Sujet Précédent Sujet Suivant

Trojan:Win32/Sirefef.AN (windows 7)

butterflyc10 -
Utilisateur anonyme - 14 sept. 2013 à 09:17

Bonjour,

J'ai ce message de virus : Trojan:Win32/Sirefef.AN comment je fais pour le supprimer de mon ordinateur sans tout perdre ?

Merci de m'aider !

Afficher la suite

A voir également:

Trojan:Win32/Sirefef.AN (windows 7)
Trojan remover - Télécharger - Antivirus & Antimalwares
Anti trojan - Télécharger - Antivirus & Antimalwares
Virus trojan al11 ✓ - Forum Virus
Csrss.exe trojan fr ✓ - Forum Virus
Trojan win32 - Forum Virus

15 réponses

Réponse 1 / 15

Utilisateur anonyme

bonjour,

* [*] Télécharger et enregistre RogueKiller sur le bureau
https://www.luanagames.com/index.fr.html (by tigzy)
[*] Quitter tous les programmes
[*] Lancer RogueKiller.exe.
[*] Attendre que le Prescan ait fini ...
[*] Cliquer sur Scan. Cliquer sur Rapport et copier coller le contenu du notepad

Note : Si RogueKiller ne se lance pas, change son nom en Winlogon.

Tuto :
http://tigzyrk.blogspot.fr/2012/10/fr-roguekiller-tutoriel-officiel.html

Réponse 2 / 15

Butterflyc10 Messages postés 13 Statut Membre

Voici le rapport :

RogueKiller V8.6.11 _x64_ [Sep 11 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : F-04 [Droits d'admin]
Mode : Recherche -- Date : 09/12/2013 13:55:10
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 1 ¤¤¤
[SVCHOST] svchost.exe -- C:\Windows\SysWOW64\svchost.exe [-] -> TUÉ [TermProc]

¤¤¤ Entrees de registre : 4 ¤¤¤
[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Users\F-04\AppData\Local\Google\Desktop\Install\{09c0121e-64e5-42b8-4ec5-357cec0e90c4}\?????????\?????????\?????\{09c0121e-64e5-42b8-4ec5-357cec0e90c4}\GoogleUpdate.exe" >) -> TROUVÉ
[RUN][ZeroAccess] HKUS\S-1-5-21-1141830385-750584667-4248321909-1001\[...]\Run : Google Update ("C:\Users\F-04\AppData\Local\Google\Desktop\Install\{09c0121e-64e5-42b8-4ec5-357cec0e90c4}\?????????\?????????\?????\{09c0121e-64e5-42b8-4ec5-357cec0e90c4}\GoogleUpdate.exe" >) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
[ZeroAccess][Repertoire] Install : C:\Users\F-04\AppData\Local\Google\Desktop\Install [-] --> TROUVÉ

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK6459GSXP +++++
--- User ---
[MBR] 08bd3ea1d5ad9de06eb834118d8ddaa7
[BSP] 02d99ea7a92328888b91e27dd8d2c4e3 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15186 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31102976 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31307776 | Size: 595192 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_09122013_135510.txt >>

Merci !

Réponse 3 / 15

Utilisateur anonyme

relance roguekiller,

clique sur Suppression,

poste son rapport

O.o°*Membre, Contributeur sécurité CCM o°.Oø¤º°'°º¤ø
=>>Réspire à fond, Rédige ton message en bon français et de manièr claire. Cà va bien se passer, tu verras, enfin on essaie !!! o°Oø

Réponse 4 / 15

Butterflyc10 Messages postés 13 Statut Membre

Voici le nouveau rapport :

RogueKiller V8.6.11 _x64_ [Sep 11 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : F-04 [Droits d'admin]
Mode : Recherche -- Date : 09/12/2013 14:19:03
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
[ZeroAccess][Repertoire] Install : C:\Users\F-04\AppData\Local\Google\Desktop\Install [-] --> TROUVÉ

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK6459GSXP +++++
--- User ---
[MBR] 08bd3ea1d5ad9de06eb834118d8ddaa7
[BSP] 02d99ea7a92328888b91e27dd8d2c4e3 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15186 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31102976 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31307776 | Size: 595192 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_09122013_141903.txt >>
RKreport[0]_D_09122013_141505.txt;RKreport[0]_S_09122013_135510.txt;RKreport[0]_S_09122013_141443.txt

Il me redirige sur une page internet pour supprimer ZeroAccess
[ZeroAccess][Repertoire] Install : C:\Users\F-04\AppData\Local\Google\Desktop\Install [-] --> TROUVÉ

C'est quoi ça ?

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 15

Butterflyc10 Messages postés 13 Statut Membre

Lorsque j'essaie de le supprimer ça me post :

Accès au dossier refusé

Vous devez disposer d'une autorisation pour effectuer cette action.

Vous avez besoin d'une autorisation de la part de F-04-VAIO\F-04 pour modifier ce dossier :
{09c0121e-64e5-42b8-4ec5-357cec0e90c4}
Date de création : 2013-09-04 14:19

Comment je fais pour le supprimer ?

Merci !

Réponse 6 / 15

Utilisateur anonyme

clique sur continuer, si tu vois que le message réapparait, clique sur ignorer

Réponse 7 / 15

Butterflyc10 Messages postés 13 Statut Membre

J'ai seulement le choix entre

1. recommencer
2. annuler

Si je clique sur recommencer il se passe rien et si j'annule il se passe rien non plus ...

Est-ce qu'il y a une façon d'effacer ce virus au complet ?

Merci !

Réponse 8 / 15

Utilisateur anonyme

clique sur annuller dans ce cas !

Réponse 9 / 15

Butterflyc10 Messages postés 13 Statut Membre

Mais le dossier reste toujours là ...

Réponse 10 / 15

Utilisateur anonyme

on va s'en occuper!

* Télécharge TDSSKiller sur ton bureau :

https://support.kaspersky.com/downloads/utils/tdsskiller.exe

* Lance le ( Utilisateurs de vista/Seven -> Clic droit puis " Exécuter en tant qu'administrateur " )

* Clique sur [Start Scan] pour démarrer l'analyse.

* Si des élements sont trouvés, cliques sur [Continue] puis sur [Reboot Now]

* Un rapport s'ouvrira au redémarrage du PC.

* Copie/Colle son contenu dans ta prochaine réponse.

Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt.

note :
Conserve l'action proposée par défaut par l'outil :

- Si TDSS.tdl2 : l'option Delete sera cochée.
- Si TDSS.tdl3 ou TDSS.tdl4 : assure toi que Cure soit bien cochée.
- Si "Suspicious object" ou Sptd ou ForgedFile.Multi.Generic : laisse l'option cochée sur Skip
- Si Rootkit.Win32.ZAccess.* est détecté règle sur cure en haut , et delete en bas:D

Butterflyc10 Messages postés 13 Statut Membre

Il n'a rien trouve ..
Voici quand même le rapport sans le redemarage :

14:52:14.0018 6992 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:52:14.0423 6992 ============================================================
14:52:14.0423 6992 Current date / time: 2013/09/12 14:52:14.0423
14:52:14.0423 6992 SystemInfo:
14:52:14.0423 6992
14:52:14.0423 6992 OS Version: 6.1.7601 ServicePack: 1.0
14:52:14.0423 6992 Product type: Workstation
14:52:14.0423 6992 ComputerName: F-04-VAIO
14:52:14.0423 6992 UserName: F-04
14:52:14.0423 6992 Windows directory: C:\Windows
14:52:14.0423 6992 System windows directory: C:\Windows
14:52:14.0423 6992 Running under WOW64
14:52:14.0423 6992 Processor architecture: Intel x64
14:52:14.0423 6992 Number of processors: 4
14:52:14.0423 6992 Page size: 0x1000
14:52:14.0423 6992 Boot type: Normal boot
14:52:14.0423 6992 ============================================================
14:52:16.0162 6992 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:52:16.0166 6992 ============================================================
14:52:16.0166 6992 \Device\Harddisk0\DR0:
14:52:16.0166 6992 MBR partitions:
14:52:16.0166 6992 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1DA9800, BlocksNum 0x32000
14:52:16.0167 6992 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1DDB800, BlocksNum 0x48A7C000
14:52:16.0167 6992 ============================================================
14:52:16.0200 6992 C: <-> \Device\Harddisk0\DR0\Partition2
14:52:16.0200 6992 ============================================================
14:52:16.0200 6992 Initialize success
14:52:16.0200 6992 ============================================================
14:52:23.0927 7092 ============================================================
14:52:23.0927 7092 Scan started
14:52:23.0927 7092 Mode: Manual;
14:52:23.0927 7092 ============================================================
14:52:24.0410 7092 ================ Scan system memory ========================
14:52:24.0410 7092 System memory - ok
14:52:24.0410 7092 ================ Scan services =============================
14:52:24.0613 7092 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:52:24.0629 7092 1394ohci - ok
14:52:24.0722 7092 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:52:24.0753 7092 ACDaemon - ok
14:52:24.0816 7092 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:52:24.0863 7092 ACPI - ok
14:52:24.0894 7092 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:52:24.0972 7092 AcpiPmi - ok
14:52:25.0050 7092 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
14:52:25.0097 7092 Adobe LM Service - ok
14:52:25.0221 7092 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:52:25.0331 7092 AdobeARMservice - ok
14:52:25.0440 7092 [ 3109B16A0939BA11696EEB04F345D099 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:52:25.0471 7092 AdobeFlashPlayerUpdateSvc - ok
14:52:25.0533 7092 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:52:25.0596 7092 adp94xx - ok
14:52:25.0627 7092 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:52:25.0627 7092 adpahci - ok
14:52:25.0674 7092 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:52:25.0767 7092 adpu320 - ok
14:52:25.0799 7092 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:52:25.0877 7092 AeLookupSvc - ok
14:52:25.0923 7092 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:52:26.0001 7092 AFD - ok
14:52:26.0048 7092 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:52:26.0142 7092 agp440 - ok
14:52:26.0189 7092 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:52:26.0282 7092 ALG - ok
14:52:26.0329 7092 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:52:26.0329 7092 aliide - ok
14:52:26.0360 7092 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:52:26.0360 7092 amdide - ok
14:52:26.0423 7092 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:52:26.0423 7092 AmdK8 - ok
14:52:26.0423 7092 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:52:26.0423 7092 AmdPPM - ok
14:52:26.0469 7092 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:52:26.0469 7092 amdsata - ok
14:52:26.0501 7092 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:52:26.0501 7092 amdsbs - ok
14:52:26.0516 7092 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:52:26.0516 7092 amdxata - ok
14:52:26.0563 7092 [ D80CB25D90474C731C0D1312A6DE3B13 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
14:52:26.0563 7092 ApfiltrService - ok
14:52:26.0610 7092 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:52:26.0610 7092 AppID - ok
14:52:26.0625 7092 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:52:26.0625 7092 AppIDSvc - ok
14:52:26.0719 7092 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
14:52:26.0719 7092 Appinfo - ok
14:52:26.0875 7092 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:52:26.0875 7092 Apple Mobile Device - ok
14:52:26.0922 7092 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:52:26.0922 7092 arc - ok
14:52:26.0953 7092 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:52:26.0953 7092 arcsas - ok
14:52:27.0015 7092 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:52:27.0015 7092 ArcSoftKsUFilter - ok
14:52:27.0140 7092 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:52:27.0156 7092 aspnet_state - ok
14:52:27.0171 7092 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:52:27.0171 7092 AsyncMac - ok
14:52:27.0218 7092 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:52:27.0218 7092 atapi - ok
14:52:27.0265 7092 [ 50F257E19554421B6891E3F998EDCA90 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
14:52:27.0265 7092 AthBTPort - ok
14:52:27.0374 7092 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
14:52:27.0374 7092 Atheros Bt&Wlan Coex Agent - ok
14:52:27.0421 7092 [ EBC3119394C9074A9CD87578A435050D ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
14:52:27.0421 7092 AtherosSvc - ok
14:52:27.0515 7092 [ C8679A07267F030704168E45E27C3D43 ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:52:27.0936 7092 athr - ok
14:52:27.0983 7092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:52:28.0154 7092 AudioEndpointBuilder - ok
14:52:28.0170 7092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:52:28.0279 7092 AudioSrv - ok
14:52:28.0326 7092 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:52:28.0388 7092 AxInstSV - ok
14:52:28.0435 7092 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:52:28.0497 7092 b06bdrv - ok
14:52:28.0529 7092 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:52:28.0591 7092 b57nd60a - ok
14:52:28.0638 7092 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
14:52:28.0716 7092 BBSvc - ok
14:52:28.0731 7092 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:52:28.0825 7092 BDESVC - ok
14:52:28.0856 7092 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:52:28.0856 7092 Beep - ok
14:52:28.0919 7092 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:52:28.0981 7092 BFE - ok
14:52:29.0012 7092 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:52:29.0184 7092 BITS - ok
14:52:29.0231 7092 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:52:29.0293 7092 blbdrive - ok
14:52:29.0387 7092 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:52:29.0402 7092 Bonjour Service - ok
14:52:29.0418 7092 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:52:29.0418 7092 bowser - ok
14:52:29.0465 7092 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:52:29.0558 7092 BrFiltLo - ok
14:52:29.0574 7092 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:52:29.0652 7092 BrFiltUp - ok
14:52:29.0699 7092 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:52:29.0761 7092 Browser - ok
14:52:29.0792 7092 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:52:29.0870 7092 Brserid - ok
14:52:29.0870 7092 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:52:29.0964 7092 BrSerWdm - ok
14:52:29.0964 7092 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:52:30.0089 7092 BrUsbMdm - ok
14:52:30.0089 7092 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:52:30.0213 7092 BrUsbSer - ok
14:52:30.0245 7092 [ B3BCD755FA9A359D10208CC9F09847CC ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
14:52:30.0307 7092 BTATH_A2DP - ok
14:52:30.0338 7092 [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
14:52:30.0416 7092 btath_avdt - ok
14:52:30.0447 7092 [ D838DD1BCB328EFCFAD7A52DE9E3CAFD ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
14:52:30.0510 7092 BTATH_BUS - ok
14:52:30.0541 7092 [ A441B800E04CF8443FAF519207563ABB ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
14:52:30.0541 7092 BTATH_HCRP - ok
14:52:30.0588 7092 [ B16F8429A35BBA2A8EF9DB2E08675B97 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
14:52:30.0650 7092 BTATH_LWFLT - ok
14:52:30.0697 7092 [ C24231C6BDFE21735930084A22089AAB ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
14:52:30.0759 7092 BTATH_RCP - ok
14:52:30.0837 7092 [ 3632FA4C6B3CE9EC827690DEAC266D8C ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
14:52:30.0884 7092 BtFilter - ok
14:52:30.0931 7092 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:52:30.0993 7092 BthEnum - ok
14:52:31.0025 7092 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:52:31.0103 7092 BTHMODEM - ok
14:52:31.0134 7092 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:52:31.0212 7092 BthPan - ok
14:52:31.0274 7092 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:52:31.0337 7092 BTHPORT - ok
14:52:31.0368 7092 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:52:31.0446 7092 bthserv - ok
14:52:31.0477 7092 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:52:31.0578 7092 BTHUSB - ok
14:52:31.0601 7092 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:52:31.0679 7092 cdfs - ok
14:52:31.0695 7092 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:52:31.0789 7092 cdrom - ok
14:52:31.0835 7092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:52:31.0913 7092 CertPropSvc - ok
14:52:31.0976 7092 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:52:32.0038 7092 circlass - ok
14:52:32.0054 7092 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:52:32.0163 7092 CLFS - ok
14:52:32.0272 7092 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:52:32.0272 7092 clr_optimization_v2.0.50727_32 - ok
14:52:32.0319 7092 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:52:32.0381 7092 clr_optimization_v2.0.50727_64 - ok
14:52:32.0459 7092 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:52:32.0491 7092 clr_optimization_v4.0.30319_32 - ok
14:52:32.0522 7092 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:52:32.0615 7092 clr_optimization_v4.0.30319_64 - ok
14:52:32.0647 7092 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:52:32.0771 7092 CmBatt - ok
14:52:32.0787 7092 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:52:32.0912 7092 cmdide - ok
14:52:32.0943 7092 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
14:52:33.0021 7092 CNG - ok
14:52:33.0099 7092 [ 1F394DF3714ED4280047810790E6DF69 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:52:33.0255 7092 CnxtHdAudService - ok
14:52:33.0302 7092 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:52:33.0349 7092 Compbatt - ok
14:52:33.0380 7092 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:52:33.0458 7092 CompositeBus - ok
14:52:33.0473 7092 COMSysApp - ok
14:52:33.0505 7092 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:52:33.0567 7092 crcdisk - ok
14:52:33.0629 7092 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:52:33.0645 7092 CryptSvc - ok
14:52:33.0754 7092 [ FD557A50A65E44041CD2FCEF4BEB04DB ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:52:33.0817 7092 cvhsvc - ok
14:52:33.0895 7092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:52:34.0051 7092 DcomLaunch - ok
14:52:34.0066 7092 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:52:34.0160 7092 defragsvc - ok
14:52:34.0191 7092 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:52:34.0269 7092 DfsC - ok
14:52:34.0316 7092 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:52:34.0378 7092 Dhcp - ok
14:52:34.0394 7092 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:52:34.0487 7092 discache - ok
14:52:34.0534 7092 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:52:34.0612 7092 Disk - ok
14:52:34.0643 7092 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:52:34.0737 7092 Dnscache - ok
14:52:34.0753 7092 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:52:34.0768 7092 dot3svc - ok
14:52:34.0815 7092 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:52:34.0893 7092 Dot4 - ok
14:52:34.0924 7092 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:52:35.0002 7092 Dot4Print - ok
14:52:35.0018 7092 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:52:35.0111 7092 dot4usb - ok
14:52:35.0143 7092 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:52:35.0143 7092 DPS - ok
14:52:35.0189 7092 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:52:35.0189 7092 drmkaud - ok
14:52:35.0283 7092 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:52:35.0299 7092 DXGKrnl - ok
14:52:35.0361 7092 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
14:52:35.0548 7092 e1yexpress - ok
14:52:35.0564 7092 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:52:35.0564 7092 EapHost - ok
14:52:35.0657 7092 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:52:35.0689 7092 ebdrv - ok
14:52:35.0720 7092 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:52:35.0720 7092 EFS - ok
14:52:35.0798 7092 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:52:35.0813 7092 ehRecvr - ok
14:52:35.0845 7092 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:52:35.0845 7092 ehSched - ok
14:52:35.0876 7092 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:52:35.0876 7092 elxstor - ok
14:52:35.0876 7092 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:52:35.0876 7092 ErrDev - ok
14:52:35.0923 7092 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:52:35.0923 7092 EventSystem - ok
14:52:35.0954 7092 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:52:35.0954 7092 exfat - ok
14:52:35.0969 7092 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:52:35.0969 7092 fastfat - ok
14:52:36.0032 7092 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:52:36.0032 7092 Fax - ok
14:52:36.0079 7092 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:52:36.0079 7092 fdc - ok
14:52:36.0141 7092 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:52:36.0141 7092 fdPHost - ok
14:52:36.0172 7092 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:52:36.0172 7092 FDResPub - ok
14:52:36.0235 7092 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:52:36.0235 7092 FileInfo - ok
14:52:36.0250 7092 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:52:36.0250 7092 Filetrace - ok
14:52:36.0313 7092 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:52:36.0313 7092 flpydisk - ok
14:52:36.0360 7092 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:52:36.0376 7092 FltMgr - ok
14:52:36.0454 7092 [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb C:\Windows\system32\DRIVERS\FlyUsb.sys
14:52:36.0454 7092 FlyUsb - ok
14:52:36.0532 7092 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
14:52:36.0548 7092 FontCache - ok
14:52:36.0610 7092 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:52:36.0610 7092 FontCache3.0.0.0 - ok
14:52:36.0642 7092 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:52:36.0658 7092 FsDepends - ok
14:52:36.0689 7092 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:52:36.0689 7092 Fs_Rec - ok
14:52:36.0751 7092 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:52:36.0861 7092 fvevol - ok
14:52:36.0907 7092 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:52:37.0017 7092 gagp30kx - ok
14:52:37.0079 7092 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:52:37.0141 7092 GEARAspiWDM - ok
14:52:37.0173 7092 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:52:37.0251 7092 gpsvc - ok
14:52:37.0329 7092 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:52:37.0376 7092 gupdate - ok
14:52:37.0408 7092 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:52:37.0486 7092 gupdatem - ok
14:52:37.0564 7092 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:52:37.0610 7092 gusvc - ok
14:52:37.0642 7092 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:52:37.0735 7092 hcw85cir - ok
14:52:37.0782 7092 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:52:37.0860 7092 HdAudAddService - ok
14:52:37.0907 7092 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:52:37.0907 7092 HDAudBus - ok
14:52:37.0922 7092 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:52:38.0000 7092 HidBatt - ok
14:52:38.0016 7092 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:52:38.0219 7092 HidBth - ok
14:52:38.0234 7092 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:52:38.0344 7092 HidIr - ok
14:52:38.0375 7092 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:52:38.0469 7092 hidserv - ok
14:52:38.0516 7092 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:52:38.0579 7092 HidUsb - ok
14:52:38.0610 7092 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:52:38.0610 7092 hkmsvc - ok
14:52:38.0625 7092 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:52:38.0735 7092 HomeGroupListener - ok
14:52:38.0750 7092 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:52:38.0859 7092 HomeGroupProvider - ok
14:52:38.0875 7092 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:52:38.0953 7092 HpSAMD - ok
14:52:38.0984 7092 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:52:38.0984 7092 HTTP - ok
14:52:39.0000 7092 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:52:39.0000 7092 hwpolicy - ok
14:52:39.0015 7092 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:52:39.0015 7092 i8042prt - ok
14:52:39.0109 7092 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\drivers\iaStor.sys
14:52:39.0218 7092 iaStor - ok
14:52:39.0296 7092 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:52:39.0327 7092 IAStorDataMgrSvc - ok
14:52:39.0374 7092 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:52:39.0524 7092 iaStorV - ok
14:52:39.0602 7092 [ 6F3909A3D40CC9F4B28E03B027F918D8 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:52:39.0758 7092 IconMan_R - ok
14:52:39.0820 7092 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:52:39.0882 7092 idsvc - ok
14:52:40.0210 7092 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:52:40.0428 7092 igfx - ok
14:52:40.0460 7092 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:52:40.0538 7092 iirsp - ok
14:52:40.0569 7092 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:52:40.0772 7092 IKEEXT - ok
14:52:40.0818 7092 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:52:40.0881 7092 IntcDAud - ok
14:52:40.0912 7092 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:52:40.0912 7092 intelide - ok
14:52:40.0959 7092 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:52:41.0068 7092 intelppm - ok
14:52:41.0084 7092 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:52:41.0177 7092 IPBusEnum - ok
14:52:41.0193 7092 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:52:41.0286 7092 IpFilterDriver - ok
14:52:41.0333 7092 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:52:41.0411 7092 iphlpsvc - ok
14:52:41.0442 7092 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:52:41.0505 7092 IPMIDRV - ok
14:52:41.0520 7092 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:52:41.0614 7092 IPNAT - ok
14:52:41.0692 7092 [ 78486992AC657AE5065C4A2135838570 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:52:41.0741 7092 iPod Service - ok
14:52:41.0780 7092 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:52:41.0858 7092 IRENUM - ok
14:52:41.0905 7092 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:52:41.0905 7092 isapnp - ok
14:52:41.0967 7092 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:52:42.0029 7092 iScsiPrt - ok
14:52:42.0076 7092 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:52:42.0154 7092 kbdclass - ok
14:52:42.0170 7092 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:52:42.0248 7092 kbdhid - ok
14:52:42.0263 7092 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:52:42.0357 7092 KeyIso - ok
14:52:42.0388 7092 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:52:42.0482 7092 KSecDD - ok
14:52:42.0513 7092 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:52:42.0575 7092 KSecPkg - ok
14:52:42.0622 7092 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:52:42.0669 7092 ksthunk - ok
14:52:42.0700 7092 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:52:42.0872 7092 KtmRm - ok
14:52:42.0919 7092 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:52:43.0075 7092 LanmanServer - ok
14:52:43.0090 7092 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:52:43.0246 7092 LanmanWorkstation - ok
14:52:43.0528 7092 [ C8158791418A749F981D1423C74BA4EE ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
14:52:43.0824 7092 LeapFrog Connect Device Service - ok
14:52:43.0887 7092 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:52:43.0965 7092 lltdio - ok
14:52:43.0996 7092 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:52:44.0090 7092 lltdsvc - ok
14:52:44.0105 7092 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:52:44.0183 7092 lmhosts - ok
14:52:44.0214 7092 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:52:44.0277 7092 LMS - ok
14:52:44.0324 7092 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:52:44.0402 7092 LSI_FC - ok
14:52:44.0402 7092 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:52:44.0496 7092 LSI_SAS - ok
14:52:44.0512 7092 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:52:44.0605 7092 LSI_SAS2 - ok
14:52:44.0637 7092 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:52:44.0637 7092 LSI_SCSI - ok
14:52:44.0652 7092 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:52:44.0652 7092 luafv - ok
14:52:44.0715 7092 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:52:44.0824 7092 Mcx2Svc - ok
14:52:44.0839 7092 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:52:44.0839 7092 megasas - ok
14:52:44.0871 7092 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:52:44.0964 7092 MegaSR - ok
14:52:44.0995 7092 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:52:45.0089 7092 MEIx64 - ok
14:52:45.0120 7092 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:52:45.0214 7092 MMCSS - ok
14:52:45.0229 7092 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:52:45.0307 7092 Modem - ok
14:52:45.0354 7092 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:52:45.0417 7092 monitor - ok
14:52:45.0448 7092 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:52:45.0511 7092 mouclass - ok
14:52:45.0527 7092 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:52:45.0636 7092 mouhid - ok
14:52:45.0652 7092 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:52:45.0730 7092 mountmgr - ok
14:52:45.0761 7092 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:52:45.0761 7092 mpio - ok
14:52:45.0776 7092 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:52:45.0776 7092 mpsdrv - ok
14:52:45.0823 7092 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:52:45.0839 7092 MpsSvc - ok
14:52:45.0870 7092 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:52:45.0870 7092 MRxDAV - ok
14:52:45.0901 7092 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:52:46.0010 7092 mrxsmb - ok
14:52:46.0026 7092 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:52:46.0120 7092 mrxsmb10 - ok
14:52:46.0135 7092 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:52:46.0229 7092 mrxsmb20 - ok
14:52:46.0260 7092 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:52:46.0338 7092 msahci - ok
14:52:46.0385 7092 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:52:46.0463 7092 msdsm - ok
14:52:46.0494 7092 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:52:46.0588 7092 MSDTC - ok
14:52:46.0619 7092 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:52:46.0697 7092 Msfs - ok
14:52:46.0712 7092 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:52:46.0810 7092 mshidkmdf - ok
14:52:46.0823 7092 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:52:46.0918 7092 msisadrv - ok
14:52:46.0942 7092 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:52:47.0035 7092 MSiSCSI - ok
14:52:47.0037 7092 msiserver - ok
14:52:47.0037 7092 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:52:47.0147 7092 MSKSSRV - ok
14:52:47.0162 7092 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:52:47.0256 7092 MSPCLOCK - ok
14:52:47.0271 7092 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:52:47.0271 7092 MSPQM - ok
14:52:47.0303 7092 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:52:47.0396 7092 MsRPC - ok
14:52:47.0427 7092 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:52:47.0521 7092 mssmbios - ok
14:52:47.0552 7092 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:52:47.0615 7092 MSTEE - ok
14:52:47.0615 7092 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:52:47.0724 7092 MTConfig - ok
14:52:47.0739 7092 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:52:47.0833 7092 Mup - ok
14:52:47.0864 7092 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:52:47.0942 7092 napagent - ok
14:52:48.0005 7092 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:52:48.0051 7092 NativeWifiP - ok
14:52:48.0114 7092 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:52:48.0161 7092 NDIS - ok
14:52:48.0192 7092 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:52:48.0285 7092 NdisCap - ok
14:52:48.0317 7092 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:52:48.0395 7092 NdisTapi - ok
14:52:48.0426 7092 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:52:48.0519 7092 Ndisuio - ok
14:52:48.0535 7092 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:52:48.0535 7092 NdisWan - ok
14:52:48.0551 7092 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:52:48.0660 7092 NDProxy - ok
14:52:48.0707 7092 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:52:48.0769 7092 Net Driver HPZ12 - ok
14:52:48.0800 7092 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:52:48.0909 7092 NetBIOS - ok
14:52:48.0941 7092 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:52:49.0019 7092 NetBT - ok
14:52:49.0034 7092 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:52:49.0128 7092 Netlogon - ok
14:52:49.0190 7092 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:52:49.0253 7092 Netman - ok
14:52:49.0299 7092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:49.0362 7092 NetMsmqActivator - ok
14:52:49.0377 7092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:49.0487 7092 NetPipeActivator - ok
14:52:49.0502 7092 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:52:49.0721 7092 netprofm - ok
14:52:49.0736 7092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:49.0830 7092 NetTcpActivator - ok
14:52:49.0830 7092 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:52:49.0939 7092 NetTcpPortSharing - ok
14:52:49.0955 7092 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:52:50.0064 7092 nfrd960 - ok
14:52:50.0126 7092 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:52:50.0173 7092 NlaSvc - ok
14:52:50.0204 7092 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:52:50.0298 7092 Npfs - ok
14:52:50.0313 7092 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:52:50.0407 7092 nsi - ok
14:52:50.0423 7092 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:52:50.0423 7092 nsiproxy - ok
14:52:50.0485 7092 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:52:50.0672 7092 Ntfs - ok
14:52:50.0703 7092 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:52:50.0766 7092 Null - ok
14:52:51.0062 7092 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:52:51.0265 7092 nvlddmkm - ok
14:52:51.0296 7092 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:52:51.0359 7092 nvraid - ok
14:52:51.0390 7092 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:52:51.0483 7092 nvstor - ok
14:52:51.0515 7092 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:52:51.0593 7092 nv_agp - ok
14:52:51.0655 7092 [ 7D27F4004CC8DC8997A5633FAB86A9A8 ] Oasis2Service C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
14:52:51.0702 7092 Oasis2Service - ok
14:52:51.0733 7092 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:52:51.0733 7092 ohci1394 - ok
14:52:51.0780 7092 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:52:51.0873 7092 ose - ok
14:52:52.0061 7092 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:52:52.0251 7092 osppsvc - ok
14:52:52.0290 7092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:52:52.0461 7092 p2pimsvc - ok
14:52:52.0492 7092 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:52:52.0695 7092 p2psvc - ok
14:52:52.0726 7092 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:52:52.0820 7092 Parport - ok
14:52:52.0882 7092 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:52:52.0882 7092 partmgr - ok
14:52:52.0913 7092 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:52:52.0913 7092 PcaSvc - ok
14:52:52.0945 7092 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:52:52.0945 7092 pci - ok
14:52:52.0976 7092 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:52:52.0976 7092 pciide - ok
14:52:53.0007 7092 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:52:53.0007 7092 pcmcia - ok
14:52:53.0023 7092 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:52:53.0023 7092 pcw - ok
14:52:53.0054 7092 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:52:53.0054 7092 PEAUTH - ok
14:52:53.0147 7092 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:52:53.0147 7092 PerfHost - ok
14:52:53.0194 7092 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:52:53.0210 7092 pla - ok
14:52:53.0272 7092 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:52:53.0272 7092 PlugPlay - ok
14:52:53.0366 7092 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
14:52:53.0366 7092 PMBDeviceInfoProvider - ok
14:52:53.0756 7092 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:52:53.0756 7092 Pml Driver HPZ12 - ok
14:52:53.0787 7092 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:52:53.0787 7092 PNRPAutoReg - ok
14:52:53.0818 7092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:52:53.0818 7092 PNRPsvc - ok
14:52:53.0849 7092 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:52:53.0849 7092 PolicyAgent - ok
14:52:53.0896 7092 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:52:53.0896 7092 Power - ok
14:52:53.0927 7092 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:52:53.0927 7092 PptpMiniport - ok
14:52:53.0943 7092 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:52:53.0943 7092 Processor - ok
14:52:53.0974 7092 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:52:53.0974 7092 ProfSvc - ok
14:52:53.0990 7092 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:52:53.0990 7092 ProtectedStorage - ok
14:52:54.0021 7092 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:52:54.0021 7092 Psched - ok
14:52:54.0130 7092 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:52:54.0146 7092 ql2300 - ok
14:52:54.0146 7092 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:52:54.0146 7092 ql40xx - ok
14:52:54.0193 7092 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:52:54.0193 7092 QWAVE - ok
14:52:54.0208 7092 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:52:54.0224 7092 QWAVEdrv - ok
14:52:54.0224 7092 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:52:54.0224 7092 RasAcd - ok
14:52:54.0255 7092 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:52:54.0255 7092 RasAgileVpn - ok
14:52:54.0271 7092 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:52:54.0271 7092 RasAuto - ok
14:52:54.0302 7092 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:52:54.0302 7092 Rasl2tp - ok
14:52:54.0333 7092 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:52:54.0349 7092 RasMan - ok
14:52:54.0364 7092 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:52:54.0364 7092 RasPppoe - ok
14:52:54.0395 7092 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:52:54.0395 7092 RasSstp - ok
14:52:54.0411 7092 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:52:54.0411 7092 rdbss - ok
14:52:54.0427 7092 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:52:54.0427 7092 rdpbus - ok
14:52:54.0442 7092 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:52:54.0442 7092 RDPCDD - ok
14:52:54.0458 7092 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:52:54.0458 7092 RDPENCDD - ok
14:52:54.0473 7092 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:52:54.0473 7092 RDPREFMP - ok
14:52:54.0520 7092 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:52:54.0520 7092 RdpVideoMiniport - ok
14:52:54.0551 7092 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:52:54.0551 7092 RDPWD - ok
14:52:54.0567 7092 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:52:54.0583 7092 rdyboost - ok
14:52:54.0614 7092 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:52:54.0614 7092 RemoteAccess - ok
14:52:54.0629 7092 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:52:54.0645 7092 RemoteRegistry - ok
14:52:54.0676 7092 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:52:54.0676 7092 RFCOMM - ok
14:52:54.0723 7092 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
14:52:54.0723 7092 RimUsb - ok
14:52:54.0754 7092 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:52:54.0754 7092 RpcEptMapper - ok
14:52:54.0785 7092 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:52:54.0785 7092 RpcLocator - ok
14:52:54.0817 7092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:52:54.0817 7092 RpcSs - ok
14:52:54.0863 7092 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
14:52:54.0863 7092 RSPCIESTOR - ok
14:52:54.0895 7092 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:52:54.0895 7092 rspndr - ok
14:52:54.0941 7092 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:52:54.0941 7092 RTL8167 - ok
14:52:54.0957 7092 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:52:54.0957 7092 SamSs - ok
14:52:54.0973 7092 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:52:54.0973 7092 sbp2port - ok
14:52:55.0019 7092 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:52:55.0019 7092 SCardSvr - ok
14:52:55.0035 7092 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:52:55.0035 7092 scfilter - ok
14:52:55.0066 7092 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:52:55.0082 7092 Schedule - ok
14:52:55.0113 7092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:52:55.0113 7092 SCPolicySvc - ok
14:52:55.0144 7092 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:52:55.0144 7092 sdbus - ok
14:52:55.0160 7092 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:52:55.0160 7092 SDRSVC - ok
14:52:55.0207 7092 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
14:52:55.0207 7092 SeaPort - ok
14:52:55.0238 7092 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:52:55.0238 7092 secdrv - ok
14:52:55.0269 7092 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:52:55.0269 7092 seclogon - ok
14:52:55.0285 7092 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:52:55.0285 7092 SENS - ok
14:52:55.0316 7092 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:52:55.0316 7092 SensrSvc - ok
14:52:55.0347 7092 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
14:52:55.0347 7092 Serenum - ok
14:52:55.0363 7092 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
14:52:55.0363 7092 Serial - ok
14:52:55.0363 7092 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:52:55.0363 7092 sermouse - ok
14:52:55.0409 7092 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:52:55.0409 7092 SessionEnv - ok
14:52:55.0441 7092 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
14:52:55.0441 7092 SFEP - ok
14:52:55.0441 7092 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:52:55.0441 7092 sffdisk - ok
14:52:55.0456 7092 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:52:55.0456 7092 sffp_mmc - ok
14:52:55.0456 7092 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:52:55.0456 7092 sffp_sd - ok
14:52:55.0456 7092 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:52:55.0456 7092 sfloppy - ok
14:52:55.0519 7092 [ 2046AA7491DE7EFA4D70E615D9BC9D09 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
14:52:55.0534 7092 Sftfs - ok
14:52:55.0612 7092 [ 77C5A741A7452812F278EF2C18478862 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:52:55.0612 7092 sftlist - ok
14:52:55.0628 7092 [ 0E0446BC4D51BE4263ACB7E33491191C ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:52:55.0628 7092 Sftplay - ok
14:52:55.0690 7092 [ C5FB982CD266E604ED3142102C26D62C ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:52:55.0690 7092 Sftredir - ok
14:52:55.0706 7092 [ 2575511AF67AA1FA068CCC4918E2C2A3 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
14:52:55.0706 7092 Sftvol - ok
14:52:55.0753 7092 [ 39B1D0A636A400304565D4521FAD6D77 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:52:55.0753 7092 sftvsa - ok
14:52:55.0800 7092 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:52:55.0800 7092 SharedAccess - ok
14:52:55.0815 7092 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:52:55.0815 7092 ShellHWDetection - ok
14:52:55.0846 7092 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:52:55.0846 7092 SiSRaid2 - ok
14:52:55.0846 7092 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:52:55.0846 7092 SiSRaid4 - ok
14:52:55.0924 7092 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:52:55.0924 7092 SkypeUpdate - ok
14:52:55.0956 7092 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:52:55.0956 7092 Smb - ok
14:52:55.0987 7092 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:52:55.0987 7092 SNMPTRAP - ok
14:52:56.0065 7092 [ DDF2EC98AF6FC70608A4F9CE4DB52758 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
14:52:56.0065 7092 SOHCImp - ok
14:52:56.0080 7092 [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
14:52:56.0080 7092 SOHDs - ok
14:52:56.0112 7092 [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
14:52:56.0112 7092 SpfService - ok
14:52:56.0143 7092 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:52:56.0143 7092 spldr - ok
14:52:56.0190 7092 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:52:56.0190 7092 Spooler - ok
14:52:56.0268 7092 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:52:56.0283 7092 sppsvc - ok
14:52:56.0314 7092 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:52:56.0314 7092 sppuinotify - ok
14:52:56.0346 7092 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:52:56.0346 7092 srv - ok
14:52:56.0377 7092 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:52:56.0377 7092 srv2 - ok
14:52:56.0392 7092 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:52:56.0392 7092 srvnet - ok
14:52:56.0424 7092 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:52:56.0517 7092 SSDPSRV - ok
14:52:56.0595 7092 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:52:56.0642 7092 SstpSvc - ok
14:52:56.0814 7092 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:52:56.0814 7092 stexstor - ok
14:52:56.0954 7092 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:52:56.0970 7092 stisvc - ok
14:52:57.0016 7092 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:52:57.0016 7092 swenum - ok
14:52:57.0110 7092 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:52:57.0110 7092 swprv - ok
14:52:57.0188 7092 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:52:57.0204 7092 SysMain - ok
14:52:57.0235 7092 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:52:57.0235 7092 TabletInputService - ok
14:52:57.0297 7092 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:52:57.0297 7092 TapiSrv - ok
14:52:57.0344 7092 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:52:57.0344 7092 TBS - ok
14:52:57.0470 7092 [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:52:57.0485 7092 Tcpip - ok
14:52:57.0517 7092 [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:52:57.0532 7092 TCPIP6 - ok
14:52:57.0563 7092 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:52:57.0563 7092 tcpipreg - ok
14:52:57.0595 7092 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:52:57.0595 7092 TDPIPE - ok
14:52:57.0626 7092 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:52:57.0626 7092 TDTCP - ok
14:52:57.0641 7092 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:52:57.0641 7092 tdx - ok
14:52:57.0657 7092 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:52:57.0657 7092 TermDD - ok
14:52:57.0704 7092 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:52:57.0719 7092 TermService - ok
14:52:57.0735 7092 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:52:57.0735 7092 Themes - ok
14:52:57.0766 7092 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:52:57.0766 7092 THREADORDER - ok
14:52:57.0782 7092 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:52:57.0782 7092 TrkWks - ok
14:52:57.0829 7092 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:52:57.0829 7092 TrustedInstaller - ok
14:52:57.0875 7092 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:52:57.0875 7092 tssecsrv - ok
14:52:57.0907 7092 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:52:57.0907 7092 TsUsbFlt - ok
14:52:57.0938 7092 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:52:57.0938 7092 TsUsbGD - ok
14:52:57.0969 7092 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:52:57.0969 7092 tunnel - ok
14:52:57.0985 7092 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:52:57.0985 7092 uagp35 - ok
14:52:58.0047 7092 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
14:52:58.0047 7092 uCamMonitor - ok
14:52:58.0063 7092 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:52:58.0078 7092 udfs - ok
14:52:58.0109 7092 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:52:58.0109 7092 UI0Detect - ok
14:52:58.0141 7092 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:52:58.0156 7092 uliagpkx - ok
14:52:58.0172 7092 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:52:58.0172 7092 umbus - ok
14:52:58.0172 7092 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:52:58.0172 7092 UmPass - ok
14:52:58.0281 7092 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:52:58.0297 7092 UNS - ok
14:52:58.0328 7092 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:52:58.0328 7092 upnphost - ok
14:52:58.0375 7092 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:52:58.0375 7092 USBAAPL64 - ok
14:52:58.0406 7092 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:52:58.0421 7092 usbccgp - ok
14:52:58.0437 7092 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:52:58.0453 7092 usbcir - ok
14:52:58.0468 7092 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:52:58.0468 7092 usbehci - ok
14:52:58.0484 7092 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:52:5

Butterflyc10 Messages postés 13 Statut Membre

Voici le nouveau rapport de RogueKiller:

RogueKiller V8.6.11 _x64_ [Sep 11 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : F-04 [Droits d'admin]
Mode : Recherche -- Date : 09/12/2013 14:52:56
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK6459GSXP +++++
--- User ---
[MBR] 08bd3ea1d5ad9de06eb834118d8ddaa7
[BSP] 02d99ea7a92328888b91e27dd8d2c4e3 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15186 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31102976 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31307776 | Size: 595192 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_09122013_145256.txt >>
RKreport[0]_D_09122013_141505.txt;RKreport[0]_D_09122013_145132.txt;RKreport[0]_S_09122013_135510.txt
RKreport[0]_S_09122013_141443.txt;RKreport[0]_S_09122013_141903.txt

C'est étrange le dossier est supprimé ...

Butterflyc10 Messages postés 13 Statut Membre

J'ai fait un nouveau scan avec RogueKiller et il a trouver autre chose :

RogueKiller V8.6.11 _x64_ [Sep 11 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : F-04 [Droits d'admin]
Mode : Recherche -- Date : 09/12/2013 15:03:49
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 2 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK6459GSXP +++++
--- User ---
[MBR] 08bd3ea1d5ad9de06eb834118d8ddaa7
[BSP] 02d99ea7a92328888b91e27dd8d2c4e3 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15186 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31102976 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31307776 | Size: 595192 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_09122013_150349.txt >>
RKreport[0]_D_09122013_141505.txt;RKreport[0]_D_09122013_145132.txt;RKreport[0]_S_09122013_135510.txt
RKreport[0]_S_09122013_141443.txt;RKreport[0]_S_09122013_141903.txt;RKreport[0]_S_09122013_145256.txt

Est-ce le même virus ?

Merci !

Butterflyc10 Messages postés 13 Statut Membre

J'ai omis de préciser que j'ai exécuter RogueKiller en tant qu'administratrice (bouton de droit)... est-ce que ça fait une différence ?

Merci !

Réponse 11 / 15

Utilisateur anonyme

ok,

ton pc est infecté par zeroacces !

? Télécharger et enregistre ADWcleaner sur ton bureau (Merci à Xplode) :

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Lance le,

clique sur scanner
Patiente jusqu'à la fin,
Une fois le scan terminé, clique sur le rapport
Copie et colle la totalité du rapport sur ton prochain message

Réponse 12 / 15

Butterflyc10 Messages postés 13 Statut Membre

Voici le nouveau rapport de AdwCleaner :

# AdwCleaner v3.003 - Rapport créé le 12/09/2013 à 15:35:13
# Mis à jour le 07/09/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : F-04 - F-04-VAIO
# Exécuté depuis : C:\Users\F-04\Desktop\adwcleaner.exe
# Option : Scanner

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

Dossier Présent C:\Program Files (x86)\Conduit
Dossier Présent C:\Users\F-04\AppData\Local\Conduit
Dossier Présent C:\Users\F-04\AppData\LocalLow\Conduit
Dossier Présent C:\Users\F-04\AppData\LocalLow\PriceGong
Fichier Présent : C:\END

***** [ Raccourcis ] *****

***** [ Registre ] *****

Clé Présente : HKCU\Software\AppDataLow\Software\Conduit
Clé Présente : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clé Présente : HKCU\Software\AppDataLow\Software\PriceGong
Clé Présente : HKCU\Software\AppDataLow\Software\SmartBar
Clé Présente : HKCU\Software\Softonic
Clé Présente : [x64] HKCU\Software\Softonic
Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Présente : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT3101810
Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Clé Présente : HKLM\Software\Conduit
Clé Présente : HKLM\Software\DeviceVM
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_clouds-sheep_RASAPI32
Clé Présente : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_clouds-sheep_RASMANCS
Clé Présente : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16686

-\\ Google Chrome v29.0.1547.66

[ Fichier : C:\Users\F-04\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2092 octets] - [12/09/2013 15:35:13]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2152 octets] ##########

Réponse 13 / 15

Utilisateur anonyme

relance ADWC, clique sur Nettoyer,

poste son rapport près le redémarrage du pc,

on continue là dessus demain :D

@ +

Butterflyc10 Messages postés 13 Statut Membre

Voici le nouveau rapport :

# AdwCleaner v3.003 - Rapport créé le 12/09/2013 à 21:15:47
# Mis à jour le 07/09/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : F-04 - F-04-VAIO
# Exécuté depuis : C:\Users\F-04\Desktop\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Program Files (x86)\Conduit
Dossier Supprimé : C:\Users\F-04\AppData\Local\Conduit
Dossier Supprimé : C:\Users\F-04\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\F-04\AppData\LocalLow\PriceGong
Fichier Supprimé : C:\END

***** [ Raccourcis ] *****

***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT3101810
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_clouds-sheep_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_clouds-sheep_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\DeviceVM
Clé Supprimée : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16686

-\\ Google Chrome v29.0.1547.66

[ Fichier : C:\Users\F-04\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2240 octets] - [12/09/2013 15:35:13]
AdwCleaner[S0].txt - [2143 octets] - [12/09/2013 21:15:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2203 octets] ##########

Merci à demain !

Réponse 14 / 15

Utilisateur anonyme

relance ADWC, clique sur désinstaller,

* /!\Avertissement :
Ce logiciel n'est à utiliser que prescrit par un helper qualifié.
Ne pas utiliser en dehors de ce cas de figure : dangereux!

► Télécharges ComboFix à partir de ce lien et enregistres le sur ton bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
ou ici :
https://forum.pcastuces.com/combofix_renomme_au_telechargement-f31s22.htm
A lire
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

Avant d'utiliser ComboFix :

► ferme les fenêtres de tous les programmes en cours.

► Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe.

/!\Utilisateur de Vista & Windows7 : Clique droit sur le logo de Combofix, « exécuter en tant qu'Administrateur »

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

- il se peut que Combofix ait besoin de se connecter à internet pour trouver les mises à jour, donc il faut l'autoriser.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\ComboFix\ComboFix.txt)
► Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
► Reviens sur le forum, et copie et colle la totalité du contenu de Combofix.txt dans ton prochain message.

Butterflyc10 Messages postés 13 Statut Membre

Excuse-moi je n'étais pas chez moi aujourd'hui !

Voici le nouveau rapport :

ComboFix 13-09-13.03 - F-04 2013-09-13 21:19:54.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.2.1036.18.6092.4323 [GMT -4:00]
Lancé depuis: c:\users\F-04\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\sdelevURL.tmp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-08-14 au 2013-09-14 ))))))))))))))))))))))))))))))))))))
.
.
2013-09-14 01:25 . 2013-09-14 01:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-13 11:54 . 2013-09-13 11:54 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49566611-7F2A-45CA-8CD4-5C158D2D3134}\offreg.dll
2013-09-13 11:53 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49566611-7F2A-45CA-8CD4-5C158D2D3134}\mpengine.dll
2013-09-11 23:09 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-11 23:08 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-11 23:08 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-08-29 16:39 . 2013-08-29 16:39 -------- d-----w- c:\program files\iPod
2013-08-29 16:39 . 2013-08-29 16:40 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-29 16:39 . 2013-08-29 16:40 -------- d-----w- c:\program files\iTunes
2013-08-29 16:39 . 2013-08-29 16:40 -------- d-----w- c:\program files (x86)\iTunes
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-14 00:32 . 2012-06-27 11:32 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-14 00:32 . 2012-06-27 11:32 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-12 16:30 . 2012-06-21 22:32 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-02 01:48 . 2013-09-11 23:09 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 22:05 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 22:05 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 22:05 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 22:05 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-16 18:32 . 2013-04-29 13:23 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-07-16 18:32 . 2013-04-24 17:41 573776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-07-09 05:52 . 2013-08-14 22:10 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 22:05 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 22:10 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 22:10 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 22:10 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 22:05 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 22:10 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 22:10 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 22:10 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 22:10 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-14 22:05 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-26 23:21 . 2013-06-26 23:21 23208 ----a-w- c:\windows\system32\drivers\Sftvollh.sys
2013-06-26 23:21 . 2013-06-26 23:21 28840 ----a-w- c:\windows\system32\drivers\Sftredirlh.sys
2013-06-26 23:21 . 2013-06-26 23:21 273576 ----a-w- c:\windows\system32\drivers\Sftplaylh.sys
2013-06-26 23:21 . 2013-06-26 23:21 1777320 ----a-w- c:\windows\system32\sftldr.dll
2013-06-26 23:21 . 2013-06-26 23:21 1130664 ----a-w- c:\windows\SysWow64\sftldr_wow64.dll
2013-06-26 23:21 . 2013-06-26 23:21 767144 ----a-w- c:\windows\system32\drivers\Sftfslh.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WeatherEye"="c:\users\F-04\AppData\Local\MétéoMédia\weathereye.exe" [2012-08-30 310920]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-27 648032]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-08-17 295304]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-08-16 152392]
.
c:\users\F-04\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Camera Monitor SD.lnk - c:\program files (x86)\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe [2012-10-12 541976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys;c:\windows\SYSNATIVE\DRIVERS\FlyUsb.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe;c:\program files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe;c:\program files\Sony\VAIO Update 5\VUAgent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 01:18 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2013-09-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-27 00:32]
.
2013-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-25 20:27]
.
2013-09-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-25 20:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418328]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.ca/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.2.1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{bb45ef8e-1e36-4535-a017-ec908fb1e335} - (no file)
URLSearchHooks-{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{BB45EF8E-1E36-4535-A017-EC908FB1E335} - (no file)
WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2013-09-13 21:29:18
ComboFix-quarantined-files.txt 2013-09-14 01:29
.
Avant-CF: 327 070 691 328 octets libres
Après-CF: 338 443 403 264 octets libres
.
- - End Of File - - 7BC1D9989292F515C5CF116C475A1ED6

Merci !

Réponse 15 / 15

Utilisateur anonyme

super,

* Télécharge ZHPDiag sur ton bureau :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

ou
http://www.premiumorange.com/zeb-help-process/zhpdiag.html

* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.

/!\Utilisateur de Vista, Seven et W8 :

* Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »

=> L'icône est sous forme de parchemin.

* Clique sur configurer, puis sur la la loupe + .

* Laisse travailler l'outil, même s'il semble bloqué !

* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur Cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum :

https://www.cjoint.com/ => https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers

tuto zhpdiag :

http://nicolascoolman.webs.com/tutorials.htm

Discussions similaires

Menace détectée TrojanSMS-PA sur Google Huawei/Android

qu'est ce qu'un "trojan agent/gen" ? svp

Comment supprimer le virus Trojan

Comment enlever mon virus trojan:win32/si...

cheval de troie trojan

Forum Virus

Trouvez des solutions pour détecter et éliminer les menaces, des astuces pour prévenir les infections, et discutez des dernières menaces en ligne

Newsletters

Newsletters

Actu du jour

Voir un exemple