Bonjour, bonsoir , Je vous expliques mon problème. Voila quelques semaines qu'à chaque fois que je fais un recherche sur google , et que je clique sur un liens qu'il propose au lieu de tombé sur la page désirée, je tombe sur un autre site parfois un site de vente , de rencontre ou autre, le genre de site pop up. Mon antivirus n'a rien trouvé. Je fais toujours attention au site sur lesquels je me rends. Je télécharge que des logiciels sur des sites sur , comme Comment ça marche par exemple. Merci , Zaelsan Configuration: Windows 7 / Firefox 23.0

Virus pub redirections Google

Réponse 1 / 8

2011N2 Messages postés 13352 Date d'inscription samedi 29 janvier 2011 Statut Contributeur sécurité Dernière intervention 24 décembre 2016 917
27 août 2013 à 13:41

Salut,

Passe AdwCleaner et poste moi le rapport : http://www.forum-entraide-informatique.com/support/adwcleaner-tutoriel-t875.html

Gabriel.

Zaelsan
27 août 2013 à 13:49

# AdwCleaner v3.001 - Rapport créé le 27/08/2013 à 13:48:32
# Mis à jour le 24/08/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Pierre - PC-PIERRE
# Exécuté depuis : C:\Users\Pierre\Downloads\adwcleaner.exe
# Option : Scanner

***** [ Services ] *****

Service Présent : WebCake Desktop Updater

***** [ Fichiers / Dossiers ] *****

Dossier Présent : C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Dossier Présent : C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Dossier Présent C:\Program Files (x86)\Betcat
Dossier Présent C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Dossier Présent C:\Program Files (x86)\Red Sky
Dossier Présent C:\Program Files (x86)\TornTV.com
Dossier Présent C:\Program Files (x86)\Vittalia
Dossier Présent C:\Program Files (x86)\Web Cake
Dossier Présent C:\ProgramData\Babylon
Dossier Présent C:\ProgramData\BrowserDefender
Dossier Présent C:\ProgramData\Tarma Installer
Dossier Présent C:\Users\Pierre\AppData\Local\Bundled software uninstaller
Dossier Présent C:\Users\Pierre\AppData\Local\DownTango
Dossier Présent C:\Users\Pierre\AppData\Local\Smartbar
Dossier Présent C:\Users\Pierre\AppData\Local\Temp\boost_interprocess
Dossier Présent C:\Users\Pierre\AppData\Local\Temp\Smartbar
Dossier Présent C:\Users\Pierre\AppData\Roaming\BabSolution
Dossier Présent C:\Users\Pierre\AppData\Roaming\Babylon
Dossier Présent C:\Users\Pierre\AppData\Roaming\Betcat
Dossier Présent C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Dossier Présent C:\Users\Pierre\AppData\Roaming\OpenCandy
Dossier Présent C:\Users\Pierre\AppData\Roaming\Web Cake
Dossier Présent C:\Users\Pierre\AppData\Roaming\yourfiledownloader
Fichier Présent : C:\END
Fichier Présent : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Fichier Présent : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\\invalidprefs.js
Fichier Présent : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\searchplugins\Babylon.xml
Fichier Présent : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\searchplugins\delta.xml
Fichier Présent : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\searchplugins\Web Search.xml
Fichier Présent : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\user.js

***** [ Raccourcis ] *****

***** [ Registre ] *****

Clé Présente : HKCU\Software\1ClickDownload
Clé Présente : HKCU\Software\59538ddfbd6dbe43
Clé Présente : HKCU\Software\APN PIP
Clé Présente : HKCU\Software\AppDataLow\Software\Crossrider
Clé Présente : HKCU\Software\BabSolution
Clé Présente : HKCU\Software\BI
Clé Présente : HKCU\Software\DataMngr
Clé Présente : HKCU\Software\DataMngr_Toolbar
Clé Présente : HKCU\Software\Delta
Clé Présente : HKCU\Software\InstallCore
Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Présente : HKCU\Software\PIP
Clé Présente : HKCU\Software\YourFileDownloader
Clé Présente : [x64] HKCU\Software\1ClickDownload
Clé Présente : [x64] HKCU\Software\APN PIP
Clé Présente : [x64] HKCU\Software\BabSolution
Clé Présente : [x64] HKCU\Software\BI
Clé Présente : [x64] HKCU\Software\DataMngr
Clé Présente : [x64] HKCU\Software\DataMngr_Toolbar
Clé Présente : [x64] HKCU\Software\Delta
Clé Présente : [x64] HKCU\Software\InstallCore
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Présente : [x64] HKCU\Software\PIP
Clé Présente : [x64] HKCU\Software\YourFileDownloader
Clé Présente : HKLM\SOFTWARE\59538ddfbd6dbe43
Clé Présente : HKLM\Software\Babylon
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Présente : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Clé Présente : HKLM\SOFTWARE\Classes\Prod.cap
Clé Présente : HKLM\Software\DataMngr
Clé Présente : HKLM\Software\Delta
Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Clé Présente : HKLM\Software\PIP
Clé Présente : HKLM\Software\YourFileDownloader
Clé Présente : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16635

Paramètre Présent : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=2EC60022B06F0F78&affID=122247&tl=10145&tsp=4986

-\\ Mozilla Firefox v23.0.1 (fr)

[ Fichier : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\prefs.js ]

Ligne Trouvée : user_pref("extensions.BabylonToolbar.admin", false);
Ligne Trouvée : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.excTlbr", false);
Ligne Trouvée : user_pref("extensions.BabylonToolbar.ffxUnstlRst", true);
Ligne Trouvée : user_pref("extensions.BabylonToolbar.id", "2ec69ab20000000000000022b06f0f78");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.instlDay", "15752");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.newTab", false);
Ligne Trouvée : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.rvrt", "false");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.tlbrId", "uninst");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=2ec69ab20000000000000022b06f0f78&q=");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.vrsn", "1.8.11.10");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.11.1017:26:58");
Ligne Trouvée : user_pref("extensions.BabylonToolbar.vrsni", "1.8.11.10");
Ligne Trouvée : user_pref("extensions.BabylonToolbar_i.babExt", "");
Ligne Trouvée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=120307&tl=10145");
Ligne Trouvée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Ligne Trouvée : user_pref("extensions.delta.admin", false);
Ligne Trouvée : user_pref("extensions.delta.aflt", "babsst");
Ligne Trouvée : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Ligne Trouvée : user_pref("extensions.delta.autoRvrt", "false");
Ligne Trouvée : user_pref("extensions.delta.dfltLng", "fr");
Ligne Trouvée : user_pref("extensions.delta.excTlbr", false);
Ligne Trouvée : user_pref("extensions.delta.ffxUnstlRst", true);
Ligne Trouvée : user_pref("extensions.delta.id", "2ec69ab20000000000000022b06f0f78");
Ligne Trouvée : user_pref("extensions.delta.instlDay", "15943");
Ligne Trouvée : user_pref("extensions.delta.instlRef", "sst");
Ligne Trouvée : user_pref("extensions.delta.newTab", false);
Ligne Trouvée : user_pref("extensions.delta.prdct", "delta");
Ligne Trouvée : user_pref("extensions.delta.prtnrId", "delta");
Ligne Trouvée : user_pref("extensions.delta.rvrt", "false");
Ligne Trouvée : user_pref("extensions.delta.smplGrp", "none");
Ligne Trouvée : user_pref("extensions.delta.tlbrId", "base");
Ligne Trouvée : user_pref("extensions.delta.tlbrSrchUrl", "");
Ligne Trouvée : user_pref("extensions.delta.vrsn", "1.8.24.6");
Ligne Trouvée : user_pref("extensions.delta.vrsnTs", "1.8.24.621:03:59");
Ligne Trouvée : user_pref("extensions.delta.vrsni", "1.8.24.6");
Ligne Trouvée : user_pref("extensions.delta_i.babExt", "");
Ligne Trouvée : user_pref("extensions.delta_i.babTrack", "affID=122247&tl=10145&tsp=4986");
Ligne Trouvée : user_pref("extensions.delta_i.srcExt", "ss");

-\\ Google Chrome v29.0.1547.57

[ Fichier : C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Trouvée : homepage
Trouvée : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [9455 octets] - [27/08/2013 13:48:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9515 octets] ##########

Réponse 2 / 8

2011N2 Messages postés 13352 Date d'inscription samedi 29 janvier 2011 Statut Contributeur sécurité Dernière intervention 24 décembre 2016 917
27 août 2013 à 13:53

Re,

Passe-le en mode Nettoyer et poste moi le rapport. :)

Gabriel.

Zaelsan
27 août 2013 à 13:57

# AdwCleaner v3.001 - Rapport créé le 27/08/2013 à 13:55:03
# Mis à jour le 24/08/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Pierre - PC-PIERRE
# Exécuté depuis : C:\Users\Pierre\Downloads\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****

[#] Service Supprimé : WebCake Desktop Updater

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\BrowserDefender
Dossier Supprimé : C:\ProgramData\Tarma Installer
Dossier Supprimé : C:\Program Files (x86)\Betcat
Dossier Supprimé : C:\Program Files (x86)\Red Sky
Dossier Supprimé : C:\Program Files (x86)\TornTV.com
Dossier Supprimé : C:\Program Files (x86)\Vittalia
Dossier Supprimé : C:\Program Files (x86)\Web Cake
Dossier Supprimé : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Dossier Supprimé : C:\Users\Pierre\AppData\Local\Bundled software uninstaller
Dossier Supprimé : C:\Users\Pierre\AppData\Local\DownTango
Dossier Supprimé : C:\Users\Pierre\AppData\Local\Smartbar
Dossier Supprimé : C:\Users\Pierre\AppData\Local\Temp\boost_interprocess
Dossier Supprimé : C:\Users\Pierre\AppData\Local\Temp\Smartbar
Dossier Supprimé : C:\Users\Pierre\AppData\Roaming\BabSolution
Dossier Supprimé : C:\Users\Pierre\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\Pierre\AppData\Roaming\Betcat
Dossier Supprimé : C:\Users\Pierre\AppData\Roaming\OpenCandy
Dossier Supprimé : C:\Users\Pierre\AppData\Roaming\Web Cake
Dossier Supprimé : C:\Users\Pierre\AppData\Roaming\yourfiledownloader
Dossier Supprimé : C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Dossier Supprimé : C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Dossier Supprimé : C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Fichier Supprimé : C:\END
Fichier Supprimé : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\searchplugins\Babylon.xml
Fichier Supprimé : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Fichier Supprimé : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\searchplugins\delta.xml
Fichier Supprimé : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\searchplugins\Web Search.xml
Fichier Supprimé : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\\invalidprefs.js
Fichier Supprimé : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\user.js

***** [ Raccourcis ] *****

***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Clé Supprimée : HKCU\Software\59538ddfbd6dbe43
Clé Supprimée : HKLM\SOFTWARE\59538ddfbd6dbe43
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\1ClickDownload
Clé Supprimée : HKCU\Software\APN PIP
Clé Supprimée : HKCU\Software\BabSolution
Clé Supprimée : HKCU\Software\BI
Clé Supprimée : HKCU\Software\DataMngr
[#] Clé Supprimée : HKCU\Software\DataMngr_Toolbar
Clé Supprimée : HKCU\Software\Delta
Clé Supprimée : HKCU\Software\InstallCore
Clé Supprimée : HKCU\Software\PIP
Clé Supprimée : HKCU\Software\YourFileDownloader
Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\Software\Delta
Clé Supprimée : HKLM\Software\PIP
Clé Supprimée : HKLM\Software\YourFileDownloader
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Clé Supprimée : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16635

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v23.0.1 (fr)

[ Fichier : C:\Users\Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\3y43r8g4.default\prefs.js ]

Ligne Supprimée : user_pref("extensions.BabylonToolbar.admin", false);
Ligne Supprimée : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.excTlbr", false);
Ligne Supprimée : user_pref("extensions.BabylonToolbar.ffxUnstlRst", true);
Ligne Supprimée : user_pref("extensions.BabylonToolbar.id", "2ec69ab20000000000000022b06f0f78");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.instlDay", "15752");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.newTab", false);
Ligne Supprimée : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.rvrt", "false");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.tlbrId", "uninst");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=2ec69ab20000000000000022b06f0f78&q=");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.vrsn", "1.8.11.10");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.11.1017:26:58");
Ligne Supprimée : user_pref("extensions.BabylonToolbar.vrsni", "1.8.11.10");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", "");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=120307&tl=10145");
Ligne Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Ligne Supprimée : user_pref("extensions.delta.admin", false);
Ligne Supprimée : user_pref("extensions.delta.aflt", "babsst");
Ligne Supprimée : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Ligne Supprimée : user_pref("extensions.delta.autoRvrt", "false");
Ligne Supprimée : user_pref("extensions.delta.dfltLng", "fr");
Ligne Supprimée : user_pref("extensions.delta.excTlbr", false);
Ligne Supprimée : user_pref("extensions.delta.ffxUnstlRst", true);
Ligne Supprimée : user_pref("extensions.delta.id", "2ec69ab20000000000000022b06f0f78");
Ligne Supprimée : user_pref("extensions.delta.instlDay", "15943");
Ligne Supprimée : user_pref("extensions.delta.instlRef", "sst");
Ligne Supprimée : user_pref("extensions.delta.newTab", false);
Ligne Supprimée : user_pref("extensions.delta.prdct", "delta");
Ligne Supprimée : user_pref("extensions.delta.prtnrId", "delta");
Ligne Supprimée : user_pref("extensions.delta.rvrt", "false");
Ligne Supprimée : user_pref("extensions.delta.smplGrp", "none");
Ligne Supprimée : user_pref("extensions.delta.tlbrId", "base");
Ligne Supprimée : user_pref("extensions.delta.tlbrSrchUrl", "");
Ligne Supprimée : user_pref("extensions.delta.vrsn", "1.8.24.6");
Ligne Supprimée : user_pref("extensions.delta.vrsnTs", "1.8.24.621:03:59");
Ligne Supprimée : user_pref("extensions.delta.vrsni", "1.8.24.6");
Ligne Supprimée : user_pref("extensions.delta_i.babExt", "");
Ligne Supprimée : user_pref("extensions.delta_i.babTrack", "affID=122247&tl=10145&tsp=4986");
Ligne Supprimée : user_pref("extensions.delta_i.srcExt", "ss");

-\\ Google Chrome v29.0.1547.57

[ Fichier : C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Supprimée : homepage
Supprimée : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [9643 octets] - [27/08/2013 13:48:32]
AdwCleaner[S0].txt - [9010 octets] - [27/08/2013 13:55:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9070 octets] ##########

Réponse 3 / 8

2011N2 Messages postés 13352 Date d'inscription samedi 29 janvier 2011 Statut Contributeur sécurité Dernière intervention 24 décembre 2016 917
27 août 2013 à 13:59

Re,

Ok, passe RogueKiller en option Scan (point 1/ du tutoriel) et poste le rapport : http://www.forum-entraide-informatique.com/support/roguekiller-tigzy-tutoriel-t15.html

Gabriel.

Zaelsan
27 août 2013 à 14:04

En tout cas merci BCP de m'aider c'super !

RogueKiller V8.6.6 [Aug 19 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Pierre [Droits d'admin]
Mode : Recherche -- Date : 08/27/2013 14:03:50
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 1 ¤¤¤
[ZeroAccess][SERVICE] ???etadpug -- "C:\Program Files (x86)\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\ \...\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" < [x] -> STOPPÉ

¤¤¤ Entrees de registre : 14 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : 43995LoL Afk Bot V3.5.7.exe (C:\Users\Pierre\AppData\Roaming\43995LoL Afk Bot V3.5.7.exe [x][x]) -> TROUVÉ
[RUN][SUSP PATH] HKCU\[...]\Run : 67900LoL Afk Bot V3.5.7.exe (C:\Users\Pierre\AppData\Roaming\67900LoL Afk Bot V3.5.7.exe [x][x]) -> TROUVÉ
[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\?????????\?????????\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" >) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2936162890-3978823202-1777640088-1000\[...]\Run : 43995LoL Afk Bot V3.5.7.exe (C:\Users\Pierre\AppData\Roaming\43995LoL Afk Bot V3.5.7.exe [x][x]) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2936162890-3978823202-1777640088-1000\[...]\Run : 67900LoL Afk Bot V3.5.7.exe (C:\Users\Pierre\AppData\Roaming\67900LoL Afk Bot V3.5.7.exe [x][x]) -> TROUVÉ
[RUN][ZeroAccess] HKUS\S-1-5-21-2936162890-3978823202-1777640088-1000\[...]\Run : Google Update ("C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\?????????\?????????\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" >) -> TROUVÉ
[SERVICE][ZeroAccess] HKLM\[...]\CCSet\[...]\Services : ???etadpug ("C:\Program Files (x86)\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\ \...\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" < [x]) -> TROUVÉ
[SERVICE][ZeroAccess] HKLM\[...]\CS001\[...]\Services : ???etadpug ("C:\Program Files (x86)\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\ \...\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" < [x]) -> TROUVÉ
[SERVICE][ZeroAccess] HKLM\[...]\CS002\[...]\Services : ???etadpug ("C:\Program Files (x86)\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\ \...\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" < [x]) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HID SVC][Masqué de l'API] HKLM\[...]\CCSet\[...]\Services : . e () -> TROUVÉ
[HID SVC][Masqué de l'API] HKLM\[...]\CS001\[...]\Services : . e () -> TROUVÉ
[HID SVC][Masqué de l'API] HKLM\[...]\CS002\[...]\Services : . e () -> TROUVÉ

¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] {2F06CF84-5DAE-4E0B-9A9F-831FF9B57A83} : C:\Users\Pierre\Nouveau dossier\Desktop\setup.exe [x] -> TROUVÉ
[V2][SUSP PATH] {D3C5F76C-EE27-4350-A489-630A6C46C273} : C:\Users\Pierre\Nouveau dossier\Desktop\Nouveau dossier (2)\The Hitchhiker's Hack 3.3.5.exe [x] -> TROUVÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
[ZeroAccess][Fichier] Desktop.ini : C:\Windows\assembly\GAC_32\Desktop.ini [-] --> TROUVÉ
[ZeroAccess][Fichier] Desktop.ini : C:\Windows\assembly\GAC_64\Desktop.ini [-] --> TROUVÉ
[ZeroAccess][Jonction] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> TROUVÉ
[ZeroAccess][Jonction] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> TROUVÉ
[ZeroAccess][Jonction] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> TROUVÉ
[ZeroAccess][Jonction] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> TROUVÉ
[ZeroAccess][Repertoire] Install : C:\Users\Pierre\AppData\Local\Google\Desktop\Install [-] --> TROUVÉ

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EADX-22TDHB0 +++++
--- User ---
[MBR] ee05bda5dbebd0104fb2552aa65c0835
[BSP] ef51b68efd8f65e36cce6c38e3b4eacd : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 24576 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 50333696 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 50538496 | Size: 467395 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1007763456 | Size: 461796 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_08272013_140350.txt >>

Réponse 4 / 8

2011N2 Messages postés 13352 Date d'inscription samedi 29 janvier 2011 Statut Contributeur sécurité Dernière intervention 24 décembre 2016 917
27 août 2013 à 14:21

Re,

Je t'en prie. :)

Ok tu es infecté par ZeroAccess.

Passe RogueKiller en suppression (point 2/ du tutoriel) et poste moi le rapport.

Gabriel.

Zaelsan
27 août 2013 à 14:45

RogueKiller V8.6.6 [Aug 19 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Pierre [Droits d'admin]
Mode : Suppression -- Date : 08/27/2013 14:43:14
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 1 ¤¤¤
[ZeroAccess][SERVICE] ???etadpug -- "C:\Program Files (x86)\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\ \...\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" < [x] -> STOPPÉ

¤¤¤ Entrees de registre : 14 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : 43995LoL Afk Bot V3.5.7.exe (C:\Users\Pierre\AppData\Roaming\43995LoL Afk Bot V3.5.7.exe [x][x]) -> SUPPRIMÉ
[RUN][SUSP PATH] HKCU\[...]\Run : 67900LoL Afk Bot V3.5.7.exe (C:\Users\Pierre\AppData\Roaming\67900LoL Afk Bot V3.5.7.exe [x][x]) -> SUPPRIMÉ
[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\?????????\?????????\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" >) -> SUPPRIMÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-2936162890-3978823202-1777640088-1000\[...]\Run : 43995LoL Afk Bot V3.5.7.exe (C:\Users\Pierre\AppData\Roaming\43995LoL Afk Bot V3.5.7.exe [x][x]) -> [0x2] Le fichier spécifié est introuvable.
[RUN][SUSP PATH] HKUS\S-1-5-21-2936162890-3978823202-1777640088-1000\[...]\Run : 67900LoL Afk Bot V3.5.7.exe (C:\Users\Pierre\AppData\Roaming\67900LoL Afk Bot V3.5.7.exe [x][x]) -> [0x2] Le fichier spécifié est introuvable.
[RUN][ZeroAccess] HKUS\S-1-5-21-2936162890-3978823202-1777640088-1000\[...]\Run : Google Update ("C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\?????????\?????????\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" >) -> [0xc0000034] Unknown error
[SERVICE][ZeroAccess] HKLM\[...]\CCSet\[...]\Services : ???etadpug ("C:\Program Files (x86)\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\ \...\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" < [x]) -> SUPPRIMÉ
[SERVICE][ZeroAccess] HKLM\[...]\CS001\[...]\Services : ???etadpug ("C:\Program Files (x86)\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\ \...\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" < [x]) -> [0x57] Paramètre incorrect.
[SERVICE][ZeroAccess] HKLM\[...]\CS002\[...]\Services : ???etadpug ("C:\Program Files (x86)\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\ \...\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe" < [x]) -> SUPPRIMÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
[HID SVC][Masqué de l'API] HKLM\[...]\CCSet\[...]\Services : . e () -> [0x3] Le chemin d???accès spécifié est introuvable.
[HID SVC][Masqué de l'API] HKLM\[...]\CS001\[...]\Services : . e () -> [0x3] Le chemin d???accès spécifié est introuvable.
[HID SVC][Masqué de l'API] HKLM\[...]\CS002\[...]\Services : . e () -> [0x3] Le chemin d???accès spécifié est introuvable.

¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] {2F06CF84-5DAE-4E0B-9A9F-831FF9B57A83} : C:\Users\Pierre\Nouveau dossier\Desktop\setup.exe [x] -> SUPPRIMÉ
[V2][SUSP PATH] {D3C5F76C-EE27-4350-A489-630A6C46C273} : C:\Users\Pierre\Nouveau dossier\Desktop\Nouveau dossier (2)\The Hitchhiker's Hack 3.3.5.exe [x] -> SUPPRIMÉ

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
[ZeroAccess][Fichier] Desktop.ini : C:\Windows\assembly\GAC_32\Desktop.ini [-] --> SUPPRIMÉ AU REBOOT
[ZeroAccess][Fichier] Desktop.ini : C:\Windows\assembly\GAC_64\Desktop.ini [-] --> SUPPRIMÉ AU REBOOT
[ZeroAccess][Jonction] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> Jonction SUPPRIMÉ
[ZeroAccess][Jonction] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> Jonction SUPPRIMÉ
[ZeroAccess][Jonction] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> Jonction SUPPRIMÉ
[ZeroAccess][Jonction] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> Jonction SUPPRIMÉ
[ZeroAccess][Repertoire] Install : C:\Users\Pierre\AppData\Local\Google\Desktop\Install [-] --> SUPPRIMÉ
[ZeroAccess][Fichier] @ : C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\?????????\?????????\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\@ [-] --> SUPPRIMÉ
[ZeroAccess][Fichier] GoogleUpdate.exe : C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\?????????\?????????\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\GoogleUpdate.exe [-] --> SUPPRIMÉ
[ZeroAccess][Repertoire] L : C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\?????????\?????????\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\L [-] --> SUPPRIMÉ
[ZeroAccess][Repertoire] U : C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\?????????\?????????\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3}\U [-] --> SUPPRIMÉ
[ZeroAccess][Repertoire] {728cbab3-58be-f08e-547d-9cb0c55012d3} : C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\?????????\?????????\?????\{728cbab3-58be-f08e-547d-9cb0c55012d3} [-] --> SUPPRIMÉ
[ZeroAccess][Repertoire] ????? : C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\?????????\?????????\????? [-] --> SUPPRIMÉ
[ZeroAccess][Repertoire] ????????? : C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\?????????\????????? [-] --> SUPPRIMÉ
[ZeroAccess][Repertoire] ????????? : C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3}\????????? [-] --> SUPPRIMÉ
[ZeroAccess][Repertoire] {728cbab3-58be-f08e-547d-9cb0c55012d3} : C:\Users\Pierre\AppData\Local\Google\Desktop\Install\{728cbab3-58be-f08e-547d-9cb0c55012d3} [-] --> SUPPRIMÉ

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EADX-22TDHB0 +++++
--- User ---
[MBR] ee05bda5dbebd0104fb2552aa65c0835
[BSP] ef51b68efd8f65e36cce6c38e3b4eacd : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 24576 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 50333696 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 50538496 | Size: 467395 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1007763456 | Size: 461796 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_D_08272013_144314.txt >>
RKreport[0]_S_08272013_140350.txt

Réponse 5 / 8

2011N2 Messages postés 13352 Date d'inscription samedi 29 janvier 2011 Statut Contributeur sécurité Dernière intervention 24 décembre 2016 917
27 août 2013 à 15:34

Re,

Bien. :)

Passe TDSSkiller et poste le rapport : http://www.forum-entraide-informatique.com/support/tdsskiller-tutoriel-t12.html

Gabriel.

Zaelsan
27 août 2013 à 16:27

16:26:07.0876 2640 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:26:08.0086 2640 ============================================================
16:26:08.0086 2640 Current date / time: 2013/08/27 16:26:08.0086
16:26:08.0086 2640 SystemInfo:
16:26:08.0086 2640
16:26:08.0086 2640 OS Version: 6.1.7601 ServicePack: 1.0
16:26:08.0086 2640 Product type: Workstation
16:26:08.0086 2640 ComputerName: PC-PIERRE
16:26:08.0086 2640 UserName: Pierre
16:26:08.0086 2640 Windows directory: C:\Windows
16:26:08.0086 2640 System windows directory: C:\Windows
16:26:08.0086 2640 Running under WOW64
16:26:08.0086 2640 Processor architecture: Intel x64
16:26:08.0086 2640 Number of processors: 4
16:26:08.0086 2640 Page size: 0x1000
16:26:08.0086 2640 Boot type: Normal boot
16:26:08.0086 2640 ============================================================
16:26:08.0422 2640 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:26:08.0430 2640 ============================================================
16:26:08.0430 2640 \Device\Harddisk0\DR0:
16:26:08.0430 2640 MBR partitions:
16:26:08.0430 2640 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3000800, BlocksNum 0x32000
16:26:08.0430 2640 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3032800, BlocksNum 0x390E1800
16:26:08.0430 2640 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3C114000, BlocksNum 0x385F2000
16:26:08.0430 2640 ============================================================
16:26:08.0449 2640 C: <-> \Device\Harddisk0\DR0\Partition2
16:26:08.0474 2640 D: <-> \Device\Harddisk0\DR0\Partition3
16:26:08.0474 2640 ============================================================
16:26:08.0474 2640 Initialize success
16:26:08.0474 2640 ============================================================
16:26:11.0287 5784 ============================================================
16:26:11.0287 5784 Scan started
16:26:11.0287 5784 Mode: Manual;
16:26:11.0287 5784 ============================================================
16:26:11.0450 5784 ================ Scan system memory ========================
16:26:11.0450 5784 System memory - ok
16:26:11.0452 5784 ================ Scan services =============================
16:26:11.0619 5784 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:26:11.0622 5784 1394ohci - ok
16:26:11.0627 5784 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:26:11.0630 5784 ACPI - ok
16:26:11.0642 5784 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:26:11.0643 5784 AcpiPmi - ok
16:26:11.0850 5784 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
16:26:11.0851 5784 AdobeActiveFileMonitor9.0 - ok
16:26:11.0932 5784 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:26:11.0933 5784 AdobeARMservice - ok
16:26:12.0059 5784 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:26:12.0060 5784 AdobeFlashPlayerUpdateSvc - ok
16:26:12.0103 5784 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:26:12.0108 5784 adp94xx - ok
16:26:12.0162 5784 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:26:12.0165 5784 adpahci - ok
16:26:12.0178 5784 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:26:12.0180 5784 adpu320 - ok
16:26:12.0205 5784 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:26:12.0206 5784 AeLookupSvc - ok
16:26:12.0243 5784 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:26:12.0248 5784 AFD - ok
16:26:12.0265 5784 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:26:12.0266 5784 agp440 - ok
16:26:12.0281 5784 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:26:12.0282 5784 ALG - ok
16:26:12.0302 5784 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:26:12.0303 5784 aliide - ok
16:26:12.0311 5784 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:26:12.0311 5784 amdide - ok
16:26:12.0322 5784 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:26:12.0323 5784 AmdK8 - ok
16:26:12.0337 5784 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:26:12.0338 5784 AmdPPM - ok
16:26:12.0368 5784 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:26:12.0369 5784 amdsata - ok
16:26:12.0384 5784 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:26:12.0386 5784 amdsbs - ok
16:26:12.0396 5784 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:26:12.0396 5784 amdxata - ok
16:26:12.0414 5784 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:26:12.0415 5784 AppID - ok
16:26:12.0435 5784 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:26:12.0436 5784 AppIDSvc - ok
16:26:12.0496 5784 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
16:26:12.0497 5784 Appinfo - ok
16:26:12.0575 5784 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:26:12.0577 5784 Apple Mobile Device - ok
16:26:12.0588 5784 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:26:12.0590 5784 arc - ok
16:26:12.0608 5784 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:26:12.0614 5784 arcsas - ok
16:26:12.0703 5784 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:26:12.0763 5784 aspnet_state - ok
16:26:12.0776 5784 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:26:12.0777 5784 AsyncMac - ok
16:26:12.0792 5784 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:26:12.0792 5784 atapi - ok
16:26:12.0859 5784 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
16:26:12.0860 5784 atksgt - ok
16:26:12.0893 5784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:26:12.0900 5784 AudioEndpointBuilder - ok
16:26:12.0908 5784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:26:12.0911 5784 AudioSrv - ok
16:26:12.0933 5784 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:26:12.0934 5784 AxInstSV - ok
16:26:12.0963 5784 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:26:12.0967 5784 b06bdrv - ok
16:26:13.0014 5784 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:26:13.0017 5784 b57nd60a - ok
16:26:13.0063 5784 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:26:13.0065 5784 BBSvc - ok
16:26:13.0081 5784 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:26:13.0083 5784 BDESVC - ok
16:26:13.0090 5784 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:26:13.0091 5784 Beep - ok
16:26:13.0122 5784 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:26:13.0128 5784 BFE - ok
16:26:13.0150 5784 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:26:13.0150 5784 blbdrive - ok
16:26:13.0245 5784 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:26:13.0249 5784 Bonjour Service - ok
16:26:13.0281 5784 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:26:13.0282 5784 bowser - ok
16:26:13.0296 5784 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:26:13.0297 5784 BrFiltLo - ok
16:26:13.0310 5784 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:26:13.0310 5784 BrFiltUp - ok
16:26:13.0338 5784 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:26:13.0339 5784 Browser - ok
16:26:13.0357 5784 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:26:13.0360 5784 Brserid - ok
16:26:13.0377 5784 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:26:13.0378 5784 BrSerWdm - ok
16:26:13.0383 5784 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:26:13.0384 5784 BrUsbMdm - ok
16:26:13.0408 5784 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:26:13.0409 5784 BrUsbSer - ok
16:26:13.0420 5784 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:26:13.0421 5784 BTHMODEM - ok
16:26:13.0431 5784 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:26:13.0432 5784 bthserv - ok
16:26:13.0443 5784 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:26:13.0445 5784 cdfs - ok
16:26:13.0468 5784 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:26:13.0469 5784 cdrom - ok
16:26:13.0501 5784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:26:13.0502 5784 CertPropSvc - ok
16:26:13.0518 5784 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:26:13.0519 5784 circlass - ok
16:26:13.0533 5784 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:26:13.0536 5784 CLFS - ok
16:26:13.0585 5784 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:26:13.0586 5784 clr_optimization_v2.0.50727_32 - ok
16:26:13.0614 5784 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:26:13.0615 5784 clr_optimization_v2.0.50727_64 - ok
16:26:13.0685 5784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:26:13.0847 5784 clr_optimization_v4.0.30319_32 - ok
16:26:13.0863 5784 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:26:13.0904 5784 clr_optimization_v4.0.30319_64 - ok
16:26:13.0935 5784 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:26:13.0936 5784 CmBatt - ok
16:26:13.0945 5784 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:26:13.0946 5784 cmdide - ok
16:26:13.0987 5784 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:26:13.0991 5784 CNG - ok
16:26:14.0020 5784 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:26:14.0022 5784 Compbatt - ok
16:26:14.0049 5784 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:26:14.0050 5784 CompositeBus - ok
16:26:14.0056 5784 COMSysApp - ok
16:26:14.0064 5784 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:26:14.0065 5784 crcdisk - ok
16:26:14.0100 5784 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:26:14.0102 5784 CryptSvc - ok
16:26:14.0175 5784 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:26:14.0182 5784 cvhsvc - ok
16:26:14.0209 5784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:26:14.0214 5784 DcomLaunch - ok
16:26:14.0242 5784 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:26:14.0245 5784 defragsvc - ok
16:26:14.0254 5784 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:26:14.0256 5784 DfsC - ok
16:26:14.0289 5784 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:26:14.0292 5784 Dhcp - ok
16:26:14.0306 5784 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:26:14.0307 5784 discache - ok
16:26:14.0322 5784 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:26:14.0323 5784 Disk - ok
16:26:14.0352 5784 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:26:14.0354 5784 Dnscache - ok
16:26:14.0365 5784 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:26:14.0369 5784 dot3svc - ok
16:26:14.0384 5784 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:26:14.0386 5784 DPS - ok
16:26:14.0415 5784 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:26:14.0416 5784 drmkaud - ok
16:26:14.0445 5784 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:26:14.0447 5784 dtsoftbus01 - ok
16:26:14.0493 5784 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:26:14.0498 5784 DXGKrnl - ok
16:26:14.0532 5784 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
16:26:14.0534 5784 e1cexpress - ok
16:26:14.0561 5784 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:26:14.0562 5784 EapHost - ok
16:26:14.0624 5784 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:26:14.0682 5784 ebdrv - ok
16:26:14.0717 5784 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:26:14.0718 5784 EFS - ok
16:26:14.0763 5784 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:26:14.0769 5784 ehRecvr - ok
16:26:14.0793 5784 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:26:14.0795 5784 ehSched - ok
16:26:14.0820 5784 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:26:14.0825 5784 elxstor - ok
16:26:14.0839 5784 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:26:14.0840 5784 ErrDev - ok
16:26:14.0878 5784 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:26:14.0881 5784 EventSystem - ok
16:26:14.0916 5784 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:26:14.0918 5784 exfat - ok
16:26:14.0937 5784 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:26:14.0939 5784 fastfat - ok
16:26:14.0970 5784 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:26:14.0977 5784 Fax - ok
16:26:14.0997 5784 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:26:14.0997 5784 fdc - ok
16:26:15.0008 5784 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:26:15.0008 5784 fdPHost - ok
16:26:15.0018 5784 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:26:15.0019 5784 FDResPub - ok
16:26:15.0033 5784 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:26:15.0034 5784 FileInfo - ok
16:26:15.0050 5784 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:26:15.0051 5784 Filetrace - ok
16:26:15.0066 5784 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:26:15.0067 5784 flpydisk - ok
16:26:15.0082 5784 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:26:15.0084 5784 FltMgr - ok
16:26:15.0117 5784 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
16:26:15.0128 5784 FontCache - ok
16:26:15.0188 5784 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:26:15.0189 5784 FontCache3.0.0.0 - ok
16:26:15.0207 5784 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:26:15.0208 5784 FsDepends - ok
16:26:15.0221 5784 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:26:15.0221 5784 Fs_Rec - ok
16:26:15.0266 5784 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:26:15.0268 5784 fvevol - ok
16:26:15.0311 5784 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:26:15.0312 5784 gagp30kx - ok
16:26:15.0359 5784 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:26:15.0362 5784 GamesAppService - ok
16:26:15.0402 5784 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:26:15.0402 5784 GEARAspiWDM - ok
16:26:15.0433 5784 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:26:15.0440 5784 gpsvc - ok
16:26:15.0486 5784 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
16:26:15.0486 5784 GREGService - ok
16:26:15.0522 5784 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:26:15.0523 5784 gupdate - ok
16:26:15.0533 5784 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:26:15.0534 5784 gupdatem - ok
16:26:15.0567 5784 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
16:26:15.0568 5784 hamachi - ok
16:26:15.0577 5784 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:26:15.0578 5784 hcw85cir - ok
16:26:15.0602 5784 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:26:15.0605 5784 HdAudAddService - ok
16:26:15.0639 5784 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:26:15.0640 5784 HDAudBus - ok
16:26:15.0659 5784 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:26:15.0660 5784 HidBatt - ok
16:26:15.0677 5784 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:26:15.0678 5784 HidBth - ok
16:26:15.0688 5784 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:26:15.0689 5784 HidIr - ok
16:26:15.0702 5784 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:26:15.0704 5784 hidserv - ok
16:26:15.0741 5784 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:26:15.0742 5784 HidUsb - ok
16:26:15.0756 5784 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:26:15.0757 5784 hkmsvc - ok
16:26:15.0775 5784 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:26:15.0778 5784 HomeGroupListener - ok
16:26:15.0798 5784 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:26:15.0800 5784 HomeGroupProvider - ok
16:26:15.0813 5784 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:26:15.0814 5784 HpSAMD - ok
16:26:15.0840 5784 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:26:15.0847 5784 HTTP - ok
16:26:15.0874 5784 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:26:15.0874 5784 hwpolicy - ok
16:26:15.0891 5784 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:26:15.0893 5784 i8042prt - ok
16:26:15.0911 5784 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\drivers\iaStor.sys
16:26:15.0913 5784 iaStor - ok
16:26:15.0960 5784 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:26:15.0960 5784 IAStorDataMgrSvc - ok
16:26:15.0977 5784 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:26:15.0981 5784 iaStorV - ok
16:26:16.0038 5784 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:26:16.0046 5784 idsvc - ok
16:26:16.0077 5784 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:26:16.0078 5784 iirsp - ok
16:26:16.0106 5784 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:26:16.0113 5784 IKEEXT - ok
16:26:16.0210 5784 [ 82D0C8C47F6A52B695F405661D1DF50E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:26:16.0221 5784 IntcAzAudAddService - ok
16:26:16.0238 5784 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:26:16.0239 5784 intelide - ok
16:26:16.0249 5784 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:26:16.0250 5784 intelppm - ok
16:26:16.0264 5784 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:26:16.0266 5784 IPBusEnum - ok
16:26:16.0281 5784 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:26:16.0282 5784 IpFilterDriver - ok
16:26:16.0323 5784 [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
16:26:16.0328 5784 IpHlpSvc - ok
16:26:16.0359 5784 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:26:16.0360 5784 IPMIDRV - ok
16:26:16.0378 5784 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:26:16.0379 5784 IPNAT - ok
16:26:16.0430 5784 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:26:16.0439 5784 iPod Service - ok
16:26:16.0474 5784 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:26:16.0474 5784 IRENUM - ok
16:26:16.0492 5784 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:26:16.0493 5784 isapnp - ok
16:26:16.0506 5784 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:26:16.0509 5784 iScsiPrt - ok
16:26:16.0535 5784 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:26:16.0536 5784 kbdclass - ok
16:26:16.0550 5784 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:26:16.0551 5784 kbdhid - ok
16:26:16.0572 5784 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:26:16.0573 5784 KeyIso - ok
16:26:16.0594 5784 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:26:16.0595 5784 KSecDD - ok
16:26:16.0607 5784 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:26:16.0608 5784 KSecPkg - ok
16:26:16.0623 5784 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:26:16.0624 5784 ksthunk - ok
16:26:16.0650 5784 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:26:16.0654 5784 KtmRm - ok
16:26:16.0695 5784 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:26:16.0698 5784 LanmanServer - ok
16:26:16.0734 5784 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:26:16.0736 5784 LanmanWorkstation - ok
16:26:16.0801 5784 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
16:26:16.0802 5784 lirsgt - ok
16:26:16.0837 5784 [ 6BCEE9C766815BFFF89DE7D81AF34CE1 ] Live Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
16:26:16.0838 5784 Live Updater Service - ok
16:26:16.0848 5784 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:26:16.0849 5784 lltdio - ok
16:26:16.0870 5784 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:26:16.0873 5784 lltdsvc - ok
16:26:16.0883 5784 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:26:16.0884 5784 lmhosts - ok
16:26:16.0933 5784 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:26:16.0934 5784 LMS - ok
16:26:16.0970 5784 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:26:16.0972 5784 LSI_FC - ok
16:26:16.0983 5784 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:26:16.0985 5784 LSI_SAS - ok
16:26:16.0996 5784 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:26:16.0997 5784 LSI_SAS2 - ok
16:26:17.0016 5784 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:26:17.0018 5784 LSI_SCSI - ok
16:26:17.0035 5784 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:26:17.0036 5784 luafv - ok
16:26:17.0070 5784 [ 07389F6925E490D2DB7882110E99921C ] lvpepf64 C:\Windows\system32\DRIVERS\lv302a64.sys
16:26:17.0071 5784 lvpepf64 - ok
16:26:17.0093 5784 [ 7F0BA3A6E8996F15693C6B7D81DA049E ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
16:26:17.0101 5784 LVRS64 - ok
16:26:17.0125 5784 [ 5C3FF68267A5D242EE79EE01B993D6CE ] LVUSBS64 C:\Windows\system32\DRIVERS\LVUSBS64.sys
16:26:17.0125 5784 LVUSBS64 - ok
16:26:17.0175 5784 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
16:26:17.0177 5784 McComponentHostService - ok
16:26:17.0196 5784 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:26:17.0198 5784 Mcx2Svc - ok
16:26:17.0213 5784 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:26:17.0214 5784 megasas - ok
16:26:17.0244 5784 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:26:17.0247 5784 MegaSR - ok
16:26:17.0284 5784 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:26:17.0285 5784 MEIx64 - ok
16:26:17.0299 5784 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:26:17.0301 5784 MMCSS - ok
16:26:17.0312 5784 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:26:17.0313 5784 Modem - ok
16:26:17.0343 5784 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:26:17.0343 5784 monitor - ok
16:26:17.0364 5784 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:26:17.0365 5784 mouclass - ok
16:26:17.0387 5784 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
16:26:17.0388 5784 mouhid - ok
16:26:17.0409 5784 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:26:17.0410 5784 mountmgr - ok
16:26:17.0443 5784 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:26:17.0444 5784 MozillaMaintenance - ok
16:26:17.0464 5784 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:26:17.0466 5784 mpio - ok
16:26:17.0485 5784 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:26:17.0486 5784 mpsdrv - ok
16:26:17.0505 5784 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:26:17.0513 5784 MpsSvc - ok
16:26:17.0537 5784 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:26:17.0539 5784 MRxDAV - ok
16:26:17.0576 5784 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:26:17.0577 5784 mrxsmb - ok
16:26:17.0596 5784 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:26:17.0599 5784 mrxsmb10 - ok
16:26:17.0642 5784 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:26:17.0644 5784 mrxsmb20 - ok
16:26:17.0660 5784 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:26:17.0661 5784 msahci - ok
16:26:17.0680 5784 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:26:17.0682 5784 msdsm - ok
16:26:17.0692 5784 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:26:17.0695 5784 MSDTC - ok
16:26:17.0716 5784 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:26:17.0717 5784 Msfs - ok
16:26:17.0723 5784 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:26:17.0724 5784 mshidkmdf - ok
16:26:17.0729 5784 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:26:17.0729 5784 msisadrv - ok
16:26:17.0759 5784 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:26:17.0761 5784 MSiSCSI - ok
16:26:17.0764 5784 msiserver - ok
16:26:17.0788 5784 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:26:17.0789 5784 MSKSSRV - ok
16:26:17.0803 5784 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:26:17.0803 5784 MSPCLOCK - ok
16:26:17.0813 5784 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:26:17.0814 5784 MSPQM - ok
16:26:17.0830 5784 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:26:17.0833 5784 MsRPC - ok
16:26:17.0848 5784 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:26:17.0848 5784 mssmbios - ok
16:26:17.0866 5784 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:26:17.0867 5784 MSTEE - ok
16:26:17.0886 5784 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:26:17.0886 5784 MTConfig - ok
16:26:17.0902 5784 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:26:17.0902 5784 Mup - ok
16:26:17.0940 5784 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:26:17.0946 5784 napagent - ok
16:26:17.0967 5784 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:26:17.0970 5784 NativeWifiP - ok
16:26:18.0034 5784 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
16:26:18.0038 5784 NAUpdate - ok
16:26:18.0077 5784 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:26:18.0085 5784 NDIS - ok
16:26:18.0107 5784 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:26:18.0108 5784 NdisCap - ok
16:26:18.0121 5784 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:26:18.0122 5784 NdisTapi - ok
16:26:18.0141 5784 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:26:18.0142 5784 Ndisuio - ok
16:26:18.0151 5784 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:26:18.0153 5784 NdisWan - ok
16:26:18.0159 5784 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:26:18.0160 5784 NDProxy - ok
16:26:18.0171 5784 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:26:18.0172 5784 NetBIOS - ok
16:26:18.0189 5784 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:26:18.0191 5784 NetBT - ok
16:26:18.0205 5784 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:26:18.0206 5784 Netlogon - ok
16:26:18.0244 5784 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:26:18.0248 5784 Netman - ok
16:26:18.0288 5784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:26:18.0290 5784 NetMsmqActivator - ok
16:26:18.0293 5784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:26:18.0293 5784 NetPipeActivator - ok
16:26:18.0315 5784 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:26:18.0320 5784 netprofm - ok
16:26:18.0376 5784 [ 5EB01F698C4E2C11598934D4540047CA ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
16:26:18.0382 5784 netr28ux - ok
16:26:18.0390 5784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:26:18.0391 5784 NetTcpActivator - ok
16:26:18.0394 5784 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:26:18.0395 5784 NetTcpPortSharing - ok
16:26:18.0415 5784 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:26:18.0416 5784 nfrd960 - ok
16:26:18.0449 5784 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:26:18.0452 5784 NlaSvc - ok
16:26:18.0461 5784 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:26:18.0462 5784 Npfs - ok
16:26:18.0484 5784 npggsvc - ok
16:26:18.0500 5784 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:26:18.0501 5784 nsi - ok
16:26:18.0510 5784 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:26:18.0511 5784 nsiproxy - ok
16:26:18.0571 5784 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:26:18.0592 5784 Ntfs - ok
16:26:18.0607 5784 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:26:18.0608 5784 Null - ok
16:26:18.0645 5784 [ 857FB74754EBFF94EE3AD40788740916 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:26:18.0646 5784 NVHDA - ok
16:26:18.0857 5784 [ 3DE9FD84938CCD3960FF52AE9B5F305F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:26:18.0921 5784 nvlddmkm - ok
16:26:18.0960 5784 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:26:18.0961 5784 nvraid - ok
16:26:18.0968 5784 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:26:18.0970 5784 nvstor - ok
16:26:19.0022 5784 [ E883D0375AF4A807F5B4490688AD1038 ] NVSvc C:\Windows\system32\nvvsvc.exe
16:26:19.0031 5784 NVSvc - ok
16:26:19.0079 5784 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:26:19.0082 5784 nv_agp - ok
16:26:19.0092 5784 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:26:19.0094 5784 ohci1394 - ok
16:26:19.0139 5784 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:26:19.0141 5784 ose - ok
16:26:19.0254 5784 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:26:19.0338 5784 osppsvc - ok
16:26:19.0374 5784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:26:19.0378 5784 p2pimsvc - ok
16:26:19.0394 5784 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:26:19.0399 5784 p2psvc - ok
16:26:19.0438 5784 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:26:19.0440 5784 Parport - ok
16:26:19.0472 5784 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:26:19.0472 5784 partmgr - ok
16:26:19.0481 5784 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:26:19.0484 5784 PcaSvc - ok
16:26:19.0491 5784 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:26:19.0493 5784 pci - ok
16:26:19.0507 5784 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:26:19.0508 5784 pciide - ok
16:26:19.0521 5784 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:26:19.0523 5784 pcmcia - ok
16:26:19.0542 5784 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:26:19.0543 5784 pcw - ok
16:26:19.0579 5784 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:26:19.0585 5784 PEAUTH - ok
16:26:19.0697 5784 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:26:19.0698 5784 PerfHost - ok
16:26:19.0782 5784 [ 087A343DFC337F37723DD7912DE6B6CD ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V64.SYS
16:26:19.0828 5784 PID_PEPI - ok
16:26:19.0883 5784 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:26:19.0896 5784 pla - ok
16:26:19.0950 5784 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:26:19.0954 5784 PlugPlay - ok
16:26:20.0005 5784 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:26:20.0006 5784 PNRPAutoReg - ok
16:26:20.0011 5784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:26:20.0013 5784 PNRPsvc - ok
16:26:20.0036 5784 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:26:20.0041 5784 PolicyAgent - ok
16:26:20.0092 5784 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:26:20.0094 5784 Power - ok
16:26:20.0117 5784 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:26:20.0118 5784 PptpMiniport - ok
16:26:20.0130 5784 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:26:20.0131 5784 Processor - ok
16:26:20.0158 5784 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:26:20.0161 5784 ProfSvc - ok
16:26:20.0172 5784 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:26:20.0173 5784 ProtectedStorage - ok
16:26:20.0182 5784 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:26:20.0183 5784 Psched - ok
16:26:20.0219 5784 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:26:20.0220 5784 PxHlpa64 - ok
16:26:20.0256 5784 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:26:20.0272 5784 ql2300 - ok
16:26:20.0295 5784 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:26:20.0297 5784 ql40xx - ok
16:26:20.0322 5784 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:26:20.0326 5784 QWAVE - ok
16:26:20.0339 5784 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:26:20.0340 5784 QWAVEdrv - ok
16:26:20.0385 5784 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
16:26:20.0387 5784 RapiMgr - ok
16:26:20.0399 5784 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:26:20.0400 5784 RasAcd - ok
16:26:20.0415 5784 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:26:20.0416 5784 RasAgileVpn - ok
16:26:20.0428 5784 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:26:20.0430 5784 RasAuto - ok
16:26:20.0434 5784 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:26:20.0435 5784 Rasl2tp - ok
16:26:20.0447 5784 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:26:20.0451 5784 RasMan - ok
16:26:20.0465 5784 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:26:20.0466 5784 RasPppoe - ok
16:26:20.0480 5784 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:26:20.0482 5784 RasSstp - ok
16:26:20.0501 5784 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:26:20.0504 5784 rdbss - ok
16:26:20.0539 5784 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:26:20.0540 5784 rdpbus - ok
16:26:20.0555 5784 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:26:20.0556 5784 RDPCDD - ok
16:26:20.0581 5784 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:26:20.0582 5784 RDPENCDD - ok
16:26:20.0588 5784 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:26:20.0589 5784 RDPREFMP - ok
16:26:20.0629 5784 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:26:20.0632 5784 RDPWD - ok
16:26:20.0648 5784 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:26:20.0650 5784 rdyboost - ok
16:26:20.0672 5784 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:26:20.0673 5784 RemoteAccess - ok
16:26:20.0686 5784 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:26:20.0688 5784 RemoteRegistry - ok
16:26:20.0699 5784 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:26:20.0701 5784 RpcEptMapper - ok
16:26:20.0726 5784 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:26:20.0727 5784 RpcLocator - ok
16:26:20.0741 5784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:26:20.0745 5784 RpcSs - ok
16:26:20.0749 5784 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:26:20.0750 5784 rspndr - ok
16:26:20.0761 5784 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:26:20.0762 5784 SamSs - ok
16:26:20.0845 5784 [ CCBF62280DAF6D94A4C73E391CDAC68C ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
16:26:20.0847 5784 SbieDrv - ok
16:26:20.0878 5784 [ 8A1F63C6EC01C56C9EC4C681E593FE34 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
16:26:20.0880 5784 SbieSvc - ok
16:26:20.0899 5784 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:26:20.0900 5784 sbp2port - ok
16:26:20.0913 5784 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:26:20.0916 5784 SCardSvr - ok
16:26:20.0927 5784 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:26:20.0928 5784 scfilter - ok
16:26:20.0956 5784 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:26:20.0968 5784 Schedule - ok
16:26:21.0012 5784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:26:21.0012 5784 SCPolicySvc - ok
16:26:21.0030 5784 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:26:21.0034 5784 SDRSVC - ok
16:26:21.0087 5784 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:26:21.0089 5784 SeaPort - ok
16:26:21.0095 5784 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:26:21.0096 5784 secdrv - ok
16:26:21.0103 5784 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:26:21.0105 5784 seclogon - ok
16:26:21.0116 5784 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:26:21.0119 5784 SENS - ok
16:26:21.0133 5784 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:26:21.0135 5784 SensrSvc - ok
16:26:21.0145 5784 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
16:26:21.0145 5784 Serenum - ok
16:26:21.0165 5784 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
16:26:21.0166 5784 Serial - ok
16:26:21.0182 5784 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:26:21.0184 5784 sermouse - ok
16:26:21.0203 5784 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:26:21.0205 5784 SessionEnv - ok
16:26:21.0214 5784 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:26:21.0215 5784 sffdisk - ok
16:26:21.0223 5784 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:26:21.0224 5784 sffp_mmc - ok
16:26:21.0233 5784 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:26:21.0234 5784 sffp_sd - ok
16:26:21.0246 5784 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:26:21.0246 5784 sfloppy - ok
16:26:21.0287 5784 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
16:26:21.0290 5784 Sftfs - ok
16:26:21.0352 5784 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:26:21.0356 5784 sftlist - ok
16:26:21.0389 5784 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:26:21.0390 5784 Sftplay - ok
16:26:21.0399 5784 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:26:21.0400 5784 Sftredir - ok
16:26:21.0410 5784 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
16:26:21.0411 5784 Sftvol - ok
16:26:21.0428 5784 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:26:21.0430 5784 sftvsa - ok
16:26:21.0454 5784 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:26:21.0459 5784 SharedAccess - ok
16:26:21.0497 5784 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:26:21.0501 5784 ShellHWDetection - ok
16:26:21.0526 5784 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:26:21.0527 5784 SiSRaid2 - ok
16:26:21.0540 5784 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:26:21.0541 5784 SiSRaid4 - ok
16:26:21.0609 5784 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:26:21.0611 5784 SkypeUpdate - ok
16:26:21.0634 5784 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:26:21.0636 5784 Smb - ok
16:26:21.0666 5784 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:26:21.0668 5784 SNMPTRAP - ok
16:26:21.0673 5784 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:26:21.0673 5784 spldr - ok
16:26:21.0710 5784 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:26:21.0716 5784 Spooler - ok
16:26:21.0793 5784 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:26:21.0815 5784 sppsvc - ok
16:26:21.0836 5784 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:26:21.0838 5784 sppuinotify - ok
16:26:21.0873 5784 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:26:21.0878 5784 srv - ok
16:26:21.0901 5784 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:26:21.0905 5784 srv2 - ok
16:26:21.0948 5784 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:26:21.0950 5784 srvnet - ok
16:26:21.0968 5784 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:26:21.0971 5784 SSDPSRV - ok
16:26:21.0981 5784 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:26:21.0983 5784 SstpSvc - ok
16:26:22.0048 5784 [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:26:22.0054 5784 Steam Client Service - ok
16:26:22.0105 5784 [ A044EABF8CA01BA0B37701F3EDE6CCB0 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:26:22.0108 5784 Stereo Service - ok
16:26:22.0126 5784 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:26:22.0127 5784 stexstor - ok
16:26:22.0173 5784 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:26:22.0179 5784 stisvc - ok
16:26:22.0214 5784 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:26:22.0215 5784 swenum - ok
16:26:22.0238 5784 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:26:22.0245 5784 swprv - ok
16:26:22.0310 5784 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:26:22.0339 5784 SysMain - ok
16:26:22.0349 5784 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:26:22.0351 5784 TabletInputService - ok
16:26:22.0367 5784 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:26:22.0371 5784 TapiSrv - ok
16:26:22.0386 5784 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:26:22.0387 5784 TBS - ok
16:26:22.0446 5784 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:26:22.0474 5784 Tcpip - ok
16:26:22.0516 5784 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:26:22.0528 5784 TCPIP6 - ok
16:26:22.0554 5784 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:26:22.0554 5784 tcpipreg - ok
16:26:22.0572 5784 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:26:22.0573 5784 TDPIPE - ok
16:26:22.0591 5784 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:26:22.0592 5784 TDTCP - ok
16:26:22.0608 5784 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:26:22.0609 5784 tdx - ok
16:26:22.0731 5784 [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
16:26:22.0776 5784 TeamViewer7 - ok
16:26:22.0794 5784 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:26:22.0795 5784 TermDD - ok
16:26:22.0815 5784 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:26:22.0822 5784 TermService - ok
16:26:22.0853 5784 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:26:22.0855 5784 Themes - ok
16:26:22.0877 5784 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:26:22.0878 5784 THREADORDER - ok
16:26:22.0885 5784 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:26:22.0887 5784 TrkWks - ok
16:26:22.0922 5784 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:26:22.0924 5784 TrustedInstaller - ok
16:26:22.0931 5784 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:26:22.0932 5784 tssecsrv - ok
16:26:22.0939 5784 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:26:22.0941 5784 TsUsbFlt - ok
16:26:22.0950 5784 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:26:22.0950 5784 TsUsbGD - ok
16:26:22.0960 5784 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:26:22.0961 5784 tunnel - ok
16:26:22.0970 5784 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:26:22.0971 5784 uagp35 - ok
16:26:22.0983 5784 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:26:22.0986 5784 udfs - ok
16:26:22.0997 5784 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:26:22.0999 5784 UI0Detect - ok
16:26:23.0018 5784 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:26:23.0019 5784 uliagpkx - ok
16:26:23.0039 5784 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:26:23.0040 5784 umbus - ok
16:26:23.0048 5784 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:26:23.0049 5784 UmPass - ok
16:26:23.0136 5784 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:26:23.0181 5784 UNS - ok
16:26:23.0229 5784 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:26:23.0233 5784 upnphost - ok
16:26:23.0272 5784 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:26:23.0273 5784 USBAAPL64 - ok
16:26:23.0301 5784 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:26:23.0302 5784 usbaudio - ok
16:26:23.0316 5784 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:26:23.0318 5784 usbccgp - ok
16:26:23.0321 5784 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:26:23.0322 5784 usbcir - ok
16:26:23.0340 5784 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:26:23.0341 5784 usbehci - ok
16:26:23.0354 5784 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:26:23.0358 5784 usbhub - ok
16:26:23.0380 5784 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:26:23.0380 5784 usbohci - ok
16:26:23.0402 5784 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:26:23.0402 5784 usbprint - ok
16:26:23.0436 5784 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:26:23.0437 5784 USBSTOR - ok
16:26:23.0448 5784 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:26:23.0449 5784 usbuhci - ok
16:26:23.0484 5784 [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
16:26:23.0484 5784 usb_rndisx - ok
16:26:23.0493 5784 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:26:23.0495 5784 UxSms - ok
16:26:23.0505 5784 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:26:23.0506 5784 VaultSvc - ok
16:26:23.0514 5784 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:26:23.0515 5784 vdrvroot - ok
16:26:23.0534 5784 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:26:23.0539 5784 vds - ok
16:26:23.0554 5784 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:26:23.0555 5784 vga - ok
16:26:23.0572 5784 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:26:23.0573 5784 VgaSave - ok
16:26:23.0577 5784 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:26:23.0580 5784 vhdmp - ok
16:26:23.0598 5784 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:26:23.0598 5784 viaide - ok
16:26:23.0614 5784 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:26:23.0615 5784 volmgr - ok
16:26:23.0636 5784 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:26:23.0640 5784 volmgrx - ok
16:26:23.0657 5784 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:26:23.0660 5784 volsnap - ok
16:26:23.0690 5784 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:26:23.0692 5784 vsmraid - ok
16:26:23.0728 5784 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:26:23.0749 5784 VSS - ok
16:26:23.0759 5784 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus

Réponse 6 / 8

2011N2 Messages postés 13352 Date d'inscription samedi 29 janvier 2011 Statut Contributeur sécurité Dernière intervention 24 décembre 2016 917
27 août 2013 à 16:32

Re,

Désolé le rapport n'est pas complet, peux-tu l'héberger comme ceci ? http://www.forum-entraide-informatique.com/support/cjoint-com-tutoriel-t2939.html

Merci,

Gabriel.

Zaelsan
27 août 2013 à 16:40

Merci de ta patience :p
http://cjoint.com/?3HBqOgcWqST

Réponse 7 / 8

2011N2 Messages postés 13352 Date d'inscription samedi 29 janvier 2011 Statut Contributeur sécurité Dernière intervention 24 décembre 2016 917
27 août 2013 à 16:42

Re,

Pas de problème.
Tu as toujours des redirections ?

Fais un diagnostic de ton PC avec ZHPDiag comme ceci et poste le rapport précédemment hébergé sur cjoint : http://www.forum-entraide-informatique.com/support/zhpdiag-tutoriel-t4831.html

Gabriel.

Zaelsan
27 août 2013 à 17:17

Ca me semble bon , merci bcp en tout cas !
Chercher ce genre de solution sur internet n'est pas des plus simples !

Réponse 8 / 8

2011N2 Messages postés 13352 Date d'inscription samedi 29 janvier 2011 Statut Contributeur sécurité Dernière intervention 24 décembre 2016 917
27 août 2013 à 17:27

Re,

Oui ok mais attends, reste, on va continuer la désinfection au risque que tes problèmes ne réapparaissent.
Fais le ZHPDiag comme demandé.

Gabriel.

Virus pub redirections Google

8 réponses

Discussions similaires

Newsletters