Demande d'aide Analyse du zhpDiag / PC lent
Résolu
fanchix
Messages postés
46
Date d'inscription
Statut
Membre
Dernière intervention
-
billmaxime Messages postés 50583 Date d'inscription Statut Contributeur Dernière intervention -
billmaxime Messages postés 50583 Date d'inscription Statut Contributeur Dernière intervention -
~ Rapport de ZHPDiag v2013.11.28.59 - Nicolas Coolman (28/11/2013)
~ Lancé par fanch (30/11/2013 08:23:15)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16736
MFIE: Mozilla Firefox 24.0
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1501.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v4.00 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 2815 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 467 GB (80%) free of 577 GB
---\\ Mode de connexion au système
~ Computer Name: FANCH-PC
~ User Name: fanch
~ All Users Names: UpdatusUser, HomeGroupUser$, fanch, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\fanch\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\fanch\AppData\Roaming\
~ %Desktop% : C:\Users\fanch\Desktop\
~ %Favorites% : C:\Users\fanch\Favorites\
~ %LocalAppData% : C:\Users\fanch\AppData\Local\
~ %StartMenu% : C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 467 Go of 577 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Explorateur Windows.) (.20/11/2010 - 14:24:45.) -- C:\Windows\Explorer.exe [2872320]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9706C99DAEBE3FEAC811B239617E98C4] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/10/2013 - 09:45:20.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 03s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/664
~ Mes musiques (My Musics) : 1/5
~ Mes Favoris (My Favorites) : 1/56
~ Mes Documents (My Documents) : 1/5473
~ Mon Bureau (My Desktop) : 2/1756
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 26s
---\\ Processus lancés
[MD5.636D97B3BAF854511FF3F4093E895FED] - (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe [863184] [PID.2044]
[MD5.DBA0C529D62F6E2F59C6F4367A0A5543] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8256512] [PID.1868]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://www2.delta-search.com =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [dgjkhjdcljddbedokogakmmdjgnbeanf] Speed Analysis 2 v.1.0.0.0 (Désactivé) =>PUP.SpeedAnalysis
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [hgojaaaiddhmiiakpejiklijbalpckih] Smiley Bar for Facebook v.1.0.1.1 (Désactivé) =>Adware.SmileyBar
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.1.0.1 (Désactivé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [jeaihkehdlhkocphopopahkfjcfcphef] Smart Display v.1.1 (Désactivé) =>Spyware.SmartDisplay
G2 - GCE: Preference [User Data\Default] [mocblcnaofikinigmceddfghppkkjbog] Smiley Bar for Facebook v.1.0.0.0 (Désactivé) =>Adware.SmileyBar
G2 - GCE: Preference [User Data\Default] [niapdbllcanepiiimjjndipklodoedlc] Yontoo v.1.0.3 (Désactivé) =>Adware.Yontoo
~ Google Browser: 23 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\prefs.js
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\user.js
M3 - MFPP: Plugins - [fanch] -- C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [fanch] -- C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [fanch] -- C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [fanch] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>PUP.Babylon
M2 - MFEP: prefs.js [fanch - 5sxkbck2.default\pluswinks@PlusWinks] [] Smiley Bar for Facebook v1.0.0.0 (..) =>Adware.SmileyBar
M2 - MFEP: prefs.js [fanch - 5sxkbck2.default\speedanalysis02@SpeedAnalysis.com] [] Speed Analysis 2 v1.0.0.0 (..) =>PUP.SpeedAnalysis
~ Firefox Browser: 29 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com =>Toolbar.DeltaSearch
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com =>PUP.Babylon
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer-group.com/selection.html
~ IE Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: e-Carte Bleue Browser Helper Object [64Bits] - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Windows\SysWow64\BhoECart.dll
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll =>Adware.Yontoo
~ BHO: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: bwin football widget.lnk . (.infoMantis GmbH - iSaver - Control Application.) -- C:\Program Files (x86)\iSaver\iSaverCtrl.exe
O4 - GS\Desktop [Public]: HTC Sync Manager.lnk . (...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: NAVIGON Fresh.lnk . (.NAVIGON AG - NAVIGON Fresh GUI.) -- C:\Program Files (x86)\NAVIGON\NAVIGON Fresh\bin\Fresh.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [UpdatusUser]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\QuickLaunch [fanch]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [fanch]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Program [fanch]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [fanch]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [fanch]: AnySend.lnk . (...) -- C:\Program Files (x86)\AnySend\AnySendUI.exe (.not file.)
O4 - GS\SendTo [fanch]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\Desktop [fanch]: 100media - Raccourci.lnk . (...) -- C:\Users\fanch\Documents\HTC\Gallery\ht23zw112735\dcim\100media
O4 - GS\Desktop [fanch]: belote-en-ligne.fr.lnk . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\SysWOW64\javaws.exe
O4 - GS\Desktop [fanch]: EVEREST Ultimate Edition.lnk . (.Lavalys, Inc. - EVEREST Ultimate Edition.) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
O4 - GS\Desktop [fanch]: Facebook.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
O4 - GS\Desktop [fanch]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [fanch]: HTC - Raccourci.lnk . (...) -- C:\Users\fanch\Documents\HTC
O4 - GS\Desktop [fanch]: Super Fast Browser.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
O4 - GS\Desktop [fanch]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\Desktop [fanch]: Virtualis.lnk . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Program Files (x86)\Virtualis\CMB.exe
O4 - GS\Desktop [fanch]: YouTube.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
~ Global Startup: 82 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - GS\Startup [fanch]: OpenOffice.org 3.2.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [SFTray] . (...) -- C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe
O4 - HKLM\..\Wow6432Node\Run: [Hotkey Utility] . (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iSaverCtrl] . (.infoMantis GmbH - iSaver - Control Application.) -- C:\Program Files (x86)\iSaver\iSaverCtrl.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [20131121] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\Alwil Software\Avast5\setup\emupdate\8b53bada-63ad-4f1b-9f28-d2d645f77039.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [SFTray] . (...) -- C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
~ Services: 14 Legitimates Filtered in 00mn 03s
---\\ Logiciels installés (O42)
O42 - Logiciel: The Unzip Wizard - (...) [HKLM][64Bits] -- The Unzip Wizard
O42 - Logiciel: Yontoo 1.10.03 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} =>Adware.Yontoo
O42 - Logiciel: bwin football widget - (.InfoMantis GmbH.) [HKLM][64Bits] -- {A662D31B-6164-450A-A3C6-F0CCC5B27172}
~ Logic: 22 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\5e28c8ce53de512]
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\BrowserMngr] =>PUP.Babylon
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\Grand Virtual] =>PUP.GrandVirtual
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\ScreeNet]
[HKCU\Software\Super Fast Browser]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\delta LTD]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\5e28c8ce53de512]
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\BrowserMngr] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\ScreeNet]
[HKLM\Software\Wow6432Node\Services x86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\babylontoolbar] =>PUP.Babylon
~ Key Software: 343 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/02/2013 - 20:10:48 - [0,293] ----D C:\Program Files (x86)\File Scout =>PUP.FileScout
O43 - CFD: 07/11/2012 - 07:03:34 - [13,136] ----D C:\Program Files (x86)\iSaver
O43 - CFD: 08/08/2013 - 06:23:49 - [1,921] ----D C:\Program Files (x86)\Unzip Wizard
O43 - CFD: 17/11/2012 - 14:47:19 - [0,319] ----D C:\Program Files (x86)\Yontoo =>Adware.Yontoo
O43 - CFD: 07/04/2012 - 08:28:17 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 13/09/2012 - 19:49:27 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 16/08/2013 - 06:34:54 - [8,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 28/11/2013 - 23:04:17 - [0,005] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 16/12/2010 - 03:18:27 - [0,001] ----D C:\ProgramData\Partner
O43 - CFD: 17/11/2012 - 14:47:14 - [1,661] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 28/11/2013 - 21:56:51 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 13/09/2012 - 19:49:27 - [0,080] ----D C:\Users\fanch\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 28/11/2013 - 23:04:17 - [0,060] ----D C:\Users\fanch\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 26/11/2013 - 23:20:41 - [0,008] ----D C:\Users\fanch\AppData\Roaming\ScreeNet iSaver
O43 - CFD: 03/05/2013 - 20:41:06 - [0,079] ----D C:\Users\fanch\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis
O43 - CFD: 16/03/2013 - 06:20:28 - [0] ----D C:\Users\fanch\AppData\Roaming\Web Browser Packages
O43 - CFD: 05/03/2013 - 07:22:38 - [0] ----D C:\Users\fanch\AppData\Local\Giant Savings Extension =>Adware.VidSaver
O43 - CFD: 03/03/2013 - 22:38:00 - [83,517] ----D C:\Users\fanch\AppData\Local\Release
O43 - CFD: 07/11/2012 - 07:03:43 - [27,978] ----D C:\Users\fanch\AppData\Local\ScreeNet iSaver
O43 - CFD: 03/03/2013 - 22:38:23 - [88,271] ----D C:\Users\fanch\AppData\Local\SuperFast
O43 - CFD: 08/08/2013 - 06:25:17 - [0,003] ----D C:\Users\fanch\AppData\Local\Unzip Wizard
O43 - CFD: 03/03/2013 - 22:38:24 - [0,001] ----D C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Fast Browser
O43 - CFD: 08/08/2013 - 06:22:45 - [0] ----D C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unzip Wizard
~ 23 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 254 Legitimates Filtered in 00mn 41s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9920]
~ Files: 24 Legitimates Filtered in 00mn 02s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - AcroRd32.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - adberdr1011_fr_fr.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - firefox.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - installer.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - isaverctrl.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - npcia.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - quickstart.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - sbase.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - scalc.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - sdraw.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - setup.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - simpress.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - smath.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - soffice.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - swriter.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - tomtomhome.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - tomtomhome2winlatest.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
~ IFEO: Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{1958362d-b2ce-11e1-b7ca-00262d353718}\AutoRun\command. (...) -- H:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{3ce14433-572e-11e2-b533-00262d353718}\AutoRun\command. (...) -- E:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{6499dda5-071e-11e1-980f-00262d353718}\AutoRun\command. (...) -- E:\NokiaPCIA_Autorun.exe (.not file.)
O51 - MPSK:{76df52d8-2325-11e3-bdf4-818009c1200f}\AutoRun\command. (...) -- E:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{9789ee05-8d16-11e2-a14f-00262d353718}\AutoRun\command. (...) -- H:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{f0956fab-6fa0-11df-ab6d-806e6f6e6963}\AutoRun\command. (.Hewlett-Packard Co. - SetupLauncher.exe.) -- D:\Setup.exe
~ Keys: Scanned in 00mn 02s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.27BE5089DE6D19AD78894949630488FD] - 31/10/2013 - 07:46:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.18A402335BAA2C6D3334596CA71BB3CF] - 31/10/2013 - 07:46:14 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [189936]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.B8B1B284362E1D8135112573395D5DA5] - 25/06/2010 - 15:08:10 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\Drivers\htcnprot.sys [36928]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 56s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome.4WI7Z2S5TRE7MHLREXFKH6GBJU> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.crossrider.bic", "141f4a459fbe17035ab831cd4b5c22cf"); =>PUP.CrossRider
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.bbDpng", "26");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.ffxUnstlRst", true);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.hdrMd5", "6190D6B50E937ACE402D857212D3D154");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.id", "54bea19c00000000000000259c7381e4");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.instlDay", "15836");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.lastVrsnTs", "1.8.16.167:30:38");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.smplGrp", "azb");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.vrsn", "1.8.16.16");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.vrsnTs", "1.8.16.167:30:38");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.vrsni", "1.8.16.16");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.toolbar.mindspark._49Members_.homepage", "https://hp.mywebsearch.com/mywebsearch/index.html?ptb=ED73D91E-B8E1-4DEA-ABE[...] =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) - http://www2.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {44BA7A4D-EC0A-4A2A-BF05-5127760046E1} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {44725702-7A2E-4216-BCF2-0A71110B3AF0} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {44725702-7A2E-4216-BCF2-0A71110B3AF0} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.9F0C1B7F7F2EFF62D65EDF5B67F3FF72] [SPRF][26/11/2013] (...) -- C:\Users\fanch\AppData\Roaming\wklnhst.dat [916]
[MD5.7F7ED3CD7F43486CC126B7DCD0F2D62B] [SPRF][06/07/2013] (...) -- C:\Users\fanch\Desktop\HPPSdr.exe [5115208]
[MD5.BC2F19F59FB1C5858E8C7C48B20DD460] [SPRF][08/08/2013] (...) -- C:\Users\fanch\Desktop\unzip32-312.exe [1233781]
[MD5.FDF7601429D86D6BFA223227E93D7122] [SPRF][03/03/2013] (...) -- C:\Users\fanch\Desktop\WebBrowserSetup(1).exe [621328]
[MD5.FDF7601429D86D6BFA223227E93D7122] [SPRF][03/03/2013] (...) -- C:\Users\fanch\Desktop\WebBrowserSetup.exe [621328]
~ Files: 11 Legitimates Filtered in 00mn 15s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{20882665-F13C-4268-8647-451C9F582049}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
~ Firewall: 196 Legitimates Filtered in 00mn 01s
---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:version="2.2.643.41"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:version="2.3.787.43"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:version="2.3.796.11"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1184.107]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1184.107]:version="2.6.1184.107"
[HKCU\Software\5e28c8ce53de512] =>PUP.Babylon^
[HKCU\Software\5e28c8ce53de512]:version="2.6.1249.132"
[HKLM\Software\Wow6432Node\5e28c8ce53de512]:version="2.6.1249.132"
~ Export Key Software: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9E03912E4519735207BF15BFF478627E] [WIS][07/11/2013] (.HTC - HTC Sync Manager.) -- C:\Windows\Installer\116fd5b4.msi [62752768]
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\4025ed9f.msi [459264]
~ WIS: 147 Legitimates Filtered in 00mn 42s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 29/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 31/10/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Auto 13/06/2004 57344 | (Brother XP spl Service) . (.brother Industries Ltd.) - C:\Windows\SysWOW64\brsvc01a.exe
SS - | Auto 10/08/2009 626208 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SS - | Auto 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
SS - | Auto 24/10/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/10/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 02/09/2013 87368 | (HTCMonitorService) . (.Nero AG.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
SS - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Disabled 11/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 15/01/2010 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 10/08/2009 206880 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SS - | Auto 31/01/2013 878368 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SS - | Auto 19/02/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Disabled 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Disabled 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SS - | Auto 30/10/2013 2099512 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
SS - | Auto 29/01/2010 243232 | (Updater Service) . (.Acer Group.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 45s
---\\ Scan Additionnel (O88)
Database Version : 13001 - (28/11/2013)
Clés trouvées (Keys found) : 72
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 24
Fichiers trouvés (Files found) : 10
[HKLM\Software\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf] =>PUP.SpeedAnalysis^
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\hgojaaaiddhmiiakpejiklijbalpckih] =>Adware.SmileyBar^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\jeaihkehdlhkocphopopahkfjcfcphef] =>Spyware.SmartDisplay^
[HKLM\Software\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog] =>Adware.SmileyBar^
[HKLM\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc] =>Adware.Yontoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Adware.Yontoo^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Adware.Yontoo
[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj] =>PUP.SweetIM
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\BrowserMngr] =>PUP.Babylon
[HKLM\Software\Wow6432Node\BrowserMngr] =>PUP.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\Grand Virtual] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Services x86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok] =>Hijacker.FreehdsportTV
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog] =>Adware.SmileyBar
[HKCU\Software\BI] =>Adware.MegaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Classes\YontooIEClient.Api] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Api.1] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers.1] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\YontooIEClient.DLL] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\YontooIEClient.DLL] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf =>PUP.SpeedAnalysis^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih =>Adware.SmileyBar^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaihkehdlhkocphopopahkfjcfcphef =>Spyware.SmartDisplay^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog =>Adware.SmileyBar^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc =>Adware.Yontoo^
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\extensions\pluswinks@PlusWinks =>Adware.SmileyBar^
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\extensions\speedanalysis02@SpeedAnalysis.com =>PUP.SpeedAnalysis^
C:\Program Files (x86)\File Scout =>PUP.FileScout^
C:\Program Files (x86)\Yontoo =>Adware.Yontoo^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\Users\fanch\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\fanch\AppData\Roaming\File Scout =>PUP.FileScout^
C:\Users\fanch\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis^
C:\Users\fanch\AppData\Local\Giant Savings Extension =>Adware.VidSaver^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\ProgramData\Software =>Adware.Boxore
C:\ProgramData\Partner =>Spyware.Partner
C:\Users\fanch\AppData\Local\Software =>Adware.Boxore
C:\Users\fanch\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\Extensions\ffxtlbr@delta.com =>PUP.Funmoods
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\bprotector_extensions.sqlite =>PUP.BProtector
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\bprotector_prefs.js =>PUP.BProtector
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\Extensions\speedanalysis02@SpeedAnalysis.com =>PUP.SpeedAnalysis
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\babylontoolbar] =>PUP.Babylon^
[HKCU\Software\5e28c8ce53de512] =>PUP.Babylon^^
~ Additionnel Scan: 293195 Items scanned in 00mn 16s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis
~ http://nicolascoolman.webs.com/apps/blog/show/27530912-adware-smileybar =>Adware.SmileyBar
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/32662245-spyware-smartdisplay =>Spyware.SmartDisplay
~ http://nicolascoolman.webs.com/apps/blog/show/26811836-adware-yontoo =>Adware.Yontoo
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/34311830-pup-filescout =>PUP.FileScout
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blog/show/30583270-hijacker-freehdsporttv =>Hijacker.FreeHDSportTV
~ http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28193283-spyware-partner =>Spyware.Partner
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ MSI: 28 link(s) detected in 00mn 16s
~ 1217 Legitimates filtered by white list
End of the scan (705 lines in 03mn 51s)(0)
~ Lancé par fanch (30/11/2013 08:23:15)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16736
MFIE: Mozilla Firefox 24.0
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1501.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v4.00 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 2815 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 467 GB (80%) free of 577 GB
---\\ Mode de connexion au système
~ Computer Name: FANCH-PC
~ User Name: fanch
~ All Users Names: UpdatusUser, HomeGroupUser$, fanch, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\fanch\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\fanch\AppData\Roaming\
~ %Desktop% : C:\Users\fanch\Desktop\
~ %Favorites% : C:\Users\fanch\Favorites\
~ %LocalAppData% : C:\Users\fanch\AppData\Local\
~ %StartMenu% : C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 467 Go of 577 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Explorateur Windows.) (.20/11/2010 - 14:24:45.) -- C:\Windows\Explorer.exe [2872320]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9706C99DAEBE3FEAC811B239617E98C4] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/10/2013 - 09:45:20.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 03s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/664
~ Mes musiques (My Musics) : 1/5
~ Mes Favoris (My Favorites) : 1/56
~ Mes Documents (My Documents) : 1/5473
~ Mon Bureau (My Desktop) : 2/1756
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 26s
---\\ Processus lancés
[MD5.636D97B3BAF854511FF3F4093E895FED] - (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe [863184] [PID.2044]
[MD5.DBA0C529D62F6E2F59C6F4367A0A5543] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8256512] [PID.1868]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://www2.delta-search.com =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [dgjkhjdcljddbedokogakmmdjgnbeanf] Speed Analysis 2 v.1.0.0.0 (Désactivé) =>PUP.SpeedAnalysis
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [hgojaaaiddhmiiakpejiklijbalpckih] Smiley Bar for Facebook v.1.0.1.1 (Désactivé) =>Adware.SmileyBar
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.1.0.1 (Désactivé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [jeaihkehdlhkocphopopahkfjcfcphef] Smart Display v.1.1 (Désactivé) =>Spyware.SmartDisplay
G2 - GCE: Preference [User Data\Default] [mocblcnaofikinigmceddfghppkkjbog] Smiley Bar for Facebook v.1.0.0.0 (Désactivé) =>Adware.SmileyBar
G2 - GCE: Preference [User Data\Default] [niapdbllcanepiiimjjndipklodoedlc] Yontoo v.1.0.3 (Désactivé) =>Adware.Yontoo
~ Google Browser: 23 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\prefs.js
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\user.js
M3 - MFPP: Plugins - [fanch] -- C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [fanch] -- C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [fanch] -- C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [fanch] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>PUP.Babylon
M2 - MFEP: prefs.js [fanch - 5sxkbck2.default\pluswinks@PlusWinks] [] Smiley Bar for Facebook v1.0.0.0 (..) =>Adware.SmileyBar
M2 - MFEP: prefs.js [fanch - 5sxkbck2.default\speedanalysis02@SpeedAnalysis.com] [] Speed Analysis 2 v1.0.0.0 (..) =>PUP.SpeedAnalysis
~ Firefox Browser: 29 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com =>Toolbar.DeltaSearch
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com =>PUP.Babylon
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer-group.com/selection.html
~ IE Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: e-Carte Bleue Browser Helper Object [64Bits] - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Windows\SysWow64\BhoECart.dll
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll =>Adware.Yontoo
~ BHO: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: bwin football widget.lnk . (.infoMantis GmbH - iSaver - Control Application.) -- C:\Program Files (x86)\iSaver\iSaverCtrl.exe
O4 - GS\Desktop [Public]: HTC Sync Manager.lnk . (...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: NAVIGON Fresh.lnk . (.NAVIGON AG - NAVIGON Fresh GUI.) -- C:\Program Files (x86)\NAVIGON\NAVIGON Fresh\bin\Fresh.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [UpdatusUser]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\QuickLaunch [fanch]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [fanch]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Program [fanch]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [fanch]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [fanch]: AnySend.lnk . (...) -- C:\Program Files (x86)\AnySend\AnySendUI.exe (.not file.)
O4 - GS\SendTo [fanch]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\Desktop [fanch]: 100media - Raccourci.lnk . (...) -- C:\Users\fanch\Documents\HTC\Gallery\ht23zw112735\dcim\100media
O4 - GS\Desktop [fanch]: belote-en-ligne.fr.lnk . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\SysWOW64\javaws.exe
O4 - GS\Desktop [fanch]: EVEREST Ultimate Edition.lnk . (.Lavalys, Inc. - EVEREST Ultimate Edition.) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
O4 - GS\Desktop [fanch]: Facebook.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
O4 - GS\Desktop [fanch]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [fanch]: HTC - Raccourci.lnk . (...) -- C:\Users\fanch\Documents\HTC
O4 - GS\Desktop [fanch]: Super Fast Browser.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
O4 - GS\Desktop [fanch]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\Desktop [fanch]: Virtualis.lnk . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Program Files (x86)\Virtualis\CMB.exe
O4 - GS\Desktop [fanch]: YouTube.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
~ Global Startup: 82 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - GS\Startup [fanch]: OpenOffice.org 3.2.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [SFTray] . (...) -- C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe
O4 - HKLM\..\Wow6432Node\Run: [Hotkey Utility] . (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iSaverCtrl] . (.infoMantis GmbH - iSaver - Control Application.) -- C:\Program Files (x86)\iSaver\iSaverCtrl.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [20131121] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\Alwil Software\Avast5\setup\emupdate\8b53bada-63ad-4f1b-9f28-d2d645f77039.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [SFTray] . (...) -- C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
~ Services: 14 Legitimates Filtered in 00mn 03s
---\\ Logiciels installés (O42)
O42 - Logiciel: The Unzip Wizard - (...) [HKLM][64Bits] -- The Unzip Wizard
O42 - Logiciel: Yontoo 1.10.03 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} =>Adware.Yontoo
O42 - Logiciel: bwin football widget - (.InfoMantis GmbH.) [HKLM][64Bits] -- {A662D31B-6164-450A-A3C6-F0CCC5B27172}
~ Logic: 22 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\5e28c8ce53de512]
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\BrowserMngr] =>PUP.Babylon
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\Grand Virtual] =>PUP.GrandVirtual
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\ScreeNet]
[HKCU\Software\Super Fast Browser]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\delta LTD]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\5e28c8ce53de512]
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\BrowserMngr] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\ScreeNet]
[HKLM\Software\Wow6432Node\Services x86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\babylontoolbar] =>PUP.Babylon
~ Key Software: 343 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/02/2013 - 20:10:48 - [0,293] ----D C:\Program Files (x86)\File Scout =>PUP.FileScout
O43 - CFD: 07/11/2012 - 07:03:34 - [13,136] ----D C:\Program Files (x86)\iSaver
O43 - CFD: 08/08/2013 - 06:23:49 - [1,921] ----D C:\Program Files (x86)\Unzip Wizard
O43 - CFD: 17/11/2012 - 14:47:19 - [0,319] ----D C:\Program Files (x86)\Yontoo =>Adware.Yontoo
O43 - CFD: 07/04/2012 - 08:28:17 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 13/09/2012 - 19:49:27 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 16/08/2013 - 06:34:54 - [8,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 28/11/2013 - 23:04:17 - [0,005] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 16/12/2010 - 03:18:27 - [0,001] ----D C:\ProgramData\Partner
O43 - CFD: 17/11/2012 - 14:47:14 - [1,661] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 28/11/2013 - 21:56:51 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 13/09/2012 - 19:49:27 - [0,080] ----D C:\Users\fanch\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 28/11/2013 - 23:04:17 - [0,060] ----D C:\Users\fanch\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 26/11/2013 - 23:20:41 - [0,008] ----D C:\Users\fanch\AppData\Roaming\ScreeNet iSaver
O43 - CFD: 03/05/2013 - 20:41:06 - [0,079] ----D C:\Users\fanch\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis
O43 - CFD: 16/03/2013 - 06:20:28 - [0] ----D C:\Users\fanch\AppData\Roaming\Web Browser Packages
O43 - CFD: 05/03/2013 - 07:22:38 - [0] ----D C:\Users\fanch\AppData\Local\Giant Savings Extension =>Adware.VidSaver
O43 - CFD: 03/03/2013 - 22:38:00 - [83,517] ----D C:\Users\fanch\AppData\Local\Release
O43 - CFD: 07/11/2012 - 07:03:43 - [27,978] ----D C:\Users\fanch\AppData\Local\ScreeNet iSaver
O43 - CFD: 03/03/2013 - 22:38:23 - [88,271] ----D C:\Users\fanch\AppData\Local\SuperFast
O43 - CFD: 08/08/2013 - 06:25:17 - [0,003] ----D C:\Users\fanch\AppData\Local\Unzip Wizard
O43 - CFD: 03/03/2013 - 22:38:24 - [0,001] ----D C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Fast Browser
O43 - CFD: 08/08/2013 - 06:22:45 - [0] ----D C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unzip Wizard
~ 23 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 254 Legitimates Filtered in 00mn 41s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9920]
~ Files: 24 Legitimates Filtered in 00mn 02s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - AcroRd32.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - adberdr1011_fr_fr.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - firefox.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - installer.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - isaverctrl.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - npcia.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - quickstart.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - sbase.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - scalc.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - sdraw.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - setup.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - simpress.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - smath.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - soffice.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - swriter.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - tomtomhome.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - tomtomhome2winlatest.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
~ IFEO: Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{1958362d-b2ce-11e1-b7ca-00262d353718}\AutoRun\command. (...) -- H:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{3ce14433-572e-11e2-b533-00262d353718}\AutoRun\command. (...) -- E:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{6499dda5-071e-11e1-980f-00262d353718}\AutoRun\command. (...) -- E:\NokiaPCIA_Autorun.exe (.not file.)
O51 - MPSK:{76df52d8-2325-11e3-bdf4-818009c1200f}\AutoRun\command. (...) -- E:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{9789ee05-8d16-11e2-a14f-00262d353718}\AutoRun\command. (...) -- H:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{f0956fab-6fa0-11df-ab6d-806e6f6e6963}\AutoRun\command. (.Hewlett-Packard Co. - SetupLauncher.exe.) -- D:\Setup.exe
~ Keys: Scanned in 00mn 02s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.27BE5089DE6D19AD78894949630488FD] - 31/10/2013 - 07:46:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.18A402335BAA2C6D3334596CA71BB3CF] - 31/10/2013 - 07:46:14 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [189936]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.B8B1B284362E1D8135112573395D5DA5] - 25/06/2010 - 15:08:10 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\Drivers\htcnprot.sys [36928]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 56s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome.4WI7Z2S5TRE7MHLREXFKH6GBJU> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.crossrider.bic", "141f4a459fbe17035ab831cd4b5c22cf"); =>PUP.CrossRider
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.bbDpng", "26");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.ffxUnstlRst", true);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.hdrMd5", "6190D6B50E937ACE402D857212D3D154");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.id", "54bea19c00000000000000259c7381e4");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.instlDay", "15836");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.lastVrsnTs", "1.8.16.167:30:38");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.smplGrp", "azb");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.vrsn", "1.8.16.16");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.vrsnTs", "1.8.16.167:30:38");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.vrsni", "1.8.16.16");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.toolbar.mindspark._49Members_.homepage", "https://hp.mywebsearch.com/mywebsearch/index.html?ptb=ED73D91E-B8E1-4DEA-ABE[...] =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) - http://www2.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {44BA7A4D-EC0A-4A2A-BF05-5127760046E1} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {44725702-7A2E-4216-BCF2-0A71110B3AF0} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {44725702-7A2E-4216-BCF2-0A71110B3AF0} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.9F0C1B7F7F2EFF62D65EDF5B67F3FF72] [SPRF][26/11/2013] (...) -- C:\Users\fanch\AppData\Roaming\wklnhst.dat [916]
[MD5.7F7ED3CD7F43486CC126B7DCD0F2D62B] [SPRF][06/07/2013] (...) -- C:\Users\fanch\Desktop\HPPSdr.exe [5115208]
[MD5.BC2F19F59FB1C5858E8C7C48B20DD460] [SPRF][08/08/2013] (...) -- C:\Users\fanch\Desktop\unzip32-312.exe [1233781]
[MD5.FDF7601429D86D6BFA223227E93D7122] [SPRF][03/03/2013] (...) -- C:\Users\fanch\Desktop\WebBrowserSetup(1).exe [621328]
[MD5.FDF7601429D86D6BFA223227E93D7122] [SPRF][03/03/2013] (...) -- C:\Users\fanch\Desktop\WebBrowserSetup.exe [621328]
~ Files: 11 Legitimates Filtered in 00mn 15s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{20882665-F13C-4268-8647-451C9F582049}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
~ Firewall: 196 Legitimates Filtered in 00mn 01s
---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:version="2.2.643.41"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:version="2.3.787.43"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:version="2.3.796.11"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1184.107]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1184.107]:version="2.6.1184.107"
[HKCU\Software\5e28c8ce53de512] =>PUP.Babylon^
[HKCU\Software\5e28c8ce53de512]:version="2.6.1249.132"
[HKLM\Software\Wow6432Node\5e28c8ce53de512]:version="2.6.1249.132"
~ Export Key Software: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9E03912E4519735207BF15BFF478627E] [WIS][07/11/2013] (.HTC - HTC Sync Manager.) -- C:\Windows\Installer\116fd5b4.msi [62752768]
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\4025ed9f.msi [459264]
~ WIS: 147 Legitimates Filtered in 00mn 42s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 29/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 31/10/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Auto 13/06/2004 57344 | (Brother XP spl Service) . (.brother Industries Ltd.) - C:\Windows\SysWOW64\brsvc01a.exe
SS - | Auto 10/08/2009 626208 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SS - | Auto 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
SS - | Auto 24/10/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/10/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 02/09/2013 87368 | (HTCMonitorService) . (.Nero AG.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
SS - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Disabled 11/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 15/01/2010 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 10/08/2009 206880 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SS - | Auto 31/01/2013 878368 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SS - | Auto 19/02/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Disabled 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Disabled 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SS - | Auto 30/10/2013 2099512 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
SS - | Auto 29/01/2010 243232 | (Updater Service) . (.Acer Group.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 45s
---\\ Scan Additionnel (O88)
Database Version : 13001 - (28/11/2013)
Clés trouvées (Keys found) : 72
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 24
Fichiers trouvés (Files found) : 10
[HKLM\Software\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf] =>PUP.SpeedAnalysis^
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\hgojaaaiddhmiiakpejiklijbalpckih] =>Adware.SmileyBar^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\jeaihkehdlhkocphopopahkfjcfcphef] =>Spyware.SmartDisplay^
[HKLM\Software\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog] =>Adware.SmileyBar^
[HKLM\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc] =>Adware.Yontoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Adware.Yontoo^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Adware.Yontoo
[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj] =>PUP.SweetIM
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\BrowserMngr] =>PUP.Babylon
[HKLM\Software\Wow6432Node\BrowserMngr] =>PUP.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\Grand Virtual] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Services x86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok] =>Hijacker.FreehdsportTV
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog] =>Adware.SmileyBar
[HKCU\Software\BI] =>Adware.MegaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Classes\YontooIEClient.Api] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Api.1] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers.1] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\YontooIEClient.DLL] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\YontooIEClient.DLL] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf =>PUP.SpeedAnalysis^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih =>Adware.SmileyBar^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaihkehdlhkocphopopahkfjcfcphef =>Spyware.SmartDisplay^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog =>Adware.SmileyBar^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc =>Adware.Yontoo^
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\extensions\pluswinks@PlusWinks =>Adware.SmileyBar^
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\extensions\speedanalysis02@SpeedAnalysis.com =>PUP.SpeedAnalysis^
C:\Program Files (x86)\File Scout =>PUP.FileScout^
C:\Program Files (x86)\Yontoo =>Adware.Yontoo^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\Users\fanch\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\fanch\AppData\Roaming\File Scout =>PUP.FileScout^
C:\Users\fanch\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis^
C:\Users\fanch\AppData\Local\Giant Savings Extension =>Adware.VidSaver^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\ProgramData\Software =>Adware.Boxore
C:\ProgramData\Partner =>Spyware.Partner
C:\Users\fanch\AppData\Local\Software =>Adware.Boxore
C:\Users\fanch\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\Extensions\ffxtlbr@delta.com =>PUP.Funmoods
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\bprotector_extensions.sqlite =>PUP.BProtector
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\bprotector_prefs.js =>PUP.BProtector
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\Extensions\speedanalysis02@SpeedAnalysis.com =>PUP.SpeedAnalysis
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\babylontoolbar] =>PUP.Babylon^
[HKCU\Software\5e28c8ce53de512] =>PUP.Babylon^^
~ Additionnel Scan: 293195 Items scanned in 00mn 16s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis
~ http://nicolascoolman.webs.com/apps/blog/show/27530912-adware-smileybar =>Adware.SmileyBar
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/32662245-spyware-smartdisplay =>Spyware.SmartDisplay
~ http://nicolascoolman.webs.com/apps/blog/show/26811836-adware-yontoo =>Adware.Yontoo
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/34311830-pup-filescout =>PUP.FileScout
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blog/show/30583270-hijacker-freehdsporttv =>Hijacker.FreeHDSportTV
~ http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28193283-spyware-partner =>Spyware.Partner
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ MSI: 28 link(s) detected in 00mn 16s
~ 1217 Legitimates filtered by white list
End of the scan (705 lines in 03mn 51s)(0)
A voir également:
- Demande d'aide Analyse du zhpDiag / PC lent
- Pc lent - Guide
- Reinitialiser pc - Guide
- Test performance pc - Guide
- Analyse composant pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
54 réponses
Bonjour,
malheureusement... oui. si je formate tout? comment faire pour faire un disque de démarrage propre? car windows je ne l'ai pas en version disque.
malheureusement... oui. si je formate tout? comment faire pour faire un disque de démarrage propre? car windows je ne l'ai pas en version disque.
re
on en est pas encore a la solution etrême (la restauration en sortie d'usine et pas le formatage)
fais ceci et poste le rapport s'il te plaît
Télécharge roguekiller sur ton bureau
prends le x64>>regarde l'image
Le lien https://www.luanagames.com/index.fr.html
Le tuto http://tigzyrk.blogspot.be/2012/10/fr-roguekiller-tutoriel-officiel.html
Quitte tous tes programmes en cours
Lance roguekiller (utilisateurs vista-w7-w8 exécuter en tant qu'administrateur- clic droit)
Laisse faire le prescan
Clique sur scan
Le rapport s'affichera sur ton bureau et dans C: RKReport[#].txt
Poste le rapport via 1 copier/coller
@+
on en est pas encore a la solution etrême (la restauration en sortie d'usine et pas le formatage)
fais ceci et poste le rapport s'il te plaît
Télécharge roguekiller sur ton bureau
prends le x64>>regarde l'image
Le lien https://www.luanagames.com/index.fr.html
Le tuto http://tigzyrk.blogspot.be/2012/10/fr-roguekiller-tutoriel-officiel.html
Quitte tous tes programmes en cours
Lance roguekiller (utilisateurs vista-w7-w8 exécuter en tant qu'administrateur- clic droit)
Laisse faire le prescan
Clique sur scan
Le rapport s'affichera sur ton bureau et dans C: RKReport[#].txt
Poste le rapport via 1 copier/coller
@+
Re
Le voilà,
le pc est encore plus lent jai limpression, l'infection continue de prendre de l'ampleur peut etre??
RogueKiller V8.7.9 _x64_ [Nov 25 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : fanch [Droits d'admin]
Mode : Recherche -- Date : 12/01/2013 15:03:10
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 1 ¤¤¤
[SUSP PATH] sftrayicon.exe -- C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-] -> TUÉ [TermProc]
¤¤¤ Entrees de registre : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SFTray (C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\[...]\Run : SFTray (C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-]) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] {6002600B-3425-4A4C-8DD0-202FC986DE23} : C:\Users\fanch\Desktop\Evernote_4.5.7.7146.exe [-] -> TROUVÉ
[V2][SUSP PATH] {AE520286-9679-447F-8D97-47F0CC3E9F06} : C:\Users\fanch\Desktop\Evernote_4.5.7.7146.exe [-] -> TROUVÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD64 00AAKS-22A7B SCSI Disk Device +++++
--- User ---
[MBR] a11fb209d0972fd7956b1df03c7cc2ec
[BSP] 92c46ac3a239e61a5b5e92571e9c984b : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 19456 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 39847936 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 40052736 | Size: 590922 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Fonction incorrecte. )
Termine : << RKreport[0]_S_12012013_150310.txt >>
Le voilà,
le pc est encore plus lent jai limpression, l'infection continue de prendre de l'ampleur peut etre??
RogueKiller V8.7.9 _x64_ [Nov 25 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : fanch [Droits d'admin]
Mode : Recherche -- Date : 12/01/2013 15:03:10
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 1 ¤¤¤
[SUSP PATH] sftrayicon.exe -- C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-] -> TUÉ [TermProc]
¤¤¤ Entrees de registre : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SFTray (C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-]) -> TROUVÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\[...]\Run : SFTray (C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-]) -> TROUVÉ
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] {6002600B-3425-4A4C-8DD0-202FC986DE23} : C:\Users\fanch\Desktop\Evernote_4.5.7.7146.exe [-] -> TROUVÉ
[V2][SUSP PATH] {AE520286-9679-447F-8D97-47F0CC3E9F06} : C:\Users\fanch\Desktop\Evernote_4.5.7.7146.exe [-] -> TROUVÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD64 00AAKS-22A7B SCSI Disk Device +++++
--- User ---
[MBR] a11fb209d0972fd7956b1df03c7cc2ec
[BSP] 92c46ac3a239e61a5b5e92571e9c984b : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 19456 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 39847936 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 40052736 | Size: 590922 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Fonction incorrecte. )
Termine : << RKreport[0]_S_12012013_150310.txt >>
re
relance roguekiller et clique sur suppression >>regarde l'image
ensuite fais 1 scan complet avec MBAM et supprime tout ce qu'il trouve (clic droit tout cocher avant de supprimer la sélection)
poste les 2 rapports
merci
@+
relance roguekiller et clique sur suppression >>regarde l'image
ensuite fais 1 scan complet avec MBAM et supprime tout ce qu'il trouve (clic droit tout cocher avant de supprimer la sélection)
poste les 2 rapports
merci
@+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
RogueKiller V8.7.9 _x64_ [Nov 25 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : fanch [Droits d'admin]
Mode : Suppression -- Date : 12/01/2013 15:41:02
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 1 ¤¤¤
[SUSP PATH] sftrayicon.exe -- C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-] -> TUÉ [TermProc]
¤¤¤ Entrees de registre : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SFTray (C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-]) -> SUPPRIMÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\[...]\Run : SFTray (C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-]) -> [0x2] Le fichier spécifié est introuvable.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> SUPPRIMÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] {6002600B-3425-4A4C-8DD0-202FC986DE23} : C:\Users\fanch\Desktop\Evernote_4.5.7.7146.exe [-] -> SUPPRIMÉ
[V2][SUSP PATH] {AE520286-9679-447F-8D97-47F0CC3E9F06} : C:\Users\fanch\Desktop\Evernote_4.5.7.7146.exe [-] -> SUPPRIMÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD64 00AAKS-22A7B SCSI Disk Device +++++
--- User ---
[MBR] a11fb209d0972fd7956b1df03c7cc2ec
[BSP] 92c46ac3a239e61a5b5e92571e9c984b : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 19456 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 39847936 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 40052736 | Size: 590922 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Fonction incorrecte. )
Termine : << RKreport[0]_D_12012013_154102.txt >>
RKreport[0]_S_12012013_150310.txt
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : https://www.luanagames.com/index.fr.html
Blog : http://tigzyrk.blogspot.com/
Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : fanch [Droits d'admin]
Mode : Suppression -- Date : 12/01/2013 15:41:02
| ARK || FAK || MBR |
¤¤¤ Processus malicieux : 1 ¤¤¤
[SUSP PATH] sftrayicon.exe -- C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-] -> TUÉ [TermProc]
¤¤¤ Entrees de registre : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SFTray (C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-]) -> SUPPRIMÉ
[RUN][SUSP PATH] HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\[...]\Run : SFTray (C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe [-]) -> [0x2] Le fichier spécifié est introuvable.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> SUPPRIMÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REMPLACÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)
¤¤¤ Tâches planifiées : 2 ¤¤¤
[V2][SUSP PATH] {6002600B-3425-4A4C-8DD0-202FC986DE23} : C:\Users\fanch\Desktop\Evernote_4.5.7.7146.exe [-] -> SUPPRIMÉ
[V2][SUSP PATH] {AE520286-9679-447F-8D97-47F0CC3E9F06} : C:\Users\fanch\Desktop\Evernote_4.5.7.7146.exe [-] -> SUPPRIMÉ
¤¤¤ Entrées Startup : 0 ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
¤¤¤ Ruches Externes: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) WDC WD64 00AAKS-22A7B SCSI Disk Device +++++
--- User ---
[MBR] a11fb209d0972fd7956b1df03c7cc2ec
[BSP] 92c46ac3a239e61a5b5e92571e9c984b : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 19456 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 39847936 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 40052736 | Size: 590922 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Fonction incorrecte. )
Termine : << RKreport[0]_D_12012013_154102.txt >>
RKreport[0]_S_12012013_150310.txt
re
c'est bien, maintenant fait le scan complet avec MBAM et poste le rapport
ps: le scan peut durer +- 2H , laisse bosser le pc
merci
@+
c'est bien, maintenant fait le scan complet avec MBAM et poste le rapport
ps: le scan peut durer +- 2H , laisse bosser le pc
merci
@+
Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.11.30.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
fanch :: FANCH-PC [administrateur]
Protection: Activé
01/12/2013 15:43:03
mbam-log-2013-12-01 (15-43-03).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 248455
Temps écoulé: 7 minute(s), 59 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|BrowserMngr Start Page (PUP.BProtector) -> Données: https://www.google.com/?gws_rd=ssl -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
www.malwarebytes.org
Version de la base de données: v2013.11.30.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
fanch :: FANCH-PC [administrateur]
Protection: Activé
01/12/2013 15:43:03
mbam-log-2013-12-01 (15-43-03).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 248455
Temps écoulé: 7 minute(s), 59 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|BrowserMngr Start Page (PUP.BProtector) -> Données: https://www.google.com/?gws_rd=ssl -> Mis en quarantaine et supprimé avec succès.
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Re,
le voici, complet :
Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.11.30.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
fanch :: FANCH-PC [administrateur]
Protection: Activé
01/12/2013 16:13:19
mbam-log-2013-12-01 (16-13-19).txt
Type d'examen: Examen complet (C:\|D:\|F:\|G:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 409698
Temps écoulé: 1 heure(s), 2 minute(s), 57 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 4
C:\AdwCleaner\Quarantine\C\Program Files (x86)\file scout\filescout.exe.vir (PUP.Optional.FileScout.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo\OptChrome.exe.vir (PUP.Optional.OptChrome.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir (PUP.Optional.PCPerformer.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe (PUP.Optional.InstallCore) -> Mis en quarantaine et supprimé avec succès.
(fin)
le voici, complet :
Malwarebytes Anti-Malware (Essai) 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.11.30.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
fanch :: FANCH-PC [administrateur]
Protection: Activé
01/12/2013 16:13:19
mbam-log-2013-12-01 (16-13-19).txt
Type d'examen: Examen complet (C:\|D:\|F:\|G:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 409698
Temps écoulé: 1 heure(s), 2 minute(s), 57 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 4
C:\AdwCleaner\Quarantine\C\Program Files (x86)\file scout\filescout.exe.vir (PUP.Optional.FileScout.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo\OptChrome.exe.vir (PUP.Optional.OptChrome.A) -> Mis en quarantaine et supprimé avec succès.
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir (PUP.Optional.PCPerformer.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\FLVPlayer\FLVPlayer.exe (PUP.Optional.InstallCore) -> Mis en quarantaine et supprimé avec succès.
(fin)
re
ok, comment va le pc?
refais moi 1 zhpdiag en cliquant sur la loupe avec le + et poste le rapport s'il te plaît
merci
@+
ok, comment va le pc?
refais moi 1 zhpdiag en cliquant sur la loupe avec le + et poste le rapport s'il te plaît
merci
@+
re
ok pour la mise a jour, maintenant tu peux faire le scan avec zhpdiag et poster
le rapport
merci
@+
ok pour la mise a jour, maintenant tu peux faire le scan avec zhpdiag et poster
le rapport
merci
@+
coucou,
voici le rapport :
~ Rapport de ZHPDiag v2013.12.1.4 - Nicolas Coolman (01/12/2013)
~ Lancé par fanch (02/12/2013 07:29:29)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16428
MFIE: Mozilla Firefox 24.0
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1501.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v4.00 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2815 MB (14% free)
System Restore: Activé (Enable)
System drive C: has 466 GB (80%) free of 577 GB
---\\ Mode de connexion au système
~ Computer Name: FANCH-PC
~ User Name: fanch
~ All Users Names: UpdatusUser, HomeGroupUser$, fanch, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\fanch\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\fanch\AppData\Roaming\
~ %Desktop% : C:\Users\fanch\Desktop\
~ %Favorites% : C:\Users\fanch\Favorites\
~ %LocalAppData% : C:\Users\fanch\AppData\Local\
~ %StartMenu% : C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 466 Go of 577 Go)
D: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 44 Legitimates Filtered in 00mn 05s
---\\ Recherche particulière de fichiers génériques
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Explorateur Windows.) (.20/11/2010 - 14:24:45.) -- C:\Windows\Explorer.exe [2872320]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E6CB36B85BE59095337427E853A5B65A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.30/11/2013 - 13:00:53.) -- C:\Windows\System32\wininet.dll [2332160]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 18s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/664
~ Mes Favoris (My Favorites) : 1/56
~ Mes Documents (My Documents) : 1/5473
~ Mon Bureau (My Desktop) : 2/1771
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 05mn 13s
---\\ Processus lancés
[MD5.68E205763F908336F84FD1AC4D95A5C1] - (...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe [821600] [PID.2512]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2896]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.4000]
[MD5.AD16557CECFB17CF7393D28DC40F6D09] - (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe [563744] [PID.1936]
[MD5.0FA364C4A86335B2D048953D04363537] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968] [PID.3984]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.4984]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.4108]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.4120]
[MD5.636D97B3BAF854511FF3F4093E895FED] - (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe [863184] [PID.1112]
[MD5.3E02FD57FDAF184A15CCAD9D9BD9C626] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8263680] [PID.4660]
[MD5.2B243715E7697E5AAA858CEB6AF680BC] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808] [PID.1288]
[MD5.C711ED965009BDCFF9AA62CEB6FF1AAD] - (.brother Industries Ltd - brsvc01a.) -- C:\Windows\SysWOW64\brsvc01a.exe [57344] [PID.1456]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1604]
[MD5.9B01D42D72FD0526360C174F34C52255] - (.brother Industries Ltd - brss01a.exe.) -- C:\Windows\SysWOW64\brss01a.exe [45056] [PID.1696]
[MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496] [PID.1144]
[MD5.5C8BC8A28798FD010E7ABC4E0D588CAA] - (.Nero AG - NService Application.) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368] [PID.2360]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2436]
[MD5.465680BDE344CE4FF6646626AA3A9125] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe [223112] [PID.2492]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2704]
[MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Pas de propriétaire - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2780]
[MD5.F9EC9ACD504D823D9B9CA98A4F8D3CA2] - (.Acer Group - Updater Service.) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232] [PID.2924]
[MD5.A3A25E0509F67473B960DAF214828BE3] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1259296] [PID.664]
~ Processes Running: Scanned in 00mn 31s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 14 Legitimates Filtered in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\prefs.js
~ Firefox Browser: 23 Legitimates Filtered in 00mn 05s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer-group.com/selection.html
~ IE Browser: 14 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: e-Carte Bleue Browser Helper Object [64Bits] - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Windows\SysWow64\BhoECart.dll
~ BHO: 9 Legitimates Filtered in 00mn 01s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: bwin football widget.lnk . (.infoMantis GmbH - iSaver - Control Application.) -- C:\Program Files (x86)\iSaver\iSaverCtrl.exe
O4 - GS\Desktop [Public]: HTC Sync Manager.lnk . (...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: NAVIGON Fresh.lnk . (.NAVIGON AG - NAVIGON Fresh GUI.) -- C:\Program Files (x86)\NAVIGON\NAVIGON Fresh\bin\Fresh.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [UpdatusUser]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\QuickLaunch [fanch]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [fanch]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Program [fanch]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [fanch]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [fanch]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\Desktop [fanch]: 100media - Raccourci.lnk . (...) -- C:\Users\fanch\Documents\HTC\Gallery\ht23zw112735\dcim\100media
O4 - GS\Desktop [fanch]: belote-en-ligne.fr.lnk . (...) -- C:\Windows\SysWOW64\javaws.exe (.not file.)
O4 - GS\Desktop [fanch]: EVEREST Ultimate Edition.lnk . (.Lavalys, Inc. - EVEREST Ultimate Edition.) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
O4 - GS\Desktop [fanch]: Facebook.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
O4 - GS\Desktop [fanch]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [fanch]: HTC - Raccourci.lnk . (...) -- C:\Users\fanch\Documents\HTC
O4 - GS\Desktop [fanch]: SosVirus Forum Gratuit.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe https://www.sosvirus.net/
O4 - GS\Desktop [fanch]: SosVirus sur Facebook.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe https://www.facebook.com/
O4 - GS\Desktop [fanch]: Super Fast Browser.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
O4 - GS\Desktop [fanch]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\Desktop [fanch]: Virtualis.lnk . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Program Files (x86)\Virtualis\CMB.exe
O4 - GS\Desktop [fanch]: YouTube.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
~ Global Startup: 80 Legitimates Filtered in 00mn 39s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - GS\Startup [fanch]: OpenOffice.org 3.2.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKLM\..\Wow6432Node\Run: [Hotkey Utility] . (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iSaverCtrl] . (.infoMantis GmbH - iSaver - Control Application.) -- C:\Program Files (x86)\iSaver\iSaverCtrl.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [20131121] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\Alwil Software\Avast5\setup\emupdate\8b53bada-63ad-4f1b-9f28-d2d645f77039.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Registration.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
~ Application: Scanned in 00mn 02s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
~ Services: 14 Legitimates Filtered in 00mn 17s
---\\ Logiciels installés (O42)
O42 - Logiciel: The Unzip Wizard - (...) [HKLM][64Bits] -- The Unzip Wizard
O42 - Logiciel: bwin football widget - (.InfoMantis GmbH.) [HKLM][64Bits] -- {A662D31B-6164-450A-A3C6-F0CCC5B27172}
~ Logic: 38 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ScreeNet]
[HKCU\Software\Super Fast Browser]
[HKLM\Software\Wow6432Node\ScreeNet]
~ Key Software: 317 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/11/2012 - 07:03:34 - [13,136] ----D C:\Program Files (x86)\iSaver
O43 - CFD: 08/08/2013 - 06:23:49 - [1,921] ----D C:\Program Files (x86)\Unzip Wizard
O43 - CFD: 28/11/2013 - 21:56:51 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 26/11/2013 - 23:20:41 - [0,008] ----D C:\Users\fanch\AppData\Roaming\ScreeNet iSaver
O43 - CFD: 16/03/2013 - 06:20:28 - [0] ----D C:\Users\fanch\AppData\Roaming\Web Browser Packages
O43 - CFD: 03/03/2013 - 22:38:00 - [83,517] ----D C:\Users\fanch\AppData\Local\Release
O43 - CFD: 07/11/2012 - 07:03:43 - [27,978] ----D C:\Users\fanch\AppData\Local\ScreeNet iSaver
O43 - CFD: 03/03/2013 - 22:38:23 - [88,271] ----D C:\Users\fanch\AppData\Local\SuperFast
O43 - CFD: 08/08/2013 - 06:25:17 - [0,003] ----D C:\Users\fanch\AppData\Local\Unzip Wizard
O43 - CFD: 03/03/2013 - 22:38:24 - [0,001] ----D C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Fast Browser
O43 - CFD: 08/08/2013 - 06:22:45 - [0] ----D C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unzip Wizard
~ Program Folder: 201 Legitimates Filtered in 01mn 58s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.86723DB00956D147BEDBCF2A972D9DFF] - 02/12/2013 - 07:38:42 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.86723DB00956D147BEDBCF2A972D9DFF] - 02/12/2013 - 07:38:42 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.86723DB00956D147BEDBCF2A972D9DFF] - 02/12/2013 - 07:38:43 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.86723DB00956D147BEDBCF2A972D9DFF] - 02/12/2013 - 07:38:43 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.A2DC6C10BC49B047C588810664A08A17] - 30/11/2013 - 12:08:25 ----- . (...) -- C:\UsbFix [Clean 1] FANCH-PC.txt [9715]
O44 - LFC:[MD5.CFC32C6A3D0E87B6B35C560F7B467861] - 30/11/2013 - 12:20:48 ---A- . (...) -- C:\Windows\ntbtlog.txt [33262]
O44 - LFC:[MD5.0085F3DEA3CC6AFF5720CED642934D6C] - 30/11/2013 - 12:25:32 ---A- . (...) -- C:\UsbFix [Clean 2] FANCH-PC.txt [9126]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 30/11/2013 - 13:00:52 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf [16284]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 30/11/2013 - 13:00:52 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
O44 - LFC:[MD5.7014769ACE0A20450AE0931973F897C8] - 30/11/2013 - 13:07:32 ---A- . (...) -- C:\Windows\IE11_main.log [12105]
~ Files: 164 Legitimates Filtered in 00mn 56s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.8E5154F80FA887A2CA5A9DED21860499] - 01/12/2013 - 18:24:55 ---A- - C:\Windows\Prefetch\UPDATERSERVICE.EXE-CD00A8B8.pf
O45 - LFCP:[MD5.B3A661A3626553B625421F2C87B1A78B] - 30/11/2013 - 12:41:20 ---A- - C:\Windows\Prefetch\SFTRAYICON.EXE-6C11ED0F.pf
O45 - LFCP:[MD5.68FA196FB30949663DB0F45639BC67E3] - 30/11/2013 - 13:15:11 ---A- - C:\Windows\Prefetch\ADB.EXE-A90CC733.pf
O45 - LFCP:[MD5.6C04ED66C72ED4533A8441175526AF0D] - 30/11/2013 - 13:15:21 ---A- - C:\Windows\Prefetch\HOTKEYUI.EXE-8FA4E4B5.pf
~ Prefetcher: 141 Legitimates Filtered in 00mn 07s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.27BE5089DE6D19AD78894949630488FD] - 31/10/2013 - 07:46:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.18A402335BAA2C6D3334596CA71BB3CF] - 31/10/2013 - 07:46:14 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [189936]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.B8B1B284362E1D8135112573395D5DA5] - 25/06/2010 - 15:08:10 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\Drivers\htcnprot.sys [36928]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 22s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 01/12/2013 - 07:49:09 ---A- . (...) -- C:\Users\fanch\AppData\Local\HTC MediaHub\application.db [27648]
O61 - LFC: 01/12/2013 - 07:49:10 ---A- . (...) -- C:\Users\fanch\AppData\Local\HTC MediaHub\Gallery\NFileCache.cdb [5310464]
O61 - LFC: 01/12/2013 - 07:57:51 ---A- . (...) -- C:\Users\fanch\Downloads\RogueKillerX64 (1).exe [1124731]
O61 - LFC: 01/12/2013 - 07:57:51 ---A- . (...) -- C:\Users\fanch\Downloads\RogueKillerX64.exe [4172288]
O61 - LFC: 02/12/2013 - 07:48:53 ---A- . (...) -- C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [269567]
O61 - LFC: 02/12/2013 - 07:49:05 ---A- . (...) -- C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Local State [47982]
O61 - LFC: 02/12/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\Log.txt [63818] =>.Nicolas Coolman
O61 - LFC: 02/12/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\TestsZHPDiag.txt [2859] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\ZHPDiag.txt [221713] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\ZHPExportRegistry-30-11-2013-11-49-19.txt [629850] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\ZHPFixQuarantine.txt [2595] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\ZHPFix[R1].txt [7262] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:57:47 ---A- . (...) -- C:\Users\fanch\Downloads\adwcleaner.exe [1091882]
~ 28 Fichiers temporaires (Temporary files)
~ Files: 451 Legitimates Filtered in 09mn 16s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - www.usbfix.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome.4WI7Z2S5TRE7MHLREXFKH6GBJU> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.9F0C1B7F7F2EFF62D65EDF5B67F3FF72] [SPRF][26/11/2013] (...) -- C:\Users\fanch\AppData\Roaming\wklnhst.dat [916]
[MD5.7F7ED3CD7F43486CC126B7DCD0F2D62B] [SPRF][06/07/2013] (...) -- C:\Users\fanch\Desktop\HPPSdr.exe [5115208]
[MD5.BC2F19F59FB1C5858E8C7C48B20DD460] [SPRF][08/08/2013] (...) -- C:\Users\fanch\Desktop\unzip32-312.exe [1233781]
[MD5.FDF7601429D86D6BFA223227E93D7122] [SPRF][03/03/2013] (...) -- C:\Users\fanch\Desktop\WebBrowserSetup(1).exe [621328]
[MD5.FDF7601429D86D6BFA223227E93D7122] [SPRF][03/03/2013] (...) -- C:\Users\fanch\Desktop\WebBrowserSetup.exe [621328]
~ Files: 12 Legitimates Filtered in 00mn 07s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{20882665-F13C-4268-8647-451C9F582049}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
~ Firewall: 194 Legitimates Filtered in 00mn 02s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9E03912E4519735207BF15BFF478627E] [WIS][07/11/2013] (.HTC - HTC Sync Manager.) -- C:\Windows\Installer\116fd5b4.msi [62752768]
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\4025ed9f.msi [459264]
~ WIS: 143 Legitimates Filtered in 02mn 47s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 29/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 24/10/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/10/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 11/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 15/01/2010 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Disabled 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Disabled 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 05/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 31/10/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 13/06/2004 57344 | (Brother XP spl Service) . (.brother Industries Ltd.) - C:\Windows\SysWOW64\brsvc01a.exe
SR - | Auto 10/08/2009 626208 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SR - | Auto 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 02/09/2013 87368 | (HTCMonitorService) . (.Nero AG.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 10/08/2009 206880 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SR - | Auto 31/01/2013 878368 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 19/02/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SR - | Auto 29/01/2010 243232 | (Updater Service) . (.Acer Group.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 03mn 24s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by fanch at 02/12/2013 08:01:49
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by fanch at 02/12/2013 08:01:57
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 07s
---\\ Scan Additionnel (O88)
Database Version : 13007 - (01/12/2013)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 289696 Items scanned in 02mn 50s
~ 1879 Legitimates filtered by white list
End of the scan (475 lines in 35mn 26s)(0)
voici le rapport :
~ Rapport de ZHPDiag v2013.12.1.4 - Nicolas Coolman (01/12/2013)
~ Lancé par fanch (02/12/2013 07:29:29)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16428
MFIE: Mozilla Firefox 24.0
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1501.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v4.00 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2815 MB (14% free)
System Restore: Activé (Enable)
System drive C: has 466 GB (80%) free of 577 GB
---\\ Mode de connexion au système
~ Computer Name: FANCH-PC
~ User Name: fanch
~ All Users Names: UpdatusUser, HomeGroupUser$, fanch, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\fanch\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\fanch\AppData\Roaming\
~ %Desktop% : C:\Users\fanch\Desktop\
~ %Favorites% : C:\Users\fanch\Favorites\
~ %LocalAppData% : C:\Users\fanch\AppData\Local\
~ %StartMenu% : C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 466 Go of 577 Go)
D: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 44 Legitimates Filtered in 00mn 05s
---\\ Recherche particulière de fichiers génériques
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Explorateur Windows.) (.20/11/2010 - 14:24:45.) -- C:\Windows\Explorer.exe [2872320]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E6CB36B85BE59095337427E853A5B65A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.30/11/2013 - 13:00:53.) -- C:\Windows\System32\wininet.dll [2332160]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 18s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/664
~ Mes Favoris (My Favorites) : 1/56
~ Mes Documents (My Documents) : 1/5473
~ Mon Bureau (My Desktop) : 2/1771
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 05mn 13s
---\\ Processus lancés
[MD5.68E205763F908336F84FD1AC4D95A5C1] - (...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe [821600] [PID.2512]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2896]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.4000]
[MD5.AD16557CECFB17CF7393D28DC40F6D09] - (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe [563744] [PID.1936]
[MD5.0FA364C4A86335B2D048953D04363537] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968] [PID.3984]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.4984]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.4108]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.4120]
[MD5.636D97B3BAF854511FF3F4093E895FED] - (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe [863184] [PID.1112]
[MD5.3E02FD57FDAF184A15CCAD9D9BD9C626] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8263680] [PID.4660]
[MD5.2B243715E7697E5AAA858CEB6AF680BC] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808] [PID.1288]
[MD5.C711ED965009BDCFF9AA62CEB6FF1AAD] - (.brother Industries Ltd - brsvc01a.) -- C:\Windows\SysWOW64\brsvc01a.exe [57344] [PID.1456]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1604]
[MD5.9B01D42D72FD0526360C174F34C52255] - (.brother Industries Ltd - brss01a.exe.) -- C:\Windows\SysWOW64\brss01a.exe [45056] [PID.1696]
[MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496] [PID.1144]
[MD5.5C8BC8A28798FD010E7ABC4E0D588CAA] - (.Nero AG - NService Application.) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368] [PID.2360]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2436]
[MD5.465680BDE344CE4FF6646626AA3A9125] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe [223112] [PID.2492]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2704]
[MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Pas de propriétaire - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2780]
[MD5.F9EC9ACD504D823D9B9CA98A4F8D3CA2] - (.Acer Group - Updater Service.) -- C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [243232] [PID.2924]
[MD5.A3A25E0509F67473B960DAF214828BE3] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1259296] [PID.664]
~ Processes Running: Scanned in 00mn 31s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 14 Legitimates Filtered in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\prefs.js
~ Firefox Browser: 23 Legitimates Filtered in 00mn 05s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer-group.com/selection.html
~ IE Browser: 14 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: e-Carte Bleue Browser Helper Object [64Bits] - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Windows\SysWow64\BhoECart.dll
~ BHO: 9 Legitimates Filtered in 00mn 01s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: bwin football widget.lnk . (.infoMantis GmbH - iSaver - Control Application.) -- C:\Program Files (x86)\iSaver\iSaverCtrl.exe
O4 - GS\Desktop [Public]: HTC Sync Manager.lnk . (...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: NAVIGON Fresh.lnk . (.NAVIGON AG - NAVIGON Fresh GUI.) -- C:\Program Files (x86)\NAVIGON\NAVIGON Fresh\bin\Fresh.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [UpdatusUser]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\QuickLaunch [fanch]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [fanch]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Program [fanch]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [fanch]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [fanch]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\Desktop [fanch]: 100media - Raccourci.lnk . (...) -- C:\Users\fanch\Documents\HTC\Gallery\ht23zw112735\dcim\100media
O4 - GS\Desktop [fanch]: belote-en-ligne.fr.lnk . (...) -- C:\Windows\SysWOW64\javaws.exe (.not file.)
O4 - GS\Desktop [fanch]: EVEREST Ultimate Edition.lnk . (.Lavalys, Inc. - EVEREST Ultimate Edition.) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
O4 - GS\Desktop [fanch]: Facebook.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
O4 - GS\Desktop [fanch]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [fanch]: HTC - Raccourci.lnk . (...) -- C:\Users\fanch\Documents\HTC
O4 - GS\Desktop [fanch]: SosVirus Forum Gratuit.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe https://www.sosvirus.net/
O4 - GS\Desktop [fanch]: SosVirus sur Facebook.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe https://www.facebook.com/
O4 - GS\Desktop [fanch]: Super Fast Browser.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
O4 - GS\Desktop [fanch]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\Desktop [fanch]: Virtualis.lnk . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Program Files (x86)\Virtualis\CMB.exe
O4 - GS\Desktop [fanch]: YouTube.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
~ Global Startup: 80 Legitimates Filtered in 00mn 39s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - GS\Startup [fanch]: OpenOffice.org 3.2.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKLM\..\Wow6432Node\Run: [Hotkey Utility] . (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iSaverCtrl] . (.infoMantis GmbH - iSaver - Control Application.) -- C:\Program Files (x86)\iSaver\iSaverCtrl.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [20131121] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\Alwil Software\Avast5\setup\emupdate\8b53bada-63ad-4f1b-9f28-d2d645f77039.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Registration.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
~ Application: Scanned in 00mn 02s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
~ Services: 14 Legitimates Filtered in 00mn 17s
---\\ Logiciels installés (O42)
O42 - Logiciel: The Unzip Wizard - (...) [HKLM][64Bits] -- The Unzip Wizard
O42 - Logiciel: bwin football widget - (.InfoMantis GmbH.) [HKLM][64Bits] -- {A662D31B-6164-450A-A3C6-F0CCC5B27172}
~ Logic: 38 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ScreeNet]
[HKCU\Software\Super Fast Browser]
[HKLM\Software\Wow6432Node\ScreeNet]
~ Key Software: 317 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/11/2012 - 07:03:34 - [13,136] ----D C:\Program Files (x86)\iSaver
O43 - CFD: 08/08/2013 - 06:23:49 - [1,921] ----D C:\Program Files (x86)\Unzip Wizard
O43 - CFD: 28/11/2013 - 21:56:51 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 26/11/2013 - 23:20:41 - [0,008] ----D C:\Users\fanch\AppData\Roaming\ScreeNet iSaver
O43 - CFD: 16/03/2013 - 06:20:28 - [0] ----D C:\Users\fanch\AppData\Roaming\Web Browser Packages
O43 - CFD: 03/03/2013 - 22:38:00 - [83,517] ----D C:\Users\fanch\AppData\Local\Release
O43 - CFD: 07/11/2012 - 07:03:43 - [27,978] ----D C:\Users\fanch\AppData\Local\ScreeNet iSaver
O43 - CFD: 03/03/2013 - 22:38:23 - [88,271] ----D C:\Users\fanch\AppData\Local\SuperFast
O43 - CFD: 08/08/2013 - 06:25:17 - [0,003] ----D C:\Users\fanch\AppData\Local\Unzip Wizard
O43 - CFD: 03/03/2013 - 22:38:24 - [0,001] ----D C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Fast Browser
O43 - CFD: 08/08/2013 - 06:22:45 - [0] ----D C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unzip Wizard
~ Program Folder: 201 Legitimates Filtered in 01mn 58s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.86723DB00956D147BEDBCF2A972D9DFF] - 02/12/2013 - 07:38:42 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.86723DB00956D147BEDBCF2A972D9DFF] - 02/12/2013 - 07:38:42 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.86723DB00956D147BEDBCF2A972D9DFF] - 02/12/2013 - 07:38:43 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.86723DB00956D147BEDBCF2A972D9DFF] - 02/12/2013 - 07:38:43 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [18736]
O44 - LFC:[MD5.A2DC6C10BC49B047C588810664A08A17] - 30/11/2013 - 12:08:25 ----- . (...) -- C:\UsbFix [Clean 1] FANCH-PC.txt [9715]
O44 - LFC:[MD5.CFC32C6A3D0E87B6B35C560F7B467861] - 30/11/2013 - 12:20:48 ---A- . (...) -- C:\Windows\ntbtlog.txt [33262]
O44 - LFC:[MD5.0085F3DEA3CC6AFF5720CED642934D6C] - 30/11/2013 - 12:25:32 ---A- . (...) -- C:\UsbFix [Clean 2] FANCH-PC.txt [9126]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 30/11/2013 - 13:00:52 ---A- . (...) -- C:\Windows\SysNative\ieuinit.inf [16284]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 30/11/2013 - 13:00:52 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16284]
O44 - LFC:[MD5.7014769ACE0A20450AE0931973F897C8] - 30/11/2013 - 13:07:32 ---A- . (...) -- C:\Windows\IE11_main.log [12105]
~ Files: 164 Legitimates Filtered in 00mn 56s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.8E5154F80FA887A2CA5A9DED21860499] - 01/12/2013 - 18:24:55 ---A- - C:\Windows\Prefetch\UPDATERSERVICE.EXE-CD00A8B8.pf
O45 - LFCP:[MD5.B3A661A3626553B625421F2C87B1A78B] - 30/11/2013 - 12:41:20 ---A- - C:\Windows\Prefetch\SFTRAYICON.EXE-6C11ED0F.pf
O45 - LFCP:[MD5.68FA196FB30949663DB0F45639BC67E3] - 30/11/2013 - 13:15:11 ---A- - C:\Windows\Prefetch\ADB.EXE-A90CC733.pf
O45 - LFCP:[MD5.6C04ED66C72ED4533A8441175526AF0D] - 30/11/2013 - 13:15:21 ---A- - C:\Windows\Prefetch\HOTKEYUI.EXE-8FA4E4B5.pf
~ Prefetcher: 141 Legitimates Filtered in 00mn 07s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.27BE5089DE6D19AD78894949630488FD] - 31/10/2013 - 07:46:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.18A402335BAA2C6D3334596CA71BB3CF] - 31/10/2013 - 07:46:14 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [189936]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.B8B1B284362E1D8135112573395D5DA5] - 25/06/2010 - 15:08:10 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\Drivers\htcnprot.sys [36928]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 22s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 01/12/2013 - 07:49:09 ---A- . (...) -- C:\Users\fanch\AppData\Local\HTC MediaHub\application.db [27648]
O61 - LFC: 01/12/2013 - 07:49:10 ---A- . (...) -- C:\Users\fanch\AppData\Local\HTC MediaHub\Gallery\NFileCache.cdb [5310464]
O61 - LFC: 01/12/2013 - 07:57:51 ---A- . (...) -- C:\Users\fanch\Downloads\RogueKillerX64 (1).exe [1124731]
O61 - LFC: 01/12/2013 - 07:57:51 ---A- . (...) -- C:\Users\fanch\Downloads\RogueKillerX64.exe [4172288]
O61 - LFC: 02/12/2013 - 07:48:53 ---A- . (...) -- C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [269567]
O61 - LFC: 02/12/2013 - 07:49:05 ---A- . (...) -- C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Local State [47982]
O61 - LFC: 02/12/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\Log.txt [63818] =>.Nicolas Coolman
O61 - LFC: 02/12/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\TestsZHPDiag.txt [2859] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\ZHPADSReport.txt [351] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\ZHPDiag.txt [221713] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\ZHPExportRegistry-30-11-2013-11-49-19.txt [629850] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\ZHPFixQuarantine.txt [2595] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:56:37 ---A- . (...) -- C:\Users\fanch\AppData\Roaming\ZHP\ZHPFix[R1].txt [7262] =>.Nicolas Coolman
O61 - LFC: 30/11/2013 - 07:57:47 ---A- . (...) -- C:\Users\fanch\Downloads\adwcleaner.exe [1091882]
~ 28 Fichiers temporaires (Temporary files)
~ Files: 451 Legitimates Filtered in 09mn 16s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - www.usbfix.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome.4WI7Z2S5TRE7MHLREXFKH6GBJU> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - https://www.google.com/?gws_rd=ssl
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.9F0C1B7F7F2EFF62D65EDF5B67F3FF72] [SPRF][26/11/2013] (...) -- C:\Users\fanch\AppData\Roaming\wklnhst.dat [916]
[MD5.7F7ED3CD7F43486CC126B7DCD0F2D62B] [SPRF][06/07/2013] (...) -- C:\Users\fanch\Desktop\HPPSdr.exe [5115208]
[MD5.BC2F19F59FB1C5858E8C7C48B20DD460] [SPRF][08/08/2013] (...) -- C:\Users\fanch\Desktop\unzip32-312.exe [1233781]
[MD5.FDF7601429D86D6BFA223227E93D7122] [SPRF][03/03/2013] (...) -- C:\Users\fanch\Desktop\WebBrowserSetup(1).exe [621328]
[MD5.FDF7601429D86D6BFA223227E93D7122] [SPRF][03/03/2013] (...) -- C:\Users\fanch\Desktop\WebBrowserSetup.exe [621328]
~ Files: 12 Legitimates Filtered in 00mn 07s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{20882665-F13C-4268-8647-451C9F582049}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
~ Firewall: 194 Legitimates Filtered in 00mn 02s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9E03912E4519735207BF15BFF478627E] [WIS][07/11/2013] (.HTC - HTC Sync Manager.) -- C:\Windows\Installer\116fd5b4.msi [62752768]
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\4025ed9f.msi [459264]
~ WIS: 143 Legitimates Filtered in 02mn 47s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 29/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 24/10/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/10/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 11/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 15/01/2010 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Disabled 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Disabled 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 05/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 31/10/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 13/06/2004 57344 | (Brother XP spl Service) . (.brother Industries Ltd.) - C:\Windows\SysWOW64\brsvc01a.exe
SR - | Auto 10/08/2009 626208 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SR - | Auto 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 02/09/2013 87368 | (HTCMonitorService) . (.Nero AG.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 10/08/2009 206880 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SR - | Auto 31/01/2013 878368 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 19/02/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SR - | Auto 29/01/2010 243232 | (Updater Service) . (.Acer Group.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 03mn 24s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by fanch at 02/12/2013 08:01:49
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by fanch at 02/12/2013 08:01:57
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 07s
---\\ Scan Additionnel (O88)
Database Version : 13007 - (01/12/2013)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
~ Additionnel Scan: 289696 Items scanned in 02mn 50s
~ 1879 Legitimates filtered by white list
End of the scan (475 lines in 35mn 26s)(0)
re
ok, fais ceci et poste le rapport s'il te plaît
lance zhpfix en tant qu'administrateur (clic droit)
copie tout le texte en gras ci-dessous
clique sur importer et dans la fenêtre qui s'ouvre sur ok
ensuite, colle le texte dans la fenêtre
clic sur GO en bas de page et confirme par oui pour lancer le nettoyage des données
le texte a copier
Script zhpfix
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com
O4 - GS\Desktop [fanch]: belote-en-ligne.fr.lnk . (...) -- C:\Windows\SysWOW64\javaws.exe (.not file.)
EmptyTemp
EmptyFlash
le rapport s'affichera sur ton bureau et dans C:\zhpfix.txt
poste le rapport via ce lien https://www.cjoint.com/
@+
ok, fais ceci et poste le rapport s'il te plaît
lance zhpfix en tant qu'administrateur (clic droit)
copie tout le texte en gras ci-dessous
clique sur importer et dans la fenêtre qui s'ouvre sur ok
ensuite, colle le texte dans la fenêtre
clic sur GO en bas de page et confirme par oui pour lancer le nettoyage des données
le texte a copier
Script zhpfix
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com
O4 - GS\Desktop [fanch]: belote-en-ligne.fr.lnk . (...) -- C:\Windows\SysWOW64\javaws.exe (.not file.)
EmptyTemp
EmptyFlash
le rapport s'affichera sur ton bureau et dans C:\zhpfix.txt
poste le rapport via ce lien https://www.cjoint.com/
@+
Salut Billmax,
hier soir coupure de courant donc je n'ai rien pu faire,
j'ai fait ce que tu as demandé, ci dessous le rapport.
depuis les premières interventions je n'ai plus cette appli bizarre "isaver ctrl, erreur fatale" qui s'affiche, mais le pc continue de bosser en permanence (disque dur ou processeur je sais pas) .
Rapport de ZHPFix 2013.12.1.2 par Nicolas Coolman, Update du 01/12/2013
Fichier d'export Registre :
Run by fanch at 03/12/2013 07:04:48
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vidée (00mn 01s)
========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R1 Search Page =
========== Dossiers ==========
SUPPRIMÉS Temporaires Windows (14)
SUPPRIMÉS Flash Cookies (0)
========== Fichiers ==========
SUPPRIMÉ: c:\users\fanch\desktop\belote-en-ligne.fr.lnk
SUPPRIMÉS Temporaires Windows (44) (2 502 433 octets)
SUPPRIMÉS Flash Cookies (0) (0 octets)
========== Récapitulatif ==========
1 : Eléments de donnée du Registre
2 : Dossiers
3 : Fichiers
End of clean in 00mn 05s
========== Chemin de fichier rapport ==========
C:\Users\fanch\AppData\Roaming\ZHP\ZHPFix[R1].txt - 30/11/2013 11:49:10 [7262]
C:\Users\fanch\AppData\Roaming\ZHP\ZHPFix[R2].txt - 03/12/2013 07:04:50 [905]
hier soir coupure de courant donc je n'ai rien pu faire,
j'ai fait ce que tu as demandé, ci dessous le rapport.
depuis les premières interventions je n'ai plus cette appli bizarre "isaver ctrl, erreur fatale" qui s'affiche, mais le pc continue de bosser en permanence (disque dur ou processeur je sais pas) .
Rapport de ZHPFix 2013.12.1.2 par Nicolas Coolman, Update du 01/12/2013
Fichier d'export Registre :
Run by fanch at 03/12/2013 07:04:48
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vidée (00mn 01s)
========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R1 Search Page =
========== Dossiers ==========
SUPPRIMÉS Temporaires Windows (14)
SUPPRIMÉS Flash Cookies (0)
========== Fichiers ==========
SUPPRIMÉ: c:\users\fanch\desktop\belote-en-ligne.fr.lnk
SUPPRIMÉS Temporaires Windows (44) (2 502 433 octets)
SUPPRIMÉS Flash Cookies (0) (0 octets)
========== Récapitulatif ==========
1 : Eléments de donnée du Registre
2 : Dossiers
3 : Fichiers
End of clean in 00mn 05s
========== Chemin de fichier rapport ==========
C:\Users\fanch\AppData\Roaming\ZHP\ZHPFix[R1].txt - 30/11/2013 11:49:10 [7262]
C:\Users\fanch\AppData\Roaming\ZHP\ZHPFix[R2].txt - 03/12/2013 07:04:50 [905]
re
On dirait que ça va mieux... mais dès que je l'entends tourner sans raison le pc m'inquiete toujours... ;-)
tu as des programmes qui tournent en arrière plan , c'est normal
fais 1 checkdisk et coche bien les 2 cases (regarde l'étape 2 dans le tutoriel-2-Utiliser CHKDSK à partir du GUI)
http://www.overclocking-pc.fr/forums/showthread.php?13174-TUTO-Commande-CHKDSK
l'opération peut durer 1 bon moment, laisse bosser le pc
j'ai une question, est-ce que je peux naviguer sur le web et faire des paiements sécurisés ou alors surtout pas?
oui, tu peux le faire
@+
On dirait que ça va mieux... mais dès que je l'entends tourner sans raison le pc m'inquiete toujours... ;-)
tu as des programmes qui tournent en arrière plan , c'est normal
fais 1 checkdisk et coche bien les 2 cases (regarde l'étape 2 dans le tutoriel-2-Utiliser CHKDSK à partir du GUI)
http://www.overclocking-pc.fr/forums/showthread.php?13174-TUTO-Commande-CHKDSK
l'opération peut durer 1 bon moment, laisse bosser le pc
j'ai une question, est-ce que je peux naviguer sur le web et faire des paiements sécurisés ou alors surtout pas?
oui, tu peux le faire
@+
salut
fais ceci et poste le rapport s'il te plaît
http://www.sosvirus.net/viewtopic.php?f=281&t=662&p=4208#p4208
merci
@+
fais ceci et poste le rapport s'il te plaît
http://www.sosvirus.net/viewtopic.php?f=281&t=662&p=4208#p4208
merci
@+
20:14:26.0388 3760 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:14:28.0426 3760 ============================================================
20:14:28.0426 3760 Current date / time: 2013/12/05 20:14:28.0426
20:14:28.0426 3760 SystemInfo:
20:14:28.0426 3760
20:14:28.0426 3760 OS Version: 6.1.7601 ServicePack: 1.0
20:14:28.0426 3760 Product type: Workstation
20:14:28.0433 3760 ComputerName: FANCH-PC
20:14:28.0576 3760 UserName: fanch
20:14:28.0576 3760 Windows directory: C:\Windows
20:14:28.0576 3760 System windows directory: C:\Windows
20:14:28.0576 3760 Running under WOW64
20:14:28.0576 3760 Processor architecture: Intel x64
20:14:28.0576 3760 Number of processors: 2
20:14:28.0576 3760 Page size: 0x1000
20:14:28.0576 3760 Boot type: Normal boot
20:14:28.0576 3760 ============================================================
20:14:40.0326 3760 BG loaded
20:14:41.0046 3760 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:14:41.0350 3760 ============================================================
20:14:41.0350 3760 \Device\Harddisk0\DR0:
20:14:41.0373 3760 MBR partitions:
20:14:41.0373 3760 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2600800, BlocksNum 0x32000
20:14:41.0373 3760 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2632800, BlocksNum 0x48225000
20:14:41.0373 3760 ============================================================
20:14:41.0535 3760 C: <-> \Device\Harddisk0\DR0\Partition2
20:14:41.0900 3760 ============================================================
20:14:41.0900 3760 Initialize success
20:14:41.0900 3760 ============================================================
20:15:10.0629 2240 ============================================================
20:15:10.0629 2240 Scan started
20:15:10.0629 2240 Mode: Manual; SigCheck; TDLFS;
20:15:10.0629 2240 ============================================================
20:15:11.0527 2240 ================ Scan system memory ========================
20:15:11.0527 2240 System memory - ok
20:15:11.0529 2240 ================ Scan services =============================
20:15:11.0687 2240 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:15:12.0311 2240 1394ohci - ok
20:15:12.0355 2240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:15:12.0391 2240 ACPI - ok
20:15:12.0427 2240 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:15:12.0521 2240 AcpiPmi - ok
20:15:12.0581 2240 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:15:12.0601 2240 AdobeARMservice - ok
20:15:12.0841 2240 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:15:12.0864 2240 AdobeFlashPlayerUpdateSvc - ok
20:15:12.0909 2240 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:15:12.0958 2240 adp94xx - ok
20:15:12.0988 2240 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:15:13.0007 2240 adpahci - ok
20:15:13.0021 2240 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:15:13.0038 2240 adpu320 - ok
20:15:13.0061 2240 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:15:13.0202 2240 AeLookupSvc - ok
20:15:13.0242 2240 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
20:15:13.0350 2240 AFD - ok
20:15:13.0383 2240 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:15:13.0408 2240 agp440 - ok
20:15:13.0449 2240 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:15:13.0629 2240 ALG - ok
20:15:13.0675 2240 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:15:13.0694 2240 aliide - ok
20:15:13.0740 2240 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:15:13.0753 2240 amdide - ok
20:15:13.0783 2240 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:15:13.0885 2240 AmdK8 - ok
20:15:13.0899 2240 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:15:13.0935 2240 AmdPPM - ok
20:15:13.0976 2240 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:15:13.0991 2240 amdsata - ok
20:15:14.0037 2240 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:15:14.0053 2240 amdsbs - ok
20:15:14.0067 2240 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:15:14.0081 2240 amdxata - ok
20:15:14.0112 2240 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:15:14.0256 2240 AppID - ok
20:15:14.0280 2240 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:15:14.0338 2240 AppIDSvc - ok
20:15:14.0416 2240 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
20:15:14.0516 2240 Appinfo - ok
20:15:14.0573 2240 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:15:14.0607 2240 arc - ok
20:15:14.0626 2240 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:15:14.0654 2240 arcsas - ok
20:15:14.0699 2240 [ E890B3CD47B013692960BFA6607D10C0 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:15:14.0824 2240 aswFsBlk - ok
20:15:14.0876 2240 [ D4C39799426382DDA073CD44E65AF533 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:15:14.0890 2240 aswMonFlt - ok
20:15:14.0922 2240 [ 54E6D9551DCBC13604DD3257C14C08D8 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:15:14.0936 2240 aswRdr - ok
20:15:14.0955 2240 [ 27BE5089DE6D19AD78894949630488FD ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
20:15:14.0968 2240 aswRvrt - ok
20:15:15.0033 2240 [ B18E19313FFB92E173DAF93C38148893 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:15:15.0080 2240 aswSnx - ok
20:15:15.0097 2240 [ 4513474C63D67EEE4734D4D2ACFD19E7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:15:15.0117 2240 aswSP - ok
20:15:15.0138 2240 [ 7DFB9A17DDBF9B6AA7859923A3C8FE62 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:15:15.0152 2240 aswTdi - ok
20:15:15.0185 2240 [ 18A402335BAA2C6D3334596CA71BB3CF ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
20:15:15.0202 2240 aswVmm - ok
20:15:15.0221 2240 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:15:15.0279 2240 AsyncMac - ok
20:15:15.0327 2240 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:15:15.0341 2240 atapi - ok
20:15:15.0631 2240 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\drivers\atikmdag.sys
20:15:16.0387 2240 atikmdag - ok
20:15:16.0438 2240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:15:16.0544 2240 AudioEndpointBuilder - ok
20:15:16.0557 2240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:15:16.0639 2240 AudioSrv - ok
20:15:16.0719 2240 [ 2B243715E7697E5AAA858CEB6AF680BC ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:15:16.0734 2240 avast! Antivirus - ok
20:15:16.0781 2240 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:15:16.0895 2240 AxInstSV - ok
20:15:16.0928 2240 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:15:17.0005 2240 b06bdrv - ok
20:15:17.0055 2240 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:15:17.0099 2240 b57nd60a - ok
20:15:17.0136 2240 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:15:17.0227 2240 BDESVC - ok
20:15:17.0247 2240 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:15:17.0306 2240 Beep - ok
20:15:17.0355 2240 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:15:17.0431 2240 BFE - ok
20:15:17.0477 2240 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:15:17.0582 2240 BITS - ok
20:15:17.0619 2240 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:15:17.0650 2240 blbdrive - ok
20:15:17.0687 2240 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:15:17.0752 2240 bowser - ok
20:15:17.0773 2240 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:15:17.0834 2240 BrFiltLo - ok
20:15:17.0858 2240 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:15:17.0874 2240 BrFiltUp - ok
20:15:17.0899 2240 [ C711ED965009BDCFF9AA62CEB6FF1AAD ] Brother XP spl Service C:\Windows\SysWOW64\brsvc01a.exe
20:15:17.0922 2240 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - warning
20:15:17.0922 2240 Brother XP spl Service - detected UnsignedFile.Multi.Generic (1)
20:15:17.0958 2240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:15:18.0037 2240 Browser - ok
20:15:18.0052 2240 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:15:18.0130 2240 Brserid - ok
20:15:18.0145 2240 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:15:18.0178 2240 BrSerWdm - ok
20:15:18.0194 2240 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:15:18.0228 2240 BrUsbMdm - ok
20:15:18.0249 2240 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:15:18.0271 2240 BrUsbSer - ok
20:15:18.0289 2240 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:15:18.0327 2240 BTHMODEM - ok
20:15:18.0391 2240 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:15:18.0450 2240 bthserv - ok
20:15:18.0477 2240 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:15:18.0543 2240 cdfs - ok
20:15:18.0590 2240 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:15:18.0620 2240 cdrom - ok
20:15:18.0661 2240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:15:18.0713 2240 CertPropSvc - ok
20:15:18.0736 2240 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:15:18.0778 2240 circlass - ok
20:15:18.0849 2240 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:15:18.0889 2240 CLFS - ok
20:15:18.0956 2240 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:15:18.0990 2240 clr_optimization_v2.0.50727_32 - ok
20:15:19.0040 2240 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:15:19.0082 2240 clr_optimization_v2.0.50727_64 - ok
20:15:19.0107 2240 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:15:19.0155 2240 CmBatt - ok
20:15:19.0175 2240 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:15:19.0187 2240 cmdide - ok
20:15:19.0225 2240 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
20:15:19.0271 2240 CNG - ok
20:15:19.0283 2240 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:15:19.0296 2240 Compbatt - ok
20:15:19.0321 2240 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:15:19.0373 2240 CompositeBus - ok
20:15:19.0392 2240 COMSysApp - ok
20:15:19.0408 2240 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:15:19.0422 2240 crcdisk - ok
20:15:19.0456 2240 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:15:19.0525 2240 CryptSvc - ok
20:15:19.0566 2240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:15:19.0632 2240 DcomLaunch - ok
20:15:19.0658 2240 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:15:19.0711 2240 defragsvc - ok
20:15:19.0750 2240 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:15:19.0825 2240 DfsC - ok
20:15:19.0852 2240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:15:19.0914 2240 Dhcp - ok
20:15:19.0937 2240 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:15:19.0991 2240 discache - ok
20:15:20.0018 2240 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:15:20.0032 2240 Disk - ok
20:15:20.0064 2240 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:15:20.0137 2240 Dnscache - ok
20:15:20.0161 2240 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:15:20.0209 2240 dot3svc - ok
20:15:20.0255 2240 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:15:20.0291 2240 Dot4 - ok
20:15:20.0318 2240 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:15:20.0353 2240 Dot4Print - ok
20:15:20.0394 2240 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:15:20.0435 2240 dot4usb - ok
20:15:20.0476 2240 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:15:20.0528 2240 DPS - ok
20:15:20.0568 2240 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:15:20.0600 2240 drmkaud - ok
20:15:20.0635 2240 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:15:20.0680 2240 DXGKrnl - ok
20:15:20.0722 2240 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:15:20.0783 2240 EapHost - ok
20:15:20.0850 2240 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:15:20.0939 2240 ebdrv - ok
20:15:20.0959 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
20:15:21.0020 2240 EFS - ok
20:15:21.0043 2240 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:15:21.0077 2240 elxstor - ok
20:15:21.0103 2240 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:15:21.0144 2240 ErrDev - ok
20:15:21.0195 2240 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:15:21.0271 2240 EventSystem - ok
20:15:21.0297 2240 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:15:21.0350 2240 exfat - ok
20:15:21.0378 2240 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:15:21.0429 2240 fastfat - ok
20:15:21.0475 2240 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:15:21.0594 2240 Fax - ok
20:15:21.0608 2240 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:15:21.0639 2240 fdc - ok
20:15:21.0663 2240 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:15:21.0716 2240 fdPHost - ok
20:15:21.0737 2240 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:15:21.0791 2240 FDResPub - ok
20:15:21.0817 2240 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:15:21.0843 2240 FileInfo - ok
20:15:21.0863 2240 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:15:21.0921 2240 Filetrace - ok
20:15:21.0944 2240 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:15:21.0979 2240 flpydisk - ok
20:15:22.0018 2240 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:15:22.0037 2240 FltMgr - ok
20:15:22.0107 2240 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:15:22.0204 2240 FontCache - ok
20:15:22.0248 2240 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:15:22.0278 2240 FontCache3.0.0.0 - ok
20:15:22.0327 2240 [ 52B58A46BEEFB238C580B69FD051CB5B ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
20:15:22.0383 2240 ForceWare Intelligent Application Manager (IAM) - ok
20:15:22.0400 2240 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:15:22.0414 2240 FsDepends - ok
20:15:22.0438 2240 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:15:22.0456 2240 Fs_Rec - ok
20:15:22.0514 2240 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:15:22.0533 2240 fvevol - ok
20:15:22.0551 2240 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:15:22.0575 2240 gagp30kx - ok
20:15:22.0681 2240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:15:22.0751 2240 gpsvc - ok
20:15:22.0818 2240 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
20:15:22.0881 2240 Greg_Service - ok
20:15:22.0932 2240 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:15:22.0957 2240 gupdate - ok
20:15:23.0020 2240 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:15:23.0032 2240 gupdatem - ok
20:15:23.0048 2240 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:15:23.0132 2240 hcw85cir - ok
20:15:23.0165 2240 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:15:23.0220 2240 HdAudAddService - ok
20:15:23.0252 2240 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:15:23.0286 2240 HDAudBus - ok
20:15:23.0294 2240 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:15:23.0338 2240 HidBatt - ok
20:15:23.0372 2240 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:15:23.0390 2240 HidBth - ok
20:15:23.0412 2240 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:15:23.0440 2240 HidIr - ok
20:15:23.0475 2240 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:15:23.0529 2240 hidserv - ok
20:15:23.0576 2240 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:15:23.0615 2240 HidUsb - ok
20:15:23.0637 2240 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:15:23.0701 2240 hkmsvc - ok
20:15:23.0737 2240 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:15:23.0802 2240 HomeGroupListener - ok
20:15:23.0845 2240 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:15:23.0883 2240 HomeGroupProvider - ok
20:15:23.0987 2240 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:15:24.0018 2240 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0018 2240 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:15:24.0028 2240 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:15:24.0036 2240 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0036 2240 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:15:24.0060 2240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:15:24.0074 2240 HpSAMD - ok
20:15:24.0186 2240 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:15:24.0224 2240 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0224 2240 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
20:15:24.0250 2240 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:15:24.0332 2240 HTCAND64 - ok
20:15:24.0413 2240 [ 5C8BC8A28798FD010E7ABC4E0D588CAA ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
20:15:24.0439 2240 HTCMonitorService - ok
20:15:24.0477 2240 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
20:15:24.0497 2240 htcnprot - ok
20:15:24.0525 2240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:15:24.0606 2240 HTTP - ok
20:15:24.0639 2240 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:15:24.0655 2240 hwpolicy - ok
20:15:24.0712 2240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:15:24.0741 2240 i8042prt - ok
20:15:24.0784 2240 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:15:24.0804 2240 iaStorV - ok
20:15:24.0850 2240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:15:24.0904 2240 idsvc - ok
20:15:24.0941 2240 IEEtwCollectorService - ok
20:15:24.0964 2240 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:15:24.0978 2240 iirsp - ok
20:15:25.0010 2240 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
20:15:25.0080 2240 IKEEXT - ok
20:15:25.0154 2240 [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:15:25.0218 2240 IntcAzAudAddService - ok
20:15:25.0247 2240 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:15:25.0260 2240 intelide - ok
20:15:25.0278 2240 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:15:25.0304 2240 intelppm - ok
20:15:25.0341 2240 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:15:25.0404 2240 IPBusEnum - ok
20:15:25.0426 2240 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:15:25.0475 2240 IpFilterDriver - ok
20:15:25.0519 2240 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:15:25.0599 2240 iphlpsvc - ok
20:15:25.0629 2240 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:15:25.0673 2240 IPMIDRV - ok
20:15:25.0686 2240 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:15:25.0738 2240 IPNAT - ok
20:15:25.0770 2240 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:15:25.0835 2240 IRENUM - ok
20:15:25.0845 2240 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:15:25.0859 2240 isapnp - ok
20:15:25.0889 2240 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:15:25.0907 2240 iScsiPrt - ok
20:15:25.0938 2240 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:15:25.0951 2240 kbdclass - ok
20:15:25.0983 2240 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:15:26.0010 2240 kbdhid - ok
20:15:26.0034 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
20:15:26.0061 2240 KeyIso - ok
20:15:26.0087 2240 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:15:26.0101 2240 KSecDD - ok
20:15:26.0136 2240 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:15:26.0155 2240 KSecPkg - ok
20:15:26.0165 2240 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:15:26.0214 2240 ksthunk - ok
20:15:26.0242 2240 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:15:26.0293 2240 KtmRm - ok
20:15:26.0321 2240 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:15:26.0373 2240 LanmanServer - ok
20:15:26.0407 2240 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:15:26.0455 2240 LanmanWorkstation - ok
20:15:26.0509 2240 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:15:26.0562 2240 lltdio - ok
20:15:26.0610 2240 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:15:26.0675 2240 lltdsvc - ok
20:15:26.0691 2240 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:15:26.0726 2240 lmhosts - ok
20:15:26.0743 2240 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:15:26.0758 2240 LSI_FC - ok
20:15:26.0774 2240 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:15:26.0789 2240 LSI_SAS - ok
20:15:26.0798 2240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:15:26.0812 2240 LSI_SAS2 - ok
20:15:26.0831 2240 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:15:26.0857 2240 LSI_SCSI - ok
20:15:26.0877 2240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:15:26.0926 2240 luafv - ok
20:15:26.0979 2240 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:15:26.0993 2240 MBAMProtector - ok
20:15:27.0021 2240 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:15:27.0054 2240 MBAMScheduler - ok
20:15:27.0086 2240 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:15:27.0119 2240 MBAMService - ok
20:15:27.0127 2240 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:15:27.0141 2240 megasas - ok
20:15:27.0165 2240 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:15:27.0211 2240 MegaSR - ok
20:15:27.0233 2240 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:15:27.0285 2240 MMCSS - ok
20:15:27.0294 2240 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:15:27.0331 2240 Modem - ok
20:15:27.0362 2240 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:15:27.0407 2240 monitor - ok
20:15:27.0420 2240 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:15:27.0433 2240 mouclass - ok
20:15:27.0450 2240 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:15:27.0476 2240 mouhid - ok
20:15:27.0502 2240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:15:27.0517 2240 mountmgr - ok
20:15:27.0564 2240 [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:15:27.0587 2240 MozillaMaintenance - ok
20:15:27.0622 2240 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:15:27.0640 2240 mpio - ok
20:15:27.0658 2240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:15:27.0694 2240 mpsdrv - ok
20:15:27.0739 2240 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:15:27.0818 2240 MpsSvc - ok
20:15:27.0854 2240 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:15:27.0906 2240 MRxDAV - ok
20:15:27.0941 2240 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:15:27.0997 2240 mrxsmb - ok
20:15:28.0026 2240 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:15:28.0082 2240 mrxsmb10 - ok
20:15:28.0104 2240 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:15:28.0119 2240 mrxsmb20 - ok
20:15:28.0143 2240 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:15:28.0168 2240 msahci - ok
20:15:28.0188 2240 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:15:28.0203 2240 msdsm - ok
20:15:28.0221 2240 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:15:28.0255 2240 MSDTC - ok
20:15:28.0277 2240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:15:28.0311 2240 Msfs - ok
20:15:28.0325 2240 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:15:28.0372 2240 mshidkmdf - ok
20:15:28.0401 2240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:15:28.0420 2240 msisadrv - ok
20:15:28.0450 2240 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:15:28.0500 2240 MSiSCSI - ok
20:15:28.0508 2240 msiserver - ok
20:15:28.0536 2240 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:15:28.0581 2240 MSKSSRV - ok
20:15:28.0601 2240 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:15:28.0635 2240 MSPCLOCK - ok
20:15:28.0652 2240 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:15:28.0708 2240 MSPQM - ok
20:15:28.0749 2240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:15:28.0769 2240 MsRPC - ok
20:15:28.0789 2240 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:15:28.0802 2240 mssmbios - ok
20:15:28.0811 2240 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:15:28.0861 2240 MSTEE - ok
20:15:28.0890 2240 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:15:28.0921 2240 MTConfig - ok
20:15:28.0947 2240 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:15:28.0961 2240 Mup - ok
20:15:29.0002 2240 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:15:29.0065 2240 napagent - ok
20:15:29.0095 2240 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:15:29.0147 2240 NativeWifiP - ok
20:15:29.0169 2240 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
20:15:29.0207 2240 NDIS - ok
20:15:29.0228 2240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:15:29.0280 2240 NdisCap - ok
20:15:29.0312 2240 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:15:29.0363 2240 NdisTapi - ok
20:15:29.0408 2240 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:15:29.0458 2240 Ndisuio - ok
20:15:29.0490 2240 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:15:29.0537 2240 NdisWan - ok
20:15:29.0574 2240 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:15:29.0626 2240 NDProxy - ok
20:15:29.0698 2240 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
20:15:29.0749 2240 Nero BackItUp Scheduler 4.0 - ok
20:15:29.0799 2240 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:15:29.0834 2240 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:15:29.0834 2240 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:15:29.0866 2240 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:15:29.0917 2240 NetBIOS - ok
20:15:29.0958 2240 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:15:30.0013 2240 NetBT - ok
20:15:30.0035 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
20:15:30.0061 2240 Netlogon - ok
20:15:30.0109 2240 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:15:30.0183 2240 Netman - ok
20:15:30.0209 2240 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:15:30.0278 2240 netprofm - ok
20:15:30.0326 2240 [ 883269C1CA478658F1334F3C39B0C7AC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
20:15:30.0386 2240 netr28ux - ok
20:15:30.0404 2240 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:15:30.0417 2240 NetTcpPortSharing - ok
20:15:30.0445 2240 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:15:30.0459 2240 nfrd960 - ok
20:15:30.0498 2240 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:15:30.0550 2240 NlaSvc - ok
20:15:30.0570 2240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:15:30.0604 2240 Npfs - ok
20:15:30.0637 2240 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:15:30.0696 2240 nsi - ok
20:15:30.0721 2240 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:15:30.0771 2240 nsiproxy - ok
20:15:30.0818 2240 [ 20E179A7FE78B37A02D30C4D34C870E7 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
20:15:30.0833 2240 nSvcIp - ok
20:15:30.0882 2240 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:15:30.0945 2240 Ntfs - ok
20:15:30.0960 2240 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:15:31.0006 2240 Null - ok
20:15:31.0035 2240 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
20:15:31.0068 2240 NVENETFD - ok
20:15:31.0330 2240 [ 8E6247F418B4C8AE9EEB0B532CABCC21 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:15:31.0647 2240 nvlddmkm - ok
20:15:31.0680 2240 [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
20:15:31.0699 2240 NVNET - ok
20:15:31.0875 2240 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:15:32.0211 2240 nvraid - ok
20:15:32.0247 2240 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:15:32.0263 2240 nvstor - ok
20:15:32.0309 2240 [ 41B97DCE2B2D113B831EB197F02A7398 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:15:32.0361 2240 nvsvc - ok
20:15:32.0427 2240 [ A3A25E0509F67473B960DAF214828BE3 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:15:32.0474 2240 nvUpdatusService - ok
20:15:32.0493 2240 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:15:32.0517 2240 nv_agp - ok
20:15:32.0547 2240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:15:32.0563 2240 ohci1394 - ok
20:15:32.0612 2240 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:15:32.0637 2240 ose - ok
20:15:32.0666 2240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:15:32.0753 2240 p2pimsvc - ok
20:15:32.0775 2240 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:15:32.0805 2240 p2psvc - ok
20:15:32.0818 2240 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:15:32.0834 2240 Parport - ok
20:15:32.0866 2240 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:15:32.0891 2240 partmgr - ok
20:15:32.0934 2240 [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
20:15:32.0947 2240 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
20:15:32.0947 2240 PassThru Service - detected UnsignedFile.Multi.Generic (1)
20:15:32.0966 2240 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:15:33.0022 2240 PcaSvc - ok
20:15:33.0044 2240 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:15:33.0060 2240 pci - ok
20:15:33.0071 2240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:15:33.0084 2240 pciide - ok
20:15:33.0103 2240 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:15:33.0120 2240 pcmcia - ok
20:15:33.0148 2240 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:15:33.0162 2240 pcw - ok
20:15:33.0189 2240 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:15:33.0244 2240 PEAUTH - ok
20:15:33.0303 2240 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:15:33.0401 2240 PerfHost - ok
20:15:33.0461 2240 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:15:33.0553 2240 pla - ok
20:15:33.0597 2240 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:15:33.0668 2240 PlugPlay - ok
20:15:33.0693 2240 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:15:33.0719 2240 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:15:33.0719 2240 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:15:33.0747 2240 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:15:33.0781 2240 PNRPAutoReg - ok
20:15:33.0808 2240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:15:33.0826 2240 PNRPsvc - ok
20:15:33.0848 2240 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:15:33.0925 2240 PolicyAgent - ok
20:15:33.0959 2240 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:15:34.0015 2240 Power - ok
20:15:34.0037 2240 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:15:34.0082 2240 PptpMiniport - ok
20:15:34.0115 2240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:15:34.0147 2240 Processor - ok
20:15:34.0175 2240 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
20:15:34.0241 2240 ProfSvc - ok
20:15:34.0267 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
20:15:34.0294 2240 ProtectedStorage - ok
20:15:34.0321 2240 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:15:34.0369 2240 Psched - ok
20:15:34.0412 2240 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:15:34.0463 2240 ql2300 - ok
20:15:34.0484 2240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:15:34.0507 2240 ql40xx - ok
20:15:34.0529 2240 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:15:34.0553 2240 QWAVE - ok
20:15:34.0570 2240 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:15:34.0588 2240 QWAVEdrv - ok
20:15:34.0606 2240 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:15:34.0658 2240 RasAcd - ok
20:15:34.0699 2240 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:15:34.0733 2240 RasAgileVpn - ok
20:15:34.0752 2240 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:15:34.0804 2240 RasAuto - ok
20:15:34.0839 2240 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:15:34.0886 2240 Rasl2tp - ok
20:15:34.0930 2240 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:15:34.0970 2240 RasMan - ok
20:15:34.0987 2240 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:15:35.0036 2240 RasPppoe - ok
20:15:35.0063 2240 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:15:35.0115 2240 RasSstp - ok
20:15:35.0153 2240 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:15:35.0220 2240 rdbss - ok
20:15:35.0243 2240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:15:35.0288 2240 rdpbus - ok
20:15:35.0302 2240 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:15:35.0348 2240 RDPCDD - ok
20:15:35.0380 2240 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:15:35.0429 2240 RDPENCDD - ok
20:15:35.0455 2240 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:15:35.0489 2240 RDPREFMP - ok
20:15:35.0522 2240 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:15:35.0608 2240 RDPWD - ok
20:15:35.0638 2240 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:15:35.0654 2240 rdyboost - ok
20:15:35.0674 2240 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:15:35.0725 2240 RemoteAccess - ok
20:15:35.0756 2240 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:15:35.0796 2240 RemoteRegistry - ok
20:15:35.0810 2240 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:15:35.0862 2240 RpcEptMapper - ok
20:15:35.0928 2240 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:15:36.0003 2240 RpcLocator - ok
20:15:36.0075 2240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:15:36.0114 2240 RpcSs - ok
20:15:36.0135 2240 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:15:36.0170 2240 rspndr - ok
20:15:36.0184 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe
20:15:36.0199 2240 SamSs - ok
20:15:36.0229 2240 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:15:36.0244 2240 sbp2port - ok
20:15:36.0266 2240 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:15:36.0324 2240 SCardSvr - ok
20:15:36.0360 2240 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:15:36.0411 2240 scfilter - ok
20:15:36.0460 2240 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:15:36.0570 2240 Schedule - ok
20:15:36.0602 2240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:15:36.0636 2240 SCPolicySvc - ok
20:15:36.0670 2240 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:15:36.0754 2240 SDRSVC - ok
20:15:36.0771 2240 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:15:36.0820 2240 secdrv - ok
20:15:36.0843 2240 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:15:36.0877 2240 seclogon - ok
20:15:36.0899 2240 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:15:36.0954 2240 SENS - ok
20:15:36.0972 2240 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:15:37.0025 2240 SensrSvc - ok
20:15:37.0038 2240 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:15:37.0065 2240 Serenum - ok
20:15:37.0101 2240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:15:37.0132 2240 Serial - ok
20:15:37.0162 2240 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:15:37.0198 2240 sermouse - ok
20:15:37.0245 2240 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:15:37.0308 2240 SessionEnv - ok
20:15:37.0354 2240 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:15:37.0386 2240 sffdisk - ok
20:15:37.0394 2240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:15:37.0419 2240 sffp_mmc - ok
20:15:37.0440 2240 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:15:37.0490 2240 sffp_sd - ok
20:15:37.0503 2240 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:15:37.0518 2240 sfloppy - ok
20:15:37.0539 2240 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:15:37.0594 2240 SharedAccess - ok
20:15:37.0637 2240 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:15:37.0689 2240 ShellHWDetection - ok
20:15:37.0702 2240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:15:37.0725 2240 SiSRaid2 - ok
20:15:37.0734 2240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:15:37.0749 2240 SiSRaid4 - ok
20:15:37.0870 2240 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:15:37.0960 2240 Skype C2C Service - ok
20:15:37.0999 2240 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:15:38.0034 2240 Smb - ok
20:15:38.0072 2240 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:15:38.0112 2240 SNMPTRAP - ok
20:15:38.0143 2240 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:15:38.0165 2240 spldr - ok
20:15:38.0196 2240 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
20:15:38.0248 2240 Spooler - ok
20:15:38.0328 2240 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:15:38.0438 2240 sppsvc - ok
20:15:38.0458 2240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:15:38.0510 2240 sppuinotify - ok
20:15:38.0548 2240 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:15:38.0612 2240 srv - ok
20:15:38.0641 2240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:15:38.0680 2240 srv2 - ok
20:15:38.0701 2240 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:15:38.0720 2240 srvnet - ok
20:15:38.0808 2240 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
20:15:38.0897 2240 ssadbus - ok
20:15:38.0939 2240 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:15:38.0980 2240 ssadmdfl - ok
20:15:39.0003 2240 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
20:15:39.0037 2240 ssadmdm - ok
20:15:39.0060 2240 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
20:15:39.0111 2240 ssadserd - ok
20:15:39.0132 2240 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:15:39.0185 2240 SSDPSRV - ok
20:15:39.0207 2240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:15:39.0256 2240 SstpSvc - ok
20:15:39.0284 2240 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:15:39.0306 2240 stexstor - ok
20:15:39.0353 2240 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:15:39.0423 2240 stisvc - ok
20:15:39.0448 2240 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:15:39.0468 2240 swenum - ok
20:15:39.0490 2240 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:15:39.0554 2240 swprv - ok
20:15:39.0619 2240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:15:39.0697 2240 SysMain - ok
20:15:39.0732 2240 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:15:39.0767 2240 TabletInputService - ok
20:15:39.0808 2240 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:15:39.0870 2240 TapiSrv - ok
20:15:39.0892 2240 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:15:39.0930 2240 TBS - ok
20:15:39.0977 2240 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:15:40.0046 2240 Tcpip - ok
20:15:40.0092 2240 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:15:40.0129 2240 TCPIP6 - ok
20:15:40.0159 2240 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:15:40.0206 2240 tcpipreg - ok
20:15:40.0248 2240 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:15:40.0318 2240 TDPIPE - ok
20:15:40.0337 2240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:15:40.0367 2240 TDTCP - ok
20:15:40.0400 2240 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:15:40.0450 2240 tdx - ok
20:15:40.0471 2240 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:15:40.0494 2240 TermDD - ok
20:15:40.0531 2240 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:15:40.0602 2240 TermService - ok
20:15:40.0636 2240 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:15:40.0677 2240 Themes - ok
20:15:40.0700 2240 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:15:40.0744 2240 THREADORDER - ok
20:15:40.0817 2240 [ 0765EE4A7A0D6609BF91CA2E4700E885 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
20:15:40.0849 2240 TomTomHOMEService - ok
20:15:40.0867 2240 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:15:40.0929 2240 TrkWks - ok
20:15:40.0986 2240 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:15:41.0034 2240 TrustedInstaller - ok
20:15:41.0071 2240 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:15:41.0146 2240 tssecsrv - ok
20:15:41.0179 2240 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:15:41.0218 2240 TsUsbFlt - ok
20:15:41.0321 2240 TuneUpUtilitiesDrv - ok
20:15:41.0350 2240 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:15:41.0402 2240 tunnel - ok
20:15:41.0431 2240 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:15:41.0448 2240 uagp35 - ok
20:15:41.0481 2240 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:15:41.0534 2240 udfs - ok
20:15:41.0578 2240 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:15:41.0602 2240 UI0Detect - ok
20:15:41.0618 2240 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:15:41.0651 2240 uliagpkx - ok
20:15:41.0691 2240 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:15:41.0739 2240 umbus - ok
20:15:41.0757 2240 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:15:41.0777 2240 UmPass - ok
20:15:41.0825 2240 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
20:15:41.0849 2240 Updater Service - ok
20:15:41.0876 2240 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:15:41.0923 2240 upnphost - ok
20:15:41.0954 2240 [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:15:42.0025 2240 usbaudio - ok
20:15:42.0042 2240 [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:15:42.0073 2240 usbccgp - ok
20:15:42.0092 2240 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:15:42.0148 2240 usbcir - ok
20:15:42.0163 2240 [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:15:42.0196 2240 usbehci - ok
20:15:42.0226 2240 [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:15:42.0246 2240 usbhub - ok
20:15:42.0263 2240 [ 9406D801042FAF859CF81B2C886413DC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:15:42.0312 2240 usbohci - ok
20:15:42.0379 2240 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:15:42.0419 2240 usbprint - ok
20:15:42.0447 2240 [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan C:\Windows\system32\drivers\usbscan.sys
20:15:42.0494 2240 usbscan - ok
20:15:42.0519 2240 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:15:42.0546 2240 USBSTOR - ok
20:15:42.0565 2240 [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:15:42.0596 2240 usbuhci - ok
20:15:42.0645 2240 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
20:15:42.0662 2240 usb_rndisx - ok
20:15:42.0684 2240 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:15:42.0754 2240 UxSms - ok
20:15:42.0767 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe
20:15:42.0781 2240 VaultSvc - ok
20:15:42.0814 2240 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:15:42.0827 2240 vdrvroot - ok
20:15:42.0883 2240 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:15:42.0955 2240 vds - ok
20:15:42.0988 2240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:15:43.0009 2240 vga - ok
20:15:43.0028 2240 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:15:43.0073 2240 VgaSave - ok
20:15:43.0098 2240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:15:43.0115 2240 vhdmp - ok
20:15:43.0128 2240 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:15:43.0150 2240 viaide - ok
20:15:43.0166 2240 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:15:43.0180 2240 volmgr - ok
20:15:43.0216 2240 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:15:43.0241 2240 volmgrx - ok
20:15:43.0264 2240 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:15:43.0287 2240 volsnap - ok
20:15:43.0303 2240 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:15:43.0319 2240 vsmraid - ok
20:15:43.0377 2240 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:15:43.0466 2240 VSS - ok
20:15:43.0487 2240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:15:43.0531 2240 vwifibus - ok
20:15:43.0562 2240 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:15:43.0599 2240 vwififlt - ok
20:15:43.0649 2240 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:15:43.0689 2240 W32Time - ok
20:15:43.0703 2240 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:15:43.0737 2240 WacomPen - ok
20:15:43.0762 2240 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:15:43.0815 2240 WANARP - ok
20:15:43.0836 2240 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:15:43.0869 2240 Wanarpv6 - ok
20:15:43.0933 2240 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:15:43.0990 2240 WatAdminSvc - ok
20:15:44.0152 2240 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:15:44.0239 2240 wbengine - ok
20:15:44.0264 2240 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:15:44.0296 2240 WbioSrvc - ok
20:15:44.0326 2240 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:15:44.0372 2240 wcncsvc - ok
20:14:28.0426 3760 ============================================================
20:14:28.0426 3760 Current date / time: 2013/12/05 20:14:28.0426
20:14:28.0426 3760 SystemInfo:
20:14:28.0426 3760
20:14:28.0426 3760 OS Version: 6.1.7601 ServicePack: 1.0
20:14:28.0426 3760 Product type: Workstation
20:14:28.0433 3760 ComputerName: FANCH-PC
20:14:28.0576 3760 UserName: fanch
20:14:28.0576 3760 Windows directory: C:\Windows
20:14:28.0576 3760 System windows directory: C:\Windows
20:14:28.0576 3760 Running under WOW64
20:14:28.0576 3760 Processor architecture: Intel x64
20:14:28.0576 3760 Number of processors: 2
20:14:28.0576 3760 Page size: 0x1000
20:14:28.0576 3760 Boot type: Normal boot
20:14:28.0576 3760 ============================================================
20:14:40.0326 3760 BG loaded
20:14:41.0046 3760 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:14:41.0350 3760 ============================================================
20:14:41.0350 3760 \Device\Harddisk0\DR0:
20:14:41.0373 3760 MBR partitions:
20:14:41.0373 3760 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2600800, BlocksNum 0x32000
20:14:41.0373 3760 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2632800, BlocksNum 0x48225000
20:14:41.0373 3760 ============================================================
20:14:41.0535 3760 C: <-> \Device\Harddisk0\DR0\Partition2
20:14:41.0900 3760 ============================================================
20:14:41.0900 3760 Initialize success
20:14:41.0900 3760 ============================================================
20:15:10.0629 2240 ============================================================
20:15:10.0629 2240 Scan started
20:15:10.0629 2240 Mode: Manual; SigCheck; TDLFS;
20:15:10.0629 2240 ============================================================
20:15:11.0527 2240 ================ Scan system memory ========================
20:15:11.0527 2240 System memory - ok
20:15:11.0529 2240 ================ Scan services =============================
20:15:11.0687 2240 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:15:12.0311 2240 1394ohci - ok
20:15:12.0355 2240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:15:12.0391 2240 ACPI - ok
20:15:12.0427 2240 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:15:12.0521 2240 AcpiPmi - ok
20:15:12.0581 2240 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:15:12.0601 2240 AdobeARMservice - ok
20:15:12.0841 2240 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:15:12.0864 2240 AdobeFlashPlayerUpdateSvc - ok
20:15:12.0909 2240 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:15:12.0958 2240 adp94xx - ok
20:15:12.0988 2240 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:15:13.0007 2240 adpahci - ok
20:15:13.0021 2240 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:15:13.0038 2240 adpu320 - ok
20:15:13.0061 2240 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:15:13.0202 2240 AeLookupSvc - ok
20:15:13.0242 2240 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
20:15:13.0350 2240 AFD - ok
20:15:13.0383 2240 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:15:13.0408 2240 agp440 - ok
20:15:13.0449 2240 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:15:13.0629 2240 ALG - ok
20:15:13.0675 2240 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:15:13.0694 2240 aliide - ok
20:15:13.0740 2240 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:15:13.0753 2240 amdide - ok
20:15:13.0783 2240 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:15:13.0885 2240 AmdK8 - ok
20:15:13.0899 2240 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:15:13.0935 2240 AmdPPM - ok
20:15:13.0976 2240 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:15:13.0991 2240 amdsata - ok
20:15:14.0037 2240 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:15:14.0053 2240 amdsbs - ok
20:15:14.0067 2240 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:15:14.0081 2240 amdxata - ok
20:15:14.0112 2240 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:15:14.0256 2240 AppID - ok
20:15:14.0280 2240 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:15:14.0338 2240 AppIDSvc - ok
20:15:14.0416 2240 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
20:15:14.0516 2240 Appinfo - ok
20:15:14.0573 2240 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:15:14.0607 2240 arc - ok
20:15:14.0626 2240 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:15:14.0654 2240 arcsas - ok
20:15:14.0699 2240 [ E890B3CD47B013692960BFA6607D10C0 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:15:14.0824 2240 aswFsBlk - ok
20:15:14.0876 2240 [ D4C39799426382DDA073CD44E65AF533 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:15:14.0890 2240 aswMonFlt - ok
20:15:14.0922 2240 [ 54E6D9551DCBC13604DD3257C14C08D8 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:15:14.0936 2240 aswRdr - ok
20:15:14.0955 2240 [ 27BE5089DE6D19AD78894949630488FD ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
20:15:14.0968 2240 aswRvrt - ok
20:15:15.0033 2240 [ B18E19313FFB92E173DAF93C38148893 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:15:15.0080 2240 aswSnx - ok
20:15:15.0097 2240 [ 4513474C63D67EEE4734D4D2ACFD19E7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:15:15.0117 2240 aswSP - ok
20:15:15.0138 2240 [ 7DFB9A17DDBF9B6AA7859923A3C8FE62 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:15:15.0152 2240 aswTdi - ok
20:15:15.0185 2240 [ 18A402335BAA2C6D3334596CA71BB3CF ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
20:15:15.0202 2240 aswVmm - ok
20:15:15.0221 2240 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:15:15.0279 2240 AsyncMac - ok
20:15:15.0327 2240 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:15:15.0341 2240 atapi - ok
20:15:15.0631 2240 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\drivers\atikmdag.sys
20:15:16.0387 2240 atikmdag - ok
20:15:16.0438 2240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:15:16.0544 2240 AudioEndpointBuilder - ok
20:15:16.0557 2240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:15:16.0639 2240 AudioSrv - ok
20:15:16.0719 2240 [ 2B243715E7697E5AAA858CEB6AF680BC ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:15:16.0734 2240 avast! Antivirus - ok
20:15:16.0781 2240 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:15:16.0895 2240 AxInstSV - ok
20:15:16.0928 2240 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:15:17.0005 2240 b06bdrv - ok
20:15:17.0055 2240 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:15:17.0099 2240 b57nd60a - ok
20:15:17.0136 2240 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:15:17.0227 2240 BDESVC - ok
20:15:17.0247 2240 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:15:17.0306 2240 Beep - ok
20:15:17.0355 2240 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:15:17.0431 2240 BFE - ok
20:15:17.0477 2240 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:15:17.0582 2240 BITS - ok
20:15:17.0619 2240 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:15:17.0650 2240 blbdrive - ok
20:15:17.0687 2240 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:15:17.0752 2240 bowser - ok
20:15:17.0773 2240 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:15:17.0834 2240 BrFiltLo - ok
20:15:17.0858 2240 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:15:17.0874 2240 BrFiltUp - ok
20:15:17.0899 2240 [ C711ED965009BDCFF9AA62CEB6FF1AAD ] Brother XP spl Service C:\Windows\SysWOW64\brsvc01a.exe
20:15:17.0922 2240 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - warning
20:15:17.0922 2240 Brother XP spl Service - detected UnsignedFile.Multi.Generic (1)
20:15:17.0958 2240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:15:18.0037 2240 Browser - ok
20:15:18.0052 2240 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:15:18.0130 2240 Brserid - ok
20:15:18.0145 2240 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:15:18.0178 2240 BrSerWdm - ok
20:15:18.0194 2240 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:15:18.0228 2240 BrUsbMdm - ok
20:15:18.0249 2240 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:15:18.0271 2240 BrUsbSer - ok
20:15:18.0289 2240 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:15:18.0327 2240 BTHMODEM - ok
20:15:18.0391 2240 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:15:18.0450 2240 bthserv - ok
20:15:18.0477 2240 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:15:18.0543 2240 cdfs - ok
20:15:18.0590 2240 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:15:18.0620 2240 cdrom - ok
20:15:18.0661 2240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:15:18.0713 2240 CertPropSvc - ok
20:15:18.0736 2240 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:15:18.0778 2240 circlass - ok
20:15:18.0849 2240 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:15:18.0889 2240 CLFS - ok
20:15:18.0956 2240 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:15:18.0990 2240 clr_optimization_v2.0.50727_32 - ok
20:15:19.0040 2240 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:15:19.0082 2240 clr_optimization_v2.0.50727_64 - ok
20:15:19.0107 2240 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:15:19.0155 2240 CmBatt - ok
20:15:19.0175 2240 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:15:19.0187 2240 cmdide - ok
20:15:19.0225 2240 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
20:15:19.0271 2240 CNG - ok
20:15:19.0283 2240 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:15:19.0296 2240 Compbatt - ok
20:15:19.0321 2240 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:15:19.0373 2240 CompositeBus - ok
20:15:19.0392 2240 COMSysApp - ok
20:15:19.0408 2240 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:15:19.0422 2240 crcdisk - ok
20:15:19.0456 2240 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:15:19.0525 2240 CryptSvc - ok
20:15:19.0566 2240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:15:19.0632 2240 DcomLaunch - ok
20:15:19.0658 2240 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:15:19.0711 2240 defragsvc - ok
20:15:19.0750 2240 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:15:19.0825 2240 DfsC - ok
20:15:19.0852 2240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:15:19.0914 2240 Dhcp - ok
20:15:19.0937 2240 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:15:19.0991 2240 discache - ok
20:15:20.0018 2240 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:15:20.0032 2240 Disk - ok
20:15:20.0064 2240 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:15:20.0137 2240 Dnscache - ok
20:15:20.0161 2240 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:15:20.0209 2240 dot3svc - ok
20:15:20.0255 2240 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:15:20.0291 2240 Dot4 - ok
20:15:20.0318 2240 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:15:20.0353 2240 Dot4Print - ok
20:15:20.0394 2240 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:15:20.0435 2240 dot4usb - ok
20:15:20.0476 2240 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:15:20.0528 2240 DPS - ok
20:15:20.0568 2240 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:15:20.0600 2240 drmkaud - ok
20:15:20.0635 2240 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:15:20.0680 2240 DXGKrnl - ok
20:15:20.0722 2240 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:15:20.0783 2240 EapHost - ok
20:15:20.0850 2240 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:15:20.0939 2240 ebdrv - ok
20:15:20.0959 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
20:15:21.0020 2240 EFS - ok
20:15:21.0043 2240 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:15:21.0077 2240 elxstor - ok
20:15:21.0103 2240 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:15:21.0144 2240 ErrDev - ok
20:15:21.0195 2240 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:15:21.0271 2240 EventSystem - ok
20:15:21.0297 2240 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:15:21.0350 2240 exfat - ok
20:15:21.0378 2240 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:15:21.0429 2240 fastfat - ok
20:15:21.0475 2240 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:15:21.0594 2240 Fax - ok
20:15:21.0608 2240 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:15:21.0639 2240 fdc - ok
20:15:21.0663 2240 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:15:21.0716 2240 fdPHost - ok
20:15:21.0737 2240 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:15:21.0791 2240 FDResPub - ok
20:15:21.0817 2240 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:15:21.0843 2240 FileInfo - ok
20:15:21.0863 2240 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:15:21.0921 2240 Filetrace - ok
20:15:21.0944 2240 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:15:21.0979 2240 flpydisk - ok
20:15:22.0018 2240 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:15:22.0037 2240 FltMgr - ok
20:15:22.0107 2240 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:15:22.0204 2240 FontCache - ok
20:15:22.0248 2240 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:15:22.0278 2240 FontCache3.0.0.0 - ok
20:15:22.0327 2240 [ 52B58A46BEEFB238C580B69FD051CB5B ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
20:15:22.0383 2240 ForceWare Intelligent Application Manager (IAM) - ok
20:15:22.0400 2240 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:15:22.0414 2240 FsDepends - ok
20:15:22.0438 2240 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:15:22.0456 2240 Fs_Rec - ok
20:15:22.0514 2240 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:15:22.0533 2240 fvevol - ok
20:15:22.0551 2240 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:15:22.0575 2240 gagp30kx - ok
20:15:22.0681 2240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:15:22.0751 2240 gpsvc - ok
20:15:22.0818 2240 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
20:15:22.0881 2240 Greg_Service - ok
20:15:22.0932 2240 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:15:22.0957 2240 gupdate - ok
20:15:23.0020 2240 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:15:23.0032 2240 gupdatem - ok
20:15:23.0048 2240 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:15:23.0132 2240 hcw85cir - ok
20:15:23.0165 2240 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:15:23.0220 2240 HdAudAddService - ok
20:15:23.0252 2240 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:15:23.0286 2240 HDAudBus - ok
20:15:23.0294 2240 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:15:23.0338 2240 HidBatt - ok
20:15:23.0372 2240 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:15:23.0390 2240 HidBth - ok
20:15:23.0412 2240 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:15:23.0440 2240 HidIr - ok
20:15:23.0475 2240 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:15:23.0529 2240 hidserv - ok
20:15:23.0576 2240 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:15:23.0615 2240 HidUsb - ok
20:15:23.0637 2240 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:15:23.0701 2240 hkmsvc - ok
20:15:23.0737 2240 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:15:23.0802 2240 HomeGroupListener - ok
20:15:23.0845 2240 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:15:23.0883 2240 HomeGroupProvider - ok
20:15:23.0987 2240 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:15:24.0018 2240 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0018 2240 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:15:24.0028 2240 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:15:24.0036 2240 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0036 2240 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:15:24.0060 2240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:15:24.0074 2240 HpSAMD - ok
20:15:24.0186 2240 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:15:24.0224 2240 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0224 2240 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
20:15:24.0250 2240 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:15:24.0332 2240 HTCAND64 - ok
20:15:24.0413 2240 [ 5C8BC8A28798FD010E7ABC4E0D588CAA ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
20:15:24.0439 2240 HTCMonitorService - ok
20:15:24.0477 2240 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
20:15:24.0497 2240 htcnprot - ok
20:15:24.0525 2240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:15:24.0606 2240 HTTP - ok
20:15:24.0639 2240 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:15:24.0655 2240 hwpolicy - ok
20:15:24.0712 2240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:15:24.0741 2240 i8042prt - ok
20:15:24.0784 2240 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:15:24.0804 2240 iaStorV - ok
20:15:24.0850 2240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:15:24.0904 2240 idsvc - ok
20:15:24.0941 2240 IEEtwCollectorService - ok
20:15:24.0964 2240 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:15:24.0978 2240 iirsp - ok
20:15:25.0010 2240 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
20:15:25.0080 2240 IKEEXT - ok
20:15:25.0154 2240 [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:15:25.0218 2240 IntcAzAudAddService - ok
20:15:25.0247 2240 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:15:25.0260 2240 intelide - ok
20:15:25.0278 2240 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:15:25.0304 2240 intelppm - ok
20:15:25.0341 2240 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:15:25.0404 2240 IPBusEnum - ok
20:15:25.0426 2240 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:15:25.0475 2240 IpFilterDriver - ok
20:15:25.0519 2240 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:15:25.0599 2240 iphlpsvc - ok
20:15:25.0629 2240 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:15:25.0673 2240 IPMIDRV - ok
20:15:25.0686 2240 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:15:25.0738 2240 IPNAT - ok
20:15:25.0770 2240 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:15:25.0835 2240 IRENUM - ok
20:15:25.0845 2240 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:15:25.0859 2240 isapnp - ok
20:15:25.0889 2240 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:15:25.0907 2240 iScsiPrt - ok
20:15:25.0938 2240 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:15:25.0951 2240 kbdclass - ok
20:15:25.0983 2240 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:15:26.0010 2240 kbdhid - ok
20:15:26.0034 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
20:15:26.0061 2240 KeyIso - ok
20:15:26.0087 2240 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:15:26.0101 2240 KSecDD - ok
20:15:26.0136 2240 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:15:26.0155 2240 KSecPkg - ok
20:15:26.0165 2240 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:15:26.0214 2240 ksthunk - ok
20:15:26.0242 2240 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:15:26.0293 2240 KtmRm - ok
20:15:26.0321 2240 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:15:26.0373 2240 LanmanServer - ok
20:15:26.0407 2240 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:15:26.0455 2240 LanmanWorkstation - ok
20:15:26.0509 2240 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:15:26.0562 2240 lltdio - ok
20:15:26.0610 2240 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:15:26.0675 2240 lltdsvc - ok
20:15:26.0691 2240 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:15:26.0726 2240 lmhosts - ok
20:15:26.0743 2240 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:15:26.0758 2240 LSI_FC - ok
20:15:26.0774 2240 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:15:26.0789 2240 LSI_SAS - ok
20:15:26.0798 2240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:15:26.0812 2240 LSI_SAS2 - ok
20:15:26.0831 2240 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:15:26.0857 2240 LSI_SCSI - ok
20:15:26.0877 2240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:15:26.0926 2240 luafv - ok
20:15:26.0979 2240 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:15:26.0993 2240 MBAMProtector - ok
20:15:27.0021 2240 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:15:27.0054 2240 MBAMScheduler - ok
20:15:27.0086 2240 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:15:27.0119 2240 MBAMService - ok
20:15:27.0127 2240 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:15:27.0141 2240 megasas - ok
20:15:27.0165 2240 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:15:27.0211 2240 MegaSR - ok
20:15:27.0233 2240 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:15:27.0285 2240 MMCSS - ok
20:15:27.0294 2240 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:15:27.0331 2240 Modem - ok
20:15:27.0362 2240 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:15:27.0407 2240 monitor - ok
20:15:27.0420 2240 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:15:27.0433 2240 mouclass - ok
20:15:27.0450 2240 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:15:27.0476 2240 mouhid - ok
20:15:27.0502 2240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:15:27.0517 2240 mountmgr - ok
20:15:27.0564 2240 [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:15:27.0587 2240 MozillaMaintenance - ok
20:15:27.0622 2240 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:15:27.0640 2240 mpio - ok
20:15:27.0658 2240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:15:27.0694 2240 mpsdrv - ok
20:15:27.0739 2240 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:15:27.0818 2240 MpsSvc - ok
20:15:27.0854 2240 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:15:27.0906 2240 MRxDAV - ok
20:15:27.0941 2240 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:15:27.0997 2240 mrxsmb - ok
20:15:28.0026 2240 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:15:28.0082 2240 mrxsmb10 - ok
20:15:28.0104 2240 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:15:28.0119 2240 mrxsmb20 - ok
20:15:28.0143 2240 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:15:28.0168 2240 msahci - ok
20:15:28.0188 2240 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:15:28.0203 2240 msdsm - ok
20:15:28.0221 2240 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:15:28.0255 2240 MSDTC - ok
20:15:28.0277 2240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:15:28.0311 2240 Msfs - ok
20:15:28.0325 2240 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:15:28.0372 2240 mshidkmdf - ok
20:15:28.0401 2240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:15:28.0420 2240 msisadrv - ok
20:15:28.0450 2240 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:15:28.0500 2240 MSiSCSI - ok
20:15:28.0508 2240 msiserver - ok
20:15:28.0536 2240 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:15:28.0581 2240 MSKSSRV - ok
20:15:28.0601 2240 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:15:28.0635 2240 MSPCLOCK - ok
20:15:28.0652 2240 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:15:28.0708 2240 MSPQM - ok
20:15:28.0749 2240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:15:28.0769 2240 MsRPC - ok
20:15:28.0789 2240 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:15:28.0802 2240 mssmbios - ok
20:15:28.0811 2240 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:15:28.0861 2240 MSTEE - ok
20:15:28.0890 2240 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:15:28.0921 2240 MTConfig - ok
20:15:28.0947 2240 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:15:28.0961 2240 Mup - ok
20:15:29.0002 2240 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:15:29.0065 2240 napagent - ok
20:15:29.0095 2240 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:15:29.0147 2240 NativeWifiP - ok
20:15:29.0169 2240 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
20:15:29.0207 2240 NDIS - ok
20:15:29.0228 2240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:15:29.0280 2240 NdisCap - ok
20:15:29.0312 2240 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:15:29.0363 2240 NdisTapi - ok
20:15:29.0408 2240 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:15:29.0458 2240 Ndisuio - ok
20:15:29.0490 2240 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:15:29.0537 2240 NdisWan - ok
20:15:29.0574 2240 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:15:29.0626 2240 NDProxy - ok
20:15:29.0698 2240 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
20:15:29.0749 2240 Nero BackItUp Scheduler 4.0 - ok
20:15:29.0799 2240 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:15:29.0834 2240 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:15:29.0834 2240 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:15:29.0866 2240 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:15:29.0917 2240 NetBIOS - ok
20:15:29.0958 2240 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:15:30.0013 2240 NetBT - ok
20:15:30.0035 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
20:15:30.0061 2240 Netlogon - ok
20:15:30.0109 2240 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:15:30.0183 2240 Netman - ok
20:15:30.0209 2240 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:15:30.0278 2240 netprofm - ok
20:15:30.0326 2240 [ 883269C1CA478658F1334F3C39B0C7AC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
20:15:30.0386 2240 netr28ux - ok
20:15:30.0404 2240 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:15:30.0417 2240 NetTcpPortSharing - ok
20:15:30.0445 2240 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:15:30.0459 2240 nfrd960 - ok
20:15:30.0498 2240 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:15:30.0550 2240 NlaSvc - ok
20:15:30.0570 2240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:15:30.0604 2240 Npfs - ok
20:15:30.0637 2240 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:15:30.0696 2240 nsi - ok
20:15:30.0721 2240 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:15:30.0771 2240 nsiproxy - ok
20:15:30.0818 2240 [ 20E179A7FE78B37A02D30C4D34C870E7 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
20:15:30.0833 2240 nSvcIp - ok
20:15:30.0882 2240 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:15:30.0945 2240 Ntfs - ok
20:15:30.0960 2240 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:15:31.0006 2240 Null - ok
20:15:31.0035 2240 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
20:15:31.0068 2240 NVENETFD - ok
20:15:31.0330 2240 [ 8E6247F418B4C8AE9EEB0B532CABCC21 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:15:31.0647 2240 nvlddmkm - ok
20:15:31.0680 2240 [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
20:15:31.0699 2240 NVNET - ok
20:15:31.0875 2240 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:15:32.0211 2240 nvraid - ok
20:15:32.0247 2240 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:15:32.0263 2240 nvstor - ok
20:15:32.0309 2240 [ 41B97DCE2B2D113B831EB197F02A7398 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:15:32.0361 2240 nvsvc - ok
20:15:32.0427 2240 [ A3A25E0509F67473B960DAF214828BE3 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:15:32.0474 2240 nvUpdatusService - ok
20:15:32.0493 2240 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:15:32.0517 2240 nv_agp - ok
20:15:32.0547 2240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:15:32.0563 2240 ohci1394 - ok
20:15:32.0612 2240 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:15:32.0637 2240 ose - ok
20:15:32.0666 2240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:15:32.0753 2240 p2pimsvc - ok
20:15:32.0775 2240 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:15:32.0805 2240 p2psvc - ok
20:15:32.0818 2240 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:15:32.0834 2240 Parport - ok
20:15:32.0866 2240 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:15:32.0891 2240 partmgr - ok
20:15:32.0934 2240 [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
20:15:32.0947 2240 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
20:15:32.0947 2240 PassThru Service - detected UnsignedFile.Multi.Generic (1)
20:15:32.0966 2240 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:15:33.0022 2240 PcaSvc - ok
20:15:33.0044 2240 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:15:33.0060 2240 pci - ok
20:15:33.0071 2240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:15:33.0084 2240 pciide - ok
20:15:33.0103 2240 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:15:33.0120 2240 pcmcia - ok
20:15:33.0148 2240 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:15:33.0162 2240 pcw - ok
20:15:33.0189 2240 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:15:33.0244 2240 PEAUTH - ok
20:15:33.0303 2240 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:15:33.0401 2240 PerfHost - ok
20:15:33.0461 2240 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:15:33.0553 2240 pla - ok
20:15:33.0597 2240 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:15:33.0668 2240 PlugPlay - ok
20:15:33.0693 2240 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:15:33.0719 2240 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:15:33.0719 2240 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:15:33.0747 2240 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:15:33.0781 2240 PNRPAutoReg - ok
20:15:33.0808 2240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:15:33.0826 2240 PNRPsvc - ok
20:15:33.0848 2240 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:15:33.0925 2240 PolicyAgent - ok
20:15:33.0959 2240 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:15:34.0015 2240 Power - ok
20:15:34.0037 2240 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:15:34.0082 2240 PptpMiniport - ok
20:15:34.0115 2240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:15:34.0147 2240 Processor - ok
20:15:34.0175 2240 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
20:15:34.0241 2240 ProfSvc - ok
20:15:34.0267 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
20:15:34.0294 2240 ProtectedStorage - ok
20:15:34.0321 2240 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:15:34.0369 2240 Psched - ok
20:15:34.0412 2240 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:15:34.0463 2240 ql2300 - ok
20:15:34.0484 2240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:15:34.0507 2240 ql40xx - ok
20:15:34.0529 2240 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:15:34.0553 2240 QWAVE - ok
20:15:34.0570 2240 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:15:34.0588 2240 QWAVEdrv - ok
20:15:34.0606 2240 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:15:34.0658 2240 RasAcd - ok
20:15:34.0699 2240 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:15:34.0733 2240 RasAgileVpn - ok
20:15:34.0752 2240 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:15:34.0804 2240 RasAuto - ok
20:15:34.0839 2240 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:15:34.0886 2240 Rasl2tp - ok
20:15:34.0930 2240 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:15:34.0970 2240 RasMan - ok
20:15:34.0987 2240 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:15:35.0036 2240 RasPppoe - ok
20:15:35.0063 2240 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:15:35.0115 2240 RasSstp - ok
20:15:35.0153 2240 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:15:35.0220 2240 rdbss - ok
20:15:35.0243 2240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:15:35.0288 2240 rdpbus - ok
20:15:35.0302 2240 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:15:35.0348 2240 RDPCDD - ok
20:15:35.0380 2240 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:15:35.0429 2240 RDPENCDD - ok
20:15:35.0455 2240 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:15:35.0489 2240 RDPREFMP - ok
20:15:35.0522 2240 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:15:35.0608 2240 RDPWD - ok
20:15:35.0638 2240 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:15:35.0654 2240 rdyboost - ok
20:15:35.0674 2240 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:15:35.0725 2240 RemoteAccess - ok
20:15:35.0756 2240 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:15:35.0796 2240 RemoteRegistry - ok
20:15:35.0810 2240 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:15:35.0862 2240 RpcEptMapper - ok
20:15:35.0928 2240 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:15:36.0003 2240 RpcLocator - ok
20:15:36.0075 2240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:15:36.0114 2240 RpcSs - ok
20:15:36.0135 2240 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:15:36.0170 2240 rspndr - ok
20:15:36.0184 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe
20:15:36.0199 2240 SamSs - ok
20:15:36.0229 2240 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:15:36.0244 2240 sbp2port - ok
20:15:36.0266 2240 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:15:36.0324 2240 SCardSvr - ok
20:15:36.0360 2240 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:15:36.0411 2240 scfilter - ok
20:15:36.0460 2240 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:15:36.0570 2240 Schedule - ok
20:15:36.0602 2240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:15:36.0636 2240 SCPolicySvc - ok
20:15:36.0670 2240 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:15:36.0754 2240 SDRSVC - ok
20:15:36.0771 2240 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:15:36.0820 2240 secdrv - ok
20:15:36.0843 2240 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:15:36.0877 2240 seclogon - ok
20:15:36.0899 2240 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:15:36.0954 2240 SENS - ok
20:15:36.0972 2240 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:15:37.0025 2240 SensrSvc - ok
20:15:37.0038 2240 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:15:37.0065 2240 Serenum - ok
20:15:37.0101 2240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:15:37.0132 2240 Serial - ok
20:15:37.0162 2240 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:15:37.0198 2240 sermouse - ok
20:15:37.0245 2240 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:15:37.0308 2240 SessionEnv - ok
20:15:37.0354 2240 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:15:37.0386 2240 sffdisk - ok
20:15:37.0394 2240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:15:37.0419 2240 sffp_mmc - ok
20:15:37.0440 2240 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:15:37.0490 2240 sffp_sd - ok
20:15:37.0503 2240 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:15:37.0518 2240 sfloppy - ok
20:15:37.0539 2240 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:15:37.0594 2240 SharedAccess - ok
20:15:37.0637 2240 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:15:37.0689 2240 ShellHWDetection - ok
20:15:37.0702 2240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:15:37.0725 2240 SiSRaid2 - ok
20:15:37.0734 2240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:15:37.0749 2240 SiSRaid4 - ok
20:15:37.0870 2240 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:15:37.0960 2240 Skype C2C Service - ok
20:15:37.0999 2240 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:15:38.0034 2240 Smb - ok
20:15:38.0072 2240 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:15:38.0112 2240 SNMPTRAP - ok
20:15:38.0143 2240 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:15:38.0165 2240 spldr - ok
20:15:38.0196 2240 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
20:15:38.0248 2240 Spooler - ok
20:15:38.0328 2240 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:15:38.0438 2240 sppsvc - ok
20:15:38.0458 2240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:15:38.0510 2240 sppuinotify - ok
20:15:38.0548 2240 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:15:38.0612 2240 srv - ok
20:15:38.0641 2240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:15:38.0680 2240 srv2 - ok
20:15:38.0701 2240 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:15:38.0720 2240 srvnet - ok
20:15:38.0808 2240 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
20:15:38.0897 2240 ssadbus - ok
20:15:38.0939 2240 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:15:38.0980 2240 ssadmdfl - ok
20:15:39.0003 2240 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
20:15:39.0037 2240 ssadmdm - ok
20:15:39.0060 2240 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
20:15:39.0111 2240 ssadserd - ok
20:15:39.0132 2240 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:15:39.0185 2240 SSDPSRV - ok
20:15:39.0207 2240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:15:39.0256 2240 SstpSvc - ok
20:15:39.0284 2240 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:15:39.0306 2240 stexstor - ok
20:15:39.0353 2240 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:15:39.0423 2240 stisvc - ok
20:15:39.0448 2240 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:15:39.0468 2240 swenum - ok
20:15:39.0490 2240 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:15:39.0554 2240 swprv - ok
20:15:39.0619 2240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:15:39.0697 2240 SysMain - ok
20:15:39.0732 2240 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:15:39.0767 2240 TabletInputService - ok
20:15:39.0808 2240 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:15:39.0870 2240 TapiSrv - ok
20:15:39.0892 2240 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:15:39.0930 2240 TBS - ok
20:15:39.0977 2240 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:15:40.0046 2240 Tcpip - ok
20:15:40.0092 2240 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:15:40.0129 2240 TCPIP6 - ok
20:15:40.0159 2240 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:15:40.0206 2240 tcpipreg - ok
20:15:40.0248 2240 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:15:40.0318 2240 TDPIPE - ok
20:15:40.0337 2240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:15:40.0367 2240 TDTCP - ok
20:15:40.0400 2240 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:15:40.0450 2240 tdx - ok
20:15:40.0471 2240 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:15:40.0494 2240 TermDD - ok
20:15:40.0531 2240 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:15:40.0602 2240 TermService - ok
20:15:40.0636 2240 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:15:40.0677 2240 Themes - ok
20:15:40.0700 2240 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:15:40.0744 2240 THREADORDER - ok
20:15:40.0817 2240 [ 0765EE4A7A0D6609BF91CA2E4700E885 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
20:15:40.0849 2240 TomTomHOMEService - ok
20:15:40.0867 2240 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:15:40.0929 2240 TrkWks - ok
20:15:40.0986 2240 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:15:41.0034 2240 TrustedInstaller - ok
20:15:41.0071 2240 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:15:41.0146 2240 tssecsrv - ok
20:15:41.0179 2240 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:15:41.0218 2240 TsUsbFlt - ok
20:15:41.0321 2240 TuneUpUtilitiesDrv - ok
20:15:41.0350 2240 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:15:41.0402 2240 tunnel - ok
20:15:41.0431 2240 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:15:41.0448 2240 uagp35 - ok
20:15:41.0481 2240 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:15:41.0534 2240 udfs - ok
20:15:41.0578 2240 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:15:41.0602 2240 UI0Detect - ok
20:15:41.0618 2240 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:15:41.0651 2240 uliagpkx - ok
20:15:41.0691 2240 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:15:41.0739 2240 umbus - ok
20:15:41.0757 2240 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:15:41.0777 2240 UmPass - ok
20:15:41.0825 2240 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
20:15:41.0849 2240 Updater Service - ok
20:15:41.0876 2240 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:15:41.0923 2240 upnphost - ok
20:15:41.0954 2240 [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:15:42.0025 2240 usbaudio - ok
20:15:42.0042 2240 [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:15:42.0073 2240 usbccgp - ok
20:15:42.0092 2240 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:15:42.0148 2240 usbcir - ok
20:15:42.0163 2240 [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:15:42.0196 2240 usbehci - ok
20:15:42.0226 2240 [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:15:42.0246 2240 usbhub - ok
20:15:42.0263 2240 [ 9406D801042FAF859CF81B2C886413DC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:15:42.0312 2240 usbohci - ok
20:15:42.0379 2240 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:15:42.0419 2240 usbprint - ok
20:15:42.0447 2240 [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan C:\Windows\system32\drivers\usbscan.sys
20:15:42.0494 2240 usbscan - ok
20:15:42.0519 2240 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:15:42.0546 2240 USBSTOR - ok
20:15:42.0565 2240 [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:15:42.0596 2240 usbuhci - ok
20:15:42.0645 2240 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
20:15:42.0662 2240 usb_rndisx - ok
20:15:42.0684 2240 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:15:42.0754 2240 UxSms - ok
20:15:42.0767 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe
20:15:42.0781 2240 VaultSvc - ok
20:15:42.0814 2240 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:15:42.0827 2240 vdrvroot - ok
20:15:42.0883 2240 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:15:42.0955 2240 vds - ok
20:15:42.0988 2240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:15:43.0009 2240 vga - ok
20:15:43.0028 2240 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:15:43.0073 2240 VgaSave - ok
20:15:43.0098 2240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:15:43.0115 2240 vhdmp - ok
20:15:43.0128 2240 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:15:43.0150 2240 viaide - ok
20:15:43.0166 2240 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:15:43.0180 2240 volmgr - ok
20:15:43.0216 2240 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:15:43.0241 2240 volmgrx - ok
20:15:43.0264 2240 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:15:43.0287 2240 volsnap - ok
20:15:43.0303 2240 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:15:43.0319 2240 vsmraid - ok
20:15:43.0377 2240 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:15:43.0466 2240 VSS - ok
20:15:43.0487 2240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:15:43.0531 2240 vwifibus - ok
20:15:43.0562 2240 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:15:43.0599 2240 vwififlt - ok
20:15:43.0649 2240 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:15:43.0689 2240 W32Time - ok
20:15:43.0703 2240 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:15:43.0737 2240 WacomPen - ok
20:15:43.0762 2240 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:15:43.0815 2240 WANARP - ok
20:15:43.0836 2240 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:15:43.0869 2240 Wanarpv6 - ok
20:15:43.0933 2240 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:15:43.0990 2240 WatAdminSvc - ok
20:15:44.0152 2240 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:15:44.0239 2240 wbengine - ok
20:15:44.0264 2240 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:15:44.0296 2240 WbioSrvc - ok
20:15:44.0326 2240 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:15:44.0372 2240 wcncsvc - ok
salut
ci dessus le rapport, je n'ai pas supprimé mais laissé l'action par défaut "skip" de 7 éléments trouvés.
tu n'as pas posté l'entièreté du rapport.... et si en plus tu ne supprimes pas ce que
TDSSKILLER trouve... on va mettre du temps a désinfecter ton pc^^
on recommence et on fait mieux^^
merci
@+
ci dessus le rapport, je n'ai pas supprimé mais laissé l'action par défaut "skip" de 7 éléments trouvés.
tu n'as pas posté l'entièreté du rapport.... et si en plus tu ne supprimes pas ce que
TDSSKILLER trouve... on va mettre du temps a désinfecter ton pc^^
on recommence et on fait mieux^^
merci
@+
06:40:51.0452 2792 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
06:40:53.0465 2792 ============================================================
06:40:53.0465 2792 Current date / time: 2013/12/06 06:40:53.0465
06:40:53.0465 2792 SystemInfo:
06:40:53.0465 2792
06:40:53.0465 2792 OS Version: 6.1.7601 ServicePack: 1.0
06:40:53.0465 2792 Product type: Workstation
06:40:53.0465 2792 ComputerName: FANCH-PC
06:40:53.0465 2792 UserName: fanch
06:40:53.0465 2792 Windows directory: C:\Windows
06:40:53.0465 2792 System windows directory: C:\Windows
06:40:53.0465 2792 Running under WOW64
06:40:53.0465 2792 Processor architecture: Intel x64
06:40:53.0465 2792 Number of processors: 2
06:40:53.0465 2792 Page size: 0x1000
06:40:53.0465 2792 Boot type: Normal boot
06:40:53.0465 2792 ============================================================
06:41:13.0091 2792 BG loaded
06:41:14.0073 2792 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:41:14.0120 2792 ============================================================
06:41:14.0120 2792 \Device\Harddisk0\DR0:
06:41:14.0167 2792 MBR partitions:
06:41:14.0167 2792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2600800, BlocksNum 0x32000
06:41:14.0167 2792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2632800, BlocksNum 0x48225000
06:41:14.0167 2792 ============================================================
06:41:14.0557 2792 C: <-> \Device\Harddisk0\DR0\Partition2
06:41:14.0557 2792 ============================================================
06:41:14.0557 2792 Initialize success
06:41:14.0557 2792 ============================================================
06:40:53.0465 2792 ============================================================
06:40:53.0465 2792 Current date / time: 2013/12/06 06:40:53.0465
06:40:53.0465 2792 SystemInfo:
06:40:53.0465 2792
06:40:53.0465 2792 OS Version: 6.1.7601 ServicePack: 1.0
06:40:53.0465 2792 Product type: Workstation
06:40:53.0465 2792 ComputerName: FANCH-PC
06:40:53.0465 2792 UserName: fanch
06:40:53.0465 2792 Windows directory: C:\Windows
06:40:53.0465 2792 System windows directory: C:\Windows
06:40:53.0465 2792 Running under WOW64
06:40:53.0465 2792 Processor architecture: Intel x64
06:40:53.0465 2792 Number of processors: 2
06:40:53.0465 2792 Page size: 0x1000
06:40:53.0465 2792 Boot type: Normal boot
06:40:53.0465 2792 ============================================================
06:41:13.0091 2792 BG loaded
06:41:14.0073 2792 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:41:14.0120 2792 ============================================================
06:41:14.0120 2792 \Device\Harddisk0\DR0:
06:41:14.0167 2792 MBR partitions:
06:41:14.0167 2792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2600800, BlocksNum 0x32000
06:41:14.0167 2792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2632800, BlocksNum 0x48225000
06:41:14.0167 2792 ============================================================
06:41:14.0557 2792 C: <-> \Device\Harddisk0\DR0\Partition2
06:41:14.0557 2792 ============================================================
06:41:14.0557 2792 Initialize success
06:41:14.0557 2792 ============================================================
20:14:26.0388 3760 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:14:28.0426 3760 ============================================================
20:14:28.0426 3760 Current date / time: 2013/12/05 20:14:28.0426
20:14:28.0426 3760 SystemInfo:
20:14:28.0426 3760
20:14:28.0426 3760 OS Version: 6.1.7601 ServicePack: 1.0
20:14:28.0426 3760 Product type: Workstation
20:14:28.0433 3760 ComputerName: FANCH-PC
20:14:28.0576 3760 UserName: fanch
20:14:28.0576 3760 Windows directory: C:\Windows
20:14:28.0576 3760 System windows directory: C:\Windows
20:14:28.0576 3760 Running under WOW64
20:14:28.0576 3760 Processor architecture: Intel x64
20:14:28.0576 3760 Number of processors: 2
20:14:28.0576 3760 Page size: 0x1000
20:14:28.0576 3760 Boot type: Normal boot
20:14:28.0576 3760 ============================================================
20:14:40.0326 3760 BG loaded
20:14:41.0046 3760 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:14:41.0350 3760 ============================================================
20:14:41.0350 3760 \Device\Harddisk0\DR0:
20:14:41.0373 3760 MBR partitions:
20:14:41.0373 3760 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2600800, BlocksNum 0x32000
20:14:41.0373 3760 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2632800, BlocksNum 0x48225000
20:14:41.0373 3760 ============================================================
20:14:41.0535 3760 C: <-> \Device\Harddisk0\DR0\Partition2
20:14:41.0900 3760 ============================================================
20:14:41.0900 3760 Initialize success
20:14:41.0900 3760 ============================================================
20:15:10.0629 2240 ============================================================
20:15:10.0629 2240 Scan started
20:15:10.0629 2240 Mode: Manual; SigCheck; TDLFS;
20:15:10.0629 2240 ============================================================
20:15:11.0527 2240 ================ Scan system memory ========================
20:15:11.0527 2240 System memory - ok
20:15:11.0529 2240 ================ Scan services =============================
20:15:11.0687 2240 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:15:12.0311 2240 1394ohci - ok
20:15:12.0355 2240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:15:12.0391 2240 ACPI - ok
20:15:12.0427 2240 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:15:12.0521 2240 AcpiPmi - ok
20:15:12.0581 2240 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:15:12.0601 2240 AdobeARMservice - ok
20:15:12.0841 2240 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:15:12.0864 2240 AdobeFlashPlayerUpdateSvc - ok
20:15:12.0909 2240 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:15:12.0958 2240 adp94xx - ok
20:15:12.0988 2240 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:15:13.0007 2240 adpahci - ok
20:15:13.0021 2240 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:15:13.0038 2240 adpu320 - ok
20:15:13.0061 2240 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:15:13.0202 2240 AeLookupSvc - ok
20:15:13.0242 2240 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
20:15:13.0350 2240 AFD - ok
20:15:13.0383 2240 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:15:13.0408 2240 agp440 - ok
20:15:13.0449 2240 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:15:13.0629 2240 ALG - ok
20:15:13.0675 2240 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:15:13.0694 2240 aliide - ok
20:15:13.0740 2240 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:15:13.0753 2240 amdide - ok
20:15:13.0783 2240 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:15:13.0885 2240 AmdK8 - ok
20:15:13.0899 2240 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:15:13.0935 2240 AmdPPM - ok
20:15:13.0976 2240 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:15:13.0991 2240 amdsata - ok
20:15:14.0037 2240 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:15:14.0053 2240 amdsbs - ok
20:15:14.0067 2240 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:15:14.0081 2240 amdxata - ok
20:15:14.0112 2240 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:15:14.0256 2240 AppID - ok
20:15:14.0280 2240 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:15:14.0338 2240 AppIDSvc - ok
20:15:14.0416 2240 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
20:15:14.0516 2240 Appinfo - ok
20:15:14.0573 2240 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:15:14.0607 2240 arc - ok
20:15:14.0626 2240 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:15:14.0654 2240 arcsas - ok
20:15:14.0699 2240 [ E890B3CD47B013692960BFA6607D10C0 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:15:14.0824 2240 aswFsBlk - ok
20:15:14.0876 2240 [ D4C39799426382DDA073CD44E65AF533 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:15:14.0890 2240 aswMonFlt - ok
20:15:14.0922 2240 [ 54E6D9551DCBC13604DD3257C14C08D8 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:15:14.0936 2240 aswRdr - ok
20:15:14.0955 2240 [ 27BE5089DE6D19AD78894949630488FD ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
20:15:14.0968 2240 aswRvrt - ok
20:15:15.0033 2240 [ B18E19313FFB92E173DAF93C38148893 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:15:15.0080 2240 aswSnx - ok
20:15:15.0097 2240 [ 4513474C63D67EEE4734D4D2ACFD19E7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:15:15.0117 2240 aswSP - ok
20:15:15.0138 2240 [ 7DFB9A17DDBF9B6AA7859923A3C8FE62 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:15:15.0152 2240 aswTdi - ok
20:15:15.0185 2240 [ 18A402335BAA2C6D3334596CA71BB3CF ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
20:15:15.0202 2240 aswVmm - ok
20:15:15.0221 2240 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:15:15.0279 2240 AsyncMac - ok
20:15:15.0327 2240 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:15:15.0341 2240 atapi - ok
20:15:15.0631 2240 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\drivers\atikmdag.sys
20:15:16.0387 2240 atikmdag - ok
20:15:16.0438 2240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:15:16.0544 2240 AudioEndpointBuilder - ok
20:15:16.0557 2240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:15:16.0639 2240 AudioSrv - ok
20:15:16.0719 2240 [ 2B243715E7697E5AAA858CEB6AF680BC ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:15:16.0734 2240 avast! Antivirus - ok
20:15:16.0781 2240 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:15:16.0895 2240 AxInstSV - ok
20:15:16.0928 2240 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:15:17.0005 2240 b06bdrv - ok
20:15:17.0055 2240 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:15:17.0099 2240 b57nd60a - ok
20:15:17.0136 2240 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:15:17.0227 2240 BDESVC - ok
20:15:17.0247 2240 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:15:17.0306 2240 Beep - ok
20:15:17.0355 2240 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:15:17.0431 2240 BFE - ok
20:15:17.0477 2240 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:15:17.0582 2240 BITS - ok
20:15:17.0619 2240 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:15:17.0650 2240 blbdrive - ok
20:15:17.0687 2240 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:15:17.0752 2240 bowser - ok
20:15:17.0773 2240 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:15:17.0834 2240 BrFiltLo - ok
20:15:17.0858 2240 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:15:17.0874 2240 BrFiltUp - ok
20:15:17.0899 2240 [ C711ED965009BDCFF9AA62CEB6FF1AAD ] Brother XP spl Service C:\Windows\SysWOW64\brsvc01a.exe
20:15:17.0922 2240 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - warning
20:15:17.0922 2240 Brother XP spl Service - detected UnsignedFile.Multi.Generic (1)
20:15:17.0958 2240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:15:18.0037 2240 Browser - ok
20:15:18.0052 2240 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:15:18.0130 2240 Brserid - ok
20:15:18.0145 2240 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:15:18.0178 2240 BrSerWdm - ok
20:15:18.0194 2240 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:15:18.0228 2240 BrUsbMdm - ok
20:15:18.0249 2240 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:15:18.0271 2240 BrUsbSer - ok
20:15:18.0289 2240 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:15:18.0327 2240 BTHMODEM - ok
20:15:18.0391 2240 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:15:18.0450 2240 bthserv - ok
20:15:18.0477 2240 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:15:18.0543 2240 cdfs - ok
20:15:18.0590 2240 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:15:18.0620 2240 cdrom - ok
20:15:18.0661 2240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:15:18.0713 2240 CertPropSvc - ok
20:15:18.0736 2240 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:15:18.0778 2240 circlass - ok
20:15:18.0849 2240 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:15:18.0889 2240 CLFS - ok
20:15:18.0956 2240 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:15:18.0990 2240 clr_optimization_v2.0.50727_32 - ok
20:15:19.0040 2240 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:15:19.0082 2240 clr_optimization_v2.0.50727_64 - ok
20:15:19.0107 2240 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:15:19.0155 2240 CmBatt - ok
20:15:19.0175 2240 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:15:19.0187 2240 cmdide - ok
20:15:19.0225 2240 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
20:15:19.0271 2240 CNG - ok
20:15:19.0283 2240 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:15:19.0296 2240 Compbatt - ok
20:15:19.0321 2240 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:15:19.0373 2240 CompositeBus - ok
20:15:19.0392 2240 COMSysApp - ok
20:15:19.0408 2240 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:15:19.0422 2240 crcdisk - ok
20:15:19.0456 2240 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:15:19.0525 2240 CryptSvc - ok
20:15:19.0566 2240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:15:19.0632 2240 DcomLaunch - ok
20:15:19.0658 2240 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:15:19.0711 2240 defragsvc - ok
20:15:19.0750 2240 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:15:19.0825 2240 DfsC - ok
20:15:19.0852 2240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:15:19.0914 2240 Dhcp - ok
20:15:19.0937 2240 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:15:19.0991 2240 discache - ok
20:15:20.0018 2240 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:15:20.0032 2240 Disk - ok
20:15:20.0064 2240 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:15:20.0137 2240 Dnscache - ok
20:15:20.0161 2240 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:15:20.0209 2240 dot3svc - ok
20:15:20.0255 2240 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:15:20.0291 2240 Dot4 - ok
20:15:20.0318 2240 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:15:20.0353 2240 Dot4Print - ok
20:15:20.0394 2240 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:15:20.0435 2240 dot4usb - ok
20:15:20.0476 2240 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:15:20.0528 2240 DPS - ok
20:15:20.0568 2240 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:15:20.0600 2240 drmkaud - ok
20:15:20.0635 2240 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:15:20.0680 2240 DXGKrnl - ok
20:15:20.0722 2240 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:15:20.0783 2240 EapHost - ok
20:15:20.0850 2240 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:15:20.0939 2240 ebdrv - ok
20:15:20.0959 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
20:15:21.0020 2240 EFS - ok
20:15:21.0043 2240 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:15:21.0077 2240 elxstor - ok
20:15:21.0103 2240 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:15:21.0144 2240 ErrDev - ok
20:15:21.0195 2240 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:15:21.0271 2240 EventSystem - ok
20:15:21.0297 2240 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:15:21.0350 2240 exfat - ok
20:15:21.0378 2240 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:15:21.0429 2240 fastfat - ok
20:15:21.0475 2240 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:15:21.0594 2240 Fax - ok
20:15:21.0608 2240 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:15:21.0639 2240 fdc - ok
20:15:21.0663 2240 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:15:21.0716 2240 fdPHost - ok
20:15:21.0737 2240 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:15:21.0791 2240 FDResPub - ok
20:15:21.0817 2240 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:15:21.0843 2240 FileInfo - ok
20:15:21.0863 2240 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:15:21.0921 2240 Filetrace - ok
20:15:21.0944 2240 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:15:21.0979 2240 flpydisk - ok
20:15:22.0018 2240 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:15:22.0037 2240 FltMgr - ok
20:15:22.0107 2240 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:15:22.0204 2240 FontCache - ok
20:15:22.0248 2240 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:15:22.0278 2240 FontCache3.0.0.0 - ok
20:15:22.0327 2240 [ 52B58A46BEEFB238C580B69FD051CB5B ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
20:15:22.0383 2240 ForceWare Intelligent Application Manager (IAM) - ok
20:15:22.0400 2240 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:15:22.0414 2240 FsDepends - ok
20:15:22.0438 2240 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:15:22.0456 2240 Fs_Rec - ok
20:15:22.0514 2240 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:15:22.0533 2240 fvevol - ok
20:15:22.0551 2240 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:15:22.0575 2240 gagp30kx - ok
20:15:22.0681 2240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:15:22.0751 2240 gpsvc - ok
20:15:22.0818 2240 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
20:15:22.0881 2240 Greg_Service - ok
20:15:22.0932 2240 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:15:22.0957 2240 gupdate - ok
20:15:23.0020 2240 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:15:23.0032 2240 gupdatem - ok
20:15:23.0048 2240 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:15:23.0132 2240 hcw85cir - ok
20:15:23.0165 2240 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:15:23.0220 2240 HdAudAddService - ok
20:15:23.0252 2240 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:15:23.0286 2240 HDAudBus - ok
20:15:23.0294 2240 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:15:23.0338 2240 HidBatt - ok
20:15:23.0372 2240 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:15:23.0390 2240 HidBth - ok
20:15:23.0412 2240 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:15:23.0440 2240 HidIr - ok
20:15:23.0475 2240 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:15:23.0529 2240 hidserv - ok
20:15:23.0576 2240 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:15:23.0615 2240 HidUsb - ok
20:15:23.0637 2240 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:15:23.0701 2240 hkmsvc - ok
20:15:23.0737 2240 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:15:23.0802 2240 HomeGroupListener - ok
20:15:23.0845 2240 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:15:23.0883 2240 HomeGroupProvider - ok
20:15:23.0987 2240 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:15:24.0018 2240 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0018 2240 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:15:24.0028 2240 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:15:24.0036 2240 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0036 2240 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:15:24.0060 2240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:15:24.0074 2240 HpSAMD - ok
20:15:24.0186 2240 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:15:24.0224 2240 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0224 2240 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
20:15:24.0250 2240 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:15:24.0332 2240 HTCAND64 - ok
20:15:24.0413 2240 [ 5C8BC8A28798FD010E7ABC4E0D588CAA ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
20:15:24.0439 2240 HTCMonitorService - ok
20:15:24.0477 2240 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
20:15:24.0497 2240 htcnprot - ok
20:15:24.0525 2240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:15:24.0606 2240 HTTP - ok
20:15:24.0639 2240 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:15:24.0655 2240 hwpolicy - ok
20:15:24.0712 2240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:15:24.0741 2240 i8042prt - ok
20:15:24.0784 2240 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:15:24.0804 2240 iaStorV - ok
20:15:24.0850 2240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:15:24.0904 2240 idsvc - ok
20:15:24.0941 2240 IEEtwCollectorService - ok
20:15:24.0964 2240 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:15:24.0978 2240 iirsp - ok
20:15:25.0010 2240 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
20:15:25.0080 2240 IKEEXT - ok
20:15:25.0154 2240 [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:15:25.0218 2240 IntcAzAudAddService - ok
20:15:25.0247 2240 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:15:25.0260 2240 intelide - ok
20:15:25.0278 2240 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:15:25.0304 2240 intelppm - ok
20:15:25.0341 2240 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:15:25.0404 2240 IPBusEnum - ok
20:15:25.0426 2240 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:15:25.0475 2240 IpFilterDriver - ok
20:15:25.0519 2240 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:15:25.0599 2240 iphlpsvc - ok
20:15:25.0629 2240 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:15:25.0673 2240 IPMIDRV - ok
20:15:25.0686 2240 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:15:25.0738 2240 IPNAT - ok
20:15:25.0770 2240 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:15:25.0835 2240 IRENUM - ok
20:15:25.0845 2240 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:15:25.0859 2240 isapnp - ok
20:15:25.0889 2240 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:15:25.0907 2240 iScsiPrt - ok
20:15:25.0938 2240 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:15:25.0951 2240 kbdclass - ok
20:15:25.0983 2240 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:15:26.0010 2240 kbdhid - ok
20:15:26.0034 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
20:15:26.0061 2240 KeyIso - ok
20:15:26.0087 2240 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:15:26.0101 2240 KSecDD - ok
20:15:26.0136 2240 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:15:26.0155 2240 KSecPkg - ok
20:15:26.0165 2240 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:15:26.0214 2240 ksthunk - ok
20:15:26.0242 2240 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:15:26.0293 2240 KtmRm - ok
20:15:26.0321 2240 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:15:26.0373 2240 LanmanServer - ok
20:15:26.0407 2240 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:15:26.0455 2240 LanmanWorkstation - ok
20:15:26.0509 2240 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:15:26.0562 2240 lltdio - ok
20:15:26.0610 2240 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:15:26.0675 2240 lltdsvc - ok
20:15:26.0691 2240 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:15:26.0726 2240 lmhosts - ok
20:15:26.0743 2240 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:15:26.0758 2240 LSI_FC - ok
20:15:26.0774 2240 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:15:26.0789 2240 LSI_SAS - ok
20:15:26.0798 2240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:15:26.0812 2240 LSI_SAS2 - ok
20:15:26.0831 2240 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:15:26.0857 2240 LSI_SCSI - ok
20:15:26.0877 2240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:15:26.0926 2240 luafv - ok
20:15:26.0979 2240 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:15:26.0993 2240 MBAMProtector - ok
20:15:27.0021 2240 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:15:27.0054 2240 MBAMScheduler - ok
20:15:27.0086 2240 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:15:27.0119 2240 MBAMService - ok
20:15:27.0127 2240 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:15:27.0141 2240 megasas - ok
20:15:27.0165 2240 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:15:27.0211 2240 MegaSR - ok
20:15:27.0233 2240 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:15:27.0285 2240 MMCSS - ok
20:15:27.0294 2240 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:15:27.0331 2240 Modem - ok
20:15:27.0362 2240 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:15:27.0407 2240 monitor - ok
20:15:27.0420 2240 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:15:27.0433 2240 mouclass - ok
20:15:27.0450 2240 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:15:27.0476 2240 mouhid - ok
20:15:27.0502 2240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:15:27.0517 2240 mountmgr - ok
20:15:27.0564 2240 [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:15:27.0587 2240 MozillaMaintenance - ok
20:15:27.0622 2240 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:15:27.0640 2240 mpio - ok
20:15:27.0658 2240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:15:27.0694 2240 mpsdrv - ok
20:15:27.0739 2240 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:15:27.0818 2240 MpsSvc - ok
20:15:27.0854 2240 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:15:27.0906 2240 MRxDAV - ok
20:15:27.0941 2240 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:15:27.0997 2240 mrxsmb - ok
20:15:28.0026 2240 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:15:28.0082 2240 mrxsmb10 - ok
20:15:28.0104 2240 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:15:28.0119 2240 mrxsmb20 - ok
20:15:28.0143 2240 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:15:28.0168 2240 msahci - ok
20:15:28.0188 2240 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:15:28.0203 2240 msdsm - ok
20:15:28.0221 2240 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:15:28.0255 2240 MSDTC - ok
20:15:28.0277 2240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:15:28.0311 2240 Msfs - ok
20:15:28.0325 2240 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:15:28.0372 2240 mshidkmdf - ok
20:15:28.0401 2240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:15:28.0420 2240 msisadrv - ok
20:15:28.0450 2240 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:15:28.0500 2240 MSiSCSI - ok
20:15:28.0508 2240 msiserver - ok
20:15:28.0536 2240 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:15:28.0581 2240 MSKSSRV - ok
20:15:28.0601 2240 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:15:28.0635 2240 MSPCLOCK - ok
20:15:28.0652 2240 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:15:28.0708 2240 MSPQM - ok
20:15:28.0749 2240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:15:28.0769 2240 MsRPC - ok
20:15:28.0789 2240 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:15:28.0802 2240 mssmbios - ok
20:15:28.0811 2240 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:15:28.0861 2240 MSTEE - ok
20:15:28.0890 2240 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:15:28.0921 2240 MTConfig - ok
20:15:28.0947 2240 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:15:28.0961 2240 Mup - ok
20:15:29.0002 2240 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:15:29.0065 2240 napagent - ok
20:15:29.0095 2240 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:15:29.0147 2240 NativeWifiP - ok
20:15:29.0169 2240 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
20:15:29.0207 2240 NDIS - ok
20:15:29.0228 2240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:15:29.0280 2240 NdisCap - ok
20:15:29.0312 2240 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:15:29.0363 2240 NdisTapi - ok
20:15:29.0408 2240 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:15:29.0458 2240 Ndisuio - ok
20:15:29.0490 2240 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:15:29.0537 2240 NdisWan - ok
20:15:29.0574 2240 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:15:29.0626 2240 NDProxy - ok
20:15:29.0698 2240 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
20:15:29.0749 2240 Nero BackItUp Scheduler 4.0 - ok
20:15:29.0799 2240 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:15:29.0834 2240 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:15:29.0834 2240 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:15:29.0866 2240 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:15:29.0917 2240 NetBIOS - ok
20:15:29.0958 2240 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:15:30.0013 2240 NetBT - ok
20:15:30.0035 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
20:15:30.0061 2240 Netlogon - ok
20:15:30.0109 2240 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:15:30.0183 2240 Netman - ok
20:15:30.0209 2240 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:15:30.0278 2240 netprofm - ok
20:15:30.0326 2240 [ 883269C1CA478658F1334F3C39B0C7AC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
20:15:30.0386 2240 netr28ux - ok
20:15:30.0404 2240 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:15:30.0417 2240 NetTcpPortSharing - ok
20:15:30.0445 2240 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:15:30.0459 2240 nfrd960 - ok
20:15:30.0498 2240 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:15:30.0550 2240 NlaSvc - ok
20:15:30.0570 2240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:15:30.0604 2240 Npfs - ok
20:15:30.0637 2240 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:15:30.0696 2240 nsi - ok
20:15:30.0721 2240 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:15:30.0771 2240 nsiproxy - ok
20:15:30.0818 2240 [ 20E179A7FE78B37A02D30C4D34C870E7 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
20:15:30.0833 2240 nSvcIp - ok
20:15:30.0882 2240 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:15:30.0945 2240 Ntfs - ok
20:15:30.0960 2240 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:15:31.0006 2240 Null - ok
20:15:31.0035 2240 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
20:15:31.0068 2240 NVENETFD - ok
20:15:31.0330 2240 [ 8E6247F418B4C8AE9EEB0B532CABCC21 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:15:31.0647 2240 nvlddmkm - ok
20:15:31.0680 2240 [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
20:15:31.0699 2240 NVNET - ok
20:15:31.0875 2240 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:15:32.0211 2240 nvraid - ok
20:15:32.0247 2240 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:15:32.0263 2240 nvstor - ok
20:15:32.0309 2240 [ 41B97DCE2B2D113B831EB197F02A7398 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:15:32.0361 2240 nvsvc - ok
20:15:32.0427 2240 [ A3A25E0509F67473B960DAF214828BE3 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:15:32.0474 2240 nvUpdatusService - ok
20:15:32.0493 2240 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:15:32.0517 2240 nv_agp - ok
20:15:32.0547 2240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:15:32.0563 2240 ohci1394 - ok
20:15:32.0612 2240 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:15:32.0637 2240 ose - ok
20:15:32.0666 2240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:15:32.0753 2240 p2pimsvc - ok
20:15:32.0775 2240 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:15:32.0805 2240 p2psvc - ok
20:15:32.0818 2240 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:15:32.0834 2240 Parport - ok
20:15:32.0866 2240 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:15:32.0891 2240 partmgr - ok
20:15:32.0934 2240 [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
20:15:32.0947 2240 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
20:15:32.0947 2240 PassThru Service - detected UnsignedFile.Multi.Generic (1)
20:15:32.0966 2240 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:15:33.0022 2240 PcaSvc - ok
20:15:33.0044 2240 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:15:33.0060 2240 pci - ok
20:15:33.0071 2240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:15:33.0084 2240 pciide - ok
20:15:33.0103 2240 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:15:33.0120 2240 pcmcia - ok
20:15:33.0148 2240 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:15:33.0162 2240 pcw - ok
20:15:33.0189 2240 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:15:33.0244 2240 PEAUTH - ok
20:15:33.0303 2240 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:15:33.0401 2240 PerfHost - ok
20:15:33.0461 2240 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:15:33.0553 2240 pla - ok
20:15:33.0597 2240 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:15:33.0668 2240 PlugPlay - ok
20:15:33.0693 2240 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:15:33.0719 2240 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:15:33.0719 2240 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:15:33.0747 2240 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:15:33.0781 2240 PNRPAutoReg - ok
20:15:33.0808 2240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:15:33.0826 2240 PNRPsvc - ok
20:15:33.0848 2240 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:15:33.0925 2240 PolicyAgent - ok
20:15:33.0959 2240 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:15:34.0015 2240 Power - ok
20:15:34.0037 2240 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:15:34.0082 2240 PptpMiniport - ok
20:15:34.0115 2240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:15:34.0147 2240 Processor - ok
20:15:34.0175 2240 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
20:15:34.0241 2240 ProfSvc - ok
20:15:34.0267 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
20:15:34.0294 2240 ProtectedStorage - ok
20:15:34.0321 2240 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:15:34.0369 2240 Psched - ok
20:15:34.0412 2240 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:15:34.0463 2240 ql2300 - ok
20:15:34.0484 2240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:15:34.0507 2240 ql40xx - ok
20:15:34.0529 2240 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:15:34.0553 2240 QWAVE - ok
20:15:34.0570 2240 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:15:34.0588 2240 QWAVEdrv - ok
20:15:34.0606 2240 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:15:34.0658 2240 RasAcd - ok
20:15:34.0699 2240 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:15:34.0733 2240 RasAgileVpn - ok
20:15:34.0752 2240 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:15:34.0804 2240 RasAuto - ok
20:15:34.0839 2240 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:15:34.0886 2240 Rasl2tp - ok
20:15:34.0930 2240 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:15:34.0970 2240 RasMan - ok
20:15:34.0987 2240 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:15:35.0036 2240 RasPppoe - ok
20:15:35.0063 2240 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:15:35.0115 2240 RasSstp - ok
20:15:35.0153 2240 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:15:35.0220 2240 rdbss - ok
20:15:35.0243 2240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:15:35.0288 2240 rdpbus - ok
20:15:35.0302 2240 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:15:35.0348 2240 RDPCDD - ok
20:15:35.0380 2240 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:15:35.0429 2240 RDPENCDD - ok
20:15:35.0455 2240 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:15:35.0489 2240 RDPREFMP - ok
20:15:35.0522 2240 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:15:35.0608 2240 RDPWD - ok
20:15:35.0638 2240 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:15:35.0654 2240 rdyboost - ok
20:15:35.0674 2240 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:15:35.0725 2240 RemoteAccess - ok
20:15:35.0756 2240 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:15:35.0796 2240 RemoteRegistry - ok
20:15:35.0810 2240 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:15:35.0862 2240 RpcEptMapper - ok
20:15:35.0928 2240 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:15:36.0003 2240 RpcLocator - ok
20:15:36.0075 2240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:15:36.0114 2240 RpcSs - ok
20:15:36.0135 2240 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:15:36.0170 2240 rspndr - ok
20:15:36.0184 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe
20:15:36.0199 2240 SamSs - ok
20:15:36.0229 2240 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:15:36.0244 2240 sbp2port - ok
20:15:36.0266 2240 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:15:36.0324 2240 SCardSvr - ok
20:15:36.0360 2240 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:15:36.0411 2240 scfilter - ok
20:15:36.0460 2240 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:15:36.0570 2240 Schedule - ok
20:15:36.0602 2240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:15:36.0636 2240 SCPolicySvc - ok
20:15:36.0670 2240 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:15:36.0754 2240 SDRSVC - ok
20:15:36.0771 2240 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:15:36.0820 2240 secdrv - ok
20:15:36.0843 2240 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:15:36.0877 2240 seclogon - ok
20:15:36.0899 2240 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:15:36.0954 2240 SENS - ok
20:15:36.0972 2240 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:15:37.0025 2240 SensrSvc - ok
20:15:37.0038 2240 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:15:37.0065 2240 Serenum - ok
20:15:37.0101 2240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:15:37.0132 2240 Serial - ok
20:15:37.0162 2240 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:15:37.0198 2240 sermouse - ok
20:15:37.0245 2240 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:15:37.0308 2240 SessionEnv - ok
20:15:37.0354 2240 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:15:37.0386 2240 sffdisk - ok
20:15:37.0394 2240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:15:37.0419 2240 sffp_mmc - ok
20:15:37.0440 2240 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:15:37.0490 2240 sffp_sd - ok
20:15:37.0503 2240 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:15:37.0518 2240 sfloppy - ok
20:15:37.0539 2240 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:15:37.0594 2240 SharedAccess - ok
20:15:37.0637 2240 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:15:37.0689 2240 ShellHWDetection - ok
20:15:37.0702 2240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:15:37.0725 2240 SiSRaid2 - ok
20:15:37.0734 2240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:15:37.0749 2240 SiSRaid4 - ok
20:15:37.0870 2240 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:15:37.0960 2240 Skype C2C Service - ok
20:15:37.0999 2240 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:15:38.0034 2240 Smb - ok
20:15:38.0072 2240 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:15:38.0112 2240 SNMPTRAP - ok
20:15:38.0143 2240 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:15:38.0165 2240 spldr - ok
20:15:38.0196 2240 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
20:15:38.0248 2240 Spooler - ok
20:15:38.0328 2240 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:15:38.0438 2240 sppsvc - ok
20:15:38.0458 2240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:15:38.0510 2240 sppuinotify - ok
20:15:38.0548 2240 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:15:38.0612 2240 srv - ok
20:15:38.0641 2240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:15:38.0680 2240 srv2 - ok
20:15:38.0701 2240 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:15:38.0720 2240 srvnet - ok
20:15:38.0808 2240 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
20:15:38.0897 2240 ssadbus - ok
20:15:38.0939 2240 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:15:38.0980 2240 ssadmdfl - ok
20:15:39.0003 2240 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
20:15:39.0037 2240 ssadmdm - ok
20:15:39.0060 2240 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
20:15:39.0111 2240 ssadserd - ok
20:15:39.0132 2240 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:15:39.0185 2240 SSDPSRV - ok
20:15:39.0207 2240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:15:39.0256 2240 SstpSvc - ok
20:15:39.0284 2240 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:15:39.0306 2240 stexstor - ok
20:15:39.0353 2240 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:15:39.0423 2240 stisvc - ok
20:15:39.0448 2240 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:15:39.0468 2240 swenum - ok
20:15:39.0490 2240 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:15:39.0554 2240 swprv - ok
20:15:39.0619 2240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:15:39.0697 2240 SysMain - ok
20:15:39.0732 2240 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:15:39.0767 2240 TabletInputService - ok
20:15:39.0808 2240 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:15:39.0870 2240 TapiSrv - ok
20:15:39.0892 2240 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:15:39.0930 2240 TBS - ok
20:15:39.0977 2240 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:15:40.0046 2240 Tcpip - ok
20:15:40.0092 2240 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:15:40.0129 2240 TCPIP6 - ok
20:15:40.0159 2240 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:15:40.0206 2240 tcpipreg - ok
20:15:40.0248 2240 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:15:40.0318 2240 TDPIPE - ok
20:15:40.0337 2240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:15:40.0367 2240 TDTCP - ok
20:15:40.0400 2240 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:15:40.0450 2240 tdx - ok
20:15:40.0471 2240 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:15:40.0494 2240 TermDD - ok
20:15:40.0531 2240 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:15:40.0602 2240 TermService - ok
20:15:40.0636 2240 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:15:40.0677 2240 Themes - ok
20:15:40.0700 2240 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:15:40.0744 2240 THREADORDER - ok
20:15:40.0817 2240 [ 0765EE4A7A0D6609BF91CA2E4700E885 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
20:15:40.0849 2240 TomTomHOMEService - ok
20:15:40.0867 2240 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:15:40.0929 2240 TrkWks - ok
20:15:40.0986 2240 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:15:41.0034 2240 TrustedInstaller - ok
20:15:41.0071 2240 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:15:41.0146 2240 tssecsrv - ok
20:15:41.0179 2240 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:15:41.0218 2240 TsUsbFlt - ok
20:15:41.0321 2240 TuneUpUtilitiesDrv - ok
20:15:41.0350 2240 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:15:41.0402 2240 tunnel - ok
20:15:41.0431 2240 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:15:41.0448 2240 uagp35 - ok
20:15:41.0481 2240 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:15:41.0534 2240 udfs - ok
20:15:41.0578 2240 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:15:41.0602 2240 UI0Detect - ok
20:15:41.0618 2240 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:15:41.0651 2240 uliagpkx - ok
20:15:41.0691 2240 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:15:41.0739 2240 umbus - ok
20:15:41.0757 2240 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:15:41.0777 2240 UmPass - ok
20:15:41.0825 2240 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
20:15:41.0849 2240 Updater Service - ok
20:15:41.0876 2240 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:15:41.0923 2240 upnphost - ok
20:15:41.0954 2240 [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:15:42.0025 2240 usbaudio - ok
20:15:42.0042 2240 [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:15:42.0073 2240 usbccgp - ok
20:15:42.0092 2240 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:15:42.0148 2240 usbcir - ok
20:15:42.0163 2240 [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:15:42.0196 2240 usbehci - ok
20:15:42.0226 2240 [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:15:42.0246 2240 usbhub - ok
20:15:42.0263 2240 [ 9406D801042FAF859CF81B2C886413DC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:15:42.0312 2240 usbohci - ok
20:15:42.0379 2240 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:15:42.0419 2240 usbprint - ok
20:15:42.0447 2240 [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan C:\Windows\system32\drivers\usbscan.sys
20:15:42.0494 2240 usbscan - ok
20:15:42.0519 2240 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:15:42.0546 2240 USBSTOR - ok
20:15:42.0565 2240 [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:15:42.0596 2240 usbuhci - ok
20:15:42.0645 2240 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
20:15:42.0662 2240 usb_rndisx - ok
20:15:42.0684 2240 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:15:42.0754 2240 UxSms - ok
20:15:42.0767 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe
20:15:42.0781 2240 VaultSvc - ok
20:15:42.0814 2240 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:15:42.0827 2240 vdrvroot - ok
20:15:42.0883 2240 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:15:42.0955 2240 vds - ok
20:15:42.0988 2240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:15:43.0009 2240 vga - ok
20:15:43.0028 2240 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:15:43.0073 2240 VgaSave - ok
20:15:43.0098 2240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:15:43.0115 2240 vhdmp - ok
20:15:43.0128 2240 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:15:43.0150 2240 viaide - ok
20:15:43.0166 2240 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:15:43.0180 2240 volmgr - ok
20:15:43.0216 2240 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:15:43.0241 2240 volmgrx - ok
20:15:43.0264 2240 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:15:43.0287 2240 volsnap - ok
20:15:43.0303 2240 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:15:43.0319 2240 vsmraid - ok
20:15:43.0377 2240 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:15:43.0466 2240 VSS - ok
20:15:43.0487 2240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:15:43.0531 2240 vwifibus - ok
20:15:43.0562 2240 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:15:43.0599 2240 vwififlt - ok
20:15:43.0649 2240 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:15:43.0689 2240 W32Time - ok
20:15:43.0703 2240 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:15:43.0737 2240 WacomPen - ok
20:15:43.0762 2240 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:15:43.0815 2240 WANARP - ok
20:15:43.0836 2240 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:15:43.0869 2240 Wanarpv6 - ok
20:15:43.0933 2240 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:15:43.0990 2240 WatAdminSvc - ok
20:15:44.0152 2240 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:15:44.0239 2240 wbengine - ok
20:15:44.0264 2240 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:15:44.0296 2240 WbioSrvc - ok
20:15:44.0326 2240 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:15:44.0372 2240 wcncsvc - ok
20:14:28.0426 3760 ============================================================
20:14:28.0426 3760 Current date / time: 2013/12/05 20:14:28.0426
20:14:28.0426 3760 SystemInfo:
20:14:28.0426 3760
20:14:28.0426 3760 OS Version: 6.1.7601 ServicePack: 1.0
20:14:28.0426 3760 Product type: Workstation
20:14:28.0433 3760 ComputerName: FANCH-PC
20:14:28.0576 3760 UserName: fanch
20:14:28.0576 3760 Windows directory: C:\Windows
20:14:28.0576 3760 System windows directory: C:\Windows
20:14:28.0576 3760 Running under WOW64
20:14:28.0576 3760 Processor architecture: Intel x64
20:14:28.0576 3760 Number of processors: 2
20:14:28.0576 3760 Page size: 0x1000
20:14:28.0576 3760 Boot type: Normal boot
20:14:28.0576 3760 ============================================================
20:14:40.0326 3760 BG loaded
20:14:41.0046 3760 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:14:41.0350 3760 ============================================================
20:14:41.0350 3760 \Device\Harddisk0\DR0:
20:14:41.0373 3760 MBR partitions:
20:14:41.0373 3760 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2600800, BlocksNum 0x32000
20:14:41.0373 3760 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2632800, BlocksNum 0x48225000
20:14:41.0373 3760 ============================================================
20:14:41.0535 3760 C: <-> \Device\Harddisk0\DR0\Partition2
20:14:41.0900 3760 ============================================================
20:14:41.0900 3760 Initialize success
20:14:41.0900 3760 ============================================================
20:15:10.0629 2240 ============================================================
20:15:10.0629 2240 Scan started
20:15:10.0629 2240 Mode: Manual; SigCheck; TDLFS;
20:15:10.0629 2240 ============================================================
20:15:11.0527 2240 ================ Scan system memory ========================
20:15:11.0527 2240 System memory - ok
20:15:11.0529 2240 ================ Scan services =============================
20:15:11.0687 2240 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:15:12.0311 2240 1394ohci - ok
20:15:12.0355 2240 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:15:12.0391 2240 ACPI - ok
20:15:12.0427 2240 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:15:12.0521 2240 AcpiPmi - ok
20:15:12.0581 2240 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:15:12.0601 2240 AdobeARMservice - ok
20:15:12.0841 2240 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:15:12.0864 2240 AdobeFlashPlayerUpdateSvc - ok
20:15:12.0909 2240 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:15:12.0958 2240 adp94xx - ok
20:15:12.0988 2240 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:15:13.0007 2240 adpahci - ok
20:15:13.0021 2240 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:15:13.0038 2240 adpu320 - ok
20:15:13.0061 2240 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:15:13.0202 2240 AeLookupSvc - ok
20:15:13.0242 2240 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
20:15:13.0350 2240 AFD - ok
20:15:13.0383 2240 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:15:13.0408 2240 agp440 - ok
20:15:13.0449 2240 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:15:13.0629 2240 ALG - ok
20:15:13.0675 2240 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:15:13.0694 2240 aliide - ok
20:15:13.0740 2240 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:15:13.0753 2240 amdide - ok
20:15:13.0783 2240 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:15:13.0885 2240 AmdK8 - ok
20:15:13.0899 2240 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:15:13.0935 2240 AmdPPM - ok
20:15:13.0976 2240 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:15:13.0991 2240 amdsata - ok
20:15:14.0037 2240 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:15:14.0053 2240 amdsbs - ok
20:15:14.0067 2240 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:15:14.0081 2240 amdxata - ok
20:15:14.0112 2240 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:15:14.0256 2240 AppID - ok
20:15:14.0280 2240 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:15:14.0338 2240 AppIDSvc - ok
20:15:14.0416 2240 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
20:15:14.0516 2240 Appinfo - ok
20:15:14.0573 2240 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:15:14.0607 2240 arc - ok
20:15:14.0626 2240 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:15:14.0654 2240 arcsas - ok
20:15:14.0699 2240 [ E890B3CD47B013692960BFA6607D10C0 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:15:14.0824 2240 aswFsBlk - ok
20:15:14.0876 2240 [ D4C39799426382DDA073CD44E65AF533 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:15:14.0890 2240 aswMonFlt - ok
20:15:14.0922 2240 [ 54E6D9551DCBC13604DD3257C14C08D8 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:15:14.0936 2240 aswRdr - ok
20:15:14.0955 2240 [ 27BE5089DE6D19AD78894949630488FD ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
20:15:14.0968 2240 aswRvrt - ok
20:15:15.0033 2240 [ B18E19313FFB92E173DAF93C38148893 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:15:15.0080 2240 aswSnx - ok
20:15:15.0097 2240 [ 4513474C63D67EEE4734D4D2ACFD19E7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:15:15.0117 2240 aswSP - ok
20:15:15.0138 2240 [ 7DFB9A17DDBF9B6AA7859923A3C8FE62 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:15:15.0152 2240 aswTdi - ok
20:15:15.0185 2240 [ 18A402335BAA2C6D3334596CA71BB3CF ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
20:15:15.0202 2240 aswVmm - ok
20:15:15.0221 2240 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:15:15.0279 2240 AsyncMac - ok
20:15:15.0327 2240 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:15:15.0341 2240 atapi - ok
20:15:15.0631 2240 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\drivers\atikmdag.sys
20:15:16.0387 2240 atikmdag - ok
20:15:16.0438 2240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:15:16.0544 2240 AudioEndpointBuilder - ok
20:15:16.0557 2240 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:15:16.0639 2240 AudioSrv - ok
20:15:16.0719 2240 [ 2B243715E7697E5AAA858CEB6AF680BC ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:15:16.0734 2240 avast! Antivirus - ok
20:15:16.0781 2240 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:15:16.0895 2240 AxInstSV - ok
20:15:16.0928 2240 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:15:17.0005 2240 b06bdrv - ok
20:15:17.0055 2240 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:15:17.0099 2240 b57nd60a - ok
20:15:17.0136 2240 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:15:17.0227 2240 BDESVC - ok
20:15:17.0247 2240 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:15:17.0306 2240 Beep - ok
20:15:17.0355 2240 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:15:17.0431 2240 BFE - ok
20:15:17.0477 2240 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:15:17.0582 2240 BITS - ok
20:15:17.0619 2240 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:15:17.0650 2240 blbdrive - ok
20:15:17.0687 2240 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:15:17.0752 2240 bowser - ok
20:15:17.0773 2240 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:15:17.0834 2240 BrFiltLo - ok
20:15:17.0858 2240 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:15:17.0874 2240 BrFiltUp - ok
20:15:17.0899 2240 [ C711ED965009BDCFF9AA62CEB6FF1AAD ] Brother XP spl Service C:\Windows\SysWOW64\brsvc01a.exe
20:15:17.0922 2240 Brother XP spl Service ( UnsignedFile.Multi.Generic ) - warning
20:15:17.0922 2240 Brother XP spl Service - detected UnsignedFile.Multi.Generic (1)
20:15:17.0958 2240 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:15:18.0037 2240 Browser - ok
20:15:18.0052 2240 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:15:18.0130 2240 Brserid - ok
20:15:18.0145 2240 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:15:18.0178 2240 BrSerWdm - ok
20:15:18.0194 2240 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:15:18.0228 2240 BrUsbMdm - ok
20:15:18.0249 2240 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:15:18.0271 2240 BrUsbSer - ok
20:15:18.0289 2240 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:15:18.0327 2240 BTHMODEM - ok
20:15:18.0391 2240 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:15:18.0450 2240 bthserv - ok
20:15:18.0477 2240 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:15:18.0543 2240 cdfs - ok
20:15:18.0590 2240 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:15:18.0620 2240 cdrom - ok
20:15:18.0661 2240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:15:18.0713 2240 CertPropSvc - ok
20:15:18.0736 2240 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:15:18.0778 2240 circlass - ok
20:15:18.0849 2240 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:15:18.0889 2240 CLFS - ok
20:15:18.0956 2240 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:15:18.0990 2240 clr_optimization_v2.0.50727_32 - ok
20:15:19.0040 2240 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:15:19.0082 2240 clr_optimization_v2.0.50727_64 - ok
20:15:19.0107 2240 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:15:19.0155 2240 CmBatt - ok
20:15:19.0175 2240 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:15:19.0187 2240 cmdide - ok
20:15:19.0225 2240 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
20:15:19.0271 2240 CNG - ok
20:15:19.0283 2240 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:15:19.0296 2240 Compbatt - ok
20:15:19.0321 2240 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:15:19.0373 2240 CompositeBus - ok
20:15:19.0392 2240 COMSysApp - ok
20:15:19.0408 2240 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:15:19.0422 2240 crcdisk - ok
20:15:19.0456 2240 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:15:19.0525 2240 CryptSvc - ok
20:15:19.0566 2240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:15:19.0632 2240 DcomLaunch - ok
20:15:19.0658 2240 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:15:19.0711 2240 defragsvc - ok
20:15:19.0750 2240 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:15:19.0825 2240 DfsC - ok
20:15:19.0852 2240 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:15:19.0914 2240 Dhcp - ok
20:15:19.0937 2240 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:15:19.0991 2240 discache - ok
20:15:20.0018 2240 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:15:20.0032 2240 Disk - ok
20:15:20.0064 2240 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:15:20.0137 2240 Dnscache - ok
20:15:20.0161 2240 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:15:20.0209 2240 dot3svc - ok
20:15:20.0255 2240 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:15:20.0291 2240 Dot4 - ok
20:15:20.0318 2240 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:15:20.0353 2240 Dot4Print - ok
20:15:20.0394 2240 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:15:20.0435 2240 dot4usb - ok
20:15:20.0476 2240 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:15:20.0528 2240 DPS - ok
20:15:20.0568 2240 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:15:20.0600 2240 drmkaud - ok
20:15:20.0635 2240 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:15:20.0680 2240 DXGKrnl - ok
20:15:20.0722 2240 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:15:20.0783 2240 EapHost - ok
20:15:20.0850 2240 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:15:20.0939 2240 ebdrv - ok
20:15:20.0959 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
20:15:21.0020 2240 EFS - ok
20:15:21.0043 2240 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:15:21.0077 2240 elxstor - ok
20:15:21.0103 2240 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:15:21.0144 2240 ErrDev - ok
20:15:21.0195 2240 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:15:21.0271 2240 EventSystem - ok
20:15:21.0297 2240 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:15:21.0350 2240 exfat - ok
20:15:21.0378 2240 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:15:21.0429 2240 fastfat - ok
20:15:21.0475 2240 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:15:21.0594 2240 Fax - ok
20:15:21.0608 2240 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:15:21.0639 2240 fdc - ok
20:15:21.0663 2240 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:15:21.0716 2240 fdPHost - ok
20:15:21.0737 2240 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:15:21.0791 2240 FDResPub - ok
20:15:21.0817 2240 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:15:21.0843 2240 FileInfo - ok
20:15:21.0863 2240 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:15:21.0921 2240 Filetrace - ok
20:15:21.0944 2240 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:15:21.0979 2240 flpydisk - ok
20:15:22.0018 2240 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:15:22.0037 2240 FltMgr - ok
20:15:22.0107 2240 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:15:22.0204 2240 FontCache - ok
20:15:22.0248 2240 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:15:22.0278 2240 FontCache3.0.0.0 - ok
20:15:22.0327 2240 [ 52B58A46BEEFB238C580B69FD051CB5B ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
20:15:22.0383 2240 ForceWare Intelligent Application Manager (IAM) - ok
20:15:22.0400 2240 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:15:22.0414 2240 FsDepends - ok
20:15:22.0438 2240 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:15:22.0456 2240 Fs_Rec - ok
20:15:22.0514 2240 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:15:22.0533 2240 fvevol - ok
20:15:22.0551 2240 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:15:22.0575 2240 gagp30kx - ok
20:15:22.0681 2240 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:15:22.0751 2240 gpsvc - ok
20:15:22.0818 2240 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
20:15:22.0881 2240 Greg_Service - ok
20:15:22.0932 2240 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:15:22.0957 2240 gupdate - ok
20:15:23.0020 2240 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:15:23.0032 2240 gupdatem - ok
20:15:23.0048 2240 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:15:23.0132 2240 hcw85cir - ok
20:15:23.0165 2240 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:15:23.0220 2240 HdAudAddService - ok
20:15:23.0252 2240 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:15:23.0286 2240 HDAudBus - ok
20:15:23.0294 2240 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:15:23.0338 2240 HidBatt - ok
20:15:23.0372 2240 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:15:23.0390 2240 HidBth - ok
20:15:23.0412 2240 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:15:23.0440 2240 HidIr - ok
20:15:23.0475 2240 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:15:23.0529 2240 hidserv - ok
20:15:23.0576 2240 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:15:23.0615 2240 HidUsb - ok
20:15:23.0637 2240 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:15:23.0701 2240 hkmsvc - ok
20:15:23.0737 2240 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:15:23.0802 2240 HomeGroupListener - ok
20:15:23.0845 2240 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:15:23.0883 2240 HomeGroupProvider - ok
20:15:23.0987 2240 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:15:24.0018 2240 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0018 2240 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
20:15:24.0028 2240 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:15:24.0036 2240 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0036 2240 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
20:15:24.0060 2240 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:15:24.0074 2240 HpSAMD - ok
20:15:24.0186 2240 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
20:15:24.0224 2240 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
20:15:24.0224 2240 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
20:15:24.0250 2240 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:15:24.0332 2240 HTCAND64 - ok
20:15:24.0413 2240 [ 5C8BC8A28798FD010E7ABC4E0D588CAA ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
20:15:24.0439 2240 HTCMonitorService - ok
20:15:24.0477 2240 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
20:15:24.0497 2240 htcnprot - ok
20:15:24.0525 2240 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:15:24.0606 2240 HTTP - ok
20:15:24.0639 2240 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:15:24.0655 2240 hwpolicy - ok
20:15:24.0712 2240 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:15:24.0741 2240 i8042prt - ok
20:15:24.0784 2240 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:15:24.0804 2240 iaStorV - ok
20:15:24.0850 2240 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:15:24.0904 2240 idsvc - ok
20:15:24.0941 2240 IEEtwCollectorService - ok
20:15:24.0964 2240 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:15:24.0978 2240 iirsp - ok
20:15:25.0010 2240 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
20:15:25.0080 2240 IKEEXT - ok
20:15:25.0154 2240 [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:15:25.0218 2240 IntcAzAudAddService - ok
20:15:25.0247 2240 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:15:25.0260 2240 intelide - ok
20:15:25.0278 2240 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:15:25.0304 2240 intelppm - ok
20:15:25.0341 2240 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:15:25.0404 2240 IPBusEnum - ok
20:15:25.0426 2240 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:15:25.0475 2240 IpFilterDriver - ok
20:15:25.0519 2240 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:15:25.0599 2240 iphlpsvc - ok
20:15:25.0629 2240 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:15:25.0673 2240 IPMIDRV - ok
20:15:25.0686 2240 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:15:25.0738 2240 IPNAT - ok
20:15:25.0770 2240 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:15:25.0835 2240 IRENUM - ok
20:15:25.0845 2240 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:15:25.0859 2240 isapnp - ok
20:15:25.0889 2240 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:15:25.0907 2240 iScsiPrt - ok
20:15:25.0938 2240 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:15:25.0951 2240 kbdclass - ok
20:15:25.0983 2240 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:15:26.0010 2240 kbdhid - ok
20:15:26.0034 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
20:15:26.0061 2240 KeyIso - ok
20:15:26.0087 2240 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:15:26.0101 2240 KSecDD - ok
20:15:26.0136 2240 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:15:26.0155 2240 KSecPkg - ok
20:15:26.0165 2240 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:15:26.0214 2240 ksthunk - ok
20:15:26.0242 2240 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:15:26.0293 2240 KtmRm - ok
20:15:26.0321 2240 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:15:26.0373 2240 LanmanServer - ok
20:15:26.0407 2240 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:15:26.0455 2240 LanmanWorkstation - ok
20:15:26.0509 2240 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:15:26.0562 2240 lltdio - ok
20:15:26.0610 2240 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:15:26.0675 2240 lltdsvc - ok
20:15:26.0691 2240 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:15:26.0726 2240 lmhosts - ok
20:15:26.0743 2240 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:15:26.0758 2240 LSI_FC - ok
20:15:26.0774 2240 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:15:26.0789 2240 LSI_SAS - ok
20:15:26.0798 2240 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:15:26.0812 2240 LSI_SAS2 - ok
20:15:26.0831 2240 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:15:26.0857 2240 LSI_SCSI - ok
20:15:26.0877 2240 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:15:26.0926 2240 luafv - ok
20:15:26.0979 2240 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:15:26.0993 2240 MBAMProtector - ok
20:15:27.0021 2240 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:15:27.0054 2240 MBAMScheduler - ok
20:15:27.0086 2240 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:15:27.0119 2240 MBAMService - ok
20:15:27.0127 2240 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:15:27.0141 2240 megasas - ok
20:15:27.0165 2240 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:15:27.0211 2240 MegaSR - ok
20:15:27.0233 2240 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:15:27.0285 2240 MMCSS - ok
20:15:27.0294 2240 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:15:27.0331 2240 Modem - ok
20:15:27.0362 2240 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:15:27.0407 2240 monitor - ok
20:15:27.0420 2240 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:15:27.0433 2240 mouclass - ok
20:15:27.0450 2240 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:15:27.0476 2240 mouhid - ok
20:15:27.0502 2240 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:15:27.0517 2240 mountmgr - ok
20:15:27.0564 2240 [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:15:27.0587 2240 MozillaMaintenance - ok
20:15:27.0622 2240 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:15:27.0640 2240 mpio - ok
20:15:27.0658 2240 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:15:27.0694 2240 mpsdrv - ok
20:15:27.0739 2240 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:15:27.0818 2240 MpsSvc - ok
20:15:27.0854 2240 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:15:27.0906 2240 MRxDAV - ok
20:15:27.0941 2240 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:15:27.0997 2240 mrxsmb - ok
20:15:28.0026 2240 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:15:28.0082 2240 mrxsmb10 - ok
20:15:28.0104 2240 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:15:28.0119 2240 mrxsmb20 - ok
20:15:28.0143 2240 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:15:28.0168 2240 msahci - ok
20:15:28.0188 2240 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:15:28.0203 2240 msdsm - ok
20:15:28.0221 2240 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:15:28.0255 2240 MSDTC - ok
20:15:28.0277 2240 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:15:28.0311 2240 Msfs - ok
20:15:28.0325 2240 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:15:28.0372 2240 mshidkmdf - ok
20:15:28.0401 2240 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:15:28.0420 2240 msisadrv - ok
20:15:28.0450 2240 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:15:28.0500 2240 MSiSCSI - ok
20:15:28.0508 2240 msiserver - ok
20:15:28.0536 2240 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:15:28.0581 2240 MSKSSRV - ok
20:15:28.0601 2240 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:15:28.0635 2240 MSPCLOCK - ok
20:15:28.0652 2240 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:15:28.0708 2240 MSPQM - ok
20:15:28.0749 2240 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:15:28.0769 2240 MsRPC - ok
20:15:28.0789 2240 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:15:28.0802 2240 mssmbios - ok
20:15:28.0811 2240 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:15:28.0861 2240 MSTEE - ok
20:15:28.0890 2240 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:15:28.0921 2240 MTConfig - ok
20:15:28.0947 2240 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:15:28.0961 2240 Mup - ok
20:15:29.0002 2240 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:15:29.0065 2240 napagent - ok
20:15:29.0095 2240 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:15:29.0147 2240 NativeWifiP - ok
20:15:29.0169 2240 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
20:15:29.0207 2240 NDIS - ok
20:15:29.0228 2240 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:15:29.0280 2240 NdisCap - ok
20:15:29.0312 2240 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:15:29.0363 2240 NdisTapi - ok
20:15:29.0408 2240 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:15:29.0458 2240 Ndisuio - ok
20:15:29.0490 2240 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:15:29.0537 2240 NdisWan - ok
20:15:29.0574 2240 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:15:29.0626 2240 NDProxy - ok
20:15:29.0698 2240 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
20:15:29.0749 2240 Nero BackItUp Scheduler 4.0 - ok
20:15:29.0799 2240 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:15:29.0834 2240 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:15:29.0834 2240 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:15:29.0866 2240 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:15:29.0917 2240 NetBIOS - ok
20:15:29.0958 2240 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:15:30.0013 2240 NetBT - ok
20:15:30.0035 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
20:15:30.0061 2240 Netlogon - ok
20:15:30.0109 2240 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:15:30.0183 2240 Netman - ok
20:15:30.0209 2240 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:15:30.0278 2240 netprofm - ok
20:15:30.0326 2240 [ 883269C1CA478658F1334F3C39B0C7AC ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
20:15:30.0386 2240 netr28ux - ok
20:15:30.0404 2240 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:15:30.0417 2240 NetTcpPortSharing - ok
20:15:30.0445 2240 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:15:30.0459 2240 nfrd960 - ok
20:15:30.0498 2240 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:15:30.0550 2240 NlaSvc - ok
20:15:30.0570 2240 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:15:30.0604 2240 Npfs - ok
20:15:30.0637 2240 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:15:30.0696 2240 nsi - ok
20:15:30.0721 2240 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:15:30.0771 2240 nsiproxy - ok
20:15:30.0818 2240 [ 20E179A7FE78B37A02D30C4D34C870E7 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
20:15:30.0833 2240 nSvcIp - ok
20:15:30.0882 2240 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:15:30.0945 2240 Ntfs - ok
20:15:30.0960 2240 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:15:31.0006 2240 Null - ok
20:15:31.0035 2240 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
20:15:31.0068 2240 NVENETFD - ok
20:15:31.0330 2240 [ 8E6247F418B4C8AE9EEB0B532CABCC21 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:15:31.0647 2240 nvlddmkm - ok
20:15:31.0680 2240 [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
20:15:31.0699 2240 NVNET - ok
20:15:31.0875 2240 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:15:32.0211 2240 nvraid - ok
20:15:32.0247 2240 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:15:32.0263 2240 nvstor - ok
20:15:32.0309 2240 [ 41B97DCE2B2D113B831EB197F02A7398 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:15:32.0361 2240 nvsvc - ok
20:15:32.0427 2240 [ A3A25E0509F67473B960DAF214828BE3 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:15:32.0474 2240 nvUpdatusService - ok
20:15:32.0493 2240 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:15:32.0517 2240 nv_agp - ok
20:15:32.0547 2240 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:15:32.0563 2240 ohci1394 - ok
20:15:32.0612 2240 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:15:32.0637 2240 ose - ok
20:15:32.0666 2240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:15:32.0753 2240 p2pimsvc - ok
20:15:32.0775 2240 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:15:32.0805 2240 p2psvc - ok
20:15:32.0818 2240 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:15:32.0834 2240 Parport - ok
20:15:32.0866 2240 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:15:32.0891 2240 partmgr - ok
20:15:32.0934 2240 [ 3CAE2BBC86FCF7F94C9696994AF30386 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
20:15:32.0947 2240 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
20:15:32.0947 2240 PassThru Service - detected UnsignedFile.Multi.Generic (1)
20:15:32.0966 2240 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:15:33.0022 2240 PcaSvc - ok
20:15:33.0044 2240 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:15:33.0060 2240 pci - ok
20:15:33.0071 2240 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:15:33.0084 2240 pciide - ok
20:15:33.0103 2240 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:15:33.0120 2240 pcmcia - ok
20:15:33.0148 2240 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:15:33.0162 2240 pcw - ok
20:15:33.0189 2240 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:15:33.0244 2240 PEAUTH - ok
20:15:33.0303 2240 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:15:33.0401 2240 PerfHost - ok
20:15:33.0461 2240 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:15:33.0553 2240 pla - ok
20:15:33.0597 2240 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:15:33.0668 2240 PlugPlay - ok
20:15:33.0693 2240 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:15:33.0719 2240 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:15:33.0719 2240 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:15:33.0747 2240 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:15:33.0781 2240 PNRPAutoReg - ok
20:15:33.0808 2240 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:15:33.0826 2240 PNRPsvc - ok
20:15:33.0848 2240 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:15:33.0925 2240 PolicyAgent - ok
20:15:33.0959 2240 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:15:34.0015 2240 Power - ok
20:15:34.0037 2240 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:15:34.0082 2240 PptpMiniport - ok
20:15:34.0115 2240 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:15:34.0147 2240 Processor - ok
20:15:34.0175 2240 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
20:15:34.0241 2240 ProfSvc - ok
20:15:34.0267 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
20:15:34.0294 2240 ProtectedStorage - ok
20:15:34.0321 2240 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:15:34.0369 2240 Psched - ok
20:15:34.0412 2240 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:15:34.0463 2240 ql2300 - ok
20:15:34.0484 2240 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:15:34.0507 2240 ql40xx - ok
20:15:34.0529 2240 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:15:34.0553 2240 QWAVE - ok
20:15:34.0570 2240 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:15:34.0588 2240 QWAVEdrv - ok
20:15:34.0606 2240 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:15:34.0658 2240 RasAcd - ok
20:15:34.0699 2240 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:15:34.0733 2240 RasAgileVpn - ok
20:15:34.0752 2240 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:15:34.0804 2240 RasAuto - ok
20:15:34.0839 2240 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:15:34.0886 2240 Rasl2tp - ok
20:15:34.0930 2240 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:15:34.0970 2240 RasMan - ok
20:15:34.0987 2240 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:15:35.0036 2240 RasPppoe - ok
20:15:35.0063 2240 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:15:35.0115 2240 RasSstp - ok
20:15:35.0153 2240 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:15:35.0220 2240 rdbss - ok
20:15:35.0243 2240 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:15:35.0288 2240 rdpbus - ok
20:15:35.0302 2240 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:15:35.0348 2240 RDPCDD - ok
20:15:35.0380 2240 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:15:35.0429 2240 RDPENCDD - ok
20:15:35.0455 2240 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:15:35.0489 2240 RDPREFMP - ok
20:15:35.0522 2240 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:15:35.0608 2240 RDPWD - ok
20:15:35.0638 2240 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:15:35.0654 2240 rdyboost - ok
20:15:35.0674 2240 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:15:35.0725 2240 RemoteAccess - ok
20:15:35.0756 2240 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:15:35.0796 2240 RemoteRegistry - ok
20:15:35.0810 2240 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:15:35.0862 2240 RpcEptMapper - ok
20:15:35.0928 2240 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:15:36.0003 2240 RpcLocator - ok
20:15:36.0075 2240 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:15:36.0114 2240 RpcSs - ok
20:15:36.0135 2240 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:15:36.0170 2240 rspndr - ok
20:15:36.0184 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe
20:15:36.0199 2240 SamSs - ok
20:15:36.0229 2240 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:15:36.0244 2240 sbp2port - ok
20:15:36.0266 2240 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:15:36.0324 2240 SCardSvr - ok
20:15:36.0360 2240 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:15:36.0411 2240 scfilter - ok
20:15:36.0460 2240 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:15:36.0570 2240 Schedule - ok
20:15:36.0602 2240 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:15:36.0636 2240 SCPolicySvc - ok
20:15:36.0670 2240 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:15:36.0754 2240 SDRSVC - ok
20:15:36.0771 2240 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:15:36.0820 2240 secdrv - ok
20:15:36.0843 2240 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:15:36.0877 2240 seclogon - ok
20:15:36.0899 2240 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:15:36.0954 2240 SENS - ok
20:15:36.0972 2240 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:15:37.0025 2240 SensrSvc - ok
20:15:37.0038 2240 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:15:37.0065 2240 Serenum - ok
20:15:37.0101 2240 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:15:37.0132 2240 Serial - ok
20:15:37.0162 2240 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:15:37.0198 2240 sermouse - ok
20:15:37.0245 2240 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:15:37.0308 2240 SessionEnv - ok
20:15:37.0354 2240 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:15:37.0386 2240 sffdisk - ok
20:15:37.0394 2240 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:15:37.0419 2240 sffp_mmc - ok
20:15:37.0440 2240 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:15:37.0490 2240 sffp_sd - ok
20:15:37.0503 2240 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:15:37.0518 2240 sfloppy - ok
20:15:37.0539 2240 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:15:37.0594 2240 SharedAccess - ok
20:15:37.0637 2240 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:15:37.0689 2240 ShellHWDetection - ok
20:15:37.0702 2240 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:15:37.0725 2240 SiSRaid2 - ok
20:15:37.0734 2240 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:15:37.0749 2240 SiSRaid4 - ok
20:15:37.0870 2240 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:15:37.0960 2240 Skype C2C Service - ok
20:15:37.0999 2240 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:15:38.0034 2240 Smb - ok
20:15:38.0072 2240 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:15:38.0112 2240 SNMPTRAP - ok
20:15:38.0143 2240 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:15:38.0165 2240 spldr - ok
20:15:38.0196 2240 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
20:15:38.0248 2240 Spooler - ok
20:15:38.0328 2240 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:15:38.0438 2240 sppsvc - ok
20:15:38.0458 2240 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:15:38.0510 2240 sppuinotify - ok
20:15:38.0548 2240 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:15:38.0612 2240 srv - ok
20:15:38.0641 2240 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:15:38.0680 2240 srv2 - ok
20:15:38.0701 2240 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:15:38.0720 2240 srvnet - ok
20:15:38.0808 2240 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
20:15:38.0897 2240 ssadbus - ok
20:15:38.0939 2240 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
20:15:38.0980 2240 ssadmdfl - ok
20:15:39.0003 2240 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
20:15:39.0037 2240 ssadmdm - ok
20:15:39.0060 2240 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
20:15:39.0111 2240 ssadserd - ok
20:15:39.0132 2240 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:15:39.0185 2240 SSDPSRV - ok
20:15:39.0207 2240 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:15:39.0256 2240 SstpSvc - ok
20:15:39.0284 2240 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:15:39.0306 2240 stexstor - ok
20:15:39.0353 2240 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:15:39.0423 2240 stisvc - ok
20:15:39.0448 2240 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:15:39.0468 2240 swenum - ok
20:15:39.0490 2240 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:15:39.0554 2240 swprv - ok
20:15:39.0619 2240 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:15:39.0697 2240 SysMain - ok
20:15:39.0732 2240 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:15:39.0767 2240 TabletInputService - ok
20:15:39.0808 2240 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:15:39.0870 2240 TapiSrv - ok
20:15:39.0892 2240 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:15:39.0930 2240 TBS - ok
20:15:39.0977 2240 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:15:40.0046 2240 Tcpip - ok
20:15:40.0092 2240 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:15:40.0129 2240 TCPIP6 - ok
20:15:40.0159 2240 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:15:40.0206 2240 tcpipreg - ok
20:15:40.0248 2240 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:15:40.0318 2240 TDPIPE - ok
20:15:40.0337 2240 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:15:40.0367 2240 TDTCP - ok
20:15:40.0400 2240 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:15:40.0450 2240 tdx - ok
20:15:40.0471 2240 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:15:40.0494 2240 TermDD - ok
20:15:40.0531 2240 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:15:40.0602 2240 TermService - ok
20:15:40.0636 2240 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:15:40.0677 2240 Themes - ok
20:15:40.0700 2240 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:15:40.0744 2240 THREADORDER - ok
20:15:40.0817 2240 [ 0765EE4A7A0D6609BF91CA2E4700E885 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
20:15:40.0849 2240 TomTomHOMEService - ok
20:15:40.0867 2240 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:15:40.0929 2240 TrkWks - ok
20:15:40.0986 2240 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:15:41.0034 2240 TrustedInstaller - ok
20:15:41.0071 2240 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:15:41.0146 2240 tssecsrv - ok
20:15:41.0179 2240 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:15:41.0218 2240 TsUsbFlt - ok
20:15:41.0321 2240 TuneUpUtilitiesDrv - ok
20:15:41.0350 2240 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:15:41.0402 2240 tunnel - ok
20:15:41.0431 2240 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:15:41.0448 2240 uagp35 - ok
20:15:41.0481 2240 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:15:41.0534 2240 udfs - ok
20:15:41.0578 2240 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:15:41.0602 2240 UI0Detect - ok
20:15:41.0618 2240 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:15:41.0651 2240 uliagpkx - ok
20:15:41.0691 2240 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:15:41.0739 2240 umbus - ok
20:15:41.0757 2240 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:15:41.0777 2240 UmPass - ok
20:15:41.0825 2240 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
20:15:41.0849 2240 Updater Service - ok
20:15:41.0876 2240 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:15:41.0923 2240 upnphost - ok
20:15:41.0954 2240 [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:15:42.0025 2240 usbaudio - ok
20:15:42.0042 2240 [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:15:42.0073 2240 usbccgp - ok
20:15:42.0092 2240 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:15:42.0148 2240 usbcir - ok
20:15:42.0163 2240 [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:15:42.0196 2240 usbehci - ok
20:15:42.0226 2240 [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:15:42.0246 2240 usbhub - ok
20:15:42.0263 2240 [ 9406D801042FAF859CF81B2C886413DC ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:15:42.0312 2240 usbohci - ok
20:15:42.0379 2240 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:15:42.0419 2240 usbprint - ok
20:15:42.0447 2240 [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan C:\Windows\system32\drivers\usbscan.sys
20:15:42.0494 2240 usbscan - ok
20:15:42.0519 2240 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:15:42.0546 2240 USBSTOR - ok
20:15:42.0565 2240 [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:15:42.0596 2240 usbuhci - ok
20:15:42.0645 2240 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
20:15:42.0662 2240 usb_rndisx - ok
20:15:42.0684 2240 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:15:42.0754 2240 UxSms - ok
20:15:42.0767 2240 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe
20:15:42.0781 2240 VaultSvc - ok
20:15:42.0814 2240 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:15:42.0827 2240 vdrvroot - ok
20:15:42.0883 2240 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:15:42.0955 2240 vds - ok
20:15:42.0988 2240 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:15:43.0009 2240 vga - ok
20:15:43.0028 2240 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:15:43.0073 2240 VgaSave - ok
20:15:43.0098 2240 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:15:43.0115 2240 vhdmp - ok
20:15:43.0128 2240 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:15:43.0150 2240 viaide - ok
20:15:43.0166 2240 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:15:43.0180 2240 volmgr - ok
20:15:43.0216 2240 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:15:43.0241 2240 volmgrx - ok
20:15:43.0264 2240 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:15:43.0287 2240 volsnap - ok
20:15:43.0303 2240 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:15:43.0319 2240 vsmraid - ok
20:15:43.0377 2240 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:15:43.0466 2240 VSS - ok
20:15:43.0487 2240 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:15:43.0531 2240 vwifibus - ok
20:15:43.0562 2240 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:15:43.0599 2240 vwififlt - ok
20:15:43.0649 2240 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:15:43.0689 2240 W32Time - ok
20:15:43.0703 2240 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:15:43.0737 2240 WacomPen - ok
20:15:43.0762 2240 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:15:43.0815 2240 WANARP - ok
20:15:43.0836 2240 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:15:43.0869 2240 Wanarpv6 - ok
20:15:43.0933 2240 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:15:43.0990 2240 WatAdminSvc - ok
20:15:44.0152 2240 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:15:44.0239 2240 wbengine - ok
20:15:44.0264 2240 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:15:44.0296 2240 WbioSrvc - ok
20:15:44.0326 2240 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:15:44.0372 2240 wcncsvc - ok
06:40:51.0452 2792 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
06:40:53.0465 2792 ============================================================
06:40:53.0465 2792 Current date / time: 2013/12/06 06:40:53.0465
06:40:53.0465 2792 SystemInfo:
06:40:53.0465 2792
06:40:53.0465 2792 OS Version: 6.1.7601 ServicePack: 1.0
06:40:53.0465 2792 Product type: Workstation
06:40:53.0465 2792 ComputerName: FANCH-PC
06:40:53.0465 2792 UserName: fanch
06:40:53.0465 2792 Windows directory: C:\Windows
06:40:53.0465 2792 System windows directory: C:\Windows
06:40:53.0465 2792 Running under WOW64
06:40:53.0465 2792 Processor architecture: Intel x64
06:40:53.0465 2792 Number of processors: 2
06:40:53.0465 2792 Page size: 0x1000
06:40:53.0465 2792 Boot type: Normal boot
06:40:53.0465 2792 ============================================================
06:41:13.0091 2792 BG loaded
06:41:14.0073 2792 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:41:14.0120 2792 ============================================================
06:41:14.0120 2792 \Device\Harddisk0\DR0:
06:41:14.0167 2792 MBR partitions:
06:41:14.0167 2792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2600800, BlocksNum 0x32000
06:41:14.0167 2792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2632800, BlocksNum 0x48225000
06:41:14.0167 2792 ============================================================
06:41:14.0557 2792 C: <-> \Device\Harddisk0\DR0\Partition2
06:41:14.0557 2792 ============================================================
06:41:14.0557 2792 Initialize success
06:41:14.0557 2792 ============================================================
06:40:53.0465 2792 ============================================================
06:40:53.0465 2792 Current date / time: 2013/12/06 06:40:53.0465
06:40:53.0465 2792 SystemInfo:
06:40:53.0465 2792
06:40:53.0465 2792 OS Version: 6.1.7601 ServicePack: 1.0
06:40:53.0465 2792 Product type: Workstation
06:40:53.0465 2792 ComputerName: FANCH-PC
06:40:53.0465 2792 UserName: fanch
06:40:53.0465 2792 Windows directory: C:\Windows
06:40:53.0465 2792 System windows directory: C:\Windows
06:40:53.0465 2792 Running under WOW64
06:40:53.0465 2792 Processor architecture: Intel x64
06:40:53.0465 2792 Number of processors: 2
06:40:53.0465 2792 Page size: 0x1000
06:40:53.0465 2792 Boot type: Normal boot
06:40:53.0465 2792 ============================================================
06:41:13.0091 2792 BG loaded
06:41:14.0073 2792 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:41:14.0120 2792 ============================================================
06:41:14.0120 2792 \Device\Harddisk0\DR0:
06:41:14.0167 2792 MBR partitions:
06:41:14.0167 2792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2600800, BlocksNum 0x32000
06:41:14.0167 2792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2632800, BlocksNum 0x48225000
06:41:14.0167 2792 ============================================================
06:41:14.0557 2792 C: <-> \Device\Harddisk0\DR0\Partition2
06:41:14.0557 2792 ============================================================
06:41:14.0557 2792 Initialize success
06:41:14.0557 2792 ============================================================