Detection rootkit par avg [Résolu/Fermé]

Signaler
Messages postés
15
Date d'inscription
vendredi 12 octobre 2012
Statut
Membre
Dernière intervention
26 octobre 2012
-
 Utilisateur anonyme -
Bonjour,



Lors de la derniere analyse de mon pc AVG free m'a trouvé 2 rootkits:
-( "";"C:\Windows\System32\Drivers\spni.sys";"pci.sys, importation en boucle ntoskrnl.exe IoAttachDeviceToDeviceStack -> spni.sys +0x62650";"L'objet est masqué"
-"";"C:\Windows\System32\Drivers\spni.sys";"pci.sys, importation en boucle ntoskrnl.exe IoDetachDevice -> spni.sys +0x625DC";"L'objet est masqué").

Macafeerootkit remover ne trouve rien.
GMER ne trouve rien non plus (en rouge)
Malwarebytes Anti-Malware non plus.

Je ne remarque pas de comportement anormal de mon pc.

Quelqu'un pourrait-il m'aider ?

Merci d'avance

29 réponses


salut

▶ Télécharge Reload_TDSSKiller

▶ Lance le

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis

TDSSKiller va s'ouvrir , clique sur "Start Scan"

Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
Si Rootkit.Win32.ZAccess.* est détecté règle sur "cure" en haut , et "delete" en bas

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.

Messages postés
15
Date d'inscription
vendredi 12 octobre 2012
Statut
Membre
Dernière intervention
26 octobre 2012

Merci

Je n'ai vu aucun des trucs ci dessous

Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
Si Rootkit.Win32.ZAccess.* est détecté règle sur "cure" en haut , et "delete" en bas


Voila le rapport de TDSS


17:33:19.0116 8200 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:33:19.0229 8200 ============================================================
17:33:19.0229 8200 Current date / time: 2012/10/12 17:33:19.0229
17:33:19.0229 8200 SystemInfo:
17:33:19.0229 8200
17:33:19.0229 8200 OS Version: 6.1.7601 ServicePack: 1.0
17:33:19.0229 8200 Product type: Workstation
17:33:19.0229 8200 ComputerName: LUDO-HP
17:33:19.0229 8200 UserName: Ludo
17:33:19.0229 8200 Windows directory: C:\Windows
17:33:19.0229 8200 System windows directory: C:\Windows
17:33:19.0229 8200 Running under WOW64
17:33:19.0229 8200 Processor architecture: Intel x64
17:33:19.0229 8200 Number of processors: 8
17:33:19.0229 8200 Page size: 0x1000
17:33:19.0229 8200 Boot type: Normal boot
17:33:19.0229 8200 ============================================================
17:33:19.0677 8200 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:33:19.0684 8200 ============================================================
17:33:19.0684 8200 \Device\Harddisk0\DR0:
17:33:19.0684 8200 MBR partitions:
17:33:19.0684 8200 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3FF800
17:33:19.0684 8200 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x400000, BlocksNum 0x1CFC2830
17:33:19.0698 8200 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1D3C3800, BlocksNum 0x1CFC2000
17:33:19.0698 8200 ============================================================
17:33:19.0734 8200 C: <-> \Device\Harddisk0\DR0\Partition2
17:33:19.0769 8200 D: <-> \Device\Harddisk0\DR0\Partition3
17:33:19.0769 8200 ============================================================
17:33:19.0769 8200 Initialize success
17:33:19.0769 8200 ============================================================
17:33:41.0630 8280 ============================================================
17:33:41.0630 8280 Scan started
17:33:41.0630 8280 Mode: Manual;
17:33:41.0630 8280 ============================================================
17:33:42.0258 8280 ================ Scan system memory ========================
17:33:42.0258 8280 System memory - ok
17:33:42.0259 8280 ================ Scan services =============================
17:33:42.0344 8280 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:33:42.0348 8280 1394ohci - ok
17:33:42.0431 8280 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
17:33:42.0438 8280 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
17:33:42.0470 8280 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:33:42.0475 8280 ACPI - ok
17:33:42.0506 8280 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:33:42.0508 8280 AcpiPmi - ok
17:33:42.0544 8280 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
17:33:42.0547 8280 adfs - ok
17:33:42.0647 8280 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:33:42.0648 8280 AdobeARMservice - ok
17:33:42.0767 8280 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:33:42.0770 8280 AdobeFlashPlayerUpdateSvc - ok
17:33:42.0817 8280 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:33:42.0824 8280 adp94xx - ok
17:33:42.0856 8280 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:33:42.0861 8280 adpahci - ok
17:33:42.0875 8280 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:33:42.0878 8280 adpu320 - ok
17:33:42.0895 8280 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:33:42.0897 8280 AeLookupSvc - ok
17:33:42.0933 8280 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:33:42.0939 8280 AFD - ok
17:33:42.0966 8280 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:33:42.0969 8280 agp440 - ok
17:33:43.0129 8280 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll
17:33:43.0129 8280 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
17:33:43.0135 8280 Akamai ( HiddenFile.Multi.Generic ) - warning
17:33:43.0135 8280 Akamai - detected HiddenFile.Multi.Generic (1)
17:33:43.0155 8280 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:33:43.0157 8280 ALG - ok
17:33:43.0183 8280 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:33:43.0185 8280 aliide - ok
17:33:43.0198 8280 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:33:43.0200 8280 amdide - ok
17:33:43.0222 8280 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:33:43.0225 8280 AmdK8 - ok
17:33:43.0240 8280 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:33:43.0242 8280 AmdPPM - ok
17:33:43.0269 8280 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:33:43.0272 8280 amdsata - ok
17:33:43.0288 8280 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:33:43.0292 8280 amdsbs - ok
17:33:43.0309 8280 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:33:43.0311 8280 amdxata - ok
17:33:43.0349 8280 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:33:43.0352 8280 AppID - ok
17:33:43.0371 8280 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:33:43.0372 8280 AppIDSvc - ok
17:33:43.0395 8280 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:33:43.0397 8280 Appinfo - ok
17:33:43.0410 8280 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:33:43.0411 8280 AppMgmt - ok
17:33:43.0427 8280 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:33:43.0430 8280 arc - ok
17:33:43.0439 8280 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:33:43.0442 8280 arcsas - ok
17:33:43.0464 8280 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:33:43.0467 8280 AsyncMac - ok
17:33:43.0500 8280 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:33:43.0502 8280 atapi - ok
17:33:43.0541 8280 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:33:43.0546 8280 AudioEndpointBuilder - ok
17:33:43.0557 8280 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:33:43.0562 8280 AudioSrv - ok
17:33:43.0724 8280 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:33:43.0752 8280 AVGIDSAgent - ok
17:33:43.0810 8280 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:33:43.0813 8280 AVGIDSDriver - ok
17:33:43.0854 8280 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
17:33:43.0856 8280 AVGIDSFilter - ok
17:33:43.0888 8280 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
17:33:43.0890 8280 AVGIDSHA - ok
17:33:43.0918 8280 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
17:33:43.0923 8280 Avgldx64 - ok
17:33:43.0942 8280 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
17:33:43.0944 8280 Avgmfx64 - ok
17:33:43.0969 8280 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
17:33:43.0971 8280 Avgrkx64 - ok
17:33:43.0988 8280 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
17:33:43.0994 8280 Avgtdia - ok
17:33:44.0037 8280 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
17:33:44.0039 8280 avgtp - ok
17:33:44.0061 8280 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:33:44.0064 8280 avgwd - ok
17:33:44.0101 8280 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:33:44.0102 8280 AxInstSV - ok
17:33:44.0137 8280 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:33:44.0144 8280 b06bdrv - ok
17:33:44.0177 8280 [ AF72E87555F00772611C32B7C7194755 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:33:44.0182 8280 b57nd60a - ok
17:33:44.0205 8280 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:33:44.0206 8280 BDESVC - ok
17:33:44.0227 8280 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:33:44.0229 8280 Beep - ok
17:33:44.0287 8280 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:33:44.0293 8280 BFE - ok
17:33:44.0316 8280 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:33:44.0324 8280 BITS - ok
17:33:44.0337 8280 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:33:44.0339 8280 blbdrive - ok
17:33:44.0375 8280 [ F233891BC8E595CC7AEBB5BF0D183AEF ] Blfp C:\Windows\system32\DRIVERS\basp.sys
17:33:44.0378 8280 Blfp - ok
17:33:44.0443 8280 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
17:33:44.0445 8280 Bonjour Service - ok
17:33:44.0484 8280 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:33:44.0487 8280 bowser - ok
17:33:44.0525 8280 [ 50147CE97418865F881238C79194A658 ] BrcmMgmtAgent C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
17:33:44.0527 8280 BrcmMgmtAgent - ok
17:33:44.0548 8280 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:33:44.0551 8280 BrFiltLo - ok
17:33:44.0560 8280 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:33:44.0562 8280 BrFiltUp - ok
17:33:44.0597 8280 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:33:44.0599 8280 Browser - ok
17:33:44.0617 8280 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:33:44.0622 8280 Brserid - ok
17:33:44.0634 8280 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:33:44.0637 8280 BrSerWdm - ok
17:33:44.0646 8280 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:33:44.0648 8280 BrUsbMdm - ok
17:33:44.0657 8280 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:33:44.0659 8280 BrUsbSer - ok
17:33:44.0672 8280 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:33:44.0675 8280 BTHMODEM - ok
17:33:44.0699 8280 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:33:44.0700 8280 bthserv - ok
17:33:44.0717 8280 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:33:44.0720 8280 cdfs - ok
17:33:44.0753 8280 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
17:33:44.0756 8280 cdrom - ok
17:33:44.0798 8280 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:33:44.0799 8280 CertPropSvc - ok
17:33:44.0818 8280 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:33:44.0821 8280 circlass - ok
17:33:44.0841 8280 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:33:44.0846 8280 CLFS - ok
17:33:44.0898 8280 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:33:44.0899 8280 clr_optimization_v2.0.50727_32 - ok
17:33:44.0941 8280 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:33:44.0943 8280 clr_optimization_v2.0.50727_64 - ok
17:33:44.0976 8280 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:33:44.0978 8280 CmBatt - ok
17:33:44.0987 8280 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:33:44.0989 8280 cmdide - ok
17:33:45.0026 8280 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:33:45.0032 8280 CNG - ok
17:33:45.0042 8280 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:33:45.0044 8280 Compbatt - ok
17:33:45.0081 8280 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:33:45.0083 8280 CompositeBus - ok
17:33:45.0094 8280 COMSysApp - ok
17:33:45.0110 8280 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:33:45.0112 8280 crcdisk - ok
17:33:45.0155 8280 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:33:45.0157 8280 CryptSvc - ok
17:33:45.0192 8280 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:33:45.0200 8280 CSC - ok
17:33:45.0241 8280 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:33:45.0247 8280 CscService - ok
17:33:45.0266 8280 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:33:45.0272 8280 DcomLaunch - ok
17:33:45.0299 8280 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:33:45.0302 8280 defragsvc - ok
17:33:45.0332 8280 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:33:45.0335 8280 DfsC - ok
17:33:45.0355 8280 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:33:45.0358 8280 Dhcp - ok
17:33:45.0380 8280 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:33:45.0381 8280 discache - ok
17:33:45.0407 8280 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:33:45.0409 8280 Disk - ok
17:33:45.0443 8280 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:33:45.0445 8280 Dnscache - ok
17:33:45.0474 8280 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:33:45.0477 8280 dot3svc - ok
17:33:45.0508 8280 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:33:45.0510 8280 DPS - ok
17:33:45.0529 8280 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:33:45.0531 8280 drmkaud - ok
17:33:45.0578 8280 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:33:45.0590 8280 DXGKrnl - ok
17:33:45.0614 8280 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:33:45.0616 8280 EapHost - ok
17:33:45.0684 8280 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:33:45.0744 8280 ebdrv - ok
17:33:45.0792 8280 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:33:45.0795 8280 EFS - ok
17:33:45.0859 8280 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:33:45.0864 8280 ehRecvr - ok
17:33:45.0884 8280 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:33:45.0886 8280 ehSched - ok
17:33:45.0923 8280 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:33:45.0930 8280 elxstor - ok
17:33:45.0979 8280 [ CDCA791AFA0483F44BBA576DBFAFD04D ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S30RP1.EXE
17:33:45.0980 8280 EPSON_PM_RPCV4_01 - ok
17:33:46.0040 8280 [ DFEB7EE15BA8BA03E722C375F7E6A379 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
17:33:46.0042 8280 EPSON_PM_RPCV4_05 - ok
17:33:46.0068 8280 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:33:46.0070 8280 ErrDev - ok
17:33:46.0099 8280 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:33:46.0103 8280 EventSystem - ok
17:33:46.0126 8280 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:33:46.0129 8280 exfat - ok
17:33:46.0152 8280 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:33:46.0156 8280 fastfat - ok
17:33:46.0203 8280 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:33:46.0212 8280 Fax - ok
17:33:46.0226 8280 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:33:46.0228 8280 fdc - ok
17:33:46.0249 8280 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:33:46.0250 8280 fdPHost - ok
17:33:46.0260 8280 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:33:46.0261 8280 FDResPub - ok
17:33:46.0275 8280 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:33:46.0277 8280 FileInfo - ok
17:33:46.0288 8280 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:33:46.0290 8280 Filetrace - ok
17:33:46.0320 8280 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:33:46.0325 8280 FLEXnet Licensing Service - ok
17:33:46.0393 8280 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
17:33:46.0401 8280 FLEXnet Licensing Service 64 - ok
17:33:46.0427 8280 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:33:46.0430 8280 flpydisk - ok
17:33:46.0462 8280 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:33:46.0465 8280 FltMgr - ok
17:33:46.0514 8280 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:33:46.0540 8280 FontCache - ok
17:33:46.0592 8280 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:33:46.0593 8280 FontCache3.0.0.0 - ok
17:33:46.0619 8280 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:33:46.0621 8280 FsDepends - ok
17:33:46.0666 8280 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:33:46.0669 8280 fssfltr - ok
17:33:46.0771 8280 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:33:46.0783 8280 fsssvc - ok
17:33:46.0822 8280 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:33:46.0825 8280 Fs_Rec - ok
17:33:46.0864 8280 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:33:46.0867 8280 fvevol - ok
17:33:46.0892 8280 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:33:46.0895 8280 gagp30kx - ok
17:33:46.0934 8280 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:33:46.0940 8280 gpsvc - ok
17:33:47.0035 8280 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:33:47.0037 8280 gupdate - ok
17:33:47.0051 8280 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:33:47.0052 8280 gupdatem - ok
17:33:47.0062 8280 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:33:47.0065 8280 hcw85cir - ok
17:33:47.0102 8280 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:33:47.0108 8280 HdAudAddService - ok
17:33:47.0142 8280 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:33:47.0145 8280 HDAudBus - ok
17:33:47.0159 8280 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:33:47.0161 8280 HidBatt - ok
17:33:47.0174 8280 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:33:47.0177 8280 HidBth - ok
17:33:47.0189 8280 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:33:47.0191 8280 HidIr - ok
17:33:47.0208 8280 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:33:47.0210 8280 hidserv - ok
17:33:47.0220 8280 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:33:47.0221 8280 HidUsb - ok
17:33:47.0253 8280 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:33:47.0254 8280 hkmsvc - ok
17:33:47.0301 8280 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:33:47.0304 8280 HomeGroupListener - ok
17:33:47.0319 8280 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:33:47.0322 8280 HomeGroupProvider - ok
17:33:47.0369 8280 [ C84BCC03858DAEAC4DB1E95EFCCE1934 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:33:47.0370 8280 HP Health Check Service - ok
17:33:47.0393 8280 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:33:47.0395 8280 hpqwmiex - ok
17:33:47.0429 8280 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:33:47.0431 8280 HpSAMD - ok
17:33:47.0480 8280 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:33:47.0489 8280 HTTP - ok
17:33:47.0517 8280 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:33:47.0519 8280 hwpolicy - ok
17:33:47.0544 8280 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:33:47.0547 8280 i8042prt - ok
17:33:47.0573 8280 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:33:47.0576 8280 iaStor - ok
17:33:47.0589 8280 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:33:47.0595 8280 iaStorV - ok
17:33:47.0658 8280 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
17:33:47.0660 8280 IDriverT - ok
17:33:47.0708 8280 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:33:47.0715 8280 idsvc - ok
17:33:47.0747 8280 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:33:47.0750 8280 iirsp - ok
17:33:47.0788 8280 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:33:47.0795 8280 IKEEXT - ok
17:33:47.0872 8280 [ 49A81307E807C0EAAD6510589DD92A3D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:33:47.0927 8280 IntcAzAudAddService - ok
17:33:47.0965 8280 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:33:47.0966 8280 intelide - ok
17:33:47.0995 8280 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:33:47.0997 8280 intelppm - ok
17:33:48.0021 8280 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:33:48.0023 8280 IPBusEnum - ok
17:33:48.0055 8280 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:33:48.0058 8280 IpFilterDriver - ok
17:33:48.0082 8280 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:33:48.0087 8280 iphlpsvc - ok
17:33:48.0116 8280 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:33:48.0119 8280 IPMIDRV - ok
17:33:48.0130 8280 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:33:48.0134 8280 IPNAT - ok
17:33:48.0150 8280 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:33:48.0152 8280 IRENUM - ok
17:33:48.0167 8280 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:33:48.0170 8280 isapnp - ok
17:33:48.0190 8280 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:33:48.0194 8280 iScsiPrt - ok
17:33:48.0220 8280 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:33:48.0222 8280 kbdclass - ok
17:33:48.0231 8280 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:33:48.0232 8280 kbdhid - ok
17:33:48.0240 8280 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:33:48.0241 8280 KeyIso - ok
17:33:48.0274 8280 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:33:48.0275 8280 KSecDD - ok
17:33:48.0306 8280 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:33:48.0309 8280 KSecPkg - ok
17:33:48.0327 8280 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:33:48.0329 8280 ksthunk - ok
17:33:48.0360 8280 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:33:48.0364 8280 KtmRm - ok
17:33:48.0422 8280 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:33:48.0426 8280 LanmanServer - ok
17:33:48.0455 8280 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:33:48.0458 8280 LanmanWorkstation - ok
17:33:48.0486 8280 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:33:48.0488 8280 lltdio - ok
17:33:48.0506 8280 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:33:48.0509 8280 lltdsvc - ok
17:33:48.0536 8280 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:33:48.0537 8280 lmhosts - ok
17:33:48.0561 8280 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:33:48.0563 8280 LSI_FC - ok
17:33:48.0574 8280 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:33:48.0577 8280 LSI_SAS - ok
17:33:48.0587 8280 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:33:48.0590 8280 LSI_SAS2 - ok
17:33:48.0603 8280 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:33:48.0606 8280 LSI_SCSI - ok
17:33:48.0617 8280 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:33:48.0620 8280 luafv - ok
17:33:48.0643 8280 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
17:33:48.0647 8280 mcdbus - ok
17:33:48.0676 8280 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:33:48.0677 8280 Mcx2Svc - ok
17:33:48.0691 8280 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:33:48.0693 8280 megasas - ok
17:33:48.0713 8280 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:33:48.0718 8280 MegaSR - ok
17:33:48.0745 8280 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:33:48.0747 8280 MMCSS - ok
17:33:48.0756 8280 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:33:48.0758 8280 Modem - ok
17:33:48.0774 8280 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:33:48.0776 8280 monitor - ok
17:33:48.0799 8280 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
17:33:48.0800 8280 mouclass - ok
17:33:48.0820 8280 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:33:48.0822 8280 mouhid - ok
17:33:48.0859 8280 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:33:48.0861 8280 mountmgr - ok
17:33:48.0919 8280 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:33:48.0920 8280 MozillaMaintenance - ok
17:33:48.0933 8280 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:33:48.0936 8280 mpio - ok
17:33:48.0953 8280 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:33:48.0956 8280 mpsdrv - ok
17:33:49.0000 8280 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:33:49.0008 8280 MpsSvc - ok
17:33:49.0041 8280 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:33:49.0044 8280 MRxDAV - ok
17:33:49.0075 8280 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:33:49.0082 8280 mrxsmb - ok
17:33:49.0111 8280 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:33:49.0117 8280 mrxsmb10 - ok
17:33:49.0127 8280 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:33:49.0130 8280 mrxsmb20 - ok
17:33:49.0147 8280 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:33:49.0150 8280 msahci - ok
17:33:49.0201 8280 [ A592A054D78750B4D73ABAA4C94DECDF ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
17:33:49.0202 8280 MSCamSvc - ok
17:33:49.0267 8280 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
17:33:49.0268 8280 MSCSPTISRV - ok
17:33:49.0303 8280 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:33:49.0305 8280 msdsm - ok
17:33:49.0322 8280 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:33:49.0326 8280 MSDTC - ok
17:33:49.0354 8280 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:33:49.0356 8280 Msfs - ok
17:33:49.0376 8280 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:33:49.0378 8280 mshidkmdf - ok
17:33:49.0392 8280 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:33:49.0394 8280 msisadrv - ok
17:33:49.0419 8280 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:33:49.0421 8280 MSiSCSI - ok
17:33:49.0425 8280 msiserver - ok
17:33:49.0454 8280 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:33:49.0456 8280 MSKSSRV - ok
17:33:49.0473 8280 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:33:49.0475 8280 MSPCLOCK - ok
17:33:49.0488 8280 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:33:49.0490 8280 MSPQM - ok
17:33:49.0524 8280 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:33:49.0528 8280 MsRPC - ok
17:33:49.0545 8280 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:33:49.0547 8280 mssmbios - ok
17:33:49.0556 8280 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:33:49.0558 8280 MSTEE - ok
17:33:49.0571 8280 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:33:49.0573 8280 MTConfig - ok
17:33:49.0591 8280 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:33:49.0593 8280 Mup - ok
17:33:49.0609 8280 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:33:49.0613 8280 napagent - ok
17:33:49.0637 8280 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:33:49.0642 8280 NativeWifiP - ok
17:33:49.0669 8280 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:33:49.0681 8280 NDIS - ok
17:33:49.0705 8280 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:33:49.0708 8280 NdisCap - ok
17:33:49.0722 8280 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:33:49.0724 8280 NdisTapi - ok
17:33:49.0750 8280 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:33:49.0753 8280 Ndisuio - ok
17:33:49.0787 8280 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:33:49.0790 8280 NdisWan - ok
17:33:49.0814 8280 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:33:49.0816 8280 NDProxy - ok
17:33:49.0826 8280 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:33:49.0829 8280 NetBIOS - ok
17:33:49.0861 8280 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:33:49.0865 8280 NetBT - ok
17:33:49.0879 8280 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:33:49.0881 8280 Netlogon - ok
17:33:49.0910 8280 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:33:49.0914 8280 Netman - ok
17:33:49.0934 8280 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:33:49.0939 8280 netprofm - ok
17:33:49.0961 8280 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:33:49.0962 8280 NetTcpPortSharing - ok
17:33:49.0995 8280 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:33:49.0997 8280 nfrd960 - ok
17:33:50.0040 8280 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:33:50.0043 8280 NlaSvc - ok
17:33:50.0074 8280 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:33:50.0077 8280 Npfs - ok
17:33:50.0097 8280 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:33:50.0098 8280 nsi - ok
17:33:50.0108 8280 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:33:50.0110 8280 nsiproxy - ok
17:33:50.0162 8280 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:33:50.0180 8280 Ntfs - ok
17:33:50.0190 8280 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:33:50.0192 8280 Null - ok
17:33:50.0342 8280 [ 53A7E1DEA2E7FA22FD4F0C28C078F5A0 ] NVIDIA Performance Driver Service C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
17:33:50.0379 8280 NVIDIA Performance Driver Service - ok
17:33:50.0608 8280 [ B34E9BFBD9C61048EF6281C3E7EC210A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:33:50.0808 8280 nvlddmkm - ok
17:33:50.0837 8280 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:33:50.0840 8280 nvraid - ok
17:33:50.0851 8280 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:33:50.0854 8280 nvstor - ok
17:33:50.0892 8280 [ DFDA089BB2CD0FF7E789E2EF6BA1E4BA ] nvsvc C:\Windows\system32\nvvsvc.exe
17:33:50.0905 8280 nvsvc - ok
17:33:50.0924 8280 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:33:50.0926 8280 nv_agp - ok
17:33:50.0955 8280 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:33:50.0958 8280 ohci1394 - ok
17:33:51.0025 8280 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:33:51.0026 8280 ose - ok
17:33:51.0050 8280 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:33:51.0053 8280 p2pimsvc - ok
17:33:51.0082 8280 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:33:51.0086 8280 p2psvc - ok
17:33:51.0120 8280 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
17:33:51.0121 8280 PACSPTISVR - ok
17:33:51.0146 8280 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:33:51.0148 8280 Parport - ok
17:33:51.0174 8280 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:33:51.0176 8280 partmgr - ok
17:33:51.0186 8280 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:33:51.0189 8280 PcaSvc - ok
17:33:51.0223 8280 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:33:51.0226 8280 pci - ok
17:33:51.0250 8280 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:33:51.0252 8280 pciide - ok
17:33:51.0268 8280 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:33:51.0272 8280 pcmcia - ok
17:33:51.0301 8280 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
17:33:51.0303 8280 pcouffin - ok
17:33:51.0317 8280 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:33:51.0319 8280 pcw - ok
17:33:51.0341 8280 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:33:51.0350 8280 PEAUTH - ok
17:33:51.0384 8280 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:33:51.0409 8280 PeerDistSvc - ok
17:33:51.0467 8280 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:33:51.0469 8280 PerfHost - ok
17:33:51.0524 8280 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:33:51.0549 8280 pla - ok
17:33:51.0597 8280 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:33:51.0602 8280 PlugPlay - ok
17:33:51.0617 8280 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:33:51.0619 8280 PNRPAutoReg - ok
17:33:51.0632 8280 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:33:51.0636 8280 PNRPsvc - ok
17:33:51.0652 8280 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:33:51.0656 8280 PolicyAgent - ok
17:33:51.0676 8280 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:33:51.0679 8280 Power - ok
17:33:51.0701 8280 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:33:51.0704 8280 PptpMiniport - ok
17:33:51.0721 8280 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:33:51.0724 8280 Processor - ok
17:33:51.0739 8280 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
17:33:51.0742 8280 ProfSvc - ok
17:33:51.0752 8280 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:33:51.0754 8280 ProtectedStorage - ok
17:33:51.0781 8280 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:33:51.0783 8280 Psched - ok
17:33:51.0811 8280 [ 5D6C8E778F0218FCD2CCA0EFBC9766CA ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:33:51.0813 8280 PxHlpa64 - ok
17:33:51.0860 8280 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:33:51.0893 8280 ql2300 - ok
17:33:51.0906 8280 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:33:51.0909 8280 ql40xx - ok
17:33:51.0925 8280 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:33:51.0928 8280 QWAVE - ok
17:33:51.0935 8280 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:33:51.0937 8280 QWAVEdrv - ok
17:33:51.0948 8280 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:33:51.0950 8280 RasAcd - ok
17:33:51.0975 8280 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:33:51.0977 8280 RasAgileVpn - ok
17:33:51.0988 8280 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:33:51.0991 8280 RasAuto - ok
17:33:52.0021 8280 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:33:52.0025 8280 Rasl2tp - ok
17:33:52.0060 8280 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:33:52.0064 8280 RasMan - ok
17:33:52.0074 8280 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:33:52.0077 8280 RasPppoe - ok
17:33:52.0087 8280 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:33:52.0090 8280 RasSstp - ok
17:33:52.0109 8280 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:33:52.0113 8280 rdbss - ok
17:33:52.0121 8280 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:33:52.0122 8280 rdpbus - ok
17:33:52.0136 8280 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:33:52.0138 8280 RDPCDD - ok
17:33:52.0168 8280 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:33:52.0172 8280 RDPDR - ok
17:33:52.0186 8280 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:33:52.0187 8280 RDPENCDD - ok
17:33:52.0196 8280 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:33:52.0198 8280 RDPREFMP - ok
17:33:52.0230 8280 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:33:52.0242 8280 RDPWD - ok
17:33:52.0259 8280 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:33:52.0263 8280 rdyboost - ok
17:33:52.0278 8280 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:33:52.0280 8280 RemoteAccess - ok
17:33:52.0307 8280 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:33:52.0310 8280 RemoteRegistry - ok
17:33:52.0323 8280 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:33:52.0325 8280 RpcEptMapper - ok
17:33:52.0329 8280 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:33:52.0330 8280 RpcLocator - ok
17:33:52.0359 8280 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:33:52.0364 8280 RpcSs - ok
17:33:52.0383 8280 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:33:52.0386 8280 rspndr - ok
17:33:52.0415 8280 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:33:52.0417 8280 s3cap - ok
17:33:52.0433 8280 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:33:52.0434 8280 SamSs - ok
17:33:52.0445 8280 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:33:52.0447 8280 sbp2port - ok
17:33:52.0467 8280 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:33:52.0469 8280 SCardSvr - ok
17:33:52.0487 8280 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:33:52.0488 8280 scfilter - ok
17:33:52.0527 8280 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:33:52.0552 8280 Schedule - ok
17:33:52.0581 8280 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:33:52.0582 8280 SCPolicySvc - ok
17:33:52.0592 8280 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:33:52.0595 8280 SDRSVC - ok
17:33:52.0620 8280 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:33:52.0622 8280 secdrv - ok
17:33:52.0654 8280 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:33:52.0656 8280 seclogon - ok
17:33:52.0687 8280 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:33:52.0689 8280 SENS - ok
17:33:52.0697 8280 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:33:52.0699 8280 SensrSvc - ok
17:33:52.0722 8280 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:33:52.0724 8280 Serenum - ok
17:33:52.0739 8280 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:33:52.0742 8280 Serial - ok
17:33:52.0772 8280 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:33:52.0774 8280 sermouse - ok
17:33:52.0804 8280 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:33:52.0807 8280 SessionEnv - ok
17:33:52.0813 8280 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:33:52.0815 8280 sffdisk - ok
17:33:52.0826 8280 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:33:52.0829 8280 sffp_mmc - ok
17:33:52.0838 8280 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:33:52.0840 8280 sffp_sd - ok
17:33:52.0849 8280 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:33:52.0851 8280 sfloppy - ok
17:33:52.0875 8280 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:33:52.0878 8280 SharedAccess - ok
17:33:52.0915 8280 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:33:52.0919 8280 ShellHWDetection - ok
17:33:52.0941 8280 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:33:52.0943 8280 SiSRaid2 - ok
17:33:52.0956 8280 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:33:52.0959 8280 SiSRaid4 - ok
17:33:53.0046 8280 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:33:53.0048 8280 SkypeUpdate - ok
17:33:53.0065 8280 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:33:53.0068 8280 Smb - ok
17:33:53.0093 8280 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:33:53.0096 8280 SNMPTRAP - ok
17:33:53.0117 8280 [ 977AAA4398D7D6FA65D973F5B3F54E40 ] SonicStage Back-End Service C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe
17:33:53.0119 8280 SonicStage Back-End Service - ok
17:33:53.0131 8280 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:33:53.0133 8280 spldr - ok
17:33:53.0171 8280 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
17:33:53.0179 8280 Spooler - ok
17:33:53.0261 8280 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:33:53.0322 8280 sppsvc - ok
17:33:53.0348 8280 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:33:53.0350 8280 sppuinotify - ok
17:33:53.0402 8280 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
17:33:53.0402 8280 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
17:33:53.0404 8280 sptd ( LockedFile.Multi.Generic ) - warning
17:33:53.0404 8280 sptd - detected LockedFile.Multi.Generic (1)
17:33:53.0433 8280 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe
17:33:53.0434 8280 SPTISRV - ok
17:33:53.0470 8280 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:33:53.0476 8280 srv - ok
17:33:53.0489 8280 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:33:53.0494 8280 srv2 - ok
17:33:53.0510 8280 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:33:53.0513 8280 srvnet - ok
17:33:53.0547 8280 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:33:53.0550 8280 SSDPSRV - ok
17:33:53.0584 8280 [ 756E371B3B86A3D3039926D32EAC0E8D ] SSScsiSV C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe
17:33:53.0584 8280 SSScsiSV - ok
17:33:53.0600 8280 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:33:53.0602 8280 SstpSvc - ok
17:33:53.0638 8280 [ 999E91F32B215767BBB9E1A76AD99DA7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:33:53.0640 8280 Stereo Service - ok
17:33:53.0665 8280 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:33:53.0667 8280 stexstor - ok
17:33:53.0705 8280 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:33:53.0709 8280 stisvc - ok
17:33:53.0734 8280 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:33:53.0736 8280 storflt - ok
17:33:53.0748 8280 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
17:33:53.0750 8280 StorSvc - ok
17:33:53.0762 8280 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:33:53.0764 8280 storvsc - ok
17:33:53.0773 8280 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:33:53.0775 8280 swenum - ok
17:33:53.0789 8280 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:33:53.0793 8280 swprv - ok
17:33:53.0845 8280 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:33:53.0866 8280 SysMain - ok
17:33:53.0896 8280 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:33:53.0898 8280 TabletInputService - ok
17:33:54.0020 8280 [ 276D287C0995625E138DB13F858E2334 ] TabletServiceWacom C:\Windows\system32\Wacom_Tablet.exe
17:33:54.0106 8280 TabletServiceWacom - ok
17:33:54.0133 8280 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:33:54.0136 8280 TapiSrv - ok
17:33:54.0150 8280 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:33:54.0152 8280 TBS - ok
17:33:54.0208 8280 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:33:54.0220 8280 Tcpip - ok
17:33:54.0266 8280 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:33:54.0276 8280 TCPIP6 - ok
17:33:54.0305 8280 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:33:54.0307 8280 tcpipreg - ok
17:33:54.0327 8280 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:33:54.0329 8280 TDPIPE - ok
17:33:54.0354 8280 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:33:54.0363 8280 TDTCP - ok
17:33:54.0390 8280 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:33:54.0391 8280 tdx - ok
17:33:54.0412 8280 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:33:54.0414 8280 TermDD - ok
17:33:54.0432 8280 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:33:54.0437 8280 TermService - ok
17:33:54.0446 8280 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:33:54.0448 8280 Themes - ok
17:33:54.0455 8280 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:33:54.0457 8280 THREADORDER - ok
17:33:54.0465 8280 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:33:54.0467 8280 TrkWks - ok
17:33:54.0521 8280 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:33:54.0522 8280 TrustedInstaller - ok
17:33:54.0551 8280 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:33:54.0553 8280 tssecsrv - ok
17:33:54.0580 8280 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:33:54.0582 8280 TsUsbFlt - ok
17:33:54.0630 8280 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:33:54.0633 8280 tunnel - ok
17:33:54.0652 8280 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:33:54.0654 8280 uagp35 - ok
17:33:54.0666 8280 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:33:54.0670 8280 udfs - ok
17:33:54.0698 8280 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:33:54.0701 8280 UI0Detect - ok
17:33:54.0717 8280 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:33:54.0720 8280 uliagpkx - ok
17:33:54.0756 8280 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:33:54.0758 8280 umbus - ok
17:33:54.0782 8280 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:33:54.0785 8280 UmPass - ok
17:33:54.0798 8280 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:33:54.0801 8280 UmRdpService - ok
17:33:54.0813 8280 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:33:54.0816 8280 upnphost - ok
17:33:54.0843 8280 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:33:54.0846 8280 usbaudio - ok
17:33:54.0882 8280 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:33:54.0895 8280 usbccgp - ok
17:33:54.0918 8280 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:33:54.0921 8280 usbcir - ok
17:33:54.0947 8280 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:33:54.0950 8280 usbehci - ok
17:33:54.0981 8280 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:33:54.0984 8280 usbhub - ok
17:33:54.0998 8280 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:33:55.0000 8280 usbohci - ok
17:33:55.0028 8280 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:33:55.0029 8280 usbprint - ok
17:33:55.0048 8280 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:33:55.0050 8280 usbscan - ok
17:33:55.0061 8280 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:33:55.0063 8280 USBSTOR - ok
17:33:55.0080 8280 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:33:55.0081 8280 usbuhci - ok
17:33:55.0105 8280 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:33:55.0107 8280 UxSms - ok
17:33:55.0116 8280 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:33:55.0117 8280 VaultSvc - ok
17:33:55.0153 8280 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:33:55.0155 8280 vdrvroot - ok
17:33:55.0188 8280 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:33:55.0196 8280 vds - ok
17:33:55.0211 8280 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:33:55.0213 8280 vga - ok
17:33:55.0223 8280 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:33:55.0225 8280 VgaSave - ok
17:33:55.0253 8280 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:33:55.0256 8280 vhdmp - ok
17:33:55.0278 8280 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:33:55.0280 8280 viaide - ok
17:33:55.0293 8280 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:33:55.0296 8280 vmbus - ok
Messages postés
15
Date d'inscription
vendredi 12 octobre 2012
Statut
Membre
Dernière intervention
26 octobre 2012

Complement du post précédent:

TDSS a trouvé:

-Hidden file
Service: Akamai
Suspicious object, medium risk

-Locked file
Service: sptd
Suspicious object, medium risk

je ne savais pas quoi faire j'ai skippé.

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :

C:\Windows\System32\Drivers\spni.sys

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :

C:\Windows\System32\Drivers\spni.sys

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
Messages postés
15
Date d'inscription
vendredi 12 octobre 2012
Statut
Membre
Dernière intervention
26 octobre 2012

Je n'arrive pas à voir ce fichier.
J'ai bien cocher "afficher les fichiers... cachés" dans "Options des dossiers", je vois donc les fichiers cachés mais pas celui la.
Et dans la fenetre de selection de Virustotal je ne vois pas tous les fichiers présent dans le dossier, seulement quelques fichiers .sys )

Attention !!! : cet outil peut etre détecté à tort comme virus
Attention !!! : cet outil est puissant suivre scrupuleusement les instructions ci-dessous

tous les processus "non vitaux de windows" vont être coupés , enregistre ton travail.

Désactive toutes tes protections si possible , antivirus , sandbox , pare-feux , etc....

telecharge et enregistre Pre_Scan sur ton bureau :

https://forums-fec.be/gen-hackman/Pre_Scan.exe

si le lien ne fonctionne pas :

http://general-changelog-team.fr/fr/downloads/viewdownload/41-outils-de-gen-hackman/52-pre-scan
http://www.archive-host.com

Avertissement :Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan_la_date_et_l'heure.txt" sur le bureau.

si l'outil est relancé plusieurs fois , il te proposera un menu et qu'aucune option n'est demandée, lance l'option "Kill"

si l'outil est bloqué par l'infection utilise cette version avec extension .pif :

https://forums-fec.be/gen-hackman/Pre_Scan.pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan

Il est possible que l'outil fasse redemarrer ton pc , laisse-le faire

NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

Heberge le rapport sur http://pjjoint.malekal.com puis donne le lien obtenu en echange sur le forum où tu te fais aider


Messages postés
15
Date d'inscription
vendredi 12 octobre 2012
Statut
Membre
Dernière intervention
26 octobre 2012

Bonjour,

Desolé pour le retard, j'ai du faire pas mal de back up.
Je vais etre plus rapide maintenant.

Voila le rapport
https://pjjoint.malekal.com/files.php?id=20121016_i5s8l7u15l14

re

relance l outil , clique sur Diag et heberge de nouveau le rapport
Messages postés
15
Date d'inscription
vendredi 12 octobre 2012
Statut
Membre
Dernière intervention
26 octobre 2012


Télécharge et enregistre ADWcleaner sur ton bureau :

ADWCleaner (Merci à Xplode)

Lance le,

(Pour vista et seven => clic droit "executer en tant qu'administrateur")

clique sur suppression et poste son rapport.

Messages postés
15
Date d'inscription
vendredi 12 octobre 2012
Statut
Membre
Dernière intervention
26 octobre 2012


parfait refais un diag avec pre_scan stp
Messages postés
15
Date d'inscription
vendredi 12 octobre 2012
Statut
Membre
Dernière intervention
26 octobre 2012


fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.


▶ Télécharge ici :

Malwarebytes

▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

▶ Lance Malwarebyte's .

Fais un examen dit "Complet" .

▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)


Messages postés
15
Date d'inscription
vendredi 12 octobre 2012
Statut
Membre
Dernière intervention
26 octobre 2012

Dois-je arreter AVG free avant de lancer Malwarebyte's

bah c'est le mieux sinon il va couiner dès que malwarebytes va trouver une mer$e
Messages postés
15
Date d'inscription
vendredi 12 octobre 2012
Statut
Membre
Dernière intervention
26 octobre 2012

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Version de la base de données: v2012.10.16.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Ludo :: LUDO-HP [administrateur]

16/10/2012 15:23:56
mbam-log-2012-10-16 (15-23-56).txt

Type d'examen: Examen complet (C:\|D:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 533758
Temps écoulé: 1 heure(s), 36 minute(s), 22 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 1
C:\Users\Ludo\Desktop\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Mis en quarantaine et supprimé avec succès.

(fin)

des soucis persistent ?
Messages postés
15
Date d'inscription
vendredi 12 octobre 2012
Statut
Membre
Dernière intervention
26 octobre 2012

Ca a l'air bon maintenant.
AVG ne detect plus de problème. Et toujours pas de comportement anormal de mon pc.

Merci beaucoup pour ton aide g3n-h@ckm@n!

C'est fini alors ?

C'etait quoi le problème en fait?