Erreur "8024200D" Windows Update, aucune aide de Windows.

Résolu
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention   -  
 Utilisateur anonyme -
Bonjour,

J'ai toujours essayé de mettre l'ordinateur à jour, mais Windows Update dit exactement la même erreur à toutes les mises à jour "importantes" (bien que l'une des mises à jour ne fait que 365Ko).
L'aide en ligne/Hors-ligne a pas cette erreur dans leur manuel...
Bref, j'ai pas une license légale pour rien non? Aidez-moi S.V.P :(
Bizarre sur un PC pas à première vue infecté!

(J'ai également eu y'a longtemps %appdata%\Roaming\.#,
j'ai pas supprimé le dossier pour pas faire crash le PC,
Alors j'ai supprimé deux fichiers dedans "trojan" par VirusTotal,
puis renommé l'extension .### du troisème fichier en .###2,
les mises à jour ne marchaient même pas avant ce problème-là)


A voir également:

29 réponses

  • 1
  • 2
Réponse 1 / 29
Utilisateur anonyme
 
bonjour,

* [*] Télécharger et enregistre RogueKiller sur le bureau
https://www.luanagames.com/index.fr.html (by tigzy)
[*] Quitter tous les programmes
[*] Lancer RogueKiller.exe.
[*] Attendre que le Prescan ait fini ...
[*] Cliquer sur Scan. Cliquer sur Rapport et copier coller le contenu du notepad

Note : Si RogueKiller ne se lance pas, change son nom en Winlogon.

Tuto :
http://tigzyrk.blogspot.fr/2012/10/fr-roguekiller-tutoriel-officiel.html

1
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Bonjour Electricien :),

RogueKiller a trouvé deux trucs :

RogueKiller V8.6.9 _x64_ [Sep 3 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : michel [Droits d'admin]
Mode : Recherche -- Date : 09/08/2013 12:08:20
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 2 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> TROUVÉ

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost
::1 localhost


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] 69e3026a2af74c9415515a50b65e162b
[BSP] 2573bb3532b9a518352f1ea1bf0d2f27 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 12291 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25173855 | Size: 101 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25382700 | Size: 464545 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_09082013_120820.txt >>




Le DisableTaskMgr est à 0, alors si je le supprime, ça risque de faire crash le PC?
0
Réponse 2 / 29
Utilisateur anonyme
 
je ne vois rien d'anormal et visible sur ton rapport !


ce dossier en question date de 07/2013 !

O43 - CFD: 21/07/2013 - 18:47:11 - [0,002] -S--D C:\Users\michel\AppData\Roaming\.#


je pense que tes soucis date de mois de septembre !
1
Réponse 3 / 29
Utilisateur anonyme
 
vérifie que tu as un point de restauration système valide au cas ou !

sinon, crée en un avant de lancer la suppression !



clique sur supprimer pour voir ce qu'il dit !


poste son rapport



0
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Re-bonjour, voici :

RogueKiller V8.6.9 _x64_ [Sep 3 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : michel [Droits d'admin]
Mode : Suppression -- Date : 09/08/2013 13:56:46
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 2 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> SUPPRIMÉ
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> SUPPRIMÉ

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost
::1 localhost


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] 69e3026a2af74c9415515a50b65e162b
[BSP] 2573bb3532b9a518352f1ea1bf0d2f27 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 12291 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25173855 | Size: 101 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25382700 | Size: 464545 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_D_09082013_135646.txt >>
RKreport[0]_S_09082013_120820.txt;RKreport[0]_S_09082013_135556.txt
0
Réponse 4 / 29
Utilisateur anonyme
 
garde Roguekiller ouvert :

[*] Cliquer sur Racc. RAZ. Cliquer sur Rapport et copier coller le contenu du notepad
0
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Re-bonjour,

C'est quoi, Racc RAZ? ça va supprimer tous mes raccourcis? :S

Merci de ta réponse :)

Je l'ai fait, voici :

RogueKiller V8.6.9 _x64_ [Sep 3 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : michel [Droits d'admin]
Mode : Raccourcis RAZ -- Date : 09/08/2013 14:44:53
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Attributs de fichiers restaures: ¤¤¤
Bureau: Success 0 / Fail 0
Lancement rapide: Success 0 / Fail 0
Programmes: Success 0 / Fail 0
Menu demarrer: Success 0 / Fail 0
Dossier utilisateur: Success 7 / Fail 0
Mes documents: Success 2 / Fail 2
Mes favoris: Success 0 / Fail 0
Mes images: Success 0 / Fail 0
Ma musique: Success 0 / Fail 0
Mes videos: Success 0 / Fail 0
Disques locaux: Success 1 / Fail 0
Sauvegarde: [NOT FOUND]

Lecteurs:
[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped
[E:] \Device\CdRom1 -- 0x5 --> Skipped

¤¤¤ Infection : ¤¤¤

Termine : << RKreport[0]_SC_09082013_144453.txt >>
RKreport[0]_D_09082013_135646.txt;RKreport[0]_S_09082013_120820.txt;RKreport[0]_S_09082013_135556.txt
RKreport[0]_S_09082013_143834.txt



Sinon, y'a ça : Il m'a caché le autorun.inf de UsbFix! :(
0
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Le deuxième rapport :

--- Sauvegarde : No backup found ---
--- Bureau ---
[UNHIDDEN][FOLDER] C:\Users\michel\Desktop\NBTExplorer
--- Bureau ---
[UNHIDDEN][FOLDER] C:\Users\Public\Desktop
--- Lancement rapide ---
--- Programmes ---
[UNHIDDEN][FOLDER] C:\Program Files\Uninstall Information
--- Programmes ---
[UNHIDDEN][FOLDER] C:\Program Files (x86)\InstallShield Installation Information
[UNHIDDEN][FOLDER] C:\Program Files (x86)\Uninstall Information
--- Menu demarrer ---
--- Mes documents ---
--- Mes documents ---
[UNHIDDEN][FILE] C:\Users\Public\Documents\NTIBUN5.dll
[UNHIDDEN][FILE] C:\Users\Public\Documents\NTILiveUpdate.dll
--- Mes documents ---
--- Ma musique ---
--- Mes images ---
--- Mes videos ---
--- Dossier utilisateur ---
[UNHIDDEN][FOLDER] C:\Users\michel\AppData
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming
--- Dossier utilisateur ---
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming\Microsoft\Windows\Cookies
[UNHIDDEN][FILE] C:\Users\michel\AppData\Roaming\Microsoft\Windows\Cookies\container.dat
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming\Microsoft\Windows\Cookies\Low
[UNHIDDEN][FILE] C:\Users\michel\AppData\Roaming\Microsoft\Windows\Cookies\Low\container.dat
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming\Microsoft\Windows\IECompatCache
[UNHIDDEN][FILE] C:\Users\michel\AppData\Roaming\Microsoft\Windows\IECompatCache\container.dat
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
[UNHIDDEN][FILE] C:\Users\michel\AppData\Roaming\Microsoft\Windows\IECompatCache\Low\container.dat
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming\Microsoft\Windows\IECompatUACache
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming\Microsoft\Windows\IECompatUACache\Low
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming\Microsoft\Windows\IEDownloadHistory
[UNHIDDEN][FILE] C:\Users\michel\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\container.dat
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming\Microsoft\Windows\IETldCache
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming\Microsoft\Windows\IETldCache\Low
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming\Microsoft\Windows\PrivacIE
[UNHIDDEN][FILE] C:\Users\michel\AppData\Roaming\Microsoft\Windows\PrivacIE\container.dat
[UNHIDDEN][FOLDER] C:\Users\michel\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
[UNHIDDEN][FILE] C:\Users\michel\AppData\Roaming\Microsoft\Windows\PrivacIE\Low\container.dat

Drives found : [C:D:E:]
--- [C:] \Device\HarddiskVolume3 -- 0x3 --> Restoring... ---
[UNHIDDEN][FOLDER] C:\Autorun.inf
[UNHIDDEN][FOLDER] C:\MSOCache
[UNHIDDEN][FOLDER] C:\ProgramData
[UNHIDDEN][FOLDER] C:\ProgramData\Common Files
[UNHIDDEN][FILE] C:\ProgramData\Common Files\B5A20F7C-DE51-EA1E-55BA-67FA12FE4C63.dat
--- [D:] \Device\CdRom0 -- 0x5 --> Skipped. ---
--- [E:] \Device\CdRom1 -- 0x5 --> Skipped. ---
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 29
Utilisateur anonyme
 
super,

* Télécharge TDSSKiller sur ton bureau :

https://support.kaspersky.com/downloads/utils/tdsskiller.exe

* Lance le ( Utilisateurs de vista/Seven -> Clic droit puis " Exécuter en tant qu'administrateur " )

* Clique sur [Start Scan] pour démarrer l'analyse.

* Si des élements sont trouvés, cliques sur [Continue] puis sur [Reboot Now]

* Un rapport s'ouvrira au redémarrage du PC.

* Copie/Colle son contenu dans ta prochaine réponse.

Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt.

note :
Conserve l'action proposée par défaut par l'outil :

- Si TDSS.tdl2 : l'option Delete sera cochée.
- Si TDSS.tdl3 ou TDSS.tdl4 : assure toi que Cure soit bien cochée.
- Si "Suspicious object" ou Sptd ou ForgedFile.Multi.Generic : laisse l'option cochée sur Skip
- Si Rootkit.Win32.ZAccess.* est détecté règle sur cure en haut , et delete en bas:D

0
Réponse 6 / 29
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Re-bonjour,

TDSSKiller n'a rien détecté, je Reboot par moi-même? :/

15:43:35.0042 1720 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:43:35.0671 1720 ============================================================
15:43:35.0671 1720 Current date / time: 2013/09/08 15:43:35.0671
15:43:35.0671 1720 SystemInfo:
15:43:35.0672 1720
15:43:35.0672 1720 OS Version: 6.1.7601 ServicePack: 1.0
15:43:35.0672 1720 Product type: Workstation
15:43:35.0672 1720 ComputerName: MICHEL-PC
15:43:35.0672 1720 UserName: michel
15:43:35.0672 1720 Windows directory: C:\Windows
15:43:35.0672 1720 System windows directory: C:\Windows
15:43:35.0672 1720 Running under WOW64
15:43:35.0672 1720 Processor architecture: Intel x64
15:43:35.0672 1720 Number of processors: 2
15:43:35.0672 1720 Page size: 0x1000
15:43:35.0672 1720 Boot type: Normal boot
15:43:35.0672 1720 ============================================================
15:43:36.0742 1720 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:43:36.0758 1720 ============================================================
15:43:36.0758 1720 \Device\Harddisk0\DR0:
15:43:36.0760 1720 MBR partitions:
15:43:36.0760 1720 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
15:43:36.0760 1720 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x38B50904
15:43:36.0760 1720 ============================================================
15:43:36.0886 1720 C: <-> \Device\Harddisk0\DR0\Partition2
15:43:36.0887 1720 ============================================================
15:43:36.0887 1720 Initialize success
15:43:36.0887 1720 ============================================================
15:43:46.0188 1568 ============================================================
15:43:46.0188 1568 Scan started
15:43:46.0188 1568 Mode: Manual;
15:43:46.0188 1568 ============================================================
15:43:46.0463 1568 ================ Scan system memory ========================
15:43:46.0464 1568 System memory - ok
15:43:46.0464 1568 ================ Scan services =============================
15:43:46.0657 1568 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:43:46.0661 1568 1394ohci - ok
15:43:46.0720 1568 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:43:46.0724 1568 ACPI - ok
15:43:46.0755 1568 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:43:46.0756 1568 AcpiPmi - ok
15:43:46.0926 1568 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:43:46.0929 1568 AdobeFlashPlayerUpdateSvc - ok
15:43:47.0007 1568 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:43:47.0013 1568 adp94xx - ok
15:43:47.0057 1568 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:43:47.0062 1568 adpahci - ok
15:43:47.0089 1568 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:43:47.0092 1568 adpu320 - ok
15:43:47.0128 1568 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:43:47.0130 1568 AeLookupSvc - ok
15:43:47.0187 1568 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:43:47.0194 1568 AFD - ok
15:43:47.0245 1568 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:43:47.0246 1568 agp440 - ok
15:43:47.0277 1568 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:43:47.0280 1568 ALG - ok
15:43:47.0319 1568 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:43:47.0319 1568 aliide - ok
15:43:47.0339 1568 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:43:47.0340 1568 amdide - ok
15:43:47.0396 1568 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:43:47.0398 1568 AmdK8 - ok
15:43:47.0416 1568 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:43:47.0418 1568 AmdPPM - ok
15:43:47.0468 1568 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:43:47.0470 1568 amdsata - ok
15:43:47.0514 1568 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:43:47.0517 1568 amdsbs - ok
15:43:47.0535 1568 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:43:47.0537 1568 amdxata - ok
15:43:47.0596 1568 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:43:47.0597 1568 AppID - ok
15:43:47.0632 1568 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:43:47.0634 1568 AppIDSvc - ok
15:43:47.0704 1568 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
15:43:47.0707 1568 Appinfo - ok
15:43:47.0757 1568 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:43:47.0758 1568 arc - ok
15:43:47.0775 1568 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:43:47.0777 1568 arcsas - ok
15:43:47.0942 1568 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:43:47.0946 1568 aspnet_state - ok
15:43:47.0981 1568 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:43:47.0982 1568 AsyncMac - ok
15:43:48.0057 1568 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:43:48.0058 1568 atapi - ok
15:43:48.0153 1568 [ 88A02B6046356E6BE4E387FAA7451439 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:43:48.0173 1568 athr - ok
15:43:48.0258 1568 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:43:48.0268 1568 AudioEndpointBuilder - ok
15:43:48.0302 1568 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:43:48.0309 1568 AudioSrv - ok
15:43:48.0405 1568 [ 6FDDD18A650764A59302A018765E5521 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
15:43:48.0408 1568 AVP - ok
15:43:48.0479 1568 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:43:48.0483 1568 AxInstSV - ok
15:43:48.0534 1568 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:43:48.0539 1568 b06bdrv - ok
15:43:48.0601 1568 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:43:48.0605 1568 b57nd60a - ok
15:43:48.0744 1568 [ B44879610F2DC4A046B14BEFA3AE72DE ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
15:43:48.0766 1568 BCM43XX - ok
15:43:48.0838 1568 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:43:48.0843 1568 BDESVC - ok
15:43:48.0865 1568 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:43:48.0867 1568 Beep - ok
15:43:48.0942 1568 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:43:48.0951 1568 BFE - ok
15:43:48.0983 1568 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:43:49.0015 1568 BITS - ok
15:43:49.0061 1568 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:43:49.0063 1568 blbdrive - ok
15:43:49.0125 1568 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:43:49.0128 1568 bowser - ok
15:43:49.0150 1568 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:43:49.0152 1568 BrFiltLo - ok
15:43:49.0171 1568 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:43:49.0172 1568 BrFiltUp - ok
15:43:49.0213 1568 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:43:49.0215 1568 Browser - ok
15:43:49.0241 1568 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:43:49.0244 1568 Brserid - ok
15:43:49.0269 1568 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:43:49.0270 1568 BrSerWdm - ok
15:43:49.0288 1568 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:43:49.0290 1568 BrUsbMdm - ok
15:43:49.0306 1568 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:43:49.0308 1568 BrUsbSer - ok
15:43:49.0334 1568 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:43:49.0336 1568 BTHMODEM - ok
15:43:49.0369 1568 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:43:49.0373 1568 bthserv - ok
15:43:49.0393 1568 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:43:49.0395 1568 cdfs - ok
15:43:49.0463 1568 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:43:49.0466 1568 cdrom - ok
15:43:49.0526 1568 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:43:49.0529 1568 CertPropSvc - ok
15:43:49.0584 1568 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:43:49.0585 1568 circlass - ok
15:43:49.0623 1568 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:43:49.0628 1568 CLFS - ok
15:43:49.0699 1568 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:43:49.0703 1568 clr_optimization_v2.0.50727_32 - ok
15:43:49.0752 1568 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:43:49.0756 1568 clr_optimization_v2.0.50727_64 - ok
15:43:49.0860 1568 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:43:49.0864 1568 clr_optimization_v4.0.30319_32 - ok
15:43:49.0882 1568 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:43:49.0885 1568 clr_optimization_v4.0.30319_64 - ok
15:43:49.0937 1568 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:43:49.0938 1568 CmBatt - ok
15:43:49.0972 1568 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:43:49.0973 1568 cmdide - ok
15:43:50.0015 1568 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:43:50.0020 1568 CNG - ok
15:43:50.0079 1568 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:43:50.0081 1568 Compbatt - ok
15:43:50.0139 1568 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:43:50.0140 1568 CompositeBus - ok
15:43:50.0163 1568 COMSysApp - ok
15:43:50.0196 1568 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:43:50.0197 1568 crcdisk - ok
15:43:50.0241 1568 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:43:50.0243 1568 CryptSvc - ok
15:43:50.0295 1568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:43:50.0306 1568 DcomLaunch - ok
15:43:50.0342 1568 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:43:50.0348 1568 defragsvc - ok
15:43:50.0391 1568 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:43:50.0392 1568 DfsC - ok
15:43:50.0458 1568 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:43:50.0466 1568 Dhcp - ok
15:43:50.0499 1568 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:43:50.0500 1568 discache - ok
15:43:50.0540 1568 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:43:50.0541 1568 Disk - ok
15:43:50.0645 1568 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
15:43:50.0646 1568 DKbFltr - ok
15:43:50.0689 1568 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:43:50.0693 1568 Dnscache - ok
15:43:50.0739 1568 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:43:50.0746 1568 dot3svc - ok
15:43:50.0767 1568 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:43:50.0770 1568 DPS - ok
15:43:50.0814 1568 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:43:50.0816 1568 drmkaud - ok
15:43:50.0885 1568 [ 6A0E850DDCB136AA3D2FB7234382DF12 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:43:50.0889 1568 dtsoftbus01 - ok
15:43:50.0947 1568 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:43:50.0958 1568 DXGKrnl - ok
15:43:51.0020 1568 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:43:51.0023 1568 EapHost - ok
15:43:51.0133 1568 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:43:51.0161 1568 ebdrv - ok
15:43:51.0217 1568 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:43:51.0220 1568 EFS - ok
15:43:51.0327 1568 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:43:51.0349 1568 ehRecvr - ok
15:43:51.0381 1568 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:43:51.0386 1568 ehSched - ok
15:43:51.0440 1568 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:43:51.0446 1568 elxstor - ok
15:43:51.0537 1568 [ FB67AA8AC61B9365ADD546139A21BED6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
15:43:51.0547 1568 ePowerSvc - ok
15:43:51.0584 1568 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:43:51.0585 1568 ErrDev - ok
15:43:51.0661 1568 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:43:51.0666 1568 EventSystem - ok
15:43:51.0693 1568 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:43:51.0694 1568 exfat - ok
15:43:51.0727 1568 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:43:51.0729 1568 fastfat - ok
15:43:51.0793 1568 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:43:51.0817 1568 Fax - ok
15:43:51.0833 1568 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:43:51.0834 1568 fdc - ok
15:43:51.0897 1568 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:43:51.0899 1568 fdPHost - ok
15:43:51.0914 1568 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:43:51.0917 1568 FDResPub - ok
15:43:51.0976 1568 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:43:51.0978 1568 FileInfo - ok
15:43:51.0992 1568 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:43:51.0993 1568 Filetrace - ok
15:43:52.0019 1568 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:43:52.0020 1568 flpydisk - ok
15:43:52.0068 1568 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:43:52.0072 1568 FltMgr - ok
15:43:52.0167 1568 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
15:43:52.0198 1568 FontCache - ok
15:43:52.0289 1568 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:43:52.0293 1568 FontCache3.0.0.0 - ok
15:43:52.0321 1568 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:43:52.0323 1568 FsDepends - ok
15:43:52.0362 1568 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:43:52.0363 1568 Fs_Rec - ok
15:43:52.0424 1568 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:43:52.0427 1568 fvevol - ok
15:43:52.0460 1568 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:43:52.0463 1568 gagp30kx - ok
15:43:52.0521 1568 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:43:52.0548 1568 gpsvc - ok
15:43:52.0643 1568 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
15:43:52.0657 1568 Greg_Service - ok
15:43:52.0701 1568 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:43:52.0702 1568 hcw85cir - ok
15:43:52.0762 1568 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:43:52.0767 1568 HdAudAddService - ok
15:43:52.0793 1568 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:43:52.0796 1568 HDAudBus - ok
15:43:52.0818 1568 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:43:52.0820 1568 HidBatt - ok
15:43:52.0847 1568 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:43:52.0849 1568 HidBth - ok
15:43:52.0889 1568 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:43:52.0890 1568 HidIr - ok
15:43:52.0925 1568 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:43:52.0928 1568 hidserv - ok
15:43:52.0983 1568 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:43:52.0984 1568 HidUsb - ok
15:43:53.0024 1568 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:43:53.0030 1568 hkmsvc - ok
15:43:53.0077 1568 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:43:53.0082 1568 HomeGroupListener - ok
15:43:53.0121 1568 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:43:53.0127 1568 HomeGroupProvider - ok
15:43:53.0188 1568 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:43:53.0190 1568 HpSAMD - ok
15:43:53.0269 1568 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:43:53.0277 1568 HTTP - ok
15:43:53.0310 1568 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:43:53.0311 1568 hwpolicy - ok
15:43:53.0380 1568 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:43:53.0382 1568 i8042prt - ok
15:43:53.0458 1568 [ 660BF3255A1EB18ED803FD2FBA6AE400 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:43:53.0464 1568 IAANTMON - ok
15:43:53.0531 1568 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:43:53.0536 1568 iaStor - ok
15:43:53.0605 1568 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:43:53.0610 1568 iaStorV - ok
15:43:53.0688 1568 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:43:53.0730 1568 idsvc - ok
15:43:54.0000 1568 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:43:54.0092 1568 igfx - ok
15:43:54.0152 1568 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:43:54.0153 1568 iirsp - ok
15:43:54.0205 1568 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:43:54.0228 1568 IKEEXT - ok
15:43:54.0339 1568 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:43:54.0368 1568 IntcAzAudAddService - ok
15:43:54.0401 1568 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:43:54.0402 1568 intelide - ok
15:43:54.0452 1568 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:43:54.0454 1568 intelppm - ok
15:43:54.0477 1568 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:43:54.0485 1568 IPBusEnum - ok
15:43:54.0535 1568 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:43:54.0536 1568 IpFilterDriver - ok
15:43:54.0596 1568 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:43:54.0607 1568 iphlpsvc - ok
15:43:54.0649 1568 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:43:54.0650 1568 IPMIDRV - ok
15:43:54.0695 1568 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:43:54.0697 1568 IPNAT - ok
15:43:54.0741 1568 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:43:54.0742 1568 IRENUM - ok
15:43:54.0766 1568 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:43:54.0767 1568 isapnp - ok
15:43:54.0791 1568 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:43:54.0795 1568 iScsiPrt - ok
15:43:54.0835 1568 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:43:54.0837 1568 kbdclass - ok
15:43:54.0877 1568 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:43:54.0879 1568 kbdhid - ok
15:43:54.0892 1568 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:43:54.0896 1568 KeyIso - ok
15:43:54.0992 1568 [ 783BEB99743BACB9586CCB70356449C5 ] KeyScrambler C:\Windows\system32\drivers\keyscrambler.sys
15:43:54.0994 1568 KeyScrambler - ok
15:43:55.0063 1568 [ 549F9D454E9E6697B108F16C569B505A ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
15:43:55.0069 1568 KL1 - ok
15:43:55.0153 1568 [ 08DF1B7A82837B92096EC7597C00889A ] KLIF C:\Windows\system32\DRIVERS\klif.sys
15:43:55.0160 1568 KLIF - ok
15:43:55.0175 1568 [ A7DFA9A2554143667E830E8ABE452D70 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
15:43:55.0177 1568 KLIM6 - ok
15:43:55.0220 1568 [ E6FAA395058F7BAF0F3529CDBA9B7133 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
15:43:55.0221 1568 klkbdflt - ok
15:43:55.0236 1568 [ D398DABD44FDDDBED305442BB7BCDB29 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
15:43:55.0237 1568 klmouflt - ok
15:43:55.0257 1568 [ B9B2AEEE5E17B2CEBC034FF2748577A0 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
15:43:55.0258 1568 kltdi - ok
15:43:55.0297 1568 [ 8E880E08D7453DB58DAC36C2C48FFD45 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
15:43:55.0299 1568 kneps - ok
15:43:55.0341 1568 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:43:55.0342 1568 KSecDD - ok
15:43:55.0370 1568 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:43:55.0371 1568 KSecPkg - ok
15:43:55.0400 1568 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:43:55.0401 1568 ksthunk - ok
15:43:55.0442 1568 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:43:55.0453 1568 KtmRm - ok
15:43:55.0510 1568 [ 2377EC4CC3E356655B996F39B43486B6 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
15:43:55.0512 1568 L1C - ok
15:43:55.0564 1568 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:43:55.0570 1568 LanmanServer - ok
15:43:55.0612 1568 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:43:55.0620 1568 LanmanWorkstation - ok
15:43:55.0676 1568 [ 174803F2EEA3B22165DFE0E5A1F20685 ] LgBttPort C:\Windows\system32\DRIVERS\lgbtpt64.sys
15:43:55.0677 1568 LgBttPort - ok
15:43:55.0717 1568 [ 565F93BB7C0361E61B3DAEA670C354D6 ] lgbusenum C:\Windows\system32\DRIVERS\lgbtbs64.sys
15:43:55.0719 1568 lgbusenum - ok
15:43:55.0738 1568 [ ABF477857B7CED873362EC92C6CE10A7 ] LGVMODEM C:\Windows\system32\DRIVERS\lgvmdm64.sys
15:43:55.0739 1568 LGVMODEM - ok
15:43:55.0786 1568 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:43:55.0787 1568 lltdio - ok
15:43:55.0824 1568 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:43:55.0832 1568 lltdsvc - ok
15:43:55.0877 1568 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:43:55.0879 1568 lmhosts - ok
15:43:55.0913 1568 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:43:55.0914 1568 LSI_FC - ok
15:43:55.0932 1568 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:43:55.0933 1568 LSI_SAS - ok
15:43:55.0953 1568 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:43:55.0954 1568 LSI_SAS2 - ok
15:43:55.0973 1568 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:43:55.0974 1568 LSI_SCSI - ok
15:43:55.0997 1568 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:43:55.0998 1568 luafv - ok
15:43:56.0043 1568 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:43:56.0051 1568 Mcx2Svc - ok
15:43:56.0102 1568 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:43:56.0103 1568 megasas - ok
15:43:56.0156 1568 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:43:56.0159 1568 MegaSR - ok
15:43:56.0215 1568 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:43:56.0217 1568 MMCSS - ok
15:43:56.0245 1568 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:43:56.0246 1568 Modem - ok
15:43:56.0258 1568 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:43:56.0259 1568 monitor - ok
15:43:56.0297 1568 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:43:56.0299 1568 mouclass - ok
15:43:56.0340 1568 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:43:56.0342 1568 mouhid - ok
15:43:56.0380 1568 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:43:56.0382 1568 mountmgr - ok
15:43:56.0468 1568 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:43:56.0473 1568 MozillaMaintenance - ok
15:43:56.0544 1568 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:43:56.0547 1568 mpio - ok
15:43:56.0585 1568 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:43:56.0587 1568 mpsdrv - ok
15:43:56.0653 1568 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:43:56.0681 1568 MpsSvc - ok
15:43:56.0735 1568 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:43:56.0736 1568 MRxDAV - ok
15:43:56.0769 1568 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:43:56.0770 1568 mrxsmb - ok
15:43:56.0797 1568 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:43:56.0800 1568 mrxsmb10 - ok
15:43:56.0819 1568 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:43:56.0820 1568 mrxsmb20 - ok
15:43:56.0874 1568 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:43:56.0876 1568 msahci - ok
15:43:56.0933 1568 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:43:56.0934 1568 msdsm - ok
15:43:56.0964 1568 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:43:56.0969 1568 MSDTC - ok
15:43:56.0999 1568 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:43:57.0000 1568 Msfs - ok
15:43:57.0042 1568 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:43:57.0043 1568 mshidkmdf - ok
15:43:57.0081 1568 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:43:57.0083 1568 msisadrv - ok
15:43:57.0112 1568 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:43:57.0117 1568 MSiSCSI - ok
15:43:57.0123 1568 msiserver - ok
15:43:57.0168 1568 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:43:57.0169 1568 MSKSSRV - ok
15:43:57.0189 1568 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:43:57.0190 1568 MSPCLOCK - ok
15:43:57.0208 1568 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:43:57.0209 1568 MSPQM - ok
15:43:57.0254 1568 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:43:57.0257 1568 MsRPC - ok
15:43:57.0303 1568 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:43:57.0305 1568 mssmbios - ok
15:43:57.0355 1568 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:43:57.0357 1568 MSTEE - ok
15:43:57.0380 1568 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:43:57.0381 1568 MTConfig - ok
15:43:57.0429 1568 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:43:57.0430 1568 Mup - ok
15:43:57.0473 1568 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
15:43:57.0474 1568 mwlPSDFilter - ok
15:43:57.0485 1568 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
15:43:57.0486 1568 mwlPSDNServ - ok
15:43:57.0508 1568 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
15:43:57.0509 1568 mwlPSDVDisk - ok
15:43:57.0598 1568 [ 2F139207F618EC2933830227EEFFDDB4 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
15:43:57.0607 1568 MWLService - ok
15:43:57.0660 1568 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:43:57.0669 1568 napagent - ok
15:43:57.0733 1568 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:43:57.0736 1568 NativeWifiP - ok
15:43:57.0809 1568 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:43:57.0816 1568 NDIS - ok
15:43:57.0837 1568 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:43:57.0838 1568 NdisCap - ok
15:43:57.0869 1568 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:43:57.0870 1568 NdisTapi - ok
15:43:57.0936 1568 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:43:57.0937 1568 Ndisuio - ok
15:43:57.0978 1568 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:43:57.0981 1568 NdisWan - ok
15:43:58.0023 1568 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:43:58.0024 1568 NDProxy - ok
15:43:58.0083 1568 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:43:58.0084 1568 NetBIOS - ok
15:43:58.0128 1568 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:43:58.0131 1568 NetBT - ok
15:43:58.0140 1568 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:43:58.0141 1568 Netlogon - ok
15:43:58.0212 1568 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:43:58.0219 1568 Netman - ok
15:43:58.0301 1568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:43:58.0306 1568 NetMsmqActivator - ok
15:43:58.0314 1568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:43:58.0317 1568 NetPipeActivator - ok
15:43:58.0380 1568 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:43:58.0388 1568 netprofm - ok
15:43:58.0396 1568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:43:58.0399 1568 NetTcpActivator - ok
15:43:58.0406 1568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:43:58.0408 1568 NetTcpPortSharing - ok
15:43:58.0465 1568 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:43:58.0468 1568 nfrd960 - ok
15:43:58.0519 1568 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:43:58.0522 1568 NlaSvc - ok
15:43:58.0539 1568 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:43:58.0540 1568 Npfs - ok
15:43:58.0566 1568 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:43:58.0569 1568 nsi - ok
15:43:58.0591 1568 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:43:58.0592 1568 nsiproxy - ok
15:43:58.0684 1568 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:43:58.0695 1568 Ntfs - ok
15:43:58.0794 1568 [ FD324CCE1D4D5BB5AF65F8E55B462C7E ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:43:58.0797 1568 NTIBackupSvc - ok
15:43:58.0828 1568 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
15:43:58.0830 1568 NTIDrvr - ok
15:43:58.0862 1568 [ 3F6268A2EC33CD38CF75C880AF8DED42 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:43:58.0865 1568 NTISchedulerSvc - ok
15:43:58.0902 1568 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:43:58.0903 1568 Null - ok
15:43:58.0939 1568 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:43:58.0942 1568 nvraid - ok
15:43:58.0968 1568 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:43:58.0971 1568 nvstor - ok
15:43:58.0991 1568 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:43:58.0994 1568 nv_agp - ok
15:43:59.0085 1568 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:43:59.0095 1568 odserv - ok
15:43:59.0130 1568 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:43:59.0132 1568 ohci1394 - ok
15:43:59.0187 1568 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:43:59.0191 1568 ose - ok
15:43:59.0216 1568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:43:59.0221 1568 p2pimsvc - ok
15:43:59.0257 1568 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:43:59.0263 1568 p2psvc - ok
15:43:59.0293 1568 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:43:59.0294 1568 Parport - ok
15:43:59.0325 1568 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:43:59.0326 1568 partmgr - ok
15:43:59.0338 1568 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:43:59.0341 1568 PcaSvc - ok
15:43:59.0384 1568 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:43:59.0386 1568 pci - ok
15:43:59.0413 1568 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:43:59.0414 1568 pciide - ok
15:43:59.0454 1568 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:43:59.0457 1568 pcmcia - ok
15:43:59.0477 1568 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:43:59.0479 1568 pcw - ok
15:43:59.0502 1568 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:43:59.0507 1568 PEAUTH - ok
15:43:59.0598 1568 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:43:59.0602 1568 PerfHost - ok
15:43:59.0693 1568 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:43:59.0740 1568 pla - ok
15:43:59.0778 1568 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:43:59.0788 1568 PlugPlay - ok
15:43:59.0920 1568 PMT_Drv - ok
15:43:59.0965 1568 PnkBstrA - ok
15:44:00.0005 1568 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:44:00.0010 1568 PNRPAutoReg - ok
15:44:00.0032 1568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:44:00.0038 1568 PNRPsvc - ok
15:44:00.0091 1568 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
15:44:00.0093 1568 Point64 - ok
15:44:00.0143 1568 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:44:00.0154 1568 PolicyAgent - ok
15:44:00.0199 1568 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:44:00.0204 1568 Power - ok
15:44:00.0261 1568 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:44:00.0263 1568 PptpMiniport - ok
15:44:00.0293 1568 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:44:00.0294 1568 Processor - ok
15:44:00.0347 1568 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:44:00.0353 1568 ProfSvc - ok
15:44:00.0374 1568 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:44:00.0377 1568 ProtectedStorage - ok
15:44:00.0436 1568 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:44:00.0437 1568 Psched - ok
15:44:00.0491 1568 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:44:00.0508 1568 ql2300 - ok
15:44:00.0553 1568 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:44:00.0554 1568 ql40xx - ok
15:44:00.0589 1568 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:44:00.0596 1568 QWAVE - ok
15:44:00.0614 1568 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:44:00.0615 1568 QWAVEdrv - ok
15:44:00.0691 1568 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
15:44:00.0696 1568 RapiMgr - ok
15:44:00.0728 1568 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:44:00.0729 1568 RasAcd - ok
15:44:00.0785 1568 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:44:00.0786 1568 RasAgileVpn - ok
15:44:00.0822 1568 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:44:00.0828 1568 RasAuto - ok
15:44:00.0875 1568 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:44:00.0877 1568 Rasl2tp - ok
15:44:00.0899 1568 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:44:00.0910 1568 RasMan - ok
15:44:00.0946 1568 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:44:00.0948 1568 RasPppoe - ok
15:44:00.0966 1568 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:44:00.0968 1568 RasSstp - ok
15:44:01.0009 1568 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:44:01.0012 1568 rdbss - ok
15:44:01.0040 1568 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:44:01.0041 1568 rdpbus - ok
15:44:01.0084 1568 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:44:01.0084 1568 RDPCDD - ok
15:44:01.0093 1568 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:44:01.0096 1568 RDPENCDD - ok
15:44:01.0135 1568 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:44:01.0136 1568 RDPREFMP - ok
15:44:01.0163 1568 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:44:01.0165 1568 RDPWD - ok
15:44:01.0225 1568 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:44:01.0227 1568 rdyboost - ok
15:44:01.0258 1568 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:44:01.0262 1568 RemoteAccess - ok
15:44:01.0286 1568 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:44:01.0292 1568 RemoteRegistry - ok
15:44:01.0344 1568 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:44:01.0350 1568 RpcEptMapper - ok
15:44:01.0375 1568 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:44:01.0379 1568 RpcLocator - ok
15:44:01.0422 1568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:44:01.0431 1568 RpcSs - ok
15:44:01.0482 1568 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:44:01.0484 1568 rspndr - ok
15:44:01.0550 1568 [ DB30AA4DAA0D492FA5D7717D8181FFA1 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:44:01.0554 1568 RSUSBSTOR - ok
15:44:01.0584 1568 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:44:01.0587 1568 SamSs - ok
15:44:01.0712 1568 [ 53E618640032FF0511901551D7F77424 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
15:44:01.0717 1568 SbieDrv - ok
15:44:01.0747 1568 [ DD78D286FF9032D9E0938F815928C2FD ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
15:44:01.0750 1568 SbieSvc - ok
15:44:01.0795 1568 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:44:01.0798 1568 sbp2port - ok
15:44:01.0841 1568 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:44:01.0850 1568 SCardSvr - ok
15:44:01.0893 1568 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:44:01.0895 1568 scfilter - ok
15:44:01.0956 1568 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:44:01.0991 1568 Schedule - ok
15:44:02.0028 1568 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:44:02.0029 1568 SCPolicySvc - ok
15:44:02.0042 1568 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:44:02.0046 1568 SDRSVC - ok
15:44:02.0104 1568 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:44:02.0105 1568 secdrv - ok
15:44:02.0148 1568 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:44:02.0152 1568 seclogon - ok
15:44:02.0181 1568 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:44:02.0185 1568 SENS - ok
15:44:02.0234 1568 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:44:02.0240 1568 SensrSvc - ok
15:44:02.0264 1568 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:44:02.0266 1568 Serenum - ok
15:44:02.0319 1568 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:44:02.0321 1568 Serial - ok
15:44:02.0372 1568 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:44:02.0373 1568 sermouse - ok
15:44:02.0421 1568 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:44:02.0425 1568 SessionEnv - ok
15:44:02.0465 1568 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:44:02.0466 1568 sffdisk - ok
15:44:02.0479 1568 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:44:02.0480 1568 sffp_mmc - ok
15:44:02.0498 1568 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:44:02.0499 1568 sffp_sd - ok
15:44:02.0535 1568 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:44:02.0536 1568 sfloppy - ok
15:44:02.0599 1568 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:44:02.0610 1568 SharedAccess - ok
15:44:02.0650 1568 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:44:02.0658 1568 ShellHWDetection - ok
15:44:02.0694 1568 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:44:02.0696 1568 SiSRaid2 - ok
15:44:02.0726 1568 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:44:02.0728 1568 SiSRaid4 - ok
15:44:02.0828 1568 [ 9CD1BB2DB803B6AC642BD643DDB773BC ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:44:02.0830 1568 SkypeUpdate - ok
15:44:02.0874 1568 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:44:02.0876 1568 Smb - ok
15:44:02.0927 1568 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:44:02.0930 1568 SNMPTRAP - ok
15:44:02.0958 1568 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:44:02.0959 1568 spldr - ok
15:44:03.0005 1568 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:44:03.0011 1568 Spooler - ok
15:44:03.0129 1568 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:44:03.0160 1568 sppsvc - ok
15:44:03.0195 1568 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:44:03.0199 1568 sppuinotify - ok
15:44:03.0237 1568 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:44:03.0243 1568 srv - ok
15:44:03.0270 1568 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:44:03.0273 1568 srv2 - ok
15:44:03.0292 1568 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:44:03.0294 1568 srvnet - ok
15:44:03.0342 1568 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:44:03.0349 1568 SSDPSRV - ok
15:44:03.0381 1568 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:44:03.0385 1568 SstpSvc - ok
15:44:03.0457 1568 [ 394BC2EEC0D81F70B80B0D951665A690 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:44:03.0463 1568 Steam Client Service - ok
15:44:03.0486 1568 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:44:03.0488 1568 stexstor - ok
15:44:03.0549 1568 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:44:03.0570 1568 stisvc - ok
15:44:03.0602 1568 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:44:03.0603 1568 swenum - ok
15:44:03.0649 1568 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:44:03.0672 1568 swprv - ok
15:44:03.0753 1568 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:44:03.0818 1568 SysMain - ok
15:44:03.0855 1568 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:44:03.0860 1568 TabletInputService - ok
15:44:03.0908 1568 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:44:03.0919 1568 TapiSrv - ok
15:44:03.0956 1568 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:44:03.0963 1568 TBS - ok
15:44:04.0071 1568 [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:44:04.0096 1568 Tcpip - ok
15:44:04.0193 1568 [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:44:04.0207 1568 TCPIP6 - ok
15:44:04.0257 1568 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:44:04.0258 1568 tcpipreg - ok
15:44:04.0287 1568 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:44:04.0288 1568 TDPIPE - ok
15:44:04.0315 1568 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:44:04.0316 1568 TDTCP - ok
15:44:04.0349 1568 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:44:04.0351 1568 tdx - ok
15:44:04.0414 1568 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:44:04.0415 1568 TermDD - ok
15:44:04.0443 1568 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:44:04.0465 1568 TermService - ok
15:44:04.0492 1568 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:44:04.0496 1568 Themes - ok
15:44:04.0525 1568 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:44:04.0527 1568 THREADORDER - ok
15:44:04.0546 1568 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:44:04.0551 1568 TrkWks - ok
15:44:04.0611 1568 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:44:04.0616 1568 TrustedInstaller - ok
15:44:04.0739 1568 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:44:04.0741 1568 tssecsrv - ok
15:44:04.0877 1568 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:44:04.0878 1568 TsUsbFlt - ok
15:44:04.0989 1568 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:44:04.0992 1568 tunnel - ok
15:44:05.0022 1568 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:44:05.0024 1568 uagp35 - ok
15:44:05.0055 1568 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
15:44:05.0057 1568 UBHelper - ok
15:44:05.0110 1568 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:44:05.0114 1568 udfs - ok
15:44:05.0159 1568 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:44:05.0166 1568 UI0Detect - ok
15:44:05.0201 1568 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:44:05.0202 1568 uliagpkx - ok
15:44:05.0252 1568 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:44:05.0253 1568 umbus - ok
15:44:05.0283 1568 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:44:05.0285 1568 UmPass - ok
15:44:05.0369 1568 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:44:05.0372 1568 Updater Service - ok
15:44:05.0404 1568 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:44:05.0415 1568 upnphost - ok
15:44:05.0468 1568 [ F8527DEDDF07BF36157D5A2C864EFFA8 ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys
15:44:05.0469 1568 usbbus - ok
15:44:05.0515 1568 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:44:05.0517 1568 usbccgp - ok
15:44:05.0577 1568 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:44:05.0579 1568 usbcir - ok
15:44:05.0619 1568 [ C02B007C2174C4C5F3D6B476C65BC346 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys
15:44:05.0620 1568 UsbDiag - ok
15:44:05.0649 1568 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:44:05.0650 1568 usbehci - ok
15:44:05.0693 1568 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:44:05.0697 1568 usbhub - ok
15:44:05.0739 1568 [ F0A128B233D7EDD16E67CB1172D7D7B7 ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys
15:44:05.0741 1568 USBModem - ok
15:44:05.0756 1568 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:44:05.0758 1568 usbohci - ok
15:44:05.0811 1568 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:44:05.0813 1568 usbprint - ok
15:44:05.0839 1568 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:44:05.0841 1568 usbscan - ok
15:44:05.0860 1568 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:44:05.0862 1568 USBSTOR - ok
15:44:05.0900 1568 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:44:05.0901 1568 usbuhci - ok
15:44:05.0959 1568 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:44:05.0962 1568 usbvideo - ok
15:44:05.0990 1568 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:44:05.0996 1568 UxSms - ok
15:44:06.0008 1568 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:44:06.0011 1568 VaultSvc - ok
15:44:06.0109 1568 [ 68EF855725F65A5C3C24F78D33388F30 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
15:44:06.0113 1568 VBoxDrv - ok
15:44:06.0172 1568 [ 7FFC48B516856FD40B9F55687C8D70A2 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
15:44:06.0176 1568 VBoxNetAdp - ok
15:44:06.0198 1568 [ 7A92E82A1DCC528F4E7D3F655BDEA6AA ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
15:44:06.0200 1568 VBoxNetFlt - ok
15:44:06.0299 1568 [ F3CF9F56C2A8AEB50EB679DC76902BE0 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
15:44:06.0301 1568 VBoxUSBMon - ok
15:44:06.0363 1568 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:44:06.0365 1568 vdrvroot - ok
15:44:06.0417 1568 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:44:06.0440 1568 vds - ok
15:44:06.0498 1568 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:44:06.0499 1568 vga - ok
15:44:06.0540 1568 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:44:06.0541 1568 VgaSave - ok
15:44:06.0589 1568 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:44:06.0592 1568 vhdmp - ok
15:44:06.0630 1568 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:44:06.0632 1568 viaide - ok
15:44:06.0662 1568 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:44:06.0664 1568 volmgr - ok
15:44:06.0708 1568 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:44:06.0713 1568 volmgrx - ok
15:44:06.0741 1568 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:44:06.0745 1568 volsnap - ok
15:44:06.0789 1568 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:44:06.0792 1568 vsmraid - ok
15:44:06.0864 1568 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:44:06.0923 1568 VSS - ok
15:44:06.0946 1568 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:44:06.0947 1568 vwifibus - ok
15:44:06.0995 1568 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:44:06.0997 1568 vwififlt - ok
15:44:07.0046 1568 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:44:07.0048 1568 vwifimp - ok
15:44:07.0094 1568 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:44:07.0105 1568 W32Time - ok
15:44:07.0148 1568 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:44:07.0150 1568 WacomPen - ok
15:44:07.0206 1568 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:44:07.0208 1568 WANARP - ok
15:44:07.0229 1568 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:44:07.0232 1568 Wanarpv6 - ok
15:44:07.0345 1568 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
0
Réponse 7 / 29
Utilisateur anonyme
 
pas besoin de redémarrer!

* Télécharge ZHPDiag sur ton bureau :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html


* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.

/!\Utilisateur de Vista, Seven et W8 :

* Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »

=> L'icône est sous forme de parchemin.

* Clique sur configurer, puis sur la la loupe + .

* Laisse travailler l'outil, même s'il semble bloqué !

* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :


https://www.cjoint.com/ => https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers


tuto zhpdiag :

http://nicolascoolman.webs.com/tutorials.htm


0
Réponse 8 / 29
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Re-bonjour,
Voici :

http://cjoint.com/13sp/CIiq3lfFYhz.htm


O43 - CFD: 21/07/2013 - 18:47:11 - [0,002] -S--D C:\Users\michel\AppData\Roaming\.#
Je sais pas pourquoi, mais apparement je pense que ce dossier est louche avec l'attribut S.. :/

http://cjoint.com/13sp/CIirufpiSUp.htm, le dossier en question mais zippé
0
Réponse 9 / 29
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Re-bonjour

Oui, mais ce dossier contient un .### renommé en .###2 (Au cas où)

Ce fichier a la même forme qu'un .exe, alors je vois aucun intérêt à stocker un éxecutable dans le %appdata%... Le fichiers est pas "System" mais son dossier oui :/

En bref, je voudrais connaître le code source du fichier, puisque virustotal a rien indiqué :s
0
Réponse 10 / 29
Utilisateur anonyme
 
l'exe est une infection de type Zeroacess, là, tu ne l'as pas sur ce pc !

on peut fouiller d'avantage si tu veux !

* /!\Avertissement :
Ce logiciel n'est à utiliser que prescrit par un helper qualifié.
Ne pas utiliser en dehors de ce cas de figure : dangereux!


/!\ Utilisateur de Vista : Ne pas oublier de désactiver l'UAC juste le temps de désinfection de ton pc, il sera à réactiver plus tard


► Télécharges ComboFix à partir de ce lien et enregistres le sur ton bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
ou ici :
https://forum.pcastuces.com/combofix_renomme_au_telechargement-f31s22.htm
A lire
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Avant d'utiliser ComboFix :

► ferme les fenêtres de tous les programmes en cours.

► Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.

/!\Utilisateur de Vista & Windows7 : Clique droit sur le logo de Combofix, « exécuter en tant qu'Administrateur »

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

- il se peut que Combofix ait besoin de se connecter à internet pour trouver les mises à jour, donc il faut l'autoriser.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\ComboFix\ComboFix.txt)
► Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
► Reviens sur le forum, et copie et colle la totalité du contenu de Combofix.txt dans ton prochain message.
0
Réponse 11 / 29
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Re-bonjour,
j'ai fait une restauration système.. ça vient de Gene-Hackman ce logiciel? (Humour)
Il a bloqué des clés du registre pour rien, du coup... Je ne dis pas.

Là, tout va bien :)

ComboFix 13-09-08.01 - michel 08/09/2013 17:53:24.1.2 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4026.2564 [GMT 2:00]
Lancé depuis: c:\users\michel\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\users\michel\AppData\Roaming\.#
c:\users\michel\AppData\Roaming\.#\MBX@D84@1EF2770.###2
c:\windows\08-06-2013
c:\windows\08-06-2013\BCD
c:\windows\08-06-2013\DEFAULT
c:\windows\08-06-2013\ERDNT.CON
c:\windows\08-06-2013\ERDNT.EXE
c:\windows\08-06-2013\ERDNT.INF
c:\windows\08-06-2013\ERDNTDOS.LOC
c:\windows\08-06-2013\ERDNTWIN.LOC
c:\windows\08-06-2013\SAM
c:\windows\08-06-2013\SECURITY
c:\windows\08-06-2013\SOFTWARE
c:\windows\08-06-2013\SYSTEM
c:\windows\08-06-2013\Users\00000001\NTUSER.DAT
c:\windows\08-06-2013\Users\00000002\UsrClass.dat
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-08-08 au 2013-09-08 ))))))))))))))))))))))))))))))))))))
.
.
2013-09-08 16:07 . 2013-09-08 16:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-07 09:26 . 2013-09-07 09:29 -------- d-----w- c:\program files\WinRAR
2013-09-07 08:10 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{587396AD-1CD5-4ADB-9DA0-1E28B7C914CC}\mpengine.dll
2013-09-01 14:16 . 2013-07-04 13:58 238352 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-09-01 14:16 . 2013-07-04 13:57 120080 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-08-31 09:10 . 2013-08-31 09:14 -------- d-----w- c:\program files (x86)\hexplorer
2013-08-30 17:41 . 2013-08-30 17:41 -------- d-----w- c:\program files\Axantum
2013-08-30 07:45 . 2013-07-26 03:35 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-08-30 07:45 . 2013-07-26 02:49 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-08-30 07:38 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-30 07:38 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-30 07:38 . 2013-07-09 06:03 5550528 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-30 07:38 . 2013-07-09 05:54 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-30 07:38 . 2013-07-09 04:53 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-30 07:38 . 2013-07-09 05:53 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-30 07:38 . 2013-07-09 02:49 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-30 07:38 . 2013-07-09 04:52 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-30 07:38 . 2013-07-09 02:49 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-30 07:38 . 2013-07-09 02:49 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-30 07:38 . 2013-07-09 02:49 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-29 20:02 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-08-29 20:02 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-08-29 20:02 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-08-29 20:02 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-29 20:02 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-29 20:02 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-08-29 20:02 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-08-29 20:02 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-08-29 20:01 . 2013-07-19 01:58 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-29 20:01 . 2013-07-19 01:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-08-29 20:01 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-29 20:01 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-08-29 20:01 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-29 20:01 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-29 20:01 . 2013-06-15 04:32 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-29 20:01 . 2013-07-06 06:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-30 07:32 . 2013-04-09 13:05 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-08-07 02:22 . 2013-03-20 07:15 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-07-09 13:32 . 2013-07-09 13:32 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-07-09 13:28 . 2013-06-12 08:29 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-09 13:28 . 2013-06-12 08:29 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-09 04:45 . 2013-08-30 07:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-04 13:57 . 2013-07-04 13:57 131856 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2013-06-25 16:59 . 2013-06-25 17:00 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-25 16:59 . 2013-06-25 17:00 312232 ----a-w- c:\windows\system32\javaws.exe
2013-06-25 16:59 . 2013-06-25 17:00 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-25 16:59 . 2013-06-25 16:59 189352 ----a-w- c:\windows\system32\javaw.exe
2013-06-25 16:59 . 2013-06-25 16:59 188840 ----a-w- c:\windows\system32\java.exe
2013-06-25 16:59 . 2013-06-25 16:59 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-17 06:02 . 2013-06-13 14:21 3138168 ----a-w- c:\users\michel\worldpainter_1.4.0.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2013-07-08 759384]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2012-05-31 218880]
"KeyScrambler"="c:\program files (x86)\KeyScrambler\keyscrambler.exe" [2013-07-14 508048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys;c:\windows\SYSNATIVE\drivers\keyscrambler.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - 24899305
*Deregistered* - 24899305
*Deregistered* - kxdiypow
*Deregistered* - VBoxDrv
*Deregistered* - VBoxUSBMon
.
Contenu du dossier 'Tâches planifiées'
.
2013-09-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 13:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:44 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-09-30 823840]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"OOTag"="c:\windows\oobeoffer\oobeoffer\ootag.exe" [2009-09-28 23072]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uLocal Page = c:\windows\SysWOW64\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch bar = hxxp://www.google.com/
IE: Ajouter dans l'Anti-bannière - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
Trusted Zone: minecraft.net
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\michel\AppData\Roaming\Mozilla\Firefox\Profiles\vcfg2spv.default\
FF - ExtSQL: 2013-07-22 10:47; longurlplease@darragh.curran; c:\users\michel\AppData\Roaming\Mozilla\Firefox\Profiles\vcfg2spv.default\extensions\longurlplease@darragh.curran.xpi
FF - ExtSQL: 2013-07-23 12:51; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\michel\AppData\Roaming\Mozilla\Firefox\Profiles\vcfg2spv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: 2013-07-27 18:17; {d49a148e-817e-4025-bee3-5d541376de3b}; c:\users\michel\AppData\Roaming\Mozilla\Firefox\Profiles\vcfg2spv.default\extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi
FF - ExtSQL: 2013-07-31 11:31; longurlplease@tseng; c:\users\michel\AppData\Roaming\Mozilla\Firefox\Profiles\vcfg2spv.default\extensions\longurlplease@tseng.xpi
FF - ExtSQL: 2013-08-03 19:10; elemhidehelper@adblockplus.org; c:\users\michel\AppData\Roaming\Mozilla\Firefox\Profiles\vcfg2spv.default\extensions\elemhidehelper@adblockplus.org.xpi
FF - ExtSQL: 2013-08-31 21:10; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\michel\AppData\Roaming\Mozilla\Firefox\Profiles\vcfg2spv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-09-03 16:36; jid1-JcGokIiQyjoBAQ@jetpack; c:\users\michel\AppData\Roaming\Mozilla\Firefox\Profiles\vcfg2spv.default\extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
SafeBoot-MCODS
Toolbar-Locked - (no file)
AddRemove-4144-4862-0472-7103 - f:\custom\Logiciels\WorldPainter\WorldPainter\uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2013-09-08 18:11:24
ComboFix-quarantined-files.txt 2013-09-08 16:11
.
Avant-CF: 378 659 512 320 octets libres
Après-CF: 378 725 076 992 octets libres
.
- - End Of File - - 99BAA89E017E07EF1E4E532C5F046876
A36C5E4F47E84449FF07ED3517B43A31

Voilà ce qu'il a supprimé, le registre ne compte pas dans ce rapport puisque j'ai restauré, mais les fichiers sont supprimés donc c'est ok.
______________________________________________________________________
- **Détails **
- Kaspersky n'affichait pas son icône
- Kaspersky possédait des modules défaillants
- Sandboxie Control (sandbox) ne démarrait pas
- Sandboxie Control (sandbox) ne s'affichait pas
- L'UAC n'avait pas d'effets
- Les icônes avaient disparues (Les boucliers Administrateur)
Windows Defender voulait analyser l'ordinateur alors qu'il ne doit pas,
et donc il avait pris la place de Kaspersky..
- ComboFix a bloqué sans raison des clés légitimes causant de nombreux problèmes.
- KeyScrambler ne démarrait pas
- Windows Update ne signalait plus les mises à jour disponibles
______________________________________________________________________
0
Réponse 12 / 29
Utilisateur anonyme
 
je te dis juste pour ton info que le fichier exécutable de Kaspersky était manquant dans le rapport de Zhpdiag !



tu as passé Combofix et restauré le pc !

ok,

ou en est il ?

est ce que tu as toujours ce message d'erreur "8024200D" ?

est ce que Windows update a repris ces esprits ?
0
Réponse 13 / 29
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Re-bonjour,
Non, j'ai encore le message d'erreur.. :(

Je me souviens que l'outil Pre_Scan m'avait dit que j'avais aucune mise à jour :o
Mais bon, c'est un mauvais souvenir cet outil-là
Désolé d'avoir pris du temps à te répondre :)
0
Réponse 14 / 29
Utilisateur anonyme
 
regarde là :

https://support.microsoft.com/en-us/windows?ui=en-US&rs=en-001&ad=US
0
Réponse 15 / 29
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Bonjour,

Re-bonjour Electricien, là ça télécharge, je le lancerai
dès que ce sera totalement enregistré :) Merci du lien
exact de l'erreur :o
0
Réponse 16 / 29
Utilisateur anonyme
 
tiens moi au courant du résultat :D
0
Réponse 17 / 29
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Re-bonjour, le correctif a été installé, mais la
fameuse mise à jour a pas pû l'être, on peut
localiser le package et le lancer soi-même?
Merci de ta réponse :)

Aussi, j'ai une question mais pour CCleaner :
Y'a des options que j'hésite à cocher, peux-tu
me dire quelles options il faudrait cocher
pour libérer de l'espace disque, car avec mon
PC virtuel il me faut de a place :S
0
Réponse 18 / 29
Utilisateur anonyme
 
le package est normalement installé, tu le verras dans les mises à jour installées sur ton pc, dans el panneau de configuration !

pour Ccleaner, en général, on l'utilise avec les options cochées par défaut !
0
Réponse 19 / 29
killnolife Messages postés 185 Date d'inscription   Statut Membre Dernière intervention  
 
Re-bonjour,

Comment je peux voir les Windows Update quand elles sont installées?

Pour CCleaner c'est ok, merci de la réponse :)
0
Réponse 20 / 29
Utilisateur anonyme
 
dans le panneau de configuration, Windows update, afficher les mises à jour installées !
0