:45:09.0667 2592 BrFiltLo - ok
20:45:09.0688 2592 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
20:45:09.0690 2592 BrFiltUp - ok
20:45:09.0733 2592 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll
20:45:09.0734 2592 Browser - ok
20:45:09.0763 2592 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
20:45:09.0767 2592 Brserid - ok
20:45:09.0798 2592 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
20:45:09.0799 2592 BrSerWdm - ok
20:45:09.0811 2592 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
20:45:09.0812 2592 BrUsbMdm - ok
20:45:09.0831 2592 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
20:45:09.0832 2592 BrUsbSer - ok
20:45:09.0853 2592 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
20:45:09.0854 2592 BTHMODEM - ok
20:45:09.0917 2592 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
20:45:09.0919 2592 bthserv - ok
20:45:09.0956 2592 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
20:45:09.0958 2592 cdfs - ok
20:45:10.0061 2592 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\DRIVERS\cdrom.sys
20:45:10.0063 2592 cdrom - ok
20:45:10.0111 2592 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
20:45:10.0113 2592 CertPropSvc - ok
20:45:10.0152 2592 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
20:45:10.0153 2592 circlass - ok
20:45:10.0191 2592 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
20:45:10.0194 2592 CLFS - ok
20:45:10.0299 2592 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:45:10.0304 2592 clr_optimization_v2.0.50727_32 - ok
20:45:10.0320 2592 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
20:45:10.0321 2592 CmBatt - ok
20:45:10.0364 2592 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
20:45:10.0365 2592 cmdide - ok
20:45:10.0419 2592 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
20:45:10.0425 2592 CNG - ok
20:45:10.0490 2592 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
20:45:10.0492 2592 Compbatt - ok
20:45:10.0530 2592 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
20:45:10.0531 2592 CompositeBus - ok
20:45:10.0549 2592 COMSysApp - ok
20:45:10.0576 2592 cqcpu - ok
20:45:10.0594 2592 cqmgserv - ok
20:45:10.0625 2592 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
20:45:10.0626 2592 crcdisk - ok
20:45:10.0664 2592 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll
20:45:10.0666 2592 CryptSvc - ok
20:45:10.0714 2592 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
20:45:10.0719 2592 DcomLaunch - ok
20:45:10.0765 2592 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
20:45:10.0769 2592 defragsvc - ok
20:45:10.0825 2592 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
20:45:10.0827 2592 DfsC - ok
20:45:10.0896 2592 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
20:45:10.0899 2592 Dhcp - ok
20:45:10.0932 2592 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
20:45:10.0933 2592 discache - ok
20:45:10.0973 2592 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
20:45:10.0974 2592 Disk - ok
20:45:11.0023 2592 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
20:45:11.0026 2592 Dnscache - ok
20:45:11.0065 2592 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
20:45:11.0068 2592 dot3svc - ok
20:45:11.0108 2592 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
20:45:11.0110 2592 DPS - ok
20:45:11.0162 2592 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
20:45:11.0164 2592 drmkaud - ok
20:45:11.0250 2592 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
20:45:11.0254 2592 DXGKrnl - ok
20:45:11.0311 2592 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
20:45:11.0313 2592 EapHost - ok
20:45:11.0500 2592 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
20:45:11.0576 2592 ebdrv - ok
20:45:11.0690 2592 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
20:45:11.0696 2592 EFS - ok
20:45:11.0801 2592 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
20:45:11.0810 2592 ehRecvr - ok
20:45:11.0838 2592 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
20:45:11.0840 2592 ehSched - ok
20:45:11.0959 2592 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
20:45:11.0967 2592 elxstor - ok
20:45:12.0008 2592 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
20:45:12.0009 2592 ErrDev - ok
20:45:12.0090 2592 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
20:45:12.0093 2592 EventSystem - ok
20:45:12.0130 2592 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
20:45:12.0132 2592 exfat - ok
20:45:12.0180 2592 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
20:45:12.0183 2592 fastfat - ok
20:45:12.0266 2592 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
20:45:12.0273 2592 Fax - ok
20:45:12.0289 2592 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
20:45:12.0291 2592 fdc - ok
20:45:12.0322 2592 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
20:45:12.0325 2592 fdPHost - ok
20:45:12.0364 2592 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
20:45:12.0366 2592 FDResPub - ok
20:45:12.0406 2592 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
20:45:12.0408 2592 FileInfo - ok
20:45:12.0436 2592 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
20:45:12.0437 2592 Filetrace - ok
20:45:12.0473 2592 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
20:45:12.0474 2592 flpydisk - ok
20:45:12.0681 2592 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
20:45:12.0685 2592 FltMgr - ok
20:45:12.0771 2592 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
20:45:12.0784 2592 FontCache - ok
20:45:12.0873 2592 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:45:12.0875 2592 FontCache3.0.0.0 - ok
20:45:12.0888 2592 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
20:45:12.0890 2592 FsDepends - ok
20:45:12.0936 2592 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
20:45:12.0938 2592 fssfltr - ok
20:45:13.0064 2592 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:45:13.0072 2592 fsssvc - ok
20:45:13.0098 2592 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
20:45:13.0100 2592 Fs_Rec - ok
20:45:13.0163 2592 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
20:45:13.0166 2592 fvevol - ok
20:45:13.0219 2592 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
20:45:13.0220 2592 gagp30kx - ok
20:45:13.0288 2592 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
20:45:13.0296 2592 gpsvc - ok
20:45:13.0455 2592 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:45:13.0458 2592 gupdate - ok
20:45:13.0497 2592 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:45:13.0499 2592 gupdatem - ok
20:45:13.0548 2592 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:45:13.0552 2592 gusvc - ok
20:45:13.0606 2592 hcmon (4841aa8ae7f4ce516281a9640e2ae983) C:\windows\system32\Drivers\hcmon.sys
20:45:13.0607 2592 hcmon - ok
20:45:13.0638 2592 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
20:45:13.0640 2592 hcw85cir - ok
20:45:13.0708 2592 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
20:45:13.0712 2592 HdAudAddService - ok
20:45:13.0764 2592 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
20:45:13.0765 2592 HDAudBus - ok
20:45:13.0781 2592 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
20:45:13.0782 2592 HidBatt - ok
20:45:13.0826 2592 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
20:45:13.0828 2592 HidBth - ok
20:45:13.0870 2592 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
20:45:13.0871 2592 HidIr - ok
20:45:13.0927 2592 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll
20:45:13.0929 2592 hidserv - ok
20:45:13.0977 2592 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys
20:45:13.0979 2592 HidUsb - ok
20:45:14.0009 2592 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
20:45:14.0012 2592 hkmsvc - ok
20:45:14.0056 2592 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
20:45:14.0060 2592 HomeGroupListener - ok
20:45:14.0109 2592 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
20:45:14.0113 2592 HomeGroupProvider - ok
20:45:14.0127 2592 hpqcxs08 - ok
20:45:14.0207 2592 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
20:45:14.0208 2592 HpSAMD - ok
20:45:14.0290 2592 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
20:45:14.0296 2592 HTTP - ok
20:45:14.0345 2592 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
20:45:14.0345 2592 hwpolicy - ok
20:45:14.0427 2592 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
20:45:14.0428 2592 i8042prt - ok
20:45:14.0478 2592 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\windows\system32\DRIVERS\iaStor.sys
20:45:14.0480 2592 iaStor - ok
20:45:14.0568 2592 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
20:45:14.0572 2592 iaStorV - ok
20:45:14.0920 2592 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:45:14.0924 2592 IDriverT - ok
20:45:15.0057 2592 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:45:15.0071 2592 idsvc - ok
20:45:15.0479 2592 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
20:45:15.0527 2592 igfx - ok
20:45:15.0701 2592 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
20:45:15.0702 2592 iirsp - ok
20:45:15.0810 2592 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
20:45:15.0818 2592 IKEEXT - ok
20:45:16.0032 2592 IntcAzAudAddService (3202e26501e5e18c35dc2cc74709a704) C:\windows\system32\drivers\RTKVHDA.sys
20:45:16.0049 2592 IntcAzAudAddService - ok
20:45:16.0216 2592 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
20:45:16.0217 2592 intelide - ok
20:45:16.0260 2592 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
20:45:16.0261 2592 intelppm - ok
20:45:16.0308 2592 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
20:45:16.0310 2592 IPBusEnum - ok
20:45:16.0340 2592 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
20:45:16.0341 2592 IpFilterDriver - ok
20:45:16.0375 2592 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
20:45:16.0377 2592 IPMIDRV - ok
20:45:16.0396 2592 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
20:45:16.0398 2592 IPNAT - ok
20:45:16.0429 2592 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
20:45:16.0430 2592 IRENUM - ok
20:45:16.0452 2592 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
20:45:16.0455 2592 isapnp - ok
20:45:16.0485 2592 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
20:45:16.0488 2592 iScsiPrt - ok
20:45:16.0531 2592 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
20:45:16.0532 2592 kbdclass - ok
20:45:16.0558 2592 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
20:45:16.0559 2592 kbdhid - ok
20:45:16.0578 2592 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:45:16.0579 2592 KeyIso - ok
20:45:16.0610 2592 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
20:45:16.0611 2592 KSecDD - ok
20:45:16.0632 2592 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
20:45:16.0635 2592 KSecPkg - ok
20:45:16.0678 2592 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
20:45:16.0684 2592 KtmRm - ok
20:45:16.0728 2592 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll
20:45:16.0733 2592 LanmanServer - ok
20:45:16.0784 2592 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
20:45:16.0790 2592 LanmanWorkstation - ok
20:45:16.0850 2592 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
20:45:16.0855 2592 lltdio - ok
20:45:16.0896 2592 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
20:45:16.0900 2592 lltdsvc - ok
20:45:16.0924 2592 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
20:45:16.0926 2592 lmhosts - ok
20:45:16.0963 2592 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
20:45:16.0964 2592 LSI_FC - ok
20:45:16.0989 2592 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
20:45:16.0991 2592 LSI_SAS - ok
20:45:17.0010 2592 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
20:45:17.0011 2592 LSI_SAS2 - ok
20:45:17.0035 2592 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
20:45:17.0038 2592 LSI_SCSI - ok
20:45:17.0069 2592 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
20:45:17.0071 2592 luafv - ok
20:45:17.0152 2592 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys
20:45:17.0153 2592 MBAMProtector - ok
20:45:17.0310 2592 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:45:17.0317 2592 MBAMService - ok
20:45:17.0382 2592 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\windows\system32\DRIVERS\mcdbus.sys
20:45:17.0384 2592 mcdbus - ok
20:45:17.0429 2592 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
20:45:17.0432 2592 Mcx2Svc - ok
20:45:17.0463 2592 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
20:45:17.0465 2592 megasas - ok
20:45:17.0501 2592 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
20:45:17.0506 2592 MegaSR - ok
20:45:17.0589 2592 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:45:17.0591 2592 Microsoft Office Groove Audit Service - ok
20:45:17.0624 2592 mks_scan - ok
20:45:17.0666 2592 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
20:45:17.0668 2592 MMCSS - ok
20:45:17.0704 2592 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
20:45:17.0705 2592 Modem - ok
20:45:17.0735 2592 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
20:45:17.0736 2592 monitor - ok
20:45:17.0786 2592 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
20:45:17.0786 2592 mouclass - ok
20:45:17.0807 2592 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
20:45:17.0808 2592 mouhid - ok
20:45:17.0887 2592 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
20:45:17.0889 2592 mountmgr - ok
20:45:17.0917 2592 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
20:45:17.0919 2592 mpio - ok
20:45:17.0985 2592 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\windows\system32\DRIVERS\MpNWMon.sys
20:45:17.0986 2592 MpNWMon - ok
20:45:18.0045 2592 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
20:45:18.0047 2592 mpsdrv - ok
20:45:18.0081 2592 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
20:45:18.0084 2592 MRxDAV - ok
20:45:18.0138 2592 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
20:45:18.0140 2592 mrxsmb - ok
20:45:18.0201 2592 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
20:45:18.0204 2592 mrxsmb10 - ok
20:45:18.0226 2592 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
20:45:18.0227 2592 mrxsmb20 - ok
20:45:18.0264 2592 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
20:45:18.0266 2592 msahci - ok
20:45:18.0309 2592 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
20:45:18.0310 2592 msdsm - ok
20:45:18.0349 2592 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
20:45:18.0353 2592 MSDTC - ok
20:45:18.0533 2592 MsDtsServer100 (15a0cba26a32ae4aa96f9d336b5a626b) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
20:45:18.0537 2592 MsDtsServer100 - ok
20:45:18.0567 2592 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
20:45:18.0568 2592 Msfs - ok
20:45:18.0601 2592 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
20:45:18.0602 2592 mshidkmdf - ok
20:45:18.0633 2592 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
20:45:18.0634 2592 msisadrv - ok
20:45:18.0673 2592 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
20:45:18.0676 2592 MSiSCSI - ok
20:45:18.0680 2592 msiserver - ok
20:45:18.0709 2592 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
20:45:18.0710 2592 MSKSSRV - ok
20:45:18.0835 2592 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
20:45:18.0836 2592 MsMpSvc - ok
20:45:19.0016 2592 MSOLAP$MSSQLSERVER2 - ok
20:45:19.0066 2592 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
20:45:19.0068 2592 MSPCLOCK - ok
20:45:19.0110 2592 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
20:45:19.0111 2592 MSPQM - ok
20:45:19.0189 2592 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
20:45:19.0192 2592 MsRPC - ok
20:45:19.0251 2592 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
20:45:19.0252 2592 mssmbios - ok
20:45:19.0343 2592 MSSQL$MSSQLSERVER2 - ok
20:45:19.0366 2592 MSSQLFDLauncher$MSSQLSERVER2 (5b0080d6830bc1e7e4592791dd40f35d) C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2\MSSQL\Binn\fdlauncher.exe
20:45:19.0369 2592 MSSQLFDLauncher$MSSQLSERVER2 - ok
20:45:19.0468 2592 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:45:19.0471 2592 MSSQLServerADHelper100 - ok
20:45:19.0515 2592 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
20:45:19.0516 2592 MSTEE - ok
20:45:19.0841 2592 msvsmon90 (70e994d23895df6b1ee1e70145299fcf) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
20:45:19.0981 2592 msvsmon90 - ok
20:45:20.0133 2592 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
20:45:20.0134 2592 MTConfig - ok
20:45:20.0154 2592 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
20:45:20.0155 2592 Mup - ok
20:45:20.0212 2592 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
20:45:20.0218 2592 napagent - ok
20:45:20.0273 2592 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
20:45:20.0277 2592 NativeWifiP - ok
20:45:20.0360 2592 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
20:45:20.0368 2592 NDIS - ok
20:45:20.0420 2592 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
20:45:20.0421 2592 NdisCap - ok
20:45:20.0456 2592 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
20:45:20.0457 2592 NdisTapi - ok
20:45:20.0502 2592 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
20:45:20.0503 2592 Ndisuio - ok
20:45:20.0542 2592 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
20:45:20.0543 2592 NdisWan - ok
20:45:20.0588 2592 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
20:45:20.0590 2592 NDProxy - ok
20:45:20.0867 2592 Net6IM (99433503102c7fd14a44e672011fd991) C:\windows\system32\DRIVERS\net6im51.sys
20:45:20.0868 2592 Net6IM - ok
20:45:21.0080 2592 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
20:45:21.0082 2592 NetBIOS - ok
20:45:21.0243 2592 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
20:45:21.0247 2592 NetBT - ok
20:45:21.0330 2592 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:45:21.0332 2592 Netlogon - ok
20:45:21.0449 2592 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
20:45:21.0468 2592 Netman - ok
20:45:21.0560 2592 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
20:45:21.0565 2592 netprofm - ok
20:45:21.0674 2592 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:45:21.0677 2592 NetTcpPortSharing - ok
20:45:21.0744 2592 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
20:45:21.0745 2592 nfrd960 - ok
20:45:21.0851 2592 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\windows\system32\DRIVERS\NisDrvWFP.sys
20:45:21.0853 2592 NisDrv - ok
20:45:22.0004 2592 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
20:45:22.0007 2592 NisSrv - ok
20:45:22.0067 2592 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll
20:45:22.0072 2592 NlaSvc - ok
20:45:22.0090 2592 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
20:45:22.0091 2592 Npfs - ok
20:45:22.0121 2592 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
20:45:22.0124 2592 nsi - ok
20:45:22.0136 2592 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
20:45:22.0137 2592 nsiproxy - ok
20:45:22.0235 2592 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
20:45:22.0248 2592 Ntfs - ok
20:45:22.0412 2592 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
20:45:22.0413 2592 Null - ok
20:45:22.0479 2592 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys
20:45:22.0481 2592 NVHDA - ok
20:45:23.0042 2592 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys
20:45:23.0105 2592 nvlddmkm - ok
20:45:23.0290 2592 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
20:45:23.0292 2592 nvraid - ok
20:45:23.0331 2592 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
20:45:23.0334 2592 nvstor - ok
20:45:23.0385 2592 nvsvc (63a9cace87c31a46bdf4ad448d9a033a) C:\windows\system32\nvvsvc.exe
20:45:23.0390 2592 nvsvc - ok
20:45:23.0425 2592 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
20:45:23.0427 2592 nv_agp - ok
20:45:23.0807 2592 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:45:23.0814 2592 odserv - ok
20:45:23.0960 2592 OfferBox update service (e59725540550e21b598b1e42549793a8) C:\Program Files\OfferBox\OfferBoxUpdateService.exe
20:45:23.0966 2592 OfferBox update service - ok
20:45:24.0004 2592 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
20:45:24.0005 2592 ohci1394 - ok
20:45:24.0026 2592 ood2000 - ok
20:45:24.0085 2592 OracleDBConsoleoracleci - ok
20:45:24.0256 2592 OracleDBConsoleoracleke (81c73bc10e606dfcf7195555474b51ea) C:\oracle\product\10.2.0\db_4\bin\nmesrvc.exe
20:45:24.0257 2592 OracleDBConsoleoracleke - ok
20:45:24.0356 2592 OracleDBConsoleorcl (81c73bc10e606dfcf7195555474b51ea) C:\oracle\product\10.2.0\db_1\bin\nmesrvc.exe
20:45:24.0358 2592 OracleDBConsoleorcl - ok
20:45:24.0373 2592 OracleJobSchedulerORACLEKE - ok
20:45:24.0383 2592 OracleJobSchedulerORCL - ok
20:45:24.0411 2592 OracleJobSchedulerTEST - ok
20:45:24.0457 2592 OracleOraDb10g_home1iSQL*Plus (dacec5e60b49189ce70ff11123184e63) C:\oracle\product\10.2.0\db_1\bin\isqlplussvc.exe
20:45:24.0458 2592 OracleOraDb10g_home1iSQL*Plus - ok
20:45:24.0463 2592 OracleOraDb10g_home1TNSListener - ok
20:45:24.0469 2592 OracleServiceORACLEKE - ok
20:45:24.0483 2592 OracleServiceORCL - ok
20:45:24.0516 2592 OracleServiceTEST - ok
20:45:24.0584 2592 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:45:24.0587 2592 ose - ok
20:45:24.0629 2592 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
20:45:24.0634 2592 p2pimsvc - ok
20:45:24.0689 2592 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
20:45:24.0695 2592 p2psvc - ok
20:45:24.0759 2592 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
20:45:24.0761 2592 Parport - ok
20:45:24.0810 2592 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
20:45:24.0811 2592 partmgr - ok
20:45:24.0831 2592 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
20:45:24.0832 2592 Parvdm - ok
20:45:24.0858 2592 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
20:45:24.0862 2592 PcaSvc - ok
20:45:24.0900 2592 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
20:45:24.0902 2592 pci - ok
20:45:24.0925 2592 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
20:45:24.0926 2592 pciide - ok
20:45:24.0957 2592 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
20:45:24.0960 2592 pcmcia - ok
20:45:24.0981 2592 pcouffin - ok
20:45:25.0107 2592 PCSUService (aa5b7f732a383993009dd88a7a1408fd) C:\Program Files\Accelerer PC\PCSUService.exe
20:45:25.0110 2592 PCSUService - ok
20:45:25.0123 2592 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
20:45:25.0125 2592 pcw - ok
20:45:25.0184 2592 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
20:45:25.0191 2592 PEAUTH - ok
20:45:25.0320 2592 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
20:45:25.0341 2592 pla - ok
20:45:25.0503 2592 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
20:45:25.0512 2592 PlugPlay - ok
20:45:25.0549 2592 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
20:45:25.0555 2592 PNRPAutoReg - ok
20:45:25.0593 2592 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
20:45:25.0596 2592 PNRPsvc - ok
20:45:25.0643 2592 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
20:45:25.0648 2592 PolicyAgent - ok
20:45:25.0688 2592 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
20:45:25.0692 2592 Power - ok
20:45:25.0777 2592 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
20:45:25.0779 2592 PptpMiniport - ok
20:45:25.0801 2592 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
20:45:25.0803 2592 Processor - ok
20:45:25.0949 2592 procmon10 (11028c6a84a967070cb1286550f2058f) C:\windows\system32\sp_clamsrv.dll
20:45:25.0952 2592 procmon10 ( Backdoor.Multi.ZAccess.gen ) - infected
20:45:25.0952 2592 procmon10 - detected Backdoor.Multi.ZAccess.gen (0)
20:45:26.0009 2592 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll
20:45:26.0015 2592 ProfSvc - ok
20:45:26.0044 2592 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:45:26.0046 2592 ProtectedStorage - ok
20:45:26.0090 2592 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
20:45:26.0091 2592 Psched - ok
20:45:26.0196 2592 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
20:45:26.0212 2592 ql2300 - ok
20:45:26.0390 2592 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
20:45:26.0392 2592 ql40xx - ok
20:45:26.0434 2592 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
20:45:26.0440 2592 QWAVE - ok
20:45:26.0467 2592 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
20:45:26.0469 2592 QWAVEdrv - ok
20:45:26.0498 2592 RalinkRegistryWriter - ok
20:45:26.0519 2592 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
20:45:26.0521 2592 RasAcd - ok
20:45:26.0568 2592 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
20:45:26.0569 2592 RasAgileVpn - ok
20:45:26.0601 2592 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
20:45:26.0606 2592 RasAuto - ok
20:45:26.0640 2592 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
20:45:26.0641 2592 Rasl2tp - ok
20:45:26.0695 2592 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
20:45:26.0702 2592 RasMan - ok
20:45:26.0734 2592 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
20:45:26.0735 2592 RasPppoe - ok
20:45:26.0755 2592 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
20:45:26.0756 2592 RasSstp - ok
20:45:26.0812 2592 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
20:45:26.0815 2592 rdbss - ok
20:45:26.0837 2592 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
20:45:26.0838 2592 rdpbus - ok
20:45:26.0866 2592 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
20:45:26.0867 2592 RDPCDD - ok
20:45:26.0902 2592 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
20:45:26.0902 2592 RDPENCDD - ok
20:45:26.0951 2592 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
20:45:26.0952 2592 RDPREFMP - ok
20:45:26.0990 2592 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
20:45:26.0993 2592 RDPWD - ok
20:45:27.0070 2592 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
20:45:27.0073 2592 rdyboost - ok
20:45:27.0111 2592 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
20:45:27.0114 2592 RemoteAccess - ok
20:45:27.0152 2592 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
20:45:27.0156 2592 RemoteRegistry - ok
20:45:27.0384 2592 ReportServer$MSSQLSERVER2 (29f0654e38e9ac865d872adb35c3069e) C:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER2\Reporting Services\ReportServer\bin\ReportingServicesService.exe
20:45:27.0402 2592 ReportServer$MSSQLSERVER2 - ok
20:45:27.0486 2592 RichVideo (7ccaebcab6fc1ed0206c07e083e79207) C:\Program Files\CyberLink\Shared files\RichVideo.exe
20:45:27.0491 2592 RichVideo - ok
20:45:27.0627 2592 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
20:45:27.0630 2592 RpcEptMapper - ok
20:45:27.0660 2592 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
20:45:27.0662 2592 RpcLocator - ok
20:45:27.0713 2592 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
20:45:27.0718 2592 RpcSs - ok
20:45:27.0812 2592 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\windows\system32\DRIVERS\RsFx0102.sys
20:45:27.0816 2592 RsFx0102 - ok
20:45:27.0867 2592 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
20:45:27.0869 2592 rspndr - ok
20:45:27.0906 2592 rt73 - ok
20:45:27.0946 2592 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
20:45:27.0948 2592 RTL8167 - ok
20:45:27.0991 2592 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
20:45:27.0991 2592 SABI - ok
20:45:28.0021 2592 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:45:28.0023 2592 SamSs - ok
20:45:28.0220 2592 SAS PC Files Server (e4718d7bb75a0303700f4f57e485f952) C:\Program Files\SAS\PCFilesServer\9.2\pcfservice.exe
20:45:28.0226 2592 SAS PC Files Server - ok
20:45:28.0280 2592 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
20:45:28.0282 2592 sbp2port - ok
20:45:28.0322 2592 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
20:45:28.0326 2592 SCardSvr - ok
20:45:28.0386 2592 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\windows\system32\drivers\SCDEmu.sys
20:45:28.0387 2592 SCDEmu - ok
20:45:28.0425 2592 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
20:45:28.0426 2592 scfilter - ok
20:45:28.0518 2592 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
20:45:28.0529 2592 Schedule - ok
20:45:28.0565 2592 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
20:45:28.0566 2592 SCPolicySvc - ok
20:45:28.0596 2592 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
20:45:28.0600 2592 SDRSVC - ok
20:45:28.0629 2592 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
20:45:28.0630 2592 secdrv - ok
20:45:28.0661 2592 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
20:45:28.0665 2592 seclogon - ok
20:45:28.0695 2592 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll
20:45:28.0699 2592 SENS - ok
20:45:28.0729 2592 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
20:45:28.0732 2592 SensrSvc - ok
20:45:28.0768 2592 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
20:45:28.0770 2592 Serenum - ok
20:45:28.0812 2592 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
20:45:28.0813 2592 Serial - ok
20:45:28.0854 2592 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
20:45:28.0855 2592 sermouse - ok
20:45:28.0904 2592 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
20:45:28.0908 2592 SessionEnv - ok
20:45:28.0923 2592 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
20:45:28.0924 2592 sffdisk - ok
20:45:28.0933 2592 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
20:45:28.0934 2592 sffp_mmc - ok
20:45:28.0954 2592 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
20:45:28.0955 2592 sffp_sd - ok
20:45:28.0984 2592 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
20:45:28.0985 2592 sfloppy - ok
20:45:29.0027 2592 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
20:45:29.0032 2592 SharedAccess - ok
20:45:29.0095 2592 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
20:45:29.0101 2592 ShellHWDetection - ok
20:45:29.0140 2592 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
20:45:29.0141 2592 sisagp - ok
20:45:29.0177 2592 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
20:45:29.0179 2592 SiSRaid2 - ok
20:45:29.0195 2592 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
20:45:29.0197 2592 SiSRaid4 - ok
20:45:29.0308 2592 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
20:45:29.0311 2592 SkypeUpdate - ok
20:45:29.0357 2592 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
20:45:29.0359 2592 Smb - ok
20:45:29.0390 2592 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
20:45:29.0395 2592 SNMPTRAP - ok
20:45:29.0416 2592 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
20:45:29.0417 2592 spldr - ok
20:45:29.0498 2592 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe
20:45:29.0505 2592 Spooler - ok
20:45:29.0720 2592 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
20:45:29.0783 2592 sppsvc - ok
20:45:29.0921 2592 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
20:45:29.0927 2592 sppuinotify - ok
20:45:30.0055 2592 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\windows\System32\Drivers\sptd.sys
20:45:30.0056 2592 Suspicious file (NoAccess): C:\windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
20:45:30.0057 2592 sptd ( LockedFile.Multi.Generic ) - warning
20:45:30.0057 2592 sptd - detected LockedFile.Multi.Generic (1)
20:45:30.0225 2592 SQLAgent$MSSQLSERVER2 (eb2fd937449b7aceb39372f875eb8e78) C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2\MSSQL\Binn\SQLAGENT.EXE
20:45:30.0233 2592 SQLAgent$MSSQLSERVER2 - ok
20:45:30.0343 2592 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:45:30.0348 2592 SQLBrowser - ok
20:45:30.0399 2592 SQLWriter (997bc62f49d0d84214fe887f09197d41) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:45:30.0400 2592 SQLWriter - ok
20:45:30.0576 2592 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
20:45:30.0581 2592 srv - ok
20:45:30.0633 2592 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
20:45:30.0637 2592 srv2 - ok
20:45:30.0657 2592 SrvcSSIOMngr - ok
20:45:30.0688 2592 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
20:45:30.0690 2592 srvnet - ok
20:45:30.0731 2592 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
20:45:30.0736 2592 SSDPSRV - ok
20:45:30.0756 2592 ssfs0509 - ok
20:45:30.0781 2592 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
20:45:30.0785 2592 SstpSvc - ok
20:45:30.0810 2592 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
20:45:30.0812 2592 stexstor - ok
20:45:30.0890 2592 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
20:45:30.0898 2592 StiSvc - ok
20:45:31.0015 2592 supdate (03f853fcb8535930bdcbfe2a160ab669) C:\Program Files\Software\Update\SoftwareUpdate.exe
20:45:31.0017 2592 supdate - ok
20:45:31.0052 2592 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
20:45:31.0053 2592 swenum - ok
20:45:31.0098 2592 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
20:45:31.0105 2592 swprv - ok
20:45:31.0170 2592 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
20:45:31.0172 2592 SynTP - ok
20:45:31.0260 2592 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
20:45:31.0277 2592 SysMain - ok
20:45:31.0323 2592 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
20:45:31.0327 2592 TabletInputService - ok
20:45:31.0378 2592 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
20:45:31.0384 2592 TapiSrv - ok
20:45:31.0411 2592 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
20:45:31.0414 2592 TBS - ok
20:45:31.0542 2592 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
20:45:31.0558 2592 Tcpip - ok
20:45:31.0764 2592 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
20:45:31.0772 2592 TCPIP6 - ok
20:45:31.0925 2592 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
20:45:31.0927 2592 tcpipreg - ok
20:45:31.0957 2592 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
20:45:31.0959 2592 TDPIPE - ok
20:45:31.0987 2592 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
20:45:31.0988 2592 TDTCP - ok
20:45:32.0040 2592 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
20:45:32.0041 2592 tdx - ok
20:45:32.0075 2592 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
20:45:32.0076 2592 TermDD - ok
20:45:32.0136 2592 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
20:45:32.0144 2592 TermService - ok
20:45:32.0178 2592 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
20:45:32.0181 2592 Themes - ok
20:45:32.0221 2592 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
20:45:32.0222 2592 THREADORDER - ok
20:45:32.0347 2592 Tomcat6 (fab13554e86325f5cc1041e7537dc8f2) C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe
20:45:32.0350 2592 Tomcat6 - ok
20:45:32.0383 2592 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
20:45:32.0387 2592 TrkWks - ok
20:45:32.0465 2592 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys
20:45:32.0466 2592 TrueSight - ok
20:45:32.0534 2592 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
20:45:32.0537 2592 TrustedInstaller - ok
20:45:32.0563 2592 TSHWMDTCP - ok
20:45:32.0609 2592 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
20:45:32.0610 2592 tssecsrv - ok
20:45:32.0663 2592 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
20:45:32.0665 2592 TsUsbFlt - ok
20:45:32.0724 2592 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
20:45:32.0726 2592 tunnel - ok
20:45:32.0763 2592 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
20:45:32.0764 2592 uagp35 - ok
20:45:32.0833 2592 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
20:45:32.0836 2592 udfs - ok
20:45:32.0871 2592 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
20:45:32.0876 2592 UI0Detect - ok
20:45:32.0888 2592 uisp - ok
20:45:32.0963 2592 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
20:45:32.0965 2592 uliagpkx - ok
20:45:33.0032 2592 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
20:45:33.0033 2592 umbus - ok
20:45:33.0072 2592 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
20:45:33.0074 2592 UmPass - ok
20:45:33.0139 2592 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
20:45:33.0145 2592 upnphost - ok
20:45:33.0183 2592 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
20:45:33.0185 2592 usbccgp - ok
20:45:33.0209 2592 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
20:45:33.0211 2592 usbcir - ok
20:45:33.0234 2592 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
20:45:33.0235 2592 usbehci - ok
20:45:33.0278 2592 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
20:45:33.0282 2592 usbhub - ok
20:45:33.0299 2592 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
20:45:33.0300 2592 usbohci - ok
20:45:33.0334 2592 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
20:45:33.0335 2592 usbprint - ok
20:45:33.0361 2592 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
20:45:33.0363 2592 USBSTOR - ok
20:45:33.0398 2592 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys
20:45:33.0399 2592 usbuhci - ok
20:45:33.0455 2592 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\system32\Drivers\usbvideo.sys
20:45:33.0457 2592 usbvideo - ok
20:45:33.0490 2592 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
20:45:33.0494 2592 UxSms - ok
20:45:33.0498 2592 vaiomediaplatform-videoserver-appserver - ok
20:45:33.0531 2592 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:45:33.0533 2592 VaultSvc - ok
20:45:33.0551 2592 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
20:45:33.0553 2592 vdrvroot - ok
20:45:33.0606 2592 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
20:45:33.0615 2592 vds - ok
20:45:33.0649 2592 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
20:45:33.0650 2592 vga - ok
20:45:33.0672 2592 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
20:45:33.0673 2592 VgaSave - ok
20:45:33.0706 2592 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
20:45:33.0709 2592 vhdmp - ok
20:45:33.0746 2592 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
20:45:33.0747 2592 viaagp - ok
20:45:33.0762 2592 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
20:45:33.0763 2592 ViaC7 - ok
20:45:33.0794 2592 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
20:45:33.0795 2592 viaide - ok
20:45:33.0930 2592 VMAuthdService (726e23197080c873e5b1657894498274) C:\Program Files\VMware\VMware Player\vmware-authd.exe
20:45:33.0934 2592 VMAuthdService - ok
20:45:33.0960 2592 vmci - ok
20:45:34.0032 2592 vmm (590c7a3a1133e51a7e1cef67366e75af) C:\windows\system32\Drivers\vmm.sys
20:45:34.0034 2592 vmm - ok
20:45:34.0090 2592 VMnetAdapter (7b7d197c9074d50cf1fe0c2372c477db) C:\windows\system32\DRIVERS\vmnetadapter.sys
20:45:34.0091 2592 VMnetAdapter - ok
20:45:34.0125 2592 VMnetBridge (293e35fe56ba37de21006a185724cbea) C:\windows\system32\DRIVERS\vmnetbridge.sys
20:45:34.0126 2592 VMnetBridge - ok
20:45:34.0156 2592 VMnetDHCP (970b6b87b0a1ff852e19e88b274caaeb) C:\windows\system32\vmnetdhcp.exe
20:45:34.0160 2592 VMnetDHCP - ok
20:45:34.0178 2592 VMnetuserif (e8872062a9d87f05ce5d6e0a92bdfc81) C:\windows\system32\drivers\vmnetuserif.sys
20:45:34.0179 2592 VMnetuserif - ok
20:45:34.0296 2592 vmount2 (e6875345f36d56ee4a4b2077a31a4e28) C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
20:45:34.0300 2592 vmount2 - ok
20:45:34.0343 2592 VMware NAT Service (9de4f94d14383276eff48735147b7dc3) C:\windows\system32\vmnat.exe
20:45:34.0347 2592 VMware NAT Service - ok
20:45:34.0424 2592 vmx86 (7b473c148190443354d23dce9ec58ac3) C:\windows\system32\Drivers\vmx86.sys
20:45:34.0425 2592 vmx86 - ok
20:45:34.0459 2592 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
20:45:34.0461 2592 volmgr - ok
20:45:34.0514 2592 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
20:45:34.0517 2592 volmgrx - ok
20:45:34.0547 2592 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
20:45:34.0551 2592 volsnap - ok
20:45:34.0595 2592 VPCNetS2 (f96a678debdccb0b4bb7f38cb2580589) C:\windows\system32\DRIVERS\VMNetSrv.sys
20:45:34.0596 2592 VPCNetS2 - ok <
20:44:51.0811 5928 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
20:44:52.0081 5928 ============================================================
20:44:52.0081 5928 Current date / time: 2012/05/06 20:44:52.0081
20:44:52.0081 5928 SystemInfo:
20:44:52.0081 5928
20:44:52.0081 5928 OS Version: 6.1.7601 ServicePack: 1.0
20:44:52.0081 5928 Product type: Workstation
20:44:52.0082 5928 ComputerName: KERFI-PC
20:44:52.0082 5928 UserName: kerfi
20:44:52.0082 5928 Windows directory: C:\windows
20:44:52.0082 5928 System windows directory: C:\windows
20:44:52.0082 5928 Processor architecture: Intel x86
20:44:52.0082 5928 Number of processors: 2
20:44:52.0082 5928 Page size: 0x1000
20:44:52.0082 5928 Boot type: Normal boot
20:44:52.0082 5928 ============================================================
20:44:52.0530 5928 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:44:52.0533 5928 ============================================================
20:44:52.0533 5928 \Device\Harddisk0\DR0:
20:44:52.0533 5928 MBR partitions:
20:44:52.0533 5928 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
20:44:52.0533 5928 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x1392F8AC
20:44:52.0577 5928 ============================================================
20:44:52.0643 5928 C: <-> \Device\Harddisk0\DR0\Partition1
20:44:52.0644 5928 ============================================================
20:44:52.0644 5928 Initialize success
20:44:52.0644 5928 ============================================================
20:45:06.0523 2592 ============================================================
20:45:06.0523 2592 Scan started
20:45:06.0523 2592 Mode: Manual;
20:45:06.0523 2592 ============================================================
20:45:07.0125 2592 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
20:45:07.0130 2592 1394ohci - ok
20:45:07.0154 2592 abiosdsk - ok
20:45:07.0197 2592 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
20:45:07.0200 2592 ACPI - ok
20:45:07.0243 2592 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
20:45:07.0245 2592 AcpiPmi - ok
20:45:07.0381 2592 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:45:07.0383 2592 AdobeARMservice - ok
20:45:07.0493 2592 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:45:07.0498 2592 AdobeFlashPlayerUpdateSvc - ok
20:45:07.0574 2592 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
20:45:07.0579 2592 adp94xx - ok
20:45:07.0616 2592 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
20:45:07.0620 2592 adpahci - ok
20:45:07.0651 2592 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
20:45:07.0653 2592 adpu320 - ok
20:45:07.0693 2592 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
20:45:07.0695 2592 AeLookupSvc - ok
20:45:07.0774 2592 AFD (287cfdacbda65fcc6d7a95bdee9ec570) C:\windows\system32\drivers\afd.sys
20:45:07.0776 2592 Suspicious file (Forged): C:\windows\system32\drivers\afd.sys. Real md5: 287cfdacbda65fcc6d7a95bdee9ec570, Fake md5: 9ebbba55060f786f0fcaa3893bfa2806
20:45:07.0779 2592 AFD ( Virus.Win32.ZAccess.aml ) - infected
20:45:07.0780 2592 AFD - detected Virus.Win32.ZAccess.aml (0)
20:45:07.0825 2592 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
20:45:07.0826 2592 agp440 - ok
20:45:07.0888 2592 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
20:45:07.0889 2592 aic78xx - ok
20:45:07.0923 2592 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
20:45:07.0924 2592 ALG - ok
20:45:07.0946 2592 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
20:45:07.0947 2592 aliide - ok
20:45:07.0961 2592 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
20:45:07.0962 2592 amdagp - ok
20:45:07.0992 2592 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
20:45:07.0994 2592 amdide - ok
20:45:08.0058 2592 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
20:45:08.0059 2592 AmdK8 - ok
20:45:08.0070 2592 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
20:45:08.0071 2592 AmdPPM - ok
20:45:08.0129 2592 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
20:45:08.0131 2592 amdsata - ok
20:45:08.0159 2592 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
20:45:08.0162 2592 amdsbs - ok
20:45:08.0184 2592 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
20:45:08.0185 2592 amdxata - ok
20:45:08.0239 2592 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
20:45:08.0241 2592 AppID - ok
20:45:08.0294 2592 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
20:45:08.0296 2592 AppIDSvc - ok
20:45:08.0338 2592 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
20:45:08.0339 2592 Appinfo - ok
20:45:08.0381 2592 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
20:45:08.0383 2592 arc - ok
20:45:08.0442 2592 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
20:45:08.0443 2592 arcsas - ok
20:45:08.0478 2592 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
20:45:08.0479 2592 AsyncMac - ok
20:45:08.0563 2592 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
20:45:08.0564 2592 atapi - ok
20:45:08.0678 2592 athr (0f4b6b99d6cdc1d93df1fa690796b2f7) C:\windows\system32\DRIVERS\athr.sys
20:45:08.0691 2592 athr - ok
20:45:08.0823 2592 atierecord - ok
20:45:08.0891 2592 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
20:45:08.0896 2592 AudioEndpointBuilder - ok
20:45:08.0904 2592 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
20:45:08.0907 2592 Audiosrv - ok
20:45:08.0959 2592 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
20:45:08.0961 2592 AxInstSV - ok
20:45:09.0056 2592 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
20:45:09.0062 2592 b06bdrv - ok
20:45:09.0120 2592 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
20:45:09.0124 2592 b57nd60x - ok
20:45:09.0151 2592 backupclientsvc - ok
20:45:09.0314 2592 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
20:45:09.0317 2592 BBSvc - ok
20:45:09.0381 2592 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
20:45:09.0384 2592 BBUpdate - ok
20:45:09.0444 2592 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
20:45:09.0445 2592 BDESVC - ok
20:45:09.0494 2592 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
20:45:09.0495 2592 Beep - ok
20:45:09.0561 2592 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll
20:45:09.0566 2592 BITS - ok
20:45:09.0592 2592 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
20:45:09.0593 2592 blbdrive - ok
20:45:09.0640 2592 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
20:45:09.0641 2592 bowser - ok
20:45:09.0666 2592 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
20:45:09.0667 2592 BrFiltLo - ok
20:45:09.0688 2592 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
20:45:09.0690 2592 BrFiltUp - ok
20:45:09.0733 2592 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll
20:45:09.0734 2592 Browser - ok
20:45:09.0763 2592 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
20:45:09.0767 2592 Brserid - ok
20:45:09.0798 2592 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
20:45:09.0799 2592 BrSerWdm - ok
20:45:09.0811 2592 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
20:45:09.0812 2592 BrUsbMdm - ok
20:45:09.0831 2592 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
20:45:09.0832 2592 BrUsbSer - ok
20:45:09.0853 2592 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
20:45:09.0854 2592 BTHMODEM - ok
20:45:09.0917 2592 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
20:45:09.0919 2592 bthserv - ok
20:45:09.0956 2592 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
20:45:09.0958 2592 cdfs - ok
20:45:10.0061 2592 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\DRIVERS\cdrom.sys
20:45:10.0063 2592 cdrom - ok
20:45:10.0111 2592 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
20:45:10.0113 2592 CertPropSvc - ok
20:45:10.0152 2592 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
20:45:10.0153 2592 circlass - ok
20:45:10.0191 2592 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
20:45:10.0194 2592 CLFS - ok
20:45:10.0299 2592 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:45:10.0304 2592 clr_optimization_v2.0.50727_32 - ok
20:45:10.0320 2592 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
20:45:10.0321 2592 CmBatt - ok
20:45:10.0364 2592 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
20:45:10.0365 2592 cmdide - ok
20:45:10.0419 2592 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
20:45:10.0425 2592 CNG - ok
20:45:10.0490 2592 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
20:45:10.0492 2592 Compbatt - ok
20:45:10.0530 2592 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
20:45:10.0531 2592 CompositeBus - ok
20:45:10.0549 2592 COMSysApp - ok
20:45:10.0576 2592 cqcpu - ok
20:45:10.0594 2592 cqmgserv - ok
20:45:10.0625 2592 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
20:45:10.0626 2592 crcdisk - ok
20:45:10.0664 2592 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll
20:45:10.0666 2592 CryptSvc - ok
20:45:10.0714 2592 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
20:45:10.0719 2592 DcomLaunch - ok
20:45:10.0765 2592 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
20:45:10.0769 2592 defragsvc - ok
20:45:10.0825 2592 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
20:45:10.0827 2592 DfsC - ok
20:45:10.0896 2592 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
20:45:10.0899 2592 Dhcp - ok
20:45:10.0932 2592 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
20:45:10.0933 2592 discache - ok
20:45:10.0973 2592 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
20:45:10.0974 2592 Disk - ok
20:45:11.0023 2592 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
20:45:11.0026 2592 Dnscache - ok
20:45:11.0065 2592 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
20:45:11.0068 2592 dot3svc - ok
20:45:11.0108 2592 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
20:45:11.0110 2592 DPS - ok
20:45:11.0162 2592 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
20:45:11.0164 2592 drmkaud - ok
20:45:11.0250 2592 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
20:45:11.0254 2592 DXGKrnl - ok
20:45:11.0311 2592 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
20:45:11.0313 2592 EapHost - ok
20:45:11.0500 2592 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
20:45:11.0576 2592 ebdrv - ok
20:45:11.0690 2592 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
20:45:11.0696 2592 EFS - ok
20:45:11.0801 2592 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
20:45:11.0810 2592 ehRecvr - ok
20:45:11.0838 2592 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
20:45:11.0840 2592 ehSched - ok
20:45:11.0959 2592 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
20:45:11.0967 2592 elxstor - ok
20:45:12.0008 2592 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
20:45:12.0009 2592 ErrDev - ok
20:45:12.0090 2592 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
20:45:12.0093 2592 EventSystem - ok
20:45:12.0130 2592 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
20:45:12.0132 2592 exfat - ok
20:45:12.0180 2592 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
20:45:12.0183 2592 fastfat - ok
20:45:12.0266 2592 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
20:45:12.0273 2592 Fax - ok
20:45:12.0289 2592 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
20:45:12.0291 2592 fdc - ok
20:45:12.0322 2592 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
20:45:12.0325 2592 fdPHost - ok
20:45:12.0364 2592 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
20:45:12.0366 2592 FDResPub - ok
20:45:12.0406 2592 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
20:45:12.0408 2592 FileInfo - ok
20:45:12.0436 2592 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
20:45:12.0437 2592 Filetrace - ok
20:45:12.0473 2592 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
20:45:12.0474 2592 flpydisk - ok
20:45:12.0681 2592 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
20:45:12.0685 2592 FltMgr - ok
20:45:12.0771 2592 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
20:45:12.0784 2592 FontCache - ok
20:45:12.0873 2592 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:45:12.0875 2592 FontCache3.0.0.0 - ok
20:45:12.0888 2592 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
20:45:12.0890 2592 FsDepends - ok
20:45:12.0936 2592 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys
20:45:12.0938 2592 fssfltr - ok
20:45:13.0064 2592 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:45:13.0072 2592 fsssvc - ok
20:45:13.0098 2592 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
20:45:13.0100 2592 Fs_Rec - ok
20:45:13.0163 2592 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
20:45:13.0166 2592 fvevol - ok
20:45:13.0219 2592 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
20:45:13.0220 2592 gagp30kx - ok
20:45:13.0288 2592 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
20:45:13.0296 2592 gpsvc - ok
20:45:13.0455 2592 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:45:13.0458 2592 gupdate - ok
20:45:13.0497 2592 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
20:45:13.0499 2592 gupdatem - ok
20:45:13.0548 2592 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:45:13.0552 2592 gusvc - ok
20:45:13.0606 2592 hcmon (4841aa8ae7f4ce516281a9640e2ae983) C:\windows\system32\Drivers\hcmon.sys
20:45:13.0607 2592 hcmon - ok
20:45:13.0638 2592 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
20:45:13.0640 2592 hcw85cir - ok
20:45:13.0708 2592 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
20:45:13.0712 2592 HdAudAddService - ok
20:45:13.0764 2592 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
20:45:13.0765 2592 HDAudBus - ok
20:45:13.0781 2592 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
20:45:13.0782 2592 HidBatt - ok
20:45:13.0826 2592 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
20:45:13.0828 2592 HidBth - ok
20:45:13.0870 2592 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
20:45:13.0871 2592 HidIr - ok
20:45:13.0927 2592 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll
20:45:13.0929 2592 hidserv - ok
20:45:13.0977 2592 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys
20:45:13.0979 2592 HidUsb - ok
20:45:14.0009 2592 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
20:45:14.0012 2592 hkmsvc - ok
20:45:14.0056 2592 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
20:45:14.0060 2592 HomeGroupListener - ok
20:45:14.0109 2592 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
20:45:14.0113 2592 HomeGroupProvider - ok
20:45:14.0127 2592 hpqcxs08 - ok
20:45:14.0207 2592 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
20:45:14.0208 2592 HpSAMD - ok
20:45:14.0290 2592 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
20:45:14.0296 2592 HTTP - ok
20:45:14.0345 2592 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
20:45:14.0345 2592 hwpolicy - ok
20:45:14.0427 2592 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
20:45:14.0428 2592 i8042prt - ok
20:45:14.0478 2592 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\windows\system32\DRIVERS\iaStor.sys
20:45:14.0480 2592 iaStor - ok
20:45:14.0568 2592 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
20:45:14.0572 2592 iaStorV - ok
20:45:14.0920 2592 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:45:14.0924 2592 IDriverT - ok
20:45:15.0057 2592 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:45:15.0071 2592 idsvc - ok
20:45:15.0479 2592 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
20:45:15.0527 2592 igfx - ok
20:45:15.0701 2592 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
20:45:15.0702 2592 iirsp - ok
20:45:15.0810 2592 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
20:45:15.0818 2592 IKEEXT - ok
20:45:16.0032 2592 IntcAzAudAddService (3202e26501e5e18c35dc2cc74709a704) C:\windows\system32\drivers\RTKVHDA.sys
20:45:16.0049 2592 IntcAzAudAddService - ok
20:45:16.0216 2592 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
20:45:16.0217 2592 intelide - ok
20:45:16.0260 2592 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
20:45:16.0261 2592 intelppm - ok
20:45:16.0308 2592 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
20:45:16.0310 2592 IPBusEnum - ok
20:45:16.0340 2592 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
20:45:16.0341 2592 IpFilterDriver - ok
20:45:16.0375 2592 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
20:45:16.0377 2592 IPMIDRV - ok
20:45:16.0396 2592 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
20:45:16.0398 2592 IPNAT - ok
20:45:16.0429 2592 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
20:45:16.0430 2592 IRENUM - ok
20:45:16.0452 2592 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
20:45:16.0455 2592 isapnp - ok
20:45:16.0485 2592 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
20:45:16.0488 2592 iScsiPrt - ok
20:45:16.0531 2592 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
20:45:16.0532 2592 kbdclass - ok
20:45:16.0558 2592 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
20:45:16.0559 2592 kbdhid - ok
20:45:16.0578 2592 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:45:16.0579 2592 KeyIso - ok
20:45:16.0610 2592 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
20:45:16.0611 2592 KSecDD - ok
20:45:16.0632 2592 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
20:45:16.0635 2592 KSecPkg - ok
20:45:16.0678 2592 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
20:45:16.0684 2592 KtmRm - ok
20:45:16.0728 2592 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll
20:45:16.0733 2592 LanmanServer - ok
20:45:16.0784 2592 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
20:45:16.0790 2592 LanmanWorkstation - ok
20:45:16.0850 2592 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
20:45:16.0855 2592 lltdio - ok
20:45:16.0896 2592 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
20:45:16.0900 2592 lltdsvc - ok
20:45:16.0924 2592 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
20:45:16.0926 2592 lmhosts - ok
20:45:16.0963 2592 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
20:45:16.0964 2592 LSI_FC - ok
20:45:16.0989 2592 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
20:45:16.0991 2592 LSI_SAS - ok
20:45:17.0010 2592 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
20:45:17.0011 2592 LSI_SAS2 - ok
20:45:17.0035 2592 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
20:45:17.0038 2592 LSI_SCSI - ok
20:45:17.0069 2592 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
20:45:17.0071 2592 luafv - ok
20:45:17.0152 2592 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys
20:45:17.0153 2592 MBAMProtector - ok
20:45:17.0310 2592 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:45:17.0317 2592 MBAMService - ok
20:45:17.0382 2592 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\windows\system32\DRIVERS\mcdbus.sys
20:45:17.0384 2592 mcdbus - ok
20:45:17.0429 2592 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
20:45:17.0432 2592 Mcx2Svc - ok
20:45:17.0463 2592 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
20:45:17.0465 2592 megasas - ok
20:45:17.0501 2592 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
20:45:17.0506 2592 MegaSR - ok
20:45:17.0589 2592 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:45:17.0591 2592 Microsoft Office Groove Audit Service - ok
20:45:17.0624 2592 mks_scan - ok
20:45:17.0666 2592 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
20:45:17.0668 2592 MMCSS - ok
20:45:17.0704 2592 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
20:45:17.0705 2592 Modem - ok
20:45:17.0735 2592 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
20:45:17.0736 2592 monitor - ok
20:45:17.0786 2592 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
20:45:17.0786 2592 mouclass - ok
20:45:17.0807 2592 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
20:45:17.0808 2592 mouhid - ok
20:45:17.0887 2592 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
20:45:17.0889 2592 mountmgr - ok
20:45:17.0917 2592 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
20:45:17.0919 2592 mpio - ok
20:45:17.0985 2592 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\windows\system32\DRIVERS\MpNWMon.sys
20:45:17.0986 2592 MpNWMon - ok
20:45:18.0045 2592 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
20:45:18.0047 2592 mpsdrv - ok
20:45:18.0081 2592 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
20:45:18.0084 2592 MRxDAV - ok
20:45:18.0138 2592 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
20:45:18.0140 2592 mrxsmb - ok
20:45:18.0201 2592 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
20:45:18.0204 2592 mrxsmb10 - ok
20:45:18.0226 2592 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
20:45:18.0227 2592 mrxsmb20 - ok
20:45:18.0264 2592 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
20:45:18.0266 2592 msahci - ok
20:45:18.0309 2592 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
20:45:18.0310 2592 msdsm - ok
20:45:18.0349 2592 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
20:45:18.0353 2592 MSDTC - ok
20:45:18.0533 2592 MsDtsServer100 (15a0cba26a32ae4aa96f9d336b5a626b) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
20:45:18.0537 2592 MsDtsServer100 - ok
20:45:18.0567 2592 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
20:45:18.0568 2592 Msfs - ok
20:45:18.0601 2592 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
20:45:18.0602 2592 mshidkmdf - ok
20:45:18.0633 2592 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
20:45:18.0634 2592 msisadrv - ok
20:45:18.0673 2592 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
20:45:18.0676 2592 MSiSCSI - ok
20:45:18.0680 2592 msiserver - ok
20:45:18.0709 2592 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
20:45:18.0710 2592 MSKSSRV - ok
20:45:18.0835 2592 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
20:45:18.0836 2592 MsMpSvc - ok
20:45:19.0016 2592 MSOLAP$MSSQLSERVER2 - ok
20:45:19.0066 2592 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
20:45:19.0068 2592 MSPCLOCK - ok
20:45:19.0110 2592 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
20:45:19.0111 2592 MSPQM - ok
20:45:19.0189 2592 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
20:45:19.0192 2592 MsRPC - ok
20:45:19.0251 2592 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
20:45:19.0252 2592 mssmbios - ok
20:45:19.0343 2592 MSSQL$MSSQLSERVER2 - ok
20:45:19.0366 2592 MSSQLFDLauncher$MSSQLSERVER2 (5b0080d6830bc1e7e4592791dd40f35d) C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2\MSSQL\Binn\fdlauncher.exe
20:45:19.0369 2592 MSSQLFDLauncher$MSSQLSERVER2 - ok
20:45:19.0468 2592 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:45:19.0471 2592 MSSQLServerADHelper100 - ok
20:45:19.0515 2592 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
20:45:19.0516 2592 MSTEE - ok
20:45:19.0841 2592 msvsmon90 (70e994d23895df6b1ee1e70145299fcf) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
20:45:19.0981 2592 msvsmon90 - ok
20:45:20.0133 2592 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
20:45:20.0134 2592 MTConfig - ok
20:45:20.0154 2592 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
20:45:20.0155 2592 Mup - ok
20:45:20.0212 2592 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
20:45:20.0218 2592 napagent - ok
20:45:20.0273 2592 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
20:45:20.0277 2592 NativeWifiP - ok
20:45:20.0360 2592 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
20:45:20.0368 2592 NDIS - ok
20:45:20.0420 2592 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
20:45:20.0421 2592 NdisCap - ok
20:45:20.0456 2592 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
20:45:20.0457 2592 NdisTapi - ok
20:45:20.0502 2592 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
20:45:20.0503 2592 Ndisuio - ok
20:45:20.0542 2592 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
20:45:20.0543 2592 NdisWan - ok
20:45:20.0588 2592 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
20:45:20.0590 2592 NDProxy - ok
20:45:20.0867 2592 Net6IM (99433503102c7fd14a44e672011fd991) C:\windows\system32\DRIVERS\net6im51.sys
20:45:20.0868 2592 Net6IM - ok
20:45:21.0080 2592 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
20:45:21.0082 2592 NetBIOS - ok
20:45:21.0243 2592 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
20:45:21.0247 2592 NetBT - ok
20:45:21.0330 2592 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:45:21.0332 2592 Netlogon - ok
20:45:21.0449 2592 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
20:45:21.0468 2592 Netman - ok
20:45:21.0560 2592 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
20:45:21.0565 2592 netprofm - ok
20:45:21.0674 2592 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:45:21.0677 2592 NetTcpPortSharing - ok
20:45:21.0744 2592 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
20:45:21.0745 2592 nfrd960 - ok
20:45:21.0851 2592 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\windows\system32\DRIVERS\NisDrvWFP.sys
20:45:21.0853 2592 NisDrv - ok
20:45:22.0004 2592 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
20:45:22.0007 2592 NisSrv - ok
20:45:22.0067 2592 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll
20:45:22.0072 2592 NlaSvc - ok
20:45:22.0090 2592 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
20:45:22.0091 2592 Npfs - ok
20:45:22.0121 2592 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
20:45:22.0124 2592 nsi - ok
20:45:22.0136 2592 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
20:45:22.0137 2592 nsiproxy - ok
20:45:22.0235 2592 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
20:45:22.0248 2592 Ntfs - ok
20:45:22.0412 2592 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
20:45:22.0413 2592 Null - ok
20:45:22.0479 2592 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys
20:45:22.0481 2592 NVHDA - ok
20:45:23.0042 2592 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys
20:45:23.0105 2592 nvlddmkm - ok
20:45:23.0290 2592 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
20:45:23.0292 2592 nvraid - ok
20:45:23.0331 2592 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
20:45:23.0334 2592 nvstor - ok
20:45:23.0385 2592 nvsvc (63a9cace87c31a46bdf4ad448d9a033a) C:\windows\system32\nvvsvc.exe
20:45:23.0390 2592 nvsvc - ok
20:45:23.0425 2592 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
20:45:23.0427 2592 nv_agp - ok
20:45:23.0807 2592 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:45:23.0814 2592 odserv - ok
20:45:23.0960 2592 OfferBox update service (e59725540550e21b598b1e42549793a8) C:\Program Files\OfferBox\OfferBoxUpdateService.exe
20:45:23.0966 2592 OfferBox update service - ok
20:45:24.0004 2592 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
20:45:24.0005 2592 ohci1394 - ok
20:45:24.0026 2592 ood2000 - ok
20:45:24.0085 2592 OracleDBConsoleoracleci - ok
20:45:24.0256 2592 OracleDBConsoleoracleke (81c73bc10e606dfcf7195555474b51ea) C:\oracle\product\10.2.0\db_4\bin\nmesrvc.exe
20:45:24.0257 2592 OracleDBConsoleoracleke - ok
20:45:24.0356 2592 OracleDBConsoleorcl (81c73bc10e606dfcf7195555474b51ea) C:\oracle\product\10.2.0\db_1\bin\nmesrvc.exe
20:45:24.0358 2592 OracleDBConsoleorcl - ok
20:45:24.0373 2592 OracleJobSchedulerORACLEKE - ok
20:45:24.0383 2592 OracleJobSchedulerORCL - ok
20:45:24.0411 2592 OracleJobSchedulerTEST - ok
20:45:24.0457 2592 OracleOraDb10g_home1iSQL*Plus (dacec5e60b49189ce70ff11123184e63) C:\oracle\product\10.2.0\db_1\bin\isqlplussvc.exe
20:45:24.0458 2592 OracleOraDb10g_home1iSQL*Plus - ok
20:45:24.0463 2592 OracleOraDb10g_home1TNSListener - ok
20:45:24.0469 2592 OracleServiceORACLEKE - ok
20:45:24.0483 2592 OracleServiceORCL - ok
20:45:24.0516 2592 OracleServiceTEST - ok
20:45:24.0584 2592 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:45:24.0587 2592 ose - ok
20:45:24.0629 2592 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
20:45:24.0634 2592 p2pimsvc - ok
20:45:24.0689 2592 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
20:45:24.0695 2592 p2psvc - ok
20:45:24.0759 2592 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
20:45:24.0761 2592 Parport - ok
20:45:24.0810 2592 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
20:45:24.0811 2592 partmgr - ok
20:45:24.0831 2592 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
20:45:24.0832 2592 Parvdm - ok
20:45:24.0858 2592 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
20:45:24.0862 2592 PcaSvc - ok
20:45:24.0900 2592 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
20:45:24.0902 2592 pci - ok
20:45:24.0925 2592 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
20:45:24.0926 2592 pciide - ok
20:45:24.0957 2592 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
20:45:24.0960 2592 pcmcia - ok
20:45:24.0981 2592 pcouffin - ok
20:45:25.0107 2592 PCSUService (aa5b7f732a383993009dd88a7a1408fd) C:\Program Files\Accelerer PC\PCSUService.exe
20:45:25.0110 2592 PCSUService - ok
20:45:25.0123 2592 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
20:45:25.0125 2592 pcw - ok
20:45:25.0184 2592 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
20:45:25.0191 2592 PEAUTH - ok
20:45:25.0320 2592 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
20:45:25.0341 2592 pla - ok
20:45:25.0503 2592 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
20:45:25.0512 2592 PlugPlay - ok
20:45:25.0549 2592 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
20:45:25.0555 2592 PNRPAutoReg - ok
20:45:25.0593 2592 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
20:45:25.0596 2592 PNRPsvc - ok
20:45:25.0643 2592 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
20:45:25.0648 2592 PolicyAgent - ok
20:45:25.0688 2592 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
20:45:25.0692 2592 Power - ok
20:45:25.0777 2592 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
20:45:25.0779 2592 PptpMiniport - ok
20:45:25.0801 2592 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
20:45:25.0803 2592 Processor - ok
20:45:25.0949 2592 procmon10 (11028c6a84a967070cb1286550f2058f) C:\windows\system32\sp_clamsrv.dll
20:45:25.0952 2592 procmon10 ( Backdoor.Multi.ZAccess.gen ) - infected
20:45:25.0952 2592 procmon10 - detected Backdoor.Multi.ZAccess.gen (0)
20:45:26.0009 2592 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll
20:45:26.0015 2592 ProfSvc - ok
20:45:26.0044 2592 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:45:26.0046 2592 ProtectedStorage - ok
20:45:26.0090 2592 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
20:45:26.0091 2592 Psched - ok
20:45:26.0196 2592 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
20:45:26.0212 2592 ql2300 - ok
20:45:26.0390 2592 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
20:45:26.0392 2592 ql40xx - ok
20:45:26.0434 2592 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
20:45:26.0440 2592 QWAVE - ok
20:45:26.0467 2592 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
20:45:26.0469 2592 QWAVEdrv - ok
20:45:26.0498 2592 RalinkRegistryWriter - ok
20:45:26.0519 2592 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
20:45:26.0521 2592 RasAcd - ok
20:45:26.0568 2592 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
20:45:26.0569 2592 RasAgileVpn - ok
20:45:26.0601 2592 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
20:45:26.0606 2592 RasAuto - ok
20:45:26.0640 2592 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
20:45:26.0641 2592 Rasl2tp - ok
20:45:26.0695 2592 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
20:45:26.0702 2592 RasMan - ok
20:45:26.0734 2592 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
20:45:26.0735 2592 RasPppoe - ok
20:45:26.0755 2592 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
20:45:26.0756 2592 RasSstp - ok
20:45:26.0812 2592 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
20:45:26.0815 2592 rdbss - ok
20:45:26.0837 2592 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
20:45:26.0838 2592 rdpbus - ok
20:45:26.0866 2592 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
20:45:26.0867 2592 RDPCDD - ok
20:45:26.0902 2592 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
20:45:26.0902 2592 RDPENCDD - ok
20:45:26.0951 2592 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
20:45:26.0952 2592 RDPREFMP - ok
20:45:26.0990 2592 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
20:45:26.0993 2592 RDPWD - ok
20:45:27.0070 2592 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
20:45:27.0073 2592 rdyboost - ok
20:45:27.0111 2592 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
20:45:27.0114 2592 RemoteAccess - ok
20:45:27.0152 2592 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
20:45:27.0156 2592 RemoteRegistry - ok
20:45:27.0384 2592 ReportServer$MSSQLSERVER2 (29f0654e38e9ac865d872adb35c3069e) C:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER2\Reporting Services\ReportServer\bin\ReportingServicesService.exe
20:45:27.0402 2592 ReportServer$MSSQLSERVER2 - ok
20:45:27.0486 2592 RichVideo (7ccaebcab6fc1ed0206c07e083e79207) C:\Program Files\CyberLink\Shared files\RichVideo.exe
20:45:27.0491 2592 RichVideo - ok
20:45:27.0627 2592 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
20:45:27.0630 2592 RpcEptMapper - ok
20:45:27.0660 2592 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
20:45:27.0662 2592 RpcLocator - ok
20:45:27.0713 2592 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
20:45:27.0718 2592 RpcSs - ok
20:45:27.0812 2592 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\windows\system32\DRIVERS\RsFx0102.sys
20:45:27.0816 2592 RsFx0102 - ok
20:45:27.0867 2592 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
20:45:27.0869 2592 rspndr - ok
20:45:27.0906 2592 rt73 - ok
20:45:27.0946 2592 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys
20:45:27.0948 2592 RTL8167 - ok
20:45:27.0991 2592 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys
20:45:27.0991 2592 SABI - ok
20:45:28.0021 2592 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:45:28.0023 2592 SamSs - ok
20:45:28.0220 2592 SAS PC Files Server (e4718d7bb75a0303700f4f57e485f952) C:\Program Files\SAS\PCFilesServer\9.2\pcfservice.exe
20:45:28.0226 2592 SAS PC Files Server - ok
20:45:28.0280 2592 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
20:45:28.0282 2592 sbp2port - ok
20:45:28.0322 2592 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
20:45:28.0326 2592 SCardSvr - ok
20:45:28.0386 2592 SCDEmu (20b2751cd4c8f3fd989739ca661b9f30) C:\windows\system32\drivers\SCDEmu.sys
20:45:28.0387 2592 SCDEmu - ok
20:45:28.0425 2592 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
20:45:28.0426 2592 scfilter - ok
20:45:28.0518 2592 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
20:45:28.0529 2592 Schedule - ok
20:45:28.0565 2592 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
20:45:28.0566 2592 SCPolicySvc - ok
20:45:28.0596 2592 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
20:45:28.0600 2592 SDRSVC - ok
20:45:28.0629 2592 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
20:45:28.0630 2592 secdrv - ok
20:45:28.0661 2592 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
20:45:28.0665 2592 seclogon - ok
20:45:28.0695 2592 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll
20:45:28.0699 2592 SENS - ok
20:45:28.0729 2592 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
20:45:28.0732 2592 SensrSvc - ok
20:45:28.0768 2592 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
20:45:28.0770 2592 Serenum - ok
20:45:28.0812 2592 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
20:45:28.0813 2592 Serial - ok
20:45:28.0854 2592 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
20:45:28.0855 2592 sermouse - ok
20:45:28.0904 2592 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
20:45:28.0908 2592 SessionEnv - ok
20:45:28.0923 2592 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
20:45:28.0924 2592 sffdisk - ok
20:45:28.0933 2592 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
20:45:28.0934 2592 sffp_mmc - ok
20:45:28.0954 2592 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
20:45:28.0955 2592 sffp_sd - ok
20:45:28.0984 2592 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
20:45:28.0985 2592 sfloppy - ok
20:45:29.0027 2592 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
20:45:29.0032 2592 SharedAccess - ok
20:45:29.0095 2592 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
20:45:29.0101 2592 ShellHWDetection - ok
20:45:29.0140 2592 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
20:45:29.0141 2592 sisagp - ok
20:45:29.0177 2592 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
20:45:29.0179 2592 SiSRaid2 - ok
20:45:29.0195 2592 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
20:45:29.0197 2592 SiSRaid4 - ok
20:45:29.0308 2592 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
20:45:29.0311 2592 SkypeUpdate - ok
20:45:29.0357 2592 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
20:45:29.0359 2592 Smb - ok
20:45:29.0390 2592 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
20:45:29.0395 2592 SNMPTRAP - ok
20:45:29.0416 2592 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
20:45:29.0417 2592 spldr - ok
20:45:29.0498 2592 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe
20:45:29.0505 2592 Spooler - ok
20:45:29.0720 2592 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
20:45:29.0783 2592 sppsvc - ok
20:45:29.0921 2592 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
20:45:29.0927 2592 sppuinotify - ok
20:45:30.0055 2592 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\windows\System32\Drivers\sptd.sys
20:45:30.0056 2592 Suspicious file (NoAccess): C:\windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
20:45:30.0057 2592 sptd ( LockedFile.Multi.Generic ) - warning
20:45:30.0057 2592 sptd - detected LockedFile.Multi.Generic (1)
20:45:30.0225 2592 SQLAgent$MSSQLSERVER2 (eb2fd937449b7aceb39372f875eb8e78) C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER2\MSSQL\Binn\SQLAGENT.EXE
20:45:30.0233 2592 SQLAgent$MSSQLSERVER2 - ok
20:45:30.0343 2592 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:45:30.0348 2592 SQLBrowser - ok
20:45:30.0399 2592 SQLWriter (997bc62f49d0d84214fe887f09197d41) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:45:30.0400 2592 SQLWriter - ok
20:45:30.0576 2592 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
20:45:30.0581 2592 srv - ok
20:45:30.0633 2592 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
20:45:30.0637 2592 srv2 - ok
20:45:30.0657 2592 SrvcSSIOMngr - ok
20:45:30.0688 2592 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
20:45:30.0690 2592 srvnet - ok
20:45:30.0731 2592 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
20:45:30.0736 2592 SSDPSRV - ok
20:45:30.0756 2592 ssfs0509 - ok
20:45:30.0781 2592 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
20:45:30.0785 2592 SstpSvc - ok
20:45:30.0810 2592 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
20:45:30.0812 2592 stexstor - ok
20:45:30.0890 2592 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
20:45:30.0898 2592 StiSvc - ok
20:45:31.0015 2592 supdate (03f853fcb8535930bdcbfe2a160ab669) C:\Program Files\Software\Update\SoftwareUpdate.exe
20:45:31.0017 2592 supdate - ok
20:45:31.0052 2592 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
20:45:31.0053 2592 swenum - ok
20:45:31.0098 2592 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
20:45:31.0105 2592 swprv - ok
20:45:31.0170 2592 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys
20:45:31.0172 2592 SynTP - ok
20:45:31.0260 2592 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
20:45:31.0277 2592 SysMain - ok
20:45:31.0323 2592 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
20:45:31.0327 2592 TabletInputService - ok
20:45:31.0378 2592 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
20:45:31.0384 2592 TapiSrv - ok
20:45:31.0411 2592 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
20:45:31.0414 2592 TBS - ok
20:45:31.0542 2592 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
20:45:31.0558 2592 Tcpip - ok
20:45:31.0764 2592 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
20:45:31.0772 2592 TCPIP6 - ok
20:45:31.0925 2592 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
20:45:31.0927 2592 tcpipreg - ok
20:45:31.0957 2592 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
20:45:31.0959 2592 TDPIPE - ok
20:45:31.0987 2592 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
20:45:31.0988 2592 TDTCP - ok
20:45:32.0040 2592 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
20:45:32.0041 2592 tdx - ok
20:45:32.0075 2592 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
20:45:32.0076 2592 TermDD - ok
20:45:32.0136 2592 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
20:45:32.0144 2592 TermService - ok
20:45:32.0178 2592 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
20:45:32.0181 2592 Themes - ok
20:45:32.0221 2592 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
20:45:32.0222 2592 THREADORDER - ok
20:45:32.0347 2592 Tomcat6 (fab13554e86325f5cc1041e7537dc8f2) C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe
20:45:32.0350 2592 Tomcat6 - ok
20:45:32.0383 2592 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
20:45:32.0387 2592 TrkWks - ok
20:45:32.0465 2592 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys
20:45:32.0466 2592 TrueSight - ok
20:45:32.0534 2592 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
20:45:32.0537 2592 TrustedInstaller - ok
20:45:32.0563 2592 TSHWMDTCP - ok
20:45:32.0609 2592 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
20:45:32.0610 2592 tssecsrv - ok
20:45:32.0663 2592 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
20:45:32.0665 2592 TsUsbFlt - ok
20:45:32.0724 2592 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
20:45:32.0726 2592 tunnel - ok
20:45:32.0763 2592 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
20:45:32.0764 2592 uagp35 - ok
20:45:32.0833 2592 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
20:45:32.0836 2592 udfs - ok
20:45:32.0871 2592 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
20:45:32.0876 2592 UI0Detect - ok
20:45:32.0888 2592 uisp - ok
20:45:32.0963 2592 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
20:45:32.0965 2592 uliagpkx - ok
20:45:33.0032 2592 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
20:45:33.0033 2592 umbus - ok
20:45:33.0072 2592 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
20:45:33.0074 2592 UmPass - ok
20:45:33.0139 2592 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
20:45:33.0145 2592 upnphost - ok
20:45:33.0183 2592 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
20:45:33.0185 2592 usbccgp - ok
20:45:33.0209 2592 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
20:45:33.0211 2592 usbcir - ok
20:45:33.0234 2592 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
20:45:33.0235 2592 usbehci - ok
20:45:33.0278 2592 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
20:45:33.0282 2592 usbhub - ok
20:45:33.0299 2592 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
20:45:33.0300 2592 usbohci - ok
20:45:33.0334 2592 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
20:45:33.0335 2592 usbprint - ok
20:45:33.0361 2592 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
20:45:33.0363 2592 USBSTOR - ok
20:45:33.0398 2592 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys
20:45:33.0399 2592 usbuhci - ok
20:45:33.0455 2592 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\system32\Drivers\usbvideo.sys
20:45:33.0457 2592 usbvideo - ok
20:45:33.0490 2592 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
20:45:33.0494 2592 UxSms - ok
20:45:33.0498 2592 vaiomediaplatform-videoserver-appserver - ok
20:45:33.0531 2592 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
20:45:33.0533 2592 VaultSvc - ok
20:45:33.0551 2592 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
20:45:33.0553 2592 vdrvroot - ok
20:45:33.0606 2592 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
20:45:33.0615 2592 vds - ok
20:45:33.0649 2592 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
20:45:33.0650 2592 vga - ok
20:45:33.0672 2592 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
20:45:33.0673 2592 VgaSave - ok
20:45:33.0706 2592 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
20:45:33.0709 2592 vhdmp - ok
20:45:33.0746 2592 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
20:45:33.0747 2592 viaagp - ok
20:45:33.0762 2592 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
20:45:33.0763 2592 ViaC7 - ok
20:45:33.0794 2592 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
20:45:33.0795 2592 viaide - ok
20:45:33.0930 2592 VMAuthdService (726e23197080c873e5b1657894498274) C:\Program Files\VMware\VMware Player\vmware-authd.exe
20:45:33.0934 2592 VMAuthdService - ok
20:45:33.0960 2592 vmci - ok
20:45:34.0032 2592 vmm (590c7a3a1133e51a7e1cef67366e75af) C:\windows\system32\Drivers\vmm.sys
20:45:34.0034 2592 vmm - ok
20:45:34.0090 2592 VMnetAdapter (7b7d197c9074d50cf1fe0c2372c477db) C:\windows\system32\DRIVERS\vmnetadapter.sys
20:45:34.0091 2592 VMnetAdapter - ok
20:45:34.0125 2592 VMnetBridge (293e35fe56ba37de21006a185724cbea) C:\windows\system32\DRIVERS\vmnetbridge.sys
20:45:34.0126 2592 VMnetBridge - ok
20:45:34.0156 2592 VMnetDHCP (970b6b87b0a1ff852e19e88b274caaeb) C:\windows\system32\vmnetdhcp.exe
20:45:34.0160 2592 VMnetDHCP - ok
20:45:34.0178 2592 VMnetuserif (e8872062a9d87f05ce5d6e0a92bdfc81) C:\windows\system32\drivers\vmnetuserif.sys
20:45:34.0179 2592 VMnetuserif - ok
20:45:34.0296 2592 vmount2 (e6875345f36d56ee4a4b2077a31a4e28) C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
20:45:34.0300 2592 vmount2 - ok
20:45:34.0343 2592 VMware NAT Service (9de4f94d14383276eff48735147b7dc3) C:\windows\system32\vmnat.exe
20:45:34.0347 2592 VMware NAT Service - ok
20:45:34.0424 2592 vmx86 (7b473c148190443354d23dce9ec58ac3) C:\windows\system32\Drivers\vmx86.sys
20:45:34.0425 2592 vmx86 - ok
20:45:34.0459 2592 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
20:45:34.0461 2592 volmgr - ok
20:45:34.0514 2592 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
20:45:34.0517 2592 volmgrx - ok
20:45:34.0547 2592 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
20:45:34.0551 2592 volsnap - ok
20:45:34.0595 2592 VPCNetS2 (f96a678debdccb0b4bb7f38cb2580589) C:\windows\system32\DRIVERS\VMNetSrv.sys
20:45:34.0596 2592 VPCNetS2 - ok <
Utilisateur anonyme
6 mai 2012 à 21:13
6 mai 2012 à 21:13
Re
Ton rapport est incomplet.
Pour transmettre le rapport clique sur ce lien :
http://pjjoint.malekal.com/
https://www.cjoint.com/
Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier (Fichier demandé )
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
@+
Ton rapport est incomplet.
Pour transmettre le rapport clique sur ce lien :
http://pjjoint.malekal.com/
https://www.cjoint.com/
Clique sur Parcourir et cherche le fichier : Nom_complet_du_fichier (Fichier demandé )
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 21:47
6 mai 2012 à 21:47
voici le lient : https://pjjoint.malekal.com/files.php?id=20120506_l10v11g8f1110
Utilisateur anonyme
6 mai 2012 à 21:53
6 mai 2012 à 21:53
Re
1)Vide la quarantaine de malwaresbytes.
2)[*] Télécharger sur le bureau https://www.luanagames.com/index.fr.html (by tigzy)
[*] Quitter tous les programmes
[*] Lancer RogueKiller.exe.
[*] Attendre que le Prescan ait fini ...
[*] Cliquer sur Scan. Cliquer sur Rapport et copier coller le contenu du rapport
@+
1)Vide la quarantaine de malwaresbytes.
2)[*] Télécharger sur le bureau https://www.luanagames.com/index.fr.html (by tigzy)
[*] Quitter tous les programmes
[*] Lancer RogueKiller.exe.
[*] Attendre que le Prescan ait fini ...
[*] Cliquer sur Scan. Cliquer sur Rapport et copier coller le contenu du rapport
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 22:34
6 mai 2012 à 22:34
je constate que tous mes dossiers sont revenus en double sur le bureau.pourrais-je en supprimer un sans risque.
le rapport obtenu est :
RogueKiller V7.4.3 [04/05/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: kerfi [Droits d'admin]
Mode: Recherche -- Date: 06/05/2012 22:25:49
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM320II +++++
--- User ---
[MBR] ffb6cee6602719e2501c323b8be826ea
[BSP] 819d19b9a2c4df11147701cda0456161 : Linux MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 160351 Mo
3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 360064845 | Size: 129429 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
le rapport obtenu est :
RogueKiller V7.4.3 [04/05/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: kerfi [Droits d'admin]
Mode: Recherche -- Date: 06/05/2012 22:25:49
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM320II +++++
--- User ---
[MBR] ffb6cee6602719e2501c323b8be826ea
[BSP] 819d19b9a2c4df11147701cda0456161 : Linux MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 160351 Mo
3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 360064845 | Size: 129429 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
Utilisateur anonyme
6 mai 2012 à 22:37
6 mai 2012 à 22:37
Re
Redémarre ton PC et vérifie si il y a toujours de doublons;
Tiens moi au courant
Merci
@+
Redémarre ton PC et vérifie si il y a toujours de doublons;
Tiens moi au courant
Merci
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 22:47
6 mai 2012 à 22:47
je viens de redémarrer mon PC et là surprise. tous les éléments ont disparu du bureau encore
Utilisateur anonyme
6 mai 2012 à 22:53
6 mai 2012 à 22:53
Re
Tu reprends Roguekiller option scan
@+
Tu reprends Roguekiller option scan
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 22:59
6 mai 2012 à 22:59
l'option scan est entrain de tourner et là je commence à apercevoir les dossiers en double. après cette opération, puis-je supprimer les éléments dans Roguekiller(dans Roquekiller il ya marqué :"merci de regarder les onglets et supprimer les éléments
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 23:00
6 mai 2012 à 23:00
fin du scan.les dossiers sont en double encore sur le bureau
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 23:07
6 mai 2012 à 23:07
le rapport est :
RogueKiller V7.4.3 [04/05/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: kerfi [Droits d'admin]
Mode: Recherche -- Date: 06/05/2012 22:57:02
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM320II +++++
--- User ---
[MBR] ffb6cee6602719e2501c323b8be826ea
[BSP] 819d19b9a2c4df11147701cda0456161 : Linux MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 160351 Mo
3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 360064845 | Size: 129429 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[7].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt
RogueKiller V7.4.3 [04/05/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: kerfi [Droits d'admin]
Mode: Recherche -- Date: 06/05/2012 22:57:02
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM320II +++++
--- User ---
[MBR] ffb6cee6602719e2501c323b8be826ea
[BSP] 819d19b9a2c4df11147701cda0456161 : Linux MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 160351 Mo
3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 360064845 | Size: 129429 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[7].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt
Utilisateur anonyme
6 mai 2012 à 23:13
6 mai 2012 à 23:13
Re
Passe à l'option suppression
Poste moi ce nouveau rapport
Merci
@+
Passe à l'option suppression
Poste moi ce nouveau rapport
Merci
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 23:21
6 mai 2012 à 23:21
l'option suppression donne :
RogueKiller V7.4.3 [04/05/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: kerfi [Droits d'admin]
Mode: Suppression -- Date: 06/05/2012 23:21:00
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM320II +++++
--- User ---
[MBR] ffb6cee6602719e2501c323b8be826ea
[BSP] 819d19b9a2c4df11147701cda0456161 : Linux MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 160351 Mo
3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 360064845 | Size: 129429 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[8].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt
RogueKiller V7.4.3 [04/05/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: kerfi [Droits d'admin]
Mode: Suppression -- Date: 06/05/2012 23:21:00
¤¤¤ Processus malicieux: 0 ¤¤¤
¤¤¤ Entrees de registre: 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM320II +++++
--- User ---
[MBR] ffb6cee6602719e2501c323b8be826ea
[BSP] 819d19b9a2c4df11147701cda0456161 : Linux MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 160351 Mo
3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 360064845 | Size: 129429 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[8].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt
Utilisateur anonyme
6 mai 2012 à 23:24
6 mai 2012 à 23:24
Re
On avance:
Pour de plus amples informations, fait ceci stp
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien :
http://pjjoint.malekal.com/
https://www.cjoint.com/
Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
@+
On avance:
Pour de plus amples informations, fait ceci stp
Ouvre ce lien et télécharge ZHPDiag de Nicolas Coolman :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Ou
https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
Serveur N°2
Ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
en bas de la page ZHP avec un numéro de version.
Une fois le téléchargement achevé, dé zippe le fichier obtenu et place ZHPDiag.exe sur ton Bureau.
Double-clique sur l'icône pour lancer le programme. Sous Vista ou Seven clic droit « exécuter en tant que administrateur »
Clique sur la loupe pour lancer l'analyse.
Laisse l'outil travailler, il peut être assez long.
Ferme ZHPDiag en fin d'analyse.
Pour transmettre le rapport clique sur ce lien :
http://pjjoint.malekal.com/
https://www.cjoint.com/
Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
Sélectionne le fichier ZHPDiag.txt.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
Merci
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
6 mai 2012 à 23:54
6 mai 2012 à 23:54
l'analyse est en cours. Elle est à 2% depuis le temps
Dès que sa fin je t'enverrai le lien.
penses-tu qu'une restauration du système avant l'intervention de l'incident résolve le problème?
A toute
Dès que sa fin je t'enverrai le lien.
penses-tu qu'une restauration du système avant l'intervention de l'incident résolve le problème?
A toute
Utilisateur anonyme
6 mai 2012 à 23:56
6 mai 2012 à 23:56
Re
Tu peux effectivement après sauvegarde de tes fichiers importants procéder à une sauvegarde.
@+
Tu peux effectivement après sauvegarde de tes fichiers importants procéder à une sauvegarde.
@+
kelfonsby
Messages postés
22
Date d'inscription
dimanche 6 mai 2012
Statut
Membre
Dernière intervention
7 mai 2012
7 mai 2012 à 10:49
7 mai 2012 à 10:49
Bonjour,
j'ai tenté de faire une restauration du système hier mais ça n'a rien donné de concluant.En fait l'outil de restauration me signalait que tous les points de restauration ont été endommagé.
Ce matin en venant au boulot j'ai relancé l'analyse avec ZHP Diag, elle doit être en cours actuellement. je te transmettrai le rapport vers le soir en rentrant chez moi
Encore une fois je te remercie pour le temps que tu consacres à mon problème
j'ai tenté de faire une restauration du système hier mais ça n'a rien donné de concluant.En fait l'outil de restauration me signalait que tous les points de restauration ont été endommagé.
Ce matin en venant au boulot j'ai relancé l'analyse avec ZHP Diag, elle doit être en cours actuellement. je te transmettrai le rapport vers le soir en rentrant chez moi
Encore une fois je te remercie pour le temps que tu consacres à mon problème
6 mai 2012 à 13:00
le 1er rapport donne :
RogueKiller V7.4.3 [04/05/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: kerfi [Droits d'admin]
Mode: Recherche -- Date: 06/05/2012 12:51:50
¤¤¤ Processus malicieux: 1 ¤¤¤
[SUSP PATH] setup.exe -- C:\windows\TEMP\ihdmvh\setup.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 9 ¤¤¤
[ROGUE ST] HKLM\[...]\Policies\Explorer\Run : 24060 (C:\PROGRA~2\LOCALS~1\Temp\msiaozu.bat) -> FOUND
[HJPOL] HKCU\[...]\System : DisableRegistryTools (1) -> FOUND
[HJPOL] HKCU\[...]\Policies\Explorer\Explorer : NoDesktop (1) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[SCRSV] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\windows\CRYSTA~1.SCR) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
[FAKED] afd.sys : c:\windows\system32\drivers\afd.sys --> CANNOT FIX
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM320II +++++
--- User ---
[MBR] ffb6cee6602719e2501c323b8be826ea
[BSP] 819d19b9a2c4df11147701cda0456161 : Linux MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 160351 Mo
3 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 360064845 | Size: 129429 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Termine : << RKreport[1].txt >>
RKreport[1].txt
Et le second rapport avec Racc RAZ donne :
RogueKiller V7.4.3 [04/05/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Demarrage : Mode normal
Utilisateur: kerfi [Droits d'admin]
Mode: Raccourcis RAZ -- Date: 06/05/2012 12:59:43
¤¤¤ Processus malicieux: 1 ¤¤¤
[SUSP PATH] setup.exe -- C:\windows\TEMP\ihdmvh\setup.exe -> KILLED [TermProc]
¤¤¤ Driver: [CHARGE] ¤¤¤
¤¤¤ Attributs de fichiers restaures: ¤¤¤
Bureau: Success 1 / Fail 0
Lancement rapide: Success 1 / Fail 0
Programmes: Success 9 / Fail 0
Menu demarrer: Success 1 / Fail 0
Dossier utilisateur: Success 272 / Fail 0
Mes documents: Success 11 / Fail 0
Mes favoris: Success 0 / Fail 0
Mes images: Success 0 / Fail 0
Ma musique: Success 0 / Fail 0
Mes videos: Success 0 / Fail 0
Disques locaux: Success 206 / Fail 0
Sauvegarde: [NOT FOUND]
Lecteurs:
[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[D:] \Device\CdRom2 -- 0x5 --> Skipped
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[G:] \Device\CdRom1 -- 0x5 --> Skipped
¤¤¤ Infection : ¤¤¤
Termine : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt