Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE

||-  

TR/Sirefef.26726412

 

1 utilisateur anonyme et 108 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

TR/Sirefef.26726412

RÉSOLU
Prévenir les modérateurs en cas d'abus 
68eilime
68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/10/2013 à 16:06:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonsoir,

mon antivirus détecte un/des fichiers malveillants du nom de "TR/Sirefef.26726412".
J'ai fait une analyse avec Rogue Killer et supprimer certains virus, mais ce n'est pas suffisant...

Pouvez-vous m'aider à les supprimer?
Merci!

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 19/10/2013 à 16:50:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


http://imagesup.org/images8/12​94493299-nextimage.gif Télécharge sur ton bureau TdssKiller de kaspersky , exécute le , un rapport sera crée ici:

C:\TDSSKillerVersion_Date_Time​_log.txt.<< copie_colle son contenu

(Vista/Seven --> Faire un clique droit sur tdsskiller.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

  • Exécute le , La fenêtre suivante va s'ouvrir :

http://i265.photobucket.com/al​bums/ii226/Marie_Ven/0001img-2​421.png

  • Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
  • Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:

http://i265.photobucket.com/al​bums/ii226/Marie_Ven/0002img-4​0.png

  • Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

  • Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.

  • Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.

  • Si Suspicious file est indiqué, laisse l'option cochée sur Skip

  • Clique sur Continue puis sur Reboot now pour redémarrer le PC.

  • Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom

Tutoriel--> http://support.kaspersky.com/v [...] =208280684


@++ :)

(Publicité)
68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/10/2013 à 16:59:34  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Rien n'a été détecté...
18:56:11.0284 0x199c TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
18:56:16.0447 0x199c ==============================​==============================
18:56:16.0447 0x199c Current date / time: 2013/10/19 18:56:16.0447
18:56:16.0447 0x199c SystemInfo:
18:56:16.0447 0x199c
18:56:16.0447 0x199c OS Version: 6.1.7601 ServicePack: 1.0
18:56:16.0447 0x199c Product type: Workstation
18:56:16.0447 0x199c ComputerName: EMILIE-VAIO
18:56:16.0448 0x199c UserName: Emilie
18:56:16.0448 0x199c Windows directory: C:\Windows
18:56:16.0448 0x199c System windows directory: C:\Windows
18:56:16.0448 0x199c Running under WOW64
18:56:16.0448 0x199c Processor architecture: Intel x64
18:56:16.0448 0x199c Number of processors: 4
18:56:16.0448 0x199c Page size: 0x1000
18:56:16.0448 0x199c Boot type: Normal boot
18:56:16.0448 0x199c ==============================​==============================
18:56:18.0723 0x199c System UUID: {D116B223-BE85-1919-336C-84D9F​7743BBA}
18:56:20.0191 0x199c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:56:20.0203 0x199c ==============================​==============================
18:56:20.0203 0x199c \Device\Harddisk0\DR0:
18:56:20.0204 0x199c MBR partitions:
18:56:20.0204 0x199c \Device\Harddisk0\DR0\Partitio​n1: MBR, Type 0x7, StartLBA 0x1BCA000, BlocksNum 0x32000
18:56:20.0204 0x199c \Device\Harddisk0\DR0\Partitio​n2: MBR, Type 0x7, StartLBA 0x1BFC000, BlocksNum 0x3878A030
18:56:20.0204 0x199c ==============================​==============================
18:56:20.0238 0x199c C: <-> \Device\Harddisk0\DR0\Partitio​n2
18:56:20.0239 0x199c ==============================​==============================
18:56:20.0239 0x199c Initialize success
18:56:20.0239 0x199c ==============================​==============================
18:56:26.0792 0x1774 ==============================​==============================
18:56:26.0792 0x1774 Scan started
18:56:26.0792 0x1774 Mode: Manual;
18:56:26.0792 0x1774 ==============================​==============================
18:56:26.0792 0x1774 KSN ping started
18:56:30.0307 0x1774 KSN ping finished: true
18:56:31.0380 0x1774 ================ Scan system memory ========================
18:56:31.0380 0x1774 System memory - ok
18:56:31.0381 0x1774 ================ Scan services =============================
18:56:31.0827 0x1774 [ A87D604AEA360176311474C87A63BB​88, B1507868C382CD5D2DBC0D62114FCF​BF7A780904A2E3CA7C7C1DD0844ADA​9A8F ] 1394ohci C:\Windows\system32\drivers\13​94ohci.sys
18:56:31.0843 0x1774 1394ohci - ok
18:56:32.0049 0x1774 [ B33CF4DE909A5B30F526D82053A63C​8E, ABF5BB962C038E545C18B96E686E07​2D780C907096C7BB341297AF31D370​3ABD ] ABBYY.Licensing.FineReader.Spr​int.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9​.00\Licensing\NetworkLicenseSe​rver.exe
18:56:32.0098 0x1774 ABBYY.Licensing.FineReader.Spr​int.9.0 - ok
18:56:32.0177 0x1774 [ ADC420616C501B45D26C0FD3EF1E54​E4, 29FC41D40A35AC5476E2A673CE5B12​684E0CFA12A1AEBEEBE5883FBA5CA6​8B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:56:32.0185 0x1774 ACDaemon - ok
18:56:32.0249 0x1774 [ D81D9E70B8A6DD14D42D7B4EFA65D5​F2, FDAAB7E23012B4D31537C5BDEF245B​B0A12FA060A072C250E21C68E18B22​E002 ] ACPI C:\Windows\system32\drivers\AC​PI.sys
18:56:32.0271 0x1774 ACPI - ok
18:56:32.0295 0x1774 [ 99F8E788246D495CE3794D7E7821D2​CA, F91615463270AD2601F882CAED43B8​8E7EDA115B9FD03FC56320E48119F1​5F76 ] AcpiPmi C:\Windows\system32\drivers\ac​pipmi.sys
18:56:32.0297 0x1774 AcpiPmi - ok
18:56:32.0394 0x1774 [ ADDA5E1951B90D3D23C56D3CF0622A​DC, E85E7BFD29F00ED34BF5BE8BD4DA93​CBB14278E16809BB55406875F0DA88​551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:56:32.0400 0x1774 AdobeARMservice - ok
18:56:32.0662 0x1774 [ A283108E14F3970432C21AF4C0CB1B​CE, 1D3219EF916D54232838870EDE5572​96AACB714B456ED0AAE0DE3CE3822F​4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\F​lash\FlashPlayerUpdateService.​exe
18:56:32.0679 0x1774 AdobeFlashPlayerUpdateSvc - ok
18:56:32.0772 0x1774 [ 2F6B34B83843F0C5118B63AC634F5B​F4, 43E3F5FBFB5D33981AC503DEE47686​8EC029815D459E7C36C4ABC2D2F75B​5735 ] adp94xx C:\Windows\system32\drivers\ad​p94xx.sys
18:56:32.0802 0x1774 adp94xx - ok
18:56:32.0875 0x1774 [ 597F78224EE9224EA1A13D6350CED9​62, DA7FD99BE5E3B7B98605BF5C13BF3F​1A286C0DE1240617570B46FE4605E5​9BDC ] adpahci C:\Windows\system32\drivers\ad​pahci.sys
18:56:32.0895 0x1774 adpahci - ok
18:56:32.0931 0x1774 [ E109549C90F62FB570B9540C4B148E​54, E804563735153EA00A00641814244B​C8A347B578E7D63A16F43FB17566EE​5559 ] adpu320 C:\Windows\system32\drivers\ad​pu320.sys
18:56:32.0943 0x1774 adpu320 - ok
18:56:32.0986 0x1774 [ 4B78B431F225FD8624C5655CB1DE7B​61, 198A5AF2125C7C41F531A652D200C0​83A55A97DC541E3C0B5B253C732994​9156 ] AeLookupSvc C:\Windows\System32\aelupsvc.d​ll
18:56:32.0991 0x1774 AeLookupSvc - ok
18:56:33.0075 0x1774 [ 1C7857B62DE5994A75B054A9FD4C38​25, 83F963D7E636532B1AD30B1E727EC4​29317CA540F6EB3BB268FCC0B163B6​7767 ] AFD C:\Windows\system32\drivers\af​d.sys
18:56:33.0106 0x1774 AFD - ok
18:56:33.0156 0x1774 [ 608C14DBA7299D8CB6ED035A68A157​99, 45360F89640BF1127C82A32393BD76​205E4FA067889C40C491602F370C09​282A ] agp440 C:\Windows\system32\drivers\ag​p440.sys
18:56:33.0161 0x1774 agp440 - ok
18:56:33.0194 0x1774 [ 3290D6946B5E30E70414990574883D​DB, 0E9294E1991572256B3CDA6B031DB9​F39CA601385515EE59F1F601725B88​9663 ] ALG C:\Windows\System32\alg.exe
18:56:33.0201 0x1774 ALG - ok
18:56:33.0259 0x1774 [ 5812713A477A3AD7363C7438CA2EE0​38, A7316299470D2E57A11499C752A711​BF4A71EB11C9CBA731ED0945FF6A96​6721 ] aliide C:\Windows\system32\drivers\al​iide.sys
18:56:33.0261 0x1774 aliide - ok
18:56:33.0307 0x1774 [ 1FF8B4431C353CE385C875F194924C​0C, 3EA3A7F426B0FFC2461EDF4FDB4B58​ACC9D0730EDA5B728D1EA1346EA0A0​2720 ] amdide C:\Windows\system32\drivers\am​dide.sys
18:56:33.0309 0x1774 amdide - ok
18:56:33.0345 0x1774 [ 7024F087CFF1833A806193EF9D22CD​A9, E7F27E488C38338388103D3B7EEDD6​1D05E14FB140992AEE6F492FFC821B​F529 ] AmdK8 C:\Windows\system32\drivers\am​dk8.sys
18:56:33.0350 0x1774 AmdK8 - ok
18:56:33.0378 0x1774 [ 1E56388B3FE0D031C44144EB8C4D62​17, E88CA76FD47BA0EB427D59CB9BE040​DE133D89D4E62D03A8D622624531D2​7487 ] AmdPPM C:\Windows\system32\drivers\am​dppm.sys
18:56:33.0383 0x1774 AmdPPM - ok
18:56:33.0429 0x1774 [ D4121AE6D0C0E7E13AA221AA57EF2D​49, 626F43C099BD197BE56648C367B711​143C2BCCE96496BBDEF19F391D52FA​01D0 ] amdsata C:\Windows\system32\drivers\am​dsata.sys
18:56:33.0436 0x1774 amdsata - ok
18:56:33.0482 0x1774 [ F67F933E79241ED32FF46A4F29B512​0B, D6EF539058F159CC4DD14CA9B1FD92​4998FEAC9D325C823C7A2DD21FEF1D​C1A8 ] amdsbs C:\Windows\system32\drivers\am​dsbs.sys
18:56:33.0495 0x1774 amdsbs - ok
18:56:33.0516 0x1774 [ 540DAF1CEA6094886D72126FD7C330​48, 296578572A93F5B74E1AD443E000B7​9DC99D1CBD25082E02704800F886A3​065F ] amdxata C:\Windows\system32\drivers\am​dxata.sys
18:56:33.0519 0x1774 amdxata - ok
18:56:33.0601 0x1774 [ 8769E2D1072B62AB071F166F03B3E3​DC, 86224B6AB25FD8A4BCD9B73C469457​73CF93C06C9A255BB8253445D2882E​3ACE ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:56:33.0607 0x1774 AntiVirSchedulerService - ok
18:56:33.0671 0x1774 [ AD1D13E6326E0B8DA2A7BE13B39A8F​E0, 923C6C5C7163044C05C3CC22DFE808​287E1A5345DFA2957E8382B66EB495​26DE ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:56:33.0679 0x1774 AntiVirService - ok
18:56:33.0785 0x1774 [ 07E1BF2B3776AA67A621DED3810C16​26, F7C305CA6EF319B3F15FDB75E1DB65​DB6200D2E0909AF358A766584A4F51​AE11 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:56:33.0841 0x1774 AntiVirWebService - ok
18:56:33.0943 0x1774 [ 12BFA9EC4B03CC16BB7D19BAA308AE​F2, 83EE94308BBDE5FBFC9D863CB0C14A​AD487DA0AF34FFA446CF9B4BE0A682​54C7 ] ApfiltrService C:\Windows\system32\DRIVERS\Ap​filtr.sys
18:56:33.0963 0x1774 ApfiltrService - ok
18:56:34.0019 0x1774 [ 4FC6E2C2FC50445450651F42E90CC0​BD, BC04902B1A5A5C3354E1C4A5C69906​ED7DF19F90286BE1AC4E4224E05ED3​6184 ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Ap​owersoft_AudioDevice.sys
18:56:34.0023 0x1774 Apowersoft_AudioDevice - ok
18:56:34.0085 0x1774 [ 89A69C3F2F319B43379399547526D9​52, 8ABDB4B8E106F96EBBA0D4D04C4F43​2296516E107E7BA5644ED2E50CF9BB​491A ] AppID C:\Windows\system32\drivers\ap​pid.sys
18:56:34.0089 0x1774 AppID - ok
18:56:34.0120 0x1774 [ 0BC381A15355A3982216F7172F545D​E1, C33AF13CB218F7BF52E967452573DF​2ADD20A95C6BF99229794FEF07C4BB​E725 ] AppIDSvc C:\Windows\System32\appidsvc.d​ll
18:56:34.0123 0x1774 AppIDSvc - ok
18:56:34.0166 0x1774 [ 9D2A2369AB4B08A4905FE72DB10449​8F, D6FA1705018BABABFA2362E05691A0​D6408D14DE7B76129B16D0A1DAD637​8E58 ] Appinfo C:\Windows\System32\appinfo.dl​l
18:56:34.0171 0x1774 Appinfo - ok
18:56:34.0214 0x1774 [ C484F8CEB1717C540242531DB7845C​4E, C507CE26716EB923B864ED85E8FA0B​24591E2784A2F4F0E78AEED7E99533​11F6 ] arc C:\Windows\system32\drivers\ar​c.sys
18:56:34.0220 0x1774 arc - ok
18:56:34.0247 0x1774 [ 019AF6924AEFE7839F61C830227FE7​9C, 5926B9DDFC9198043CDD6EA0B384C8​3B001EC225A8125628C4A45A3E6C42​C72A ] arcsas C:\Windows\system32\drivers\ar​csas.sys
18:56:34.0255 0x1774 arcsas - ok
18:56:34.0282 0x1774 [ C130BC4A51B1382B2BE8E44579EC4C​0A, CC1FD33ED7CAD87A504D8678F8482C​AECACD18C727BB97FFB86F39255563​EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\Ar​cSoftKsUFilter.sys
18:56:34.0285 0x1774 ArcSoftKsUFilter - ok
18:56:34.0405 0x1774 [ 9217D874131AE6FF8F642F124F00A5​55, BE2923D5AA7748FDAAED73AF567D01​5517B36F1C739C6E5637DD15112EFD​F495 ] aspnet_state C:\Windows\Microsoft.NET\Frame​work64\v4.0.30319\aspnet_state​.exe
18:56:34.0409 0x1774 aspnet_state - ok
18:56:34.0441 0x1774 [ 769765CE2CC62867468CEA93969B22​42, 0D8F19D49869DF93A3876B4C2E249D​12E83F9CE11DAE8917D368E292043D​4D26 ] AsyncMac C:\Windows\system32\DRIVERS\as​yncmac.sys
18:56:34.0444 0x1774 AsyncMac - ok
18:56:34.0500 0x1774 [ 02062C0B390B7729EDC9E69C680A6F​3C, 0261683C6DC2706DCE491A1CDC954A​C9C9E649376EC30760BB4E225E18DC​5273 ] atapi C:\Windows\system32\drivers\at​api.sys
18:56:34.0503 0x1774 atapi - ok
18:56:34.0553 0x1774 [ 50F257E19554421B6891E3F998EDCA​90, 32D368632B714864D77C700B1115F4​404EAA72C5F734BF6A2B96F48C3935​A5D9 ] AthBTPort C:\Windows\system32\DRIVERS\bt​ath_flt.sys
18:56:34.0556 0x1774 AthBTPort - ok
18:56:34.0667 0x1774 [ 4119870B90E1B5E7797D6433D21F92​16, 5CDA3748A6C89B1046173F20D857D1​64F4170A5028370B5BB9843212CEA8​6C8F ] ATHDFU C:\Windows\System32\Drivers\At​hDfu.sys
18:56:34.0672 0x1774 ATHDFU - ok
18:56:34.0757 0x1774 [ 650F111D5CDA64C10AE4B9D1BA9D4F​FF, 99AD83993D724538687F084318404D​BF314C2249AB593AF9DD3783B0AB6B​3B25 ] Atheros Bt&amp;Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
18:56:34.0767 0x1774 Atheros Bt&amp;Wlan Coex Agent - ok
18:56:34.0798 0x1774 [ EBC3119394C9074A9CD87578A43505​0D, 4AE141D02DDE33574CC899BBEDCCC3​11867FB98CEDBB3E556409B018F8F7​95E5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
18:56:34.0804 0x1774 AtherosSvc - ok
18:56:35.0213 0x1774 [ A5E770426D18F8EF332A593F3289DA​91, 87AC97758618765814B630CB1A189C​D690DC6B0EAAE93D80EDE7771FB362​C9AF ] athr C:\Windows\system32\DRIVERS\at​hrx.sys
18:56:35.0383 0x1774 athr - ok
18:56:35.0618 0x1774 [ F23FEF6D569FCE88671949894A8BEC​F1, FCE7B156ED663471CF9A736915F003​02E93B50FC647563D235313A37FCE8​F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.d​ll
18:56:35.0660 0x1774 AudioEndpointBuilder - ok
18:56:35.0728 0x1774 [ F23FEF6D569FCE88671949894A8BEC​F1, FCE7B156ED663471CF9A736915F003​02E93B50FC647563D235313A37FCE8​F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.d​ll
18:56:35.0771 0x1774 AudioSrv - ok
18:56:35.0910 0x1774 [ 0D5C96FD25D6455D97A5C4D7706DFA​B1, AD55CA587EA009292E1B3C37D0F374​201DBC68CFE4A4751AFAAADECF8E26​B04A ] avgntflt C:\Windows\system32\DRIVERS\av​gntflt.sys
18:56:35.0918 0x1774 avgntflt - ok
18:56:35.0992 0x1774 [ E26B3C8E9C3DDE047B32C5719955D7​15, F7E968FC23F167496E48BE8E3CF824​821D3A074D20EA7A8C22BB722F590C​ADC7 ] avipbb C:\Windows\system32\DRIVERS\av​ipbb.sys
18:56:36.0002 0x1774 avipbb - ok
18:56:36.0044 0x1774 [ 490FA25161BF3E51993EB724ECF0AC​EB, C9F35F342A301E99D8E756A7422D5C​D0DEFE233921207051D5146110E3F1​0ED9 ] avkmgr C:\Windows\system32\DRIVERS\av​kmgr.sys
18:56:36.0047 0x1774 avkmgr - ok
18:56:36.0109 0x1774 [ A6BF31A71B409DFA8CAC83159E1E2A​FF, CBB83F73FFD3C3FB4F96605067739F​8F7A4A40B2B05417FA49E575E95628​753F ] AxInstSV C:\Windows\System32\AxInstSV.d​ll
18:56:36.0118 0x1774 AxInstSV - ok
18:56:36.0204 0x1774 [ 3E5B191307609F7514148C6832BB08​42, DE011CB7AA4A2405FAF21575182E07​93A1D83DFFC44E9A7864D59F3D51D8​D580 ] b06bdrv C:\Windows\system32\drivers\bx​vbda.sys
18:56:36.0234 0x1774 b06bdrv - ok
18:56:36.0294 0x1774 [ B5ACE6968304A3900EEB1EBFD9622D​F2, 1DAA118D8CA3F97B34DF3D3CDA1C78​EAB2ED225699FEABE89D331AE0CB76​79FA ] b57nd60a C:\Windows\system32\DRIVERS\b5​7nd60a.sys
18:56:36.0312 0x1774 b57nd60a - ok
18:56:36.0378 0x1774 [ FDE360167101B4E45A96F939F388AE​B0, 8D1457E866BBD645C4B9710DFBFF93​405CC1193BF9AE42326F2382500B71​3B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:56:36.0386 0x1774 BDESVC - ok
18:56:36.0407 0x1774 [ 16A47CE2DECC9B099349A5F8406547​46, 77C008AEDB07FAC66413841D65C952​DDB56FE7DCA5E9EF9C8F4130336B83​8024 ] Beep C:\Windows\system32\drivers\Be​ep.sys
18:56:36.0408 0x1774 Beep - ok
18:56:36.0500 0x1774 [ 82974D6A2FD19445CC5171FC378668​A4, 075D25F47C0D2277E40AF8615571DA​A5EB16B1824563632A9A7EC62505C2​9A4A ] BFE C:\Windows\System32\bfe.dll
18:56:36.0544 0x1774 BFE - ok
18:56:36.0697 0x1774 [ 1EA7969E3271CBC59E1730697DC746​82, D511A34D63A6E0E6E7D1879068E2CD​3D87ABEAF4936B2EA8CDDAD9F79D60​FA04 ] BITS C:\Windows\System32\qmgr.dll
18:56:36.0754 0x1774 BITS - ok
18:56:36.0827 0x1774 [ 61583EE3C3A17003C4ACD0475646B4​D3, 17E4BECC309C450E7E44F59A9C0BBC​24D21BDC66DFBA65B8F198A00BB47A​9811 ] blbdrive C:\Windows\system32\drivers\bl​bdrive.sys
18:56:36.0831 0x1774 blbdrive - ok
18:56:36.0864 0x1774 [ 6C02A83164F5CC0A262F4199F0871C​F5, AD4632A6A203CB40970D848315D8AD​B9C898349E20D8DF4107C2AE2703A2​CF28 ] bowser C:\Windows\system32\DRIVERS\bo​wser.sys
18:56:36.0871 0x1774 bowser - ok
18:56:36.0894 0x1774 [ F09EEE9EDC320B5E1501F749FDE686​C8, 66691114C42E12F4CC6DC4078D4D2F​A4029759ACDAF1B59D17383487180E​84E3 ] BrFiltLo C:\Windows\system32\drivers\Br​FiltLo.sys
18:56:36.0898 0x1774 BrFiltLo - ok
18:56:36.0921 0x1774 [ B114D3098E9BDB8BEA8B053685831B​E6, 0ED23C1897F35FA00B9C2848DE4ED2​00E18688AA7825674888054BBC3A3E​B92C ] BrFiltUp C:\Windows\system32\drivers\Br​FiltUp.sys
18:56:36.0923 0x1774 BrFiltUp - ok
18:56:37.0014 0x1774 [ 05F5A0D14A2EE1D8255C2AA0E9E8E6​94, 40011138869F5496A3E78D38C9900B​466B6F3877526AC22952DCD528173F​4645 ] Browser C:\Windows\System32\browser.dl​l
18:56:37.0024 0x1774 Browser - ok
18:56:37.0093 0x1774 [ 43BEA8D483BF1870F018E2D02E06A5​BD, 4E6F5A5FD8C796A110B0DC9FF29E31​EA78C04518FC1C840EF61BABD58AB1​0272 ] Brserid C:\Windows\System32\Drivers\Br​serid.sys
18:56:37.0115 0x1774 Brserid - ok
18:56:37.0156 0x1774 [ A6ECA2151B08A09CACECA35C07F05B​42, E2875BB7768ABAF38C3377007AA0A3​C281503474D1831E396FB659972158​6B0C ] BrSerWdm C:\Windows\System32\Drivers\Br​SerWdm.sys
18:56:37.0160 0x1774 BrSerWdm - ok
18:56:37.0184 0x1774 [ B79968002C277E869CF38BD22CD615​24, 50631836502237AF4893ECDCEA43B9​031C3DE97433F594D46AF7C3C77F33​1983 ] BrUsbMdm C:\Windows\System32\Drivers\Br​UsbMdm.sys
18:56:37.0186 0x1774 BrUsbMdm - ok
18:56:37.0239 0x1774 [ A87528880231C54E75EA7A44943B38​BF, 4C8BBB29FDA76A96840AA47A8613C1​5D4466F9273A13941C195070086297​09C9 ] BrUsbSer C:\Windows\System32\Drivers\Br​UsbSer.sys
18:56:37.0241 0x1774 BrUsbSer - ok
18:56:37.0318 0x1774 [ B3BCD755FA9A359D10208CC9F09847​CC, 8DE11815A2C76051DFF0F68BC8CF38​CADD7BCA3A75EED4CC03B38DEB9F65​8296 ] BTATH_A2DP C:\Windows\system32\drivers\bt​ath_a2dp.sys
18:56:37.0335 0x1774 BTATH_A2DP - ok
18:56:37.0364 0x1774 [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF7​10, EE6932310F97F9DC07F8EC66B3939B​A73FF8B7C7B9D84CE9852C85B77068​1A60 ] btath_avdt C:\Windows\system32\drivers\bt​ath_avdt.sys
18:56:37.0372 0x1774 btath_avdt - ok
18:56:37.0412 0x1774 [ D838DD1BCB328EFCFAD7A52DE9E3CA​FD, A364C50240069D7606119E4FD3BC83​9F307947F680295C3A68AE1CE42B9A​6108 ] BTATH_BUS C:\Windows\system32\drivers\bt​ath_bus.sys
18:56:37.0416 0x1774 BTATH_BUS - ok
18:56:37.0462 0x1774 [ A441B800E04CF8443FAF519207563A​BB, AAA865453E000B38D4DCCB435731F3​843394FFA224F577B88DBBB31256F1​BC39 ] BTATH_HCRP C:\Windows\system32\drivers\bt​ath_hcrp.sys
18:56:37.0473 0x1774 BTATH_HCRP - ok
18:56:37.0519 0x1774 [ B16F8429A35BBA2A8EF9DB2E08675B​97, B38952519A8AC2E0A211F685CB4AC4​53AA2885AA0DA39DBF92CE61FE649B​C309 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\bt​ath_lwflt.sys
18:56:37.0524 0x1774 BTATH_LWFLT - ok
18:56:37.0556 0x1774 [ C24231C6BDFE21735930084A22089A​AB, DF5104AC26A8D3E1C204D479F32204​FE66B225DBA7EFDAC7149A02D0B5CE​B714 ] BTATH_RCP C:\Windows\system32\drivers\bt​ath_rcp.sys
18:56:37.0574 0x1774 BTATH_RCP - ok
18:56:37.0677 0x1774 [ 3632FA4C6B3CE9EC827690DEAC266D​8C, 46D34968DA1BE0D793518506D4FCA0​94C3F15ACF530DB3660C7CD6ECCBF3​C1BD ] BtFilter C:\Windows\system32\DRIVERS\bt​filter.sys
18:56:37.0696 0x1774 BtFilter - ok
18:56:37.0784 0x1774 [ CF98190A94F62E405C8CB255018B23​15, E1B2540023C4FE9FD588E4B6AE6347​DFA565EB3898F21E5360882BF3E8B5​E781 ] BthEnum C:\Windows\system32\drivers\Bt​hEnum.sys
18:56:37.0788 0x1774 BthEnum - ok
18:56:37.0822 0x1774 [ 9DA669F11D1F894AB4EB69BF546A42​E8, B498B8B6CEF957B73179D1ADAF084B​BB57BB3735D810F9BE2C7B1D58A4FD​25A4 ] BTHMODEM C:\Windows\system32\drivers\bt​hmodem.sys
18:56:37.0828 0x1774 BTHMODEM - ok
18:56:37.0853 0x1774 [ 02DD601B708DD0667E1331FA8518E9​FF, 7DE6CC4DBB621CD03B01D9CE6CF66E​AFE31D39030A391562CD0E278E1D70​ADE1 ] BthPan C:\Windows\system32\DRIVERS\bt​hpan.sys
18:56:37.0861 0x1774 BthPan - ok
18:56:37.0943 0x1774 [ 738D0E9272F59EB7A1449C3EC118E6​C4, FE3D32C2A5E4DC21376A0F89C0B2EE​024ECF1A3FB99213CC9BBC986ADF7A​F080 ] BTHPORT C:\Windows\System32\Drivers\BT​Hport.sys
18:56:37.0977 0x1774 BTHPORT - ok
18:56:38.0021 0x1774 [ 95F9C2976059462CBBF227F7AAB10D​E9, 2797AE919FF7606B070FB039CECDB0​707CD2131DCAC09C5DF14F443D881C​9F34 ] bthserv C:\Windows\system32\bthserv.dl​l
18:56:38.0028 0x1774 bthserv - ok
18:56:38.0083 0x1774 [ F188B7394D81010767B6DF3178519A​37, 576304E92FD94908F093A6AB5F4D32​8F25829BE32EC3CA0D29EBFDF5DE83​539B ] BTHUSB C:\Windows\System32\Drivers\BT​HUSB.sys
18:56:38.0089 0x1774 BTHUSB - ok
18:56:38.0124 0x1774 [ B8BD2BB284668C84865658C7757438​1A, 6C55BA288B626DF172FDFEA0BD7027​FAEBA1F44EF20AB55160D7C7DC6E71​7D65 ] cdfs C:\Windows\system32\DRIVERS\cd​fs.sys
18:56:38.0132 0x1774 cdfs - ok
18:56:38.0179 0x1774 [ F036CE71586E93D94DAB220D7BDF44​16, BD07AAD9E20CEAF9FC84E4977C55EA​2C45604A2C682AC70B9B9A2199B671​3D5B ] cdrom C:\Windows\system32\DRIVERS\cd​rom.sys
18:56:38.0190 0x1774 cdrom - ok
18:56:38.0232 0x1774 [ F17D1D393BBC69C5322FBFAFACA28C​7F, 62A1A92B3C52ADFD0B808D7F69DD50​238B5F202421F1786F7EAEAA63F274​B3E8 ] CertPropSvc C:\Windows\System32\certprop.d​ll
18:56:38.0241 0x1774 CertPropSvc - ok
18:56:38.0275 0x1774 [ D7CD5C4E1B71FA62050515314CFB52​CF, 513B5A849899F379F0BC6AB3A8A05C​3493C2393C95F036612B96EC6E252E​1C64 ] circlass C:\Windows\system32\drivers\ci​rclass.sys
18:56:38.0279 0x1774 circlass - ok
18:56:38.0349 0x1774 [ FE1EC06F2253F691FE36217C592A02​06, B9F122DB5E665ECDF29A5CB8BB6B53​1236F31A54A95769D6C5C1924C87FE​70CE ] CLFS C:\Windows\system32\CLFS.sys
18:56:38.0373 0x1774 CLFS - ok
18:56:38.0466 0x1774 [ D88040F816FDA31C3B466F0FA0918F​29, 39D3630E623DA25B8444B6D3AAAB16​B98E7E289C5619E19A85D47B74C714​49F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Frame​work\v2.0.50727\mscorsvw.exe
18:56:38.0471 0x1774 clr_optimization_v2.0.50727_32 - ok
18:56:38.0525 0x1774 [ D1CEEA2B47CB998321C579651CE3E4​F8, 654013B8FD229A50017B08DEC6CA19​C7DDA8CE0771260E057A92625201D5​39B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Frame​work64\v2.0.50727\mscorsvw.exe
18:56:38.0531 0x1774 clr_optimization_v2.0.50727_64 - ok
18:56:38.0630 0x1774 [ C5A75EB48E2344ABDC162BDA79E168​41, 6070A8AAFD38FBC6A68A2B10C20117​612354DF21B4492D90CA522BFB6870​D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Frame​work\v4.0.30319\mscorsvw.exe
18:56:38.0639 0x1774 clr_optimization_v4.0.30319_32 - ok
18:56:38.0672 0x1774 [ C6F9AF94DCD58122A4D7E89DB6BED2​9D, CB0E5AE60EC76323585FB86D89E8DB​7ADB5EDF6EA3D0B27E9ECE75B8CAA8​BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Frame​work64\v4.0.30319\mscorsvw.exe
18:56:38.0682 0x1774 clr_optimization_v4.0.30319_64 - ok
18:56:38.0717 0x1774 [ 0840155D0BDDF1190F84A663C284BD​33, 696039FA63CFEB33487FAA8FD7BBDB​220141E9C6E529355D768DFC87999A​9C3A ] CmBatt C:\Windows\system32\drivers\Cm​Batt.sys
18:56:38.0719 0x1774 CmBatt - ok
18:56:38.0753 0x1774 [ E19D3F095812725D88F9001985B94E​DD, 46243C5CCC4981CAC6FA6452FFCEC3​3329BF172448F1852D52592C9342E0​E18B ] cmdide C:\Windows\system32\drivers\cm​dide.sys
18:56:38.0756 0x1774 cmdide - ok
18:56:38.0825 0x1774 [ 9AC4F97C2D3E93367E2148EA940CD2​CD, 530E089E5CF868AECDB2B5548EBE76​E0CA98FC74A72897292AB248573440​2E3B ] CNG C:\Windows\system32\Drivers\cn​g.sys
18:56:38.0854 0x1774 CNG - ok
18:56:39.0038 0x1774 [ 1F394DF3714ED4280047810790E6DF​69, 92AD804E0F0559BF76EA8DAE038B4C​DE4EBB4C4BD7A53913B714BF936B03​B85E ] CnxtHdAudService C:\Windows\system32\drivers\CH​DRT64.sys
18:56:39.0145 0x1774 CnxtHdAudService - ok
18:56:39.0221 0x1774 [ 102DE219C3F61415F964C88E9085AD​14, CD74CB703381F1382C32CF892FF2F9​08F4C9412E1BC77234F8FEA5D4666E​1BF1 ] Compbatt C:\Windows\system32\drivers\co​mpbatt.sys
18:56:39.0224 0x1774 Compbatt - ok
18:56:39.0266 0x1774 [ 03EDB043586CCEBA243D689BDDA370​A8, 0E4523AA332E242D5C2C61C5717DBA​5AB6E42DADB5A7E512505FC2B6CC22​4959 ] CompositeBus C:\Windows\system32\drivers\Co​mpositeBus.sys
18:56:39.0271 0x1774 CompositeBus - ok
18:56:39.0290 0x1774 COMSysApp - ok
18:56:39.0310 0x1774 [ 1C827878A998C18847245FE1F34EE5​97, 41EF7443D8B2733AA35CAC64B4F5F7​4FAC8BB0DA7D3936B69EC38E2DC397​2E60 ] crcdisk C:\Windows\system32\drivers\cr​cdisk.sys
18:56:39.0313 0x1774 crcdisk - ok
18:56:39.0377 0x1774 [ 6B400F211BEE880A37A1ED0368776B​F4, 2F27C6FA96A1C8CBDA467846DA57E6​3949A7EA37DB094B13397DDD301142​95BD ] CryptSvc C:\Windows\system32\cryptsvc.d​ll
18:56:39.0391 0x1774 CryptSvc - ok
18:56:39.0645 0x1774 [ 75E3C4BB1ED032310EDCF5691A452B​4B, E7FDF778CBD347017A84EB3919C530​ED1EACB22277F3EA3B6FF3EA45D9FE​8A6D ] DCDhcpService C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
18:56:39.0654 0x1774 DCDhcpService - ok
18:56:39.0736 0x1774 [ 5C627D1B1138676C0A7AB2C2C190D1​23, C5003F2C912C5CA990E634818D3B4F​D72F871900AF2948BD6C4D6400B354​B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:56:39.0776 0x1774 DcomLaunch - ok
18:56:39.0854 0x1774 [ 3CEC7631A84943677AA8FA8EE5B6B4​3D, 32061DAC9ED6C1EBA3B367B18D0E96​5AEEC2DF635DCF794EC39D086D3250​3AC5 ] defragsvc C:\Windows\System32\defragsvc.​dll
18:56:39.0874 0x1774 defragsvc - ok
18:56:39.0910 0x1774 [ 9BB2EF44EAA163B29C4A4587887A0F​E4, 03667BC3EA5003F4236929C10F23D8​F108AFCB29DB5559E751FB26DFB318​636F ] DfsC C:\Windows\system32\Drivers\df​sc.sys
18:56:39.0918 0x1774 DfsC - ok
18:56:39.0964 0x1774 [ 41AC348DBD378F618CB4FDEE542706​92, A4080C9FF314F52C52E2207E5F7B74​5A003E931FA42E67E742D34477B5CC​0166 ] dg_ssudbus C:\Windows\system32\DRIVERS\ss​udbus.sys
18:56:39.0972 0x1774 dg_ssudbus - ok
18:56:40.0026 0x1774 [ 43D808F5D9E1A18E5EEB5EBC83969E​4E, C10D1155D71EABE4ED44C656A8F130​78A8A4E850C4A8FBB92D52D1734309​72B8 ] Dhcp C:\Windows\system32\dhcpcore.d​ll
18:56:40.0060 0x1774 Dhcp - ok
18:56:40.0090 0x1774 [ 13096B05847EC78F0977F2C0F79E9A​B3, 1E44981B684F3E56F5D2439BB7FA78​BD1BC876BB2265AE089AEC68F241B0​5B26 ] discache C:\Windows\system32\drivers\di​scache.sys
18:56:40.0093 0x1774 discache - ok
18:56:40.0153 0x1774 [ 9819EEE8B5EA3784EC4AF3B137A524​4C, 571BC886E87C888DA96282E381A746​D273B58B9074E84D4CA91275E26056​D427 ] Disk C:\Windows\system32\drivers\di​sk.sys
18:56:40.0159 0x1774 Disk - ok
18:56:40.0208 0x1774 [ 16835866AAA693C7D7FCEBA8FFF706​E4, 15891558F7C1F2BB57A98769601D44​7ED0D952354A8BB347312D034DC03E​0242 ] Dnscache C:\Windows\System32\dnsrslvr.d​ll
18:56:40.0221 0x1774 Dnscache - ok
18:56:40.0261 0x1774 [ B1FB3DDCA0FDF408750D5843591AFB​C6, AB6AD9C5E7BA2E3646D0115B67C480​0D1CB43B4B12716397657C7ADEEE80​7304 ] dot3svc C:\Windows\System32\dot3svc.dl​l
18:56:40.0277 0x1774 dot3svc - ok
18:56:40.0297 0x1774 [ B26F4F737E8F9DF4F31AF6CF31D058​20, 394BBBED4EC7FAD4110F62A43BFE08​01D4AC56FFAC6C741C69407B264023​11C7 ] DPS C:\Windows\system32\dps.dll
18:56:40.0313 0x1774 DPS - ok
18:56:40.0355 0x1774 [ 9B19F34400D24DF84C858A421C2057​54, 967AF267B4124BADA8F507CEBF25F2​192D146A4D63BE71B45BFC03C5DA7F​21A7 ] drmkaud C:\Windows\system32\drivers\dr​mkaud.sys
18:56:40.0357 0x1774 drmkaud - ok
18:56:40.0544 0x1774 [ AF2E16242AA723F68F461B6EAE2EAD​3D, 3973633C6D231DB8D92DE310D3A083​6C64639B9A20C6C56385FB218A707C​1BC3 ] DXGKrnl C:\Windows\System32\drivers\dx​gkrnl.sys
18:56:40.0605 0x1774 DXGKrnl - ok
18:56:40.0698 0x1774 [ 50AD8FC1DC800FF36087994C8F7FDF​F2, E3DA8DCE76599E0E1F0D80AA1483D6​BECFE0F7242147D986A6AF3A4362FC​2C80 ] e1yexpress C:\Windows\system32\DRIVERS\e1​y60x64.sys
18:56:40.0717 0x1774 e1yexpress - ok
18:56:40.0778 0x1774 [ E2DDA8726DA9CB5B2C4000C9018A96​33, 0C967DBC3636A76A696997192A158A​A92A1AF19F01E3C66D5BF91818A8FA​EA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:56:40.0789 0x1774 EapHost - ok
18:56:41.0064 0x1774 [ DC5D737F51BE844D8C82C695EB1737​2F, 6D4022D9A46EDE89CEF0FAEADCC94C​903234DFC460C0180D24FF9E38E885​3017 ] ebdrv C:\Windows\system32\drivers\ev​bda.sys
18:56:41.0251 0x1774 ebdrv - ok
18:56:41.0393 0x1774 [ C118A82CD78818C29AB228366EBF81​C3, 00820F3065871DCBA52A27C7F73BA4​70C4F2CB26EFB7F76FEF8B1207F81B​284D ] EFS C:\Windows\System32\lsass.exe
18:56:41.0398 0x1774 EFS - ok
18:56:41.0495 0x1774 [ C4002B6B41975F057D98C439030CEA​07, 3D2484FBB832EFB90504DD406ED1CF​3065139B1FE1646471811F3A5679EF​75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:56:41.0540 0x1774 ehRecvr - ok
18:56:41.0582 0x1774 [ 4705E8EF9934482C5BB488CE28AFC6​81, 359E9EC5693CE0BE89082E1D5D8F5C​5439A5B985010FF0CB45C11E3CFE30​637D ] ehSched C:\Windows\ehome\ehsched.exe
18:56:41.0591 0x1774 ehSched - ok
18:56:41.0682 0x1774 [ 0E5DA5369A0FCAEA12456DD8525451​84, 9A64AC5396F978C3B92794EDCE84DC​A938E4662868250F8C18FA7C2C1722​33F8 ] elxstor C:\Windows\system32\drivers\el​xstor.sys
18:56:41.0717 0x1774 elxstor - ok
18:56:41.0743 0x1774 [ 34A3C54752046E79A126E15C51DB40​9B, 7D5B5E150C7C73666F99CBAFF75902​9716C86F16B927E0078D77F8A69661​6D75 ] ErrDev C:\Windows\system32\drivers\er​rdev.sys
18:56:41.0745 0x1774 ErrDev - ok
18:56:41.0841 0x1774 [ 4166F82BE4D24938977DD1746BE9B8​A0, 24121751B7306225AD1C808442D7B0​30DEF377E9316AA0A3C5C7460E8731​7881 ] EventSystem C:\Windows\system32\es.dll
18:56:41.0885 0x1774 EventSystem - ok
18:56:41.0926 0x1774 [ A510C654EC00C1E9BDD91EEB3A5982​3B, 76CD277730F7B08D375770CD373D78​6160F34D1481AF0536BA1A5D2727E2​55F5 ] exfat C:\Windows\system32\drivers\ex​fat.sys
18:56:41.0940 0x1774 exfat - ok
18:56:41.0970 0x1774 [ 0ADC83218B66A6DB380C330836F3E3​6D, 798D6F83B5DBCC1656595E0A96CF12​087FCCBE19D1982890D0CE5F629B32​8B29 ] fastfat C:\Windows\system32\drivers\fa​stfat.sys
18:56:41.0984 0x1774 fastfat - ok
18:56:42.0068 0x1774 [ DBEFD454F8318A0EF691FDD2EAAB44​EB, 7F52AE222FF28503B6FC4A5852BD0C​AEAF187BE69AF4B577D3DE474C2436​6099 ] Fax C:\Windows\system32\fxssvc.exe
18:56:42.0111 0x1774 Fax - ok
18:56:42.0142 0x1774 [ D765D19CD8EF61F650C384F62FAC00​AB, 9F0A483A043D3BA873232AD3BA5F7B​F9173832550A27AF3E8BD433905BD2​A0EE ] fdc C:\Windows\system32\drivers\fd​c.sys
18:56:42.0145 0x1774 fdc - ok
18:56:42.0168 0x1774 [ 0438CAB2E03F4FB61455A7956026FE​86, 6D4DDC2973DB25CE0C7646BC85EFBC​C004EBE35EA683F62162AE317C6F1D​8DFE ] fdPHost C:\Windows\system32\fdPHost.dl​l
18:56:42.0173 0x1774 fdPHost - ok
18:56:42.0186 0x1774 [ 802496CB59A30349F9A6DD22D69476​44, 52D59D3D628D5661F83F090F33F744​F6916E0CC1F76E5A33983E06EB66AE​19F8 ] FDResPub C:\Windows\system32\fdrespub.d​ll
18:56:42.0192 0x1774 FDResPub - ok
18:56:42.0226 0x1774 [ 655661BE46B5F5F3FD454E2C3095B9​30, 549C8E2A2A37757E560D55FFA6BFDD​838205F17E40561E67F0124C934272​CD1A ] FileInfo C:\Windows\system32\drivers\fi​leinfo.sys
18:56:42.0232 0x1774 FileInfo - ok
18:56:42.0248 0x1774 [ 5F671AB5BC87EEA04EC38A6CD5962A​47, 6B61D3363FF3F9C439BD51102C2849​72EAE96ACC0683B9DC7E12D25D0ADC​51B6 ] Filetrace C:\Windows\system32\drivers\fi​letrace.sys
18:56:42.0252 0x1774 Filetrace - ok
18:56:42.0287 0x1774 [ C172A0F53008EAEB8EA33FE10E177A​F5, 9175A95B323696D1B35C9EFEB7790D​D64E6EE0B7021E6C18E2F81009B169​D77B ] flpydisk C:\Windows\system32\drivers\fl​pydisk.sys
18:56:42.0290 0x1774 flpydisk - ok
18:56:42.0323 0x1774 [ DA6B67270FD9DB3697B20FCE949507​41, F621A4462C9F2904063578C427FAF2​2D7D66AE9967605C11C798099817CE​5331 ] FltMgr C:\Windows\system32\drivers\fl​tmgr.sys
18:56:42.0343 0x1774 FltMgr - ok
18:56:42.0471 0x1774 [ C4C183E6551084039EC862DA1C945E​3D, 0874A2ACDD24D64965AA9A76E9C818​E216880AE4C9A2E07ED932EE404585​CEE6 ] FontCache C:\Windows\system32\FntCache.d​ll
18:56:42.0573 0x1774 FontCache - ok
18:56:42.0660 0x1774 [ A8B7F3818AB65695E3A0BB3279F6DC​E6, 89FCF10F599767E67A1E011753E34D​A44EAA311F105DBF69549009ED932A​60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Frame​work64\v3.0\WPF\PresentationFo​ntCache.exe
18:56:42.0664 0x1774 FontCache3.0.0.0 - ok
18:56:42.0698 0x1774 [ D43703496149971890703B4B1B723E​AC, F06397B2EDCA61629249D2EF1CBB78​27A8BEAB8488246BD85EF6AE1363C0​DA6E ] FsDepends C:\Windows\system32\drivers\Fs​Depends.sys
18:56:42.0703 0x1774 FsDepends - ok
18:56:42.0747 0x1774 [ 6BD9295CC032DD3077C671FCCF579A​7B, 83622FBB0CB923798E7E584BF53CAA​F75B8C016E3FF7F0FA35880FF34D1D​FE33 ] Fs_Rec C:\Windows\system32\drivers\Fs​_Rec.sys
18:56:42.0750 0x1774 Fs_Rec - ok
18:56:42.0858 0x1774 [ 8F6322049018354F45F05A2FD2D4E5​E0, 73BF0FB4EBD7887E992DDEBB79E906​958D6678F8D1107E8C368F5A0514D8​0359 ] fvevol C:\Windows\system32\DRIVERS\fv​evol.sys
18:56:42.0873 0x1774 fvevol - ok
18:56:42.0908 0x1774 [ 8C778D335C9D272CFD3298AB02ABE3​B6, 85F0B13926B0F693FA9E70AA58DE47​100E4B6F893772EBE4300C37D9A36E​6005 ] gagp30kx C:\Windows\system32\drivers\ga​gp30kx.sys
18:56:42.0914 0x1774 gagp30kx - ok
18:56:43.0009 0x1774 [ 277BBC7E1AA1EE957F573A10ECA7EF​3A, 2EE60B924E583E847CC24E78B401EF​95C69DB777A5B74E1EC963E18D47B9​4D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:56:43.0120 0x1774 gpsvc - ok
18:56:43.0147 0x1774 [ F2523EF6460FC42405B12248338AB2​F0, B2F3DE8DE1F512D871BC2BC2E8D0E3​3AB03335BFBC07627C5F88B6502492​8E19 ] hcw85cir C:\Windows\system32\drivers\hc​w85cir.sys
18:56:43.0151 0x1774 hcw85cir - ok
18:56:43.0211 0x1774 [ 975761C778E33CD22498059B91E737​3A, 8304E15FBE6876BE57263A03621365​DA8C88005EAC532A770303C06799D9​15D9 ] HdAudAddService C:\Windows\system32\drivers\Hd​Audio.sys
18:56:43.0233 0x1774 HdAudAddService - ok
18:56:43.0263 0x1774 [ 97BFED39B6B79EB12CDDBFEED51F56​BB, 3CF981D668FB2381E52AF2E51E296C​6CFB47B0D62249645278479D0111A4​7955 ] HDAudBus C:\Windows\system32\drivers\HD​AudBus.sys
18:56:43.0272 0x1774 HDAudBus - ok
18:56:43.0300 0x1774 [ 78E86380454A7B10A5EB255DC44A35​5F, 11F3ED7ACFFA3024B9BD504F81AC39​F5B4CED5A8A425E8BADF7132EFEDB9​BD64 ] HidBatt C:\Windows\system32\drivers\Hi​dBatt.sys
18:56:43.0303 0x1774 HidBatt - ok
18:56:43.0343 0x1774 [ 7FD2A313F7AFE5C4DAB14798C48DD1​04, 94CBFD4506CBDE4162CEB3367BAB04​2D19ACA6785954DC0B554D4164B9FC​D0D4 ] HidBth C:\Windows\system32\drivers\hi​dbth.sys
18:56:43.0350 0x1774 HidBth - ok
18:56:43.0380 0x1774 [ 0A77D29F311B88CFAE3B13F9C1A738​25, 8615DC6CEFB591505CE16E054A71A4​F371B827DDFD5E980777AB4233DCFD​A01D ] HidIr C:\Windows\system32\drivers\hi​dir.sys
18:56:43.0384 0x1774 HidIr - ok
18:56:43.0410 0x1774 [ BD9EB3958F213F96B97B1D897DEE00​6D, 4D01CBF898B528B3A4E5A683DF2177​300AFABD7D4CB51F1A7891B1B54549​9631 ] hidserv C:\Windows\system32\hidserv.dl​l
18:56:43.0415 0x1774 hidserv - ok
18:56:43.0453 0x1774 [ 9592090A7E2B61CD582B612B6DF705​36, FD11D5E02C32D658B28FCC35688AB6​6CCB5D3A0A0D74C82AE0F0B6C67B56​8A0F ] HidUsb C:\Windows\system32\DRIVERS\hi​dusb.sys
18:56:43.0456 0x1774 HidUsb - ok
18:56:43.0512 0x1774 [ 387E72E739E15E3D37907A86D9FF98​E2, 9935BE2E58788E79328293AF2F202C​B0F6042441B176F75ACC5AEA93C8E0​5531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:56:43.0520 0x1774 hkmsvc - ok
18:56:43.0552 0x1774 [ EFDFB3DD38A4376F93E7985173813A​BD, 70402FA73A5A2A8BB557AAC8F531E3​73077D28DE5F40A1F3F14B940BE01C​D2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dl​l
18:56:43.0586 0x1774 HomeGroupListener - ok
18:56:43.0612 0x1774 [ 908ACB1F594274965A53926B10C81E​89, 7D34A742AC486294D82676F8465A3E​F26C8AC3317C32B63F62031CB007CF​C208 ] HomeGroupProvider C:\Windows\system32\provsvc.dl​l
18:56:43.0627 0x1774 HomeGroupProvider - ok
18:56:43.0705 0x1774 [ 39D2ABCD392F3D8A6DCE7B60AE7B8E​FC, E9E6A1665740CFBC2DD321010007EF​42ABA2102AEB9772EE8AA3354664B1​E205 ] HpSAMD C:\Windows\system32\drivers\Hp​SAMD.sys
18:56:43.0711 0x1774 HpSAMD - ok
18:56:43.0793 0x1774 [ 0EA7DE1ACB728DD5A369FD742D6EEE​28, 21C489412EB33A12B22290EB701C19​BA57006E8702E76F730954F0784DDE​9779 ] HTTP C:\Windows\system32\drivers\HT​TP.sys
18:56:43.0840 0x1774 HTTP - ok
18:56:43.0868 0x1774 [ A5462BD6884960C9DC85ED49D34FF3​92, 53E65841AF5B06A2844D0BB6FC4DD3​923A323FFA0E4BFC89B3B5CAFB592A​3D53 ] hwpolicy C:\Windows\system32\drivers\hw​policy.sys
18:56:43.0872 0x1774 hwpolicy - ok
18:56:43.0908 0x1774 [ FA55C73D4AFFA7EE23AC4BE53B4592​D3, 65CDDC62B89A60E942C5642C9D8B53​9EFB69DA8069B4A2E54978154B3145​31CD ] i8042prt C:\Windows\system32\DRIVERS\i8​042prt.sys
18:56:43.0916 0x1774 i8042prt - ok
18:56:43.0960 0x1774 [ F7CE9BE72EDAC499B713ECA6DAE5D2​6F, AF158C8ADF0815C406435AB051C8D8​DD0ECBDBA8644CB75D7611980D7066​2193 ] iaStor C:\Windows\system32\drivers\ia​Stor.sys
18:56:43.0986 0x1774 iaStor - ok
18:56:44.0051 0x1774 [ B25F192EA1F84A316EB7C19EFCCCF3​3D, 00BACE87CCA40722FF3AD724343920​1CDCC23D0BA01E25F928BF63DA1281​6F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.ex​e
18:56:44.0053 0x1774 IAStorDataMgrSvc - ok
18:56:44.0103 0x1774 [ AAAF44DB3BD0B9D1FB6969B23ECC83​66, 805AA4A9464002D1AB3832E4106B2A​AA1331F4281367E75956062AAE9969​9385 ] iaStorV C:\Windows\system32\drivers\ia​StorV.sys
18:56:44.0129 0x1774 iaStorV - ok
18:56:44.0370 0x1774 [ 3CC7B3BB1A9EA201A040883EDFAA67​A0, F543A779BA8CBFD5E0B939844B9CB4​7A2C05A400C693635F520438C18FFD​FAF1 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
18:56:44.0519 0x1774 IconMan_R - ok
18:56:44.0653 0x1774 [ 5988FC40F8DB5B0739CD1E3A5D0D78​BD, 2B9512324DBA4A97F6AC34E8067EE0​8E3B6874CD60F6CB4209AFC22A34D2​BE99 ] idsvc C:\Windows\Microsoft.NET\Frame​work64\v3.0\Windows Communication Foundation\infocard.exe
18:56:44.0706 0x1774 idsvc - ok
18:56:44.0802 0x1774 [ 5C18831C61933628F5BB0EA2675B9D​21, 5CD9DE2F8C0256623A417B5C55BF55​BB2562BD7AB2C3C83BB3D9886C2FBD​A4E4 ] iirsp C:\Windows\system32\drivers\ii​rsp.sys
18:56:44.0806 0x1774 iirsp - ok
18:56:44.0936 0x1774 [ FCD84C381E0140AF901E58D48882D2​6B, 76955FFC230C801E8ED890E3207607​5F04CD6E5EC79E594FDE6D23797A36​B406 ] IKEEXT C:\Windows\System32\ikeext.dll
18:56:45.0016 0x1774 IKEEXT - ok
18:56:45.0060 0x1774 [ F00F20E70C6EC3AA366910083A0518​AA, E2F3E9FFD82C802C8BAC309893A366​4ACF16A279959C0FDECCA64C3D3C60​FD22 ] intelide C:\Windows\system32\drivers\in​telide.sys
18:56:45.0063 0x1774 intelide - ok
18:56:45.0107 0x1774 [ ADA036632C664CAA754079041CF1F8​C1, F2386CC09AC6DE4C54189154F7D91C​1DB7AA120B13FAE8BA5B579ACF99FC​C610 ] intelppm C:\Windows\system32\drivers\in​telppm.sys
18:56:45.0112 0x1774 intelppm - ok
18:56:45.0160 0x1774 [ 098A91C54546A3B878DAD6A7E90A45​5B, 044CCE2A0DF56EBE1EFD99B4F6F0A5​B9EE12498CA358CF4B2E3A1CFD8728​23AA ] IPBusEnum C:\Windows\system32\ipbusenum.​dll
18:56:45.0168 0x1774 IPBusEnum - ok
18:56:45.0193 0x1774 [ C9F0E1BD74365A8771590E9008D22A​B6, 728BC5A6AAE499FDC50EB01577AF16​D83C2A9F3B09936DD2A89C01E074BA​8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ip​fltdrv.sys
18:56:45.0200 0x1774 IpFilterDriver - ok
18:56:45.0292 0x1774 [ 08C2957BB30058E663720C56068856​53, E13EDF6701512E2A9977A531454932​CA5023087CB50E1D2F416B8BCDD92B​67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.d​ll
18:56:45.0347 0x1774 iphlpsvc - ok
18:56:45.0378 0x1774 [ 0FC1AEA580957AA8817B8F305D18CA​3A, 7161E4DE91AAFC3FA8BF24FAE46363​90C2627DB931505247C0D52C75A314​73D9 ] IPMIDRV C:\Windows\system32\drivers\IP​MIDrv.sys
18:56:45.0384 0x1774 IPMIDRV - ok
18:56:45.0430 0x1774 [ AF9B39A7E7B6CAA203B3862582E9F2​D0, 67128BE7EADBE6BD0205B050F96E26​8948E8660C4BAB259FB0BE03935153​D04E ] IPNAT C:\Windows\system32\drivers\ip​nat.sys
18:56:45.0439 0x1774 IPNAT - ok
18:56:45.0470 0x1774 [ 3ABF5E7213EB28966D55D58B515D5C​E9, A352BCC5B6B9A28805B15CAFB23567​6F1FAFF0D2394F88C03089EB157D61​88AE ] IRENUM C:\Windows\system32\drivers\ir​enum.sys
18:56:45.0473 0x1774 IRENUM - ok
18:56:45.0505 0x1774 [ 2F7B28DC3E1183E5EB418DF55C204F​38, D40410A760965925D6F10959B2043F​7BD4F68EAFCF5E743AF11AD860BD13​6548 ] isapnp C:\Windows\system32\drivers\is​apnp.sys
18:56:45.0508 0x1774 isapnp - ok
18:56:45.0558 0x1774 [ D931D7309DEB2317035B07C9F9E6B0​BD, 13AD84172ED8C6153F8A98499C0173​3B74E48464CE07D099508E38D40991​3ED3 ] iScsiPrt C:\Windows\system32\drivers\ms​iscsi.sys
18:56:45.0575 0x1774 iScsiPrt - ok
18:56:45.0617 0x1774 [ BC02336F1CBA7DCC7D1213BB588A68​A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A​8446D9D3255DF9D36C29A8F848048A​AD93 ] kbdclass C:\Windows\system32\drivers\kb​dclass.sys
18:56:45.0622 0x1774 kbdclass - ok
18:56:45.0649 0x1774 [ 0705EFF5B42A9DB58548EEC3B26BB4​84, 86C6824ED7ED6FA8F306DB6319A0FD​688AA91295AE571262F9D8E96A3222​5E99 ] kbdhid C:\Windows\system32\drivers\kb​dhid.sys
18:56:45.0653 0x1774 kbdhid - ok
18:56:45.0674 0x1774 [ C118A82CD78818C29AB228366EBF81​C3, 00820F3065871DCBA52A27C7F73BA4​70C4F2CB26EFB7F76FEF8B1207F81B​284D ] KeyIso C:\Windows\system32\lsass.exe
18:56:45.0679 0x1774 KeyIso - ok
18:56:45.0719 0x1774 [ 97A7070AEA4C058B6418519E869A63​B4, 15345C2D6CA159BD498002974A0BD2​1CAB611124D85E3320248B47652AEF​23C8 ] KSecDD C:\Windows\system32\Drivers\ks​ecdd.sys
18:56:45.0726 0x1774 KSecDD - ok
18:56:45.0753 0x1774 [ 26C43A7C2862447EC59DEDA188D1DA​07, 5363BF87E650FE2010ACA9417D6920​FF4ED752256FF47732882E9B2BA1ED​154B ] KSecPkg C:\Windows\system32\Drivers\ks​ecpkg.sys
18:56:45.0763 0x1774 KSecPkg - ok
18:56:45.0803 0x1774 [ 6869281E78CB31A43E969F06B57347​C4, 866A23E69B32A78D378D6CB3B3DA36​95FFDFF0FEC3C9F68C8C3F988DF417​044B ] ksthunk C:\Windows\system32\drivers\ks​thunk.sys
18:56:45.0806 0x1774 ksthunk - ok
18:56:45.0866 0x1774 [ 6AB66E16AA859232F64DEB66887A8C​9C, 5F2B579BEA8098A2994B0DECECDAE7​B396E7B5DC5F09645737B9F28BEEA7​7FFF ] KtmRm C:\Windows\system32\msdtckrm.d​ll
18:56:45.0891 0x1774 KtmRm - ok
18:56:45.0955 0x1774 [ D9F42719019740BAA6D1C6D536CBDA​A6, 8757599D0AE5302C4CE50861BEBA3A​8DD14D7B0DBD916FD5404133688CDF​CC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:56:45.0988 0x1774 LanmanServer - ok
18:56:46.0026 0x1774 [ 851A1382EED3E3A7476DB004F4EE3E​1A, B1C67F47DD594D092E6E258F01DF5E​7150227CE3131A908A244DEE9F8A1F​ABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:56:46.0040 0x1774 LanmanWorkstation - ok
18:56:46.0079 0x1774 [ 1538831CF8AD2979A04C4237794658​27, E1729B0CC4CEEE494A0B8817A8E98F​F232E3A32FB023566EF0BC71A09026​2C0C ] lltdio C:\Windows\system32\DRIVERS\ll​tdio.sys
18:56:46.0084 0x1774 lltdio - ok
18:56:46.0146 0x1774 [ C1185803384AB3FEED115F79F10942​7F, 0414FE73532DCAB17E906438A14711​E928CECCD5F579255410C62984DD65​2700 ] lltdsvc C:\Windows\System32\lltdsvc.dl​l
18:56:46.0166 0x1774 lltdsvc - ok
18:56:46.0183 0x1774 [ F993A32249B66C9D622EA5592A8B76​B8, EE64672A990C6145DC5601E2B8CDBE​089272A72732F59AF9865DCBA8B171​7E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:56:46.0189 0x1774 lmhosts - ok
18:56:46.0267 0x1774 [ 98B16E756243BEA9410E32025B19C0​6F, C4F8663FF4C2F1123CC92D88004090​AD06ED12FCD07706AE168333A33B26​9A53 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:56:46.0287 0x1774 LMS - ok
18:56:46.0356 0x1774 [ 1A93E54EB0ECE102495A51266DCDB6​A6, DB6AA86AA36C3A7988BE96E87B5D32​51BE7617C54EE8F894D9DC2E267FE3​255B ] LSI_FC C:\Windows\system32\drivers\ls​i_fc.sys
18:56:46.0364 0x1774 LSI_FC - ok
18:56:46.0393 0x1774 [ 1047184A9FDC8BDBFF857175875EE8​10, F2251EDB7736A26D388A0C5CC2FE5F​B9C5E109CBB1E3800993554CB21D81​AE4B ] LSI_SAS C:\Windows\system32\drivers\ls​i_sas.sys
18:56:46.0402 0x1774 LSI_SAS - ok
18:56:46.0432 0x1774 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F​93, 88D5740A4E9CC3FA80FA18035DAB44​1BDC5A039622D666BFDAA525CC9686​BD06 ] LSI_SAS2 C:\Windows\system32\drivers\ls​i_sas2.sys
18:56:46.0438 0x1774 LSI_SAS2 - ok
18:56:46.0487 0x1774 [ 0504EACAFF0D3C8AED161C4B0D369D​4A, 4D272237C189646F5C80822FD3CBA7​C2728E482E2DAAF7A09C8AEF811C89​C54D ] LSI_SCSI C:\Windows\system32\drivers\ls​i_scsi.sys
18:56:46.0495 0x1774 LSI_SCSI - ok
18:56:46.0527 0x1774 [ 43D0F98E1D56CCDDB0D5254CFF7B35​6E, 5BA498183B5C4996C694CB0A9A6B66​CE6C7A460F6C91BEB9F305486FCC3B​7B22 ] luafv C:\Windows\system32\drivers\lu​afv.sys
18:56:46.0535 0x1774 luafv - ok
18:56:46.0877 0x1774 [ 87C3DCC7A2F283FEF45806A7EAC52C​3A, 8466A5A51B49E5E0F87B8453AD3E6F​7F013F162433795F5215F631B14EB9​0BB9 ] MajIndexEducationService C:\Program Files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIn​dex.exe
18:56:47.0064 0x1774 MajIndexEducationService - ok
18:56:47.0125 0x1774 [ 0BE09CD858ABF9DF6ED259D57A1A16​63, 2FD28889B93C8E801F74C1D0769673​A461671E0189D0A22C94509E3F0EEB​7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dl​l
18:56:47.0133 0x1774 Mcx2Svc - ok
18:56:47.0166 0x1774 [ A55805F747C6EDB6A9080D7C633BD0​F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3​F6149CDBE6EC60413BA1767C4DE425​A728 ] megasas C:\Windows\system32\drivers\me​gasas.sys
18:56:47.0169 0x1774 megasas - ok
18:56:47.0228 0x1774 [ BAF74CE0072480C3B6B7C13B2A94D6​B3, 85CBB4949C090A904464F79713A341​8338753D20D7FB811E68F287FDAC1D​D834 ] MegaSR C:\Windows\system32\drivers\Me​gaSR.sys
18:56:47.0247 0x1774 MegaSR - ok
18:56:47.0280 0x1774 [ A6518DCC42F7A6E999BB3BEA8FD875​67, 8A9AE992F93F37E0723761EA271A7E​1AA8172702C471041A17324474FC96​B9BC ] MEIx64 C:\Windows\system32\drivers\HE​CIx64.sys
18:56:47.0285 0x1774 MEIx64 - ok
18:56:47.0368 0x1774 [ 123271BD5237AB991DC5C21FDF8835​EB, 004F8F9228EE291A0E36CE33078D57​2D61733516F9AA5CFC832AF204C686​9E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditSer​vice.exe
18:56:47.0373 0x1774 Microsoft Office Groove Audit Service - ok
18:56:47.0417 0x1774 [ E40E80D0304A73E8D269F7141D7725​0B, 0DB4AC13A264F19A84DC0BCED54E8E​404014CC09C993B172002B1561EC7E​265A ] MMCSS C:\Windows\system32\mmcss.dll
18:56:47.0423 0x1774 MMCSS - ok
18:56:47.0445 0x1774 [ 800BA92F7010378B09F9ED9270F071​37, 94F9AF9E1BE80AE6AC39A2A74EF9FA​B115DCAACC011D07DFA8D6A1DDC8A9​3342 ] Modem C:\Windows\system32\drivers\mo​dem.sys
18:56:47.0449 0x1774 Modem - ok
18:56:47.0486 0x1774 [ B03D591DC7DA45ECE20B3B467E6AAD​AA, 701FB0CAD8138C58507BE28845D3E2​4CE269A040737C29885944A0D85123​8732 ] monitor C:\Windows\system32\DRIVERS\mo​nitor.sys
18:56:47.0489 0x1774 monitor - ok
18:56:47.0519 0x1774 [ 7D27EA49F3C1F687D357E77A470AEA​99, 7FE7CAF95959F127C6D932C01D539C​06D80273C49A09761F6E8331C05B1A​7EE7 ] mouclass C:\Windows\system32\DRIVERS\mo​uclass.sys
18:56:47.0524 0x1774 mouclass - ok
18:56:47.0559 0x1774 [ D3BF052C40B0C4166D9FD86A4288C1​E6, 5E65264354CD94E844BF1838CA1B8E​49080EFA34605A32CF2F6A47A2B97F​C183 ] mouhid C:\Windows\system32\DRIVERS\mo​uhid.sys
18:56:47.0563 0x1774 mouhid - ok
18:56:47.0592 0x1774 [ 32E7A3D591D671A6DF2DB515A5CBE0​FA, 47CED0B9067AE8BF5EEF60B17ADEE5​906BEDCC56E4CB460B7BFBC12BB9A6​9E63 ] mountmgr C:\Windows\system32\drivers\mo​untmgr.sys
18:56:47.0599 0x1774 mountmgr - ok
18:56:47.0666 0x1774 [ A44B420D30BD56E145D6A2BC8768EC​58, B1E4DCA5A1008FA7A0492DC091FB2B​820406AE13FD3D44F124E89B1037AF​09B8 ] mpio C:\Windows\system32\drivers\mp​io.sys
18:56:47.0677 0x1774 mpio - ok
18:56:47.0707 0x1774 [ 6C38C9E45AE0EA2FA5E551F2ED5E97​8F, 5A3FA2F110029CB4CC4384998EDB59​203FDD65EC45E01B897FB684F8956E​AD20 ] mpsdrv C:\Windows\system32\drivers\mp​sdrv.sys
18:56:47.0713 0x1774 mpsdrv - ok
18:56:47.0808 0x1774 [ 54FFC9C8898113ACE189D4AA7199D2​C1, 65F585C87F3F710FD5793FDFA96B74​0AD8D4317B0C120F4435CCF777300E​A4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:56:47.0882 0x1774 MpsSvc - ok
18:56:47.0913 0x1774 [ DC722758B8261E1ABAFD31A3C0A663​80, 88BBE073E2CCD1DAB4656DDC53D516​1E8A91D035ADAC1465D0CEBA86F1BB​6D9A ] MRxDAV C:\Windows\system32\drivers\mr​xdav.sys
18:56:47.0923 0x1774 MRxDAV - ok
18:56:47.0971 0x1774 [ A5D9106A73DC88564C825D317CAC68​AC, 0457B2AEA4E05A91D0E43F317894A6​14434D8CEBE35020785387F307E231​FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mr​xsmb.sys
18:56:47.0982 0x1774 mrxsmb - ok
18:56:48.0024 0x1774 [ D711B3C1D5F42C0C2415687BE09FC1​63, 9B3013AC60BD2D0FF52086658BA5FF​486ADE15954A552D7DD590580E8BAE​3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mr​xsmb10.sys
18:56:48.0043 0x1774 mrxsmb10 - ok
18:56:48.0065 0x1774 [ 9423E9D355C8D303E76B8CFBD8A5C3​0C, 220B33F120C2DD937FE4D5664F4B58​1DC0ACF78D62EB56B7720888F67B96​44CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mr​xsmb20.sys
18:56:48.0074 0x1774 mrxsmb20 - ok
18:56:48.0119 0x1774 [ C25F0BAFA182CBCA2DD3C851C2E757​96, 643E158A0948DF331807AEAA391F23​960362E46C0A0CF6D22A99020EAE7B​10F8 ] msahci C:\Windows\system32\drivers\ms​ahci.sys
18:56:48.0123 0x1774 msahci - ok
18:56:48.0170 0x1774 [ DB801A638D011B9633829EB6F663C9​00, B34FD33A215ACCF2905F4B7D061686​CDB1CB9C652147AF56AE14686C1F6E​3C74 ] msdsm C:\Windows\system32\drivers\ms​dsm.sys
18:56:48.0180 0x1774 msdsm - ok
18:56:48.0209 0x1774 [ DE0ECE52236CFA3ED2DBFC03F28253​A8, 2FBBEC4CACB5161F68D7C2935852A5​888945CA0F107CF8A1C01F4528CE40​7DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:56:48.0221 0x1774 MSDTC - ok
18:56:48.0261 0x1774 [ AA3FB40E17CE1388FA1BEDAB50EA8F​96, 69F93E15536644C8FD679A20190CFE​577F4985D3B1B4A4AA250A168615AE​1E99 ] Msfs C:\Windows\system32\drivers\Ms​fs.sys
18:56:48.0264 0x1774 Msfs - ok
18:56:48.0286 0x1774 [ F9D215A46A8B9753F61767FA72A203​26, 6F76642B45E0A7EF6BCAB8B37D55CC​E2EAA310ED07B76D43FCB88987C217​4141 ] mshidkmdf C:\Windows\System32\drivers\ms​hidkmdf.sys
18:56:48.0288 0x1774 mshidkmdf - ok
18:56:48.0314 0x1774 [ D916874BBD4F8B07BFB7FA9B3CCAE2​9D, B229DA150713DEDBC4F05386C9D9DC​3BC095A74F44F3081E88311AB73BC9​92A1 ] msisadrv C:\Windows\system32\drivers\ms​isadrv.sys
18:56:48.0317 0x1774 msisadrv - ok
18:56:48.0351 0x1774 [ 808E98FF49B155C522E6400953177B​08, F873F5BFF0984C5165DF67E92874D3​F6EB8D86F9B5AD17013A0091CA33A1​A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.d​ll
18:56:48.0363 0x1774 MSiSCSI - ok
18:56:48.0372 0x1774 msiserver - ok
18:56:48.0410 0x1774 [ 49CCF2C4FEA34FFAD8B1B59D494393​66, E5752EA57C7BDAD5F53E3BC441A415​E909AC602CAE56234684FB8789A203​96C7 ] MSKSSRV C:\Windows\system32\drivers\MS​KSSRV.sys
18:56:48.0412 0x1774 MSKSSRV - ok
18:56:48.0434 0x1774 [ BDD71ACE35A232104DDD349EE70E1A​B3, 27464A66868513BE6A01B75D7FC5B0​D6B71842E4E20CE3F76B15C071A061​8BBB ] MSPCLOCK C:\Windows\system32\drivers\MS​PCLOCK.sys
18:56:48.0436 0x1774 MSPCLOCK - ok
18:56:48.0445 0x1774 [ 4ED981241DB27C3383D72092B618A1​D0, E12F121E641249DB3491141851B59E​1496F4413EDF58E863388F1C229838​DFCC ] MSPQM C:\Windows\system32\drivers\MS​PQM.sys
18:56:48.0447 0x1774 MSPQM - ok
18:56:48.0495 0x1774 [ 759A9EEB0FA9ED79DA1FB7D4EF7886​6D, 64E3BC613EC4872B1B344CBF71EE15​BE195592E3244C1EE099C6F8B95A40​F133 ] MsRPC C:\Windows\system32\drivers\Ms​RPC.sys
18:56:48.0518 0x1774 MsRPC - ok
18:56:48.0557 0x1774 [ 0EED230E37515A0EAEE3C2E1BC97B2​88, B1D8F8A75006B6E99214CA36D27A85​94EF8D952F315BEB201E9BAC9DE3E6​4D42 ] mssmbios C:\Windows\system32\drivers\ms​smbios.sys
18:56:48.0560 0x1774 mssmbios - ok
18:56:48.0610 0x1774 [ 2E66F9ECB30B4221A318C92AC22507​79, DF175E1AB6962303E57F26DAE5C5C1​E40B8640333F3E352A64F6A5F13015​86CD ] MSTEE C:\Windows\system32\drivers\MS​TEE.sys
18:56:48.0612 0x1774 MSTEE - ok
18:56:48.0639 0x1774 [ 7EA404308934E675BFFDE8EDF0757B​CD, 306CD02D89CFCFE576242360ED5F9E​EEDCAFC43CD43B7D2977AE960F9AEC​3232 ] MTConfig C:\Windows\system32\drivers\MT​Config.sys
18:56:48.0641 0x1774 MTConfig - ok
18:56:48.0672 0x1774 [ F9A18612FD3526FE473C1BDA678D61​C8, 32F7975B5BAA447917F832D9E3499B​4B6D3E90D73F478375D0B70B36C524​693A ] Mup C:\Windows\system32\Drivers\mu​p.sys
18:56:48.0678 0x1774 Mup - ok
18:56:48.0783 0x1774 [ 582AC6D9873E31DFA28A4547270862​DD, BD540499F74E8F59A020D935D18E36​A3A97C1A6EC59C8208436469A31B16​B260 ] napagent C:\Windows\system32\qagentRT.d​ll
18:56:48.0846 0x1774 napagent - ok
18:56:48.0916 0x1774 [ 1EA3749C4114DB3E3161156FFFFA6B​33, 54C2E77BCE1037711A11313AC25B87​06109098C10A31AA03AEB7A185E978​00D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nw​ifi.sys
18:56:48.0937 0x1774 NativeWifiP - ok
18:56:49.0052 0x1774 [ 760E38053BF56E501D562B70AD796B​88, F856E81A975D44F8684A6F2466549C​EEDFAEB3950191698555A93A1206E0​A42D ] NDIS C:\Windows\system32\drivers\nd​is.sys
18:56:49.0111 0x1774 NDIS - ok
18:56:49.0178 0x1774 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811​AC, D7E5446E83909AE25506BB98FBDD87​8A529C87963E3C1125C4ABAB258235​72BC ] NdisCap C:\Windows\system32\DRIVERS\nd​iscap.sys
18:56:49.0182 0x1774 NdisCap - ok
18:56:49.0203 0x1774 [ 30639C932D9FEF22B31268FE25A1B6​E5, 32873D95339600F6EEFA51847D12C5​63FF01F320DC59055B242FA2887C99​F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\nd​istapi.sys
18:56:49.0207 0x1774 NdisTapi - ok
18:56:49.0240 0x1774 [ 136185F9FB2CC61E573E676AA54023​56, BA3AD0A33416DA913B4242C6BE8C3E​5812AD2B20BA6C11DD3094F2E8EB56​E683 ] Ndisuio C:\Windows\system32\DRIVERS\nd​isuio.sys
18:56:49.0245 0x1774 Ndisuio - ok
18:56:49.0271 0x1774 [ 53F7305169863F0A2BDDC49E116C2E​11, 881E9346D3C02405B7850ADC37E720​990712EC9C666A0CE96E252A487FD2​CE77 ] NdisWan C:\Windows\system32\DRIVERS\nd​iswan.sys
18:56:49.0283 0x1774 NdisWan - ok
18:56:49.0319 0x1774 [ 015C0D8E0E0421B4CFD48CFFE28258​79, 4242E2D42CCFC859B2C0275C533179​8BC0BDA68E51CF4650B6E64B133207​1023 ] NDProxy C:\Windows\system32\drivers\ND​Proxy.sys
18:56:49.0324 0x1774 NDProxy - ok
18:56:49.0346 0x1774 [ 86743D9F5D2B1048062B14B1D84501​C4, DBF6D6A60AB774FCB0F464FF2D285A​7521D0A24006687B243AB46B17D803​2062 ] NetBIOS C:\Windows\system32\DRIVERS\ne​tbios.sys
18:56:49.0350 0x1774 NetBIOS - ok
18:56:49.0388 0x1774 [ 09594D1089C523423B32A4229263F0​68, 7426A9B8BA27D3225928DDEFBD3996​50ABB90798212F56B7D12158AC22CC​CE37 ] NetBT C:\Windows\system32\DRIVERS\ne​tbt.sys
18:56:49.0406 0x1774 NetBT - ok
18:56:49.0427 0x1774 [ C118A82CD78818C29AB228366EBF81​C3, 00820F3065871DCBA52A27C7F73BA4​70C4F2CB26EFB7F76FEF8B1207F81B​284D ] Netlogon C:\Windows\system32\lsass.exe
18:56:49.0431 0x1774 Netlogon - ok
18:56:49.0484 0x1774 [ 847D3AE376C0817161A14A82C8922A​9E, 37AE692B3481323134125EF58F2C3C​BC20177371AF2F5874F53DD32A827C​B936 ] Netman C:\Windows\System32\netman.dll
18:56:49.0526 0x1774 Netman - ok
18:56:49.0581 0x1774 [ D22CD77D4F0D63D1169BB35911BFF1​2D, 85B1FDFA02E1B8EA4FCB9B7EEB687C​5C448697FC7EC9D178C5A2F64D2C9C​FEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Frame​work64\v4.0.30319\SMSvcHost.ex​e
18:56:49.0591 0x1774 NetMsmqActivator - ok
18:56:49.0607 0x1774 [ D22CD77D4F0D63D1169BB35911BFF1​2D, 85B1FDFA02E1B8EA4FCB9B7EEB687C​5C448697FC7EC9D178C5A2F64D2C9C​FEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Frame​work64\v4.0.30319\SMSvcHost.ex​e
18:56:49.0615 0x1774 NetPipeActivator - ok
18:56:49.0655 0x1774 [ 5F28111C648F1E24F7DBC87CDEB091​B8, 2E8645285921EDB98BB2173E11E574​59C888D52E80D85791D169C869DE88​13B9 ] netprofm C:\Windows\System32\netprofm.d​ll
18:56:49.0687 0x1774 netprofm - ok
18:56:49.0702 0x1774 [ D22CD77D4F0D63D1169BB35911BFF1​2D, 85B1FDFA02E1B8EA4FCB9B7EEB687C​5C448697FC7EC9D178C5A2F64D2C9C​FEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Frame​work64\v4.0.30319\SMSvcHost.ex​e
18:56:49.0711 0x1774 NetTcpActivator - ok
18:56:49.0728 0x1774 [ D22CD77D4F0D63D1169BB35911BFF1​2D, 85B1FDFA02E1B8EA4FCB9B7EEB687C​5C448697FC7EC9D178C5A2F64D2C9C​FEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Frame​work64\v4.0.30319\SMSvcHost.ex​e
18:56:49.0737 0x1774 NetTcpPortSharing - ok
18:56:49.0844 0x1774 [ 77889813BE4D166CDAB78DDBA990DA​92, 2EF531AE502B943632EEC66A309A8B​FCDD36120A5E1473F4AAF3C2393AD0​E6A3 ] nfrd960 C:\Windows\system32\drivers\nf​rd960.sys
18:56:49.0849 0x1774 nfrd960 - ok
18:56:49.0903 0x1774 [ 8AD77806D336673F270DB316452672​93, E23F324913554A23CD043DD27D4305​AF62F48C0561A0FC7B7811E55B74B1​BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:56:49.0937 0x1774 NlaSvc - ok
18:56:49.0968 0x1774 [ 1E4C4AB5C9B8DD13179BBDC75A2A01​F7, D8957EF7060A69DBB3CD6B2C45B1E4​143592AB8D018471E17AC04668157D​C67F ] Npfs C:\Windows\system32\drivers\Np​fs.sys
18:56:49.0973 0x1774 Npfs - ok
18:56:50.0013 0x1774 [ D54BFDF3E0C953F823B3D0BFE47325​28, 497A1DCC5646EC22119273216DF10D​5442D16F83E4363770F507518CF6EA​A53A ] nsi C:\Windows\system32\nsisvc.dll
18:56:50.0019 0x1774 nsi - ok
18:56:50.0039 0x1774 [ E7F5AE18AF4168178A642A9247C630​01, 133023B7E4BA8049C4CAED3282BDD2​5571D1CC25FAC3B820C7F981D29268​9D76 ] nsiproxy C:\Windows\system32\drivers\ns​iproxy.sys
18:56:50.0042 0x1774 nsiproxy - ok
18:56:50.0211 0x1774 [ B98F8C6E31CD07B2E6F71F7F648E38​C0, 2FEA100B80680FBBF644CB67637388​04155DF1E94A6542CAE2B2786D770D​554E ] Ntfs C:\Windows\system32\drivers\Nt​fs.sys
18:56:50.0313 0x1774 Ntfs - ok
18:56:50.0336 0x1774 [ 9899284589F75FA8724FF3D16AED75​C1, 181188599FD5D4DE33B97010D9E0CA​EABAB9A3EF50712FE7F9AA0735CD06​66D6 ] Null C:\Windows\system32\drivers\Nu​ll.sys
18:56:50.0338 0x1774 Null - ok
18:56:50.0371 0x1774 [ 10204955027011E08A9DC27737A48A​54, 80F75EDE9FBEF4B6E6B2D43563C025​C3458BA43F3E0988F52316C5591A54​CAF0 ] NVHDA C:\Windows\system32\drivers\nv​hda64v.sys
18:56:50.0383 0x1774 NVHDA - ok
18:56:51.0316 0x1774 [ DEE6C390A3C573789A6805D5955BA2​A1, 0C4543A3DD36B60D1B95A613C35EFC​E0A30261B250A271B0061D605B2B51​43E2 ] nvlddmkm C:\Windows\system32\DRIVERS\nv​lddmkm.sys
18:56:51.0931 0x1774 nvlddmkm - ok
18:56:52.0008 0x1774 [ 0A92CB65770442ED0DC44834632F66​AD, 581327F07A68DBD5CC749214BE5F12​11FC2CE41C7A4F0656B680AFB51A35​ACE7 ] nvraid C:\Windows\system32\drivers\nv​raid.sys
18:56:52.0015 0x1774 nvraid - ok
18:56:52.0036 0x1774 [ DAB0E87525C10052BF65F06152F37E​4A, AD9BFF0D5FD3FFB95C758B478E1F6A​9FE45E7B37AEC71EB5070D292FEAAE​DF37 ] nvstor C:\Windows\system32\drivers\nv​stor.sys
18:56:52.0045 0x1774 nvstor - ok
18:56:52.0161 0x1774 [ AE7B95A9E45DFC0B25146941EEAB1A​32, 4263FF423BCFB06A65729424308FA3​7D55E17F1EC16FA0D0D2138E332C0E​93D5 ] NVSvc C:\Windows\system32\nvvsvc.exe
18:56:52.0217 0x1774 NVSvc - ok
18:56:52.0266 0x1774 [ 270D7CD42D6E3979F6DD0146650F0E​05, 752489E54C9004EDCBE1F1F208FFD8​64DA5C83E59A2DDE6B3E0D63ECA996​F76F ] nv_agp C:\Windows\system32\drivers\nv​_agp.sys
18:56:52.0275 0x1774 nv_agp - ok
18:56:52.0396 0x1774 [ 785F487A64950F3CB8E9F16253BA3B​7B, 02445344BD214370A6D48B1CA04921​D8EFCB13E676B5648266DD0E076C08​22B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:56:52.0424 0x1774 odserv - ok
18:56:52.0462 0x1774 [ 3589478E4B22CE21B41FA1BFC0B8B8​A0, AD2469FC753FE552CB809FF405A9AB​23E7561292FE89117E3B3B62057EFF​0203 ] ohci1394 C:\Windows\system32\drivers\oh​ci1394.sys
18:56:52.0468 0x1774 ohci1394 - ok
18:56:52.0540 0x1774 [ 9D10F99A6712E28F8ACD5641E3A7EA​6B, 70964A0ED9011EA94044E15FA77EDD​9CF535CC79ED8E03A3721FF007E695​95CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:56:52.0549 0x1774 ose - ok
18:56:52.0627 0x1774 [ 3EAC4455472CC2C97107B5291E0DCA​FE, E51F373F2DBEAEE516B42BAE8C1B5B​B68D00B881323E842CB6EDEC0A183C​FFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dl​l
18:56:52.0650 0x1774 p2pimsvc - ok
18:56:52.0706 0x1774 [ 927463ECB02179F88E4B9A17568C63​C3, FEFD3447692C277D59EEC7BF218552​C8BB6B8C98C26E973675549628408B​94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:56:52.0761 0x1774 p2psvc - ok
18:56:52.0795 0x1774 [ 0086431C29C35BE1DBC43F52CC2738​87, 0D116D49EF9ABB57DA005764F25E69​2622210627FC2048F06A989B12FA8D​0A80 ] Parport C:\Windows\system32\drivers\pa​rport.sys
18:56:52.0802 0x1774 Parport - ok
18:56:52.0849 0x1774 [ E9766131EEADE40A27DC27D2D68FBA​9C, 63C295EC96DBD25F1A8B908295CCB8​6B54F2A77A02AAA11E5D9160C2C1A4​92B6 ] partmgr C:\Windows\system32\drivers\pa​rtmgr.sys
18:56:52.0854 0x1774 partmgr - ok
18:56:52.0911 0x1774 [ 94575C0571D1462A0F70BDE6BD6EE6​B3, 7139BAC653EA94A3DD3821CAB35FC5​E22F4CCA5ACC2BAABDAA27E4C3C8B2​7FC9 ] pci C:\Windows\system32\drivers\pc​i.sys
18:56:52.0923 0x1774 pci - ok
18:56:52.0953 0x1774 [ B5B8B5EF2E5CB34DF8DCF8831E3534​FA, F2A7CC645B96946CC65BF60E14E70D​C09C848D27C7943CE5DEA0C01A6B86​3480 ] pciide C:\Windows\system32\drivers\pc​iide.sys
18:56:52.0956 0x1774 pciide - ok
18:56:53.0003 0x1774 [ B2E81D4E87CE48589F98CB8C05B01F​2F, 6763BEE7270A4873B3E131BFB92313​E2750FCBD0AD73C23D1C4F98F7DF73​DE14 ] pcmcia C:\Windows\system32\drivers\pc​mcia.sys
18:56:53.0018 0x1774 pcmcia - ok
18:56:53.0075 0x1774 [ D6B9C2E1A11A3A4B26A182FFEF18F6​03, BBA5FE08B1DDD6243118E11358FD61​B10E850F090F061711C3CB207CE5FB​BD36 ] pcw C:\Windows\system32\drivers\pc​w.sys
18:56:53.0080 0x1774 pcw - ok
18:56:53.0144 0x1774 [ 68769C3356B3BE5D1C732C97B9A80D​6E, FB2D61145980A2899D1B7729184C54​070315B0E63C9A22400A76CCD39E00​029C ] PEAUTH C:\Windows\system32\drivers\pe​auth.sys
18:56:53.0185 0x1774 PEAUTH - ok
18:56:53.0270 0x1774 [ E495E408C93141E8FC72DC0C6046DD​FA, 489B957DADA0DC128A09468F1AD082​DCC657E86053208EA06A12937BE86F​B919 ] PerfHost C:\Windows\SysWow64\perfhost.e​xe
18:56:53.0274 0x1774 PerfHost - ok
18:56:53.0416 0x1774 [ C7CF6A6E137463219E1259E3F0F0DD​6C, 08D7244F52AA17DD669AA6F77C291D​AC88E7B2D1887DE422509C1F83EC85​F3DD ] pla C:\Windows\system32\pla.dll
18:56:53.0503 0x1774 pla - ok
18:56:53.0589 0x1774 [ 25FBDEF06C4D92815B353F6E792C81​29, 57D9764AE6BCE33B242C399CDFC10D​D405975BD6411CA8C75FBCD06EEB84​42A9 ] PlugPlay C:\Windows\system32\umpnpmgr.d​ll
18:56:53.0619 0x1774 PlugPlay - ok
18:56:53.0728 0x1774 [ 63694C307273062A2167AE4CE80730​EF, 788E762D02A8BE9802143361A57683​64A994B20E769A9733FA5827F52643​2893 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoPr​ovider.exe
18:56:53.0754 0x1774 PMBDeviceInfoProvider - ok
18:56:53.0792 0x1774 [ 7195581CEC9BB7D12ABE54036ACC2E​38, 9C4E5D6EA984148F2663DC52908340​8B2248DFF6DAAC85D9195F80A72278​2315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.d​ll
18:56:53.0797 0x1774 PNRPAutoReg - ok
18:56:53.0838 0x1774 [ 3EAC4455472CC2C97107B5291E0DCA​FE, E51F373F2DBEAEE516B42BAE8C1B5B​B68D00B881323E842CB6EDEC0A183C​FFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dl​l
18:56:53.0860 0x1774 PNRPsvc - ok
18:56:53.0927 0x1774 [ 4F0878FD62D5F7444C5F1C4C66D9D2​93, B381217D6202C06EE992EBDE061FA2​0376FF71F698022D0A80168CCD1059​453C ] Point64 C:\Windows\system32\DRIVERS\po​int64.sys
18:56:53.0931 0x1774 Point64 - ok
18:56:53.0975 0x1774 [ 6BA9D927DDED70BD1A9CADED45F8B1​84, 66203CE70A5EDE053929A940F38924​C6792239CCCE10DD2C1D90D5B4D674​8B55 ] Power C:\Windows\system32\umpo.dll
18:56:53.0989 0x1774 Power - ok
18:56:54.0050 0x1774 [ F92A2C41117A11A00BE01CA01A7FCD​E9, 38ADC6052696D110CA5F393BC58679​1920663F5DA66934C2A824DDA9CD89​C763 ] PptpMiniport C:\Windows\system32\DRIVERS\ra​spptp.sys
18:56:54.0058 0x1774 PptpMiniport - ok
18:56:54.0089 0x1774 [ 0D922E23C041EFB1C3FAC2A6F943C9​BF, 855418A6A58DCAFB181A1A68613B3E​203AFB0A9B3D9D26D0C521F9F613B4​EAD5 ] Processor C:\Windows\system32\drivers\pr​ocessr.sys
18:56:54.0095 0x1774 Processor - ok
18:56:54.0142 0x1774 [ 53E83F1F6CF9D62F32801CF66D8352​A8, 1225FED810BE8E0729EEAE5B340035​CCBB9BACD3EF247834400F9B72D05A​CE48 ] ProfSvc C:\Windows\system32\profsvc.dl​l
18:56:54.0158 0x1774 ProfSvc - ok
18:56:54.0192 0x1774 [ C118A82CD78818C29AB228366EBF81​C3, 00820F3065871DCBA52A27C7F73BA4​70C4F2CB26EFB7F76FEF8B1207F81B​284D ] ProtectedStorage C:\Windows\system32\lsass.exe
18:56:54.0196 0x1774 ProtectedStorage - ok
18:56:54.0245 0x1774 [ 0557CF5A2556BD58E26384169D7243​8D, F6F83A616B1F1C6C0DF6D2EC2513E6​C23FD4FAA6D36518B8676C619AB749​57B4 ] Psched C:\Windows\system32\DRIVERS\pa​cer.sys
18:56:54.0254 0x1774 Psched - ok
18:56:54.0409 0x1774 [ A53A15A11EBFD21077463EE2C7AFEE​F0, 6002B012A75045DEA62640A864A872​1EADE2F8B65BEB5F5BA76D8CD81977​4489 ] ql2300 C:\Windows\system32\drivers\ql​2300.sys
18:56:54.0501 0x1774 ql2300 - ok
18:56:54.0541 0x1774 [ 4F6D12B51DE1AAEFF7DC58C4D75423​C8, FB6ABAB741CED66A79E31A45111649​F2FA3E26CEE77209B5296F789F6F7D​08DE ] ql40xx C:\Windows\system32\drivers\ql​40xx.sys
18:56:54.0550 0x1774 ql40xx - ok
18:56:54.0603 0x1774 [ 906191634E99AEA92C4816150BDA37​32, A0305436384104C3B559F9C73902DA​19B96B518413379E397C5CDAB0B2B9​418F ] QWAVE C:\Windows\system32\qwave.dll
18:56:54.0621 0x1774 QWAVE - ok
18:56:54.0663 0x1774 [ 76707BB36430888D9CE9D705398ADB​6C, 35C1D1D05F98AC29A33D3781F497A0​B40A3CB9CDF25FE1F28F574E40DDF7​0535 ] QWAVEdrv C:\Windows\system32\drivers\qw​avedrv.sys
18:56:54.0668 0x1774 QWAVEdrv - ok
18:56:54.0689 0x1774 [ 5A0DA8AD5762FA2D91678A8A013117​04, 8A64EB5DBAB7048A9E42A21CEB62CC​D5B007A80C199892D7F8C69B48E8A2​55EF ] RasAcd C:\Windows\system32\DRIVERS\ra​sacd.sys
18:56:54.0692 0x1774 RasAcd - ok
18:56:54.0733 0x1774 [ 7ECFF9B22276B73F43A99A15A6094E​90, 62C70DA127F48F796F8897BBFA23AB​6EB080CC923F0F091DFA384A93F5C9​0CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\Ag​ileVpn.sys
18:56:54.0738 0x1774 RasAgileVpn - ok
18:56:54.0774 0x1774 [ 8F26510C5383B8DBE976DE1CD00FC8​C7, 60E618C010E8A723960636415573FA​17EA0BBEF79647196B3BC0B8DEE680​E090 ] RasAuto C:\Windows\System32\rasauto.dl​l
18:56:54.0783 0x1774 RasAuto - ok
18:56:54.0810 0x1774 [ 471815800AE33E6F1C32FB1B97C490​CA, 27307265F743DE3A3A3EC1B2C472A3​D85FDD0AEC458E0B1177593141EE07​2698 ] Rasl2tp C:\Windows\system32\DRIVERS\ra​sl2tp.sys
18:56:54.0819 0x1774 Rasl2tp - ok
18:56:54.0860 0x1774 [ EE867A0870FC9E4972BA9EAAD35651​E2, 1B848D81705081FD2E18AC762DA7F5​1455657DAF860BF363DC15925A148B​CADA ] RasMan C:\Windows\System32\rasmans.dl​l
18:56:54.0884 0x1774 RasMan - ok
18:56:54.0964 0x1774 [ 855C9B1CD4756C5E9A2AA58A15F58C​25, A514F8A9C304D54BDA8DC60F5A6425​9B057EC83A1CAAF6D2B58CFD55E956​1F72 ] RasPppoe C:\Windows\system32\DRIVERS\ra​spppoe.sys
18:56:54.0972 0x1774 RasPppoe - ok
18:56:55.0004 0x1774 [ E8B1E447B008D07FF47D016C2B0EEE​CB, FEC789F82B912F3E14E49524D40FEA​A4373B221156F14045E645D7C37859​258C ] RasSstp C:\Windows\system32\DRIVERS\ra​ssstp.sys
18:56:55.0010 0x1774 RasSstp - ok
18:56:55.0075 0x1774 [ 77F665941019A1594D887A74F301FA​2F, 1FDC6F6853400190C086042933F157​814D915C54F26793CAD36CD2607D88​10DA ] rdbss C:\Windows\system32\DRIVERS\rd​bss.sys
18:56:55.0096 0x1774 rdbss - ok
18:56:55.0133 0x1774 [ 302DA2A0539F2CF54D7C6CC30C1F2D​8D, 1DF3501BBFFB56C3ECC39DBCC4287D​3302216C2208CE22428B8C4967E5DE​9D17 ] rdpbus C:\Windows\system32\drivers\rd​pbus.sys
18:56:55.0136 0x1774 rdpbus - ok
18:56:55.0156 0x1774 [ CEA6CC257FC9B7715F1C2B4849286D​24, A78144D18352EA802C39D9D42921CF​97A3E0211766B2169B6755C6FC2D77​A804 ] RDPCDD C:\Windows\system32\DRIVERS\RD​PCDD.sys
18:56:55.0160 0x1774 RDPCDD - ok
18:56:55.0185 0x1774 [ BB5971A4F00659529A5C44831AF223​65, 9AAA5C0D448E821FD85589505D99DF​7749715A046BBD211F139E4E652ADD​E41F ] RDPENCDD C:\Windows\system32\drivers\rd​pencdd.sys
18:56:55.0189 0x1774 RDPENCDD - ok
18:56:55.0211 0x1774 [ 216F3FA57533D98E1F74DED7011317​7A, 60C126A1409D1E9C39F1C9E95F7011​5BF4AF07780AB499F6E10A612540F1​73F4 ] RDPREFMP C:\Windows\system32\drivers\rd​prefmp.sys
18:56:55.0214 0x1774 RDPREFMP - ok
18:56:55.0269 0x1774 [ E61608AA35E98999AF9AAEEEA6114B​0A, F754CDE89DC96786D2A3C4D19EE2AE​F1008E634E4DE3C0CBF927436DE90C​04A6 ] RDPWD C:\Windows\system32\drivers\RD​PWD.sys
18:56:55.0283 0x1774 RDPWD - ok
18:56:55.0327 0x1774 [ 34ED295FA0121C241BFEF24764FC45​20, AAEE5F00CAA763A5BA51CF56BD7262​C03409CD72BD5601490E3EC3FFF929​BB5F ] rdyboost C:\Windows\system32\drivers\rd​yboost.sys
18:56:55.0342 0x1774 rdyboost - ok
18:56:55.0450 0x1774 [ 89525CC2DBAD44F7199B9CC188B3F9​C5, 09708EFA65BC1CCF92E6F2E143FCF8​8C645B1633AFE0DED833CDF945CB07​7D8C ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloa​der\rndlresolversvc.exe
18:56:55.0453 0x1774 RealNetworks Downloader Resolver Service - ok
18:56:55.0492 0x1774 [ E4D94F24081440B5FC5AA556C7C627​02, 147CAA03568DC480F9506E30B84891​AB7E433B5EBC05F34FF10F72B00E1C​6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:56:55.0513 0x1774 RemoteRegistry - ok
18:56:55.0568 0x1774 [ 3DD798846E2C28102B922C56E71B79​32, 30B111615D74CB2213997A5C08DD9C​8613ADE441D9423CC1C49A753D13CE​524D ] RFCOMM C:\Windows\system32\DRIVERS\rf​comm.sys
18:56:55.0579 0x1774 RFCOMM - ok
18:56:55.0607 0x1774 [ E4DC58CF7B3EA515AE917FF0D402A7​BB, 665B5CD9FE905B0EE3F59A7B1A9476​0F5393EBEE729877D8584349754C28​67E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.d​ll
18:56:55.0617 0x1774 RpcEptMapper - ok
18:56:55.0671 0x1774 [ D5BA242D4CF8E384DB90E6A8ED850B​8C, CB4CB2608B5E31B55FB1A2CF4051E6​D08A0C2A5FB231B2116F95938D7577​334E ] RpcLocator C:\Windows\system32\locator.ex​e
18:56:55.0676 0x1774 RpcLocator - ok
18:56:55.0726 0x1774 [ 5C627D1B1138676C0A7AB2C2C190D1​23, C5003F2C912C5CA990E634818D3B4F​D72F871900AF2948BD6C4D6400B354​B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:56:55.0761 0x1774 RpcSs - ok
18:56:55.0803 0x1774 [ EBBFA2B4E317AF86E93FEC4C04D7A9​B3, 29480CCA0ACAB2D53D664042A0D771​3247EDEBBBD4734783348669EFDE57​9CA9 ] RSPCIESTOR C:\Windows\system32\DRIVERS\Rt​sPStor.sys
18:56:55.0825 0x1774 RSPCIESTOR - ok
18:56:55.0854 0x1774 [ DDC86E4F8E7456261E637E3552E804​FF, D250C69CCC75F2D88E7E624FCC5130​0E75637333317D53908CCA7E0F1171​73DD ] rspndr C:\Windows\system32\DRIVERS\rs​pndr.sys
18:56:55.0860 0x1774 rspndr - ok
18:56:55.0936 0x1774 [ EA5532868BA76923D75BCB2A1448D8​10, C1489714C9BC95BB76134E6B8F28C5​A3D044E9B2857F01BFEEEE7C8A25C7​4E7D ] RTL8167 C:\Windows\system32\DRIVERS\Rt​64win7.sys
18:56:55.0963 0x1774 RTL8167 - ok
18:56:56.0008 0x1774 [ C118A82CD78818C29AB228366EBF81​C3, 00820F3065871DCBA52A27C7F73BA4​70C4F2CB26EFB7F76FEF8B1207F81B​284D ] SamSs C:\Windows\system32\lsass.exe
18:56:56.0012 0x1774 SamSs - ok
18:56:56.0064 0x1774 [ AC03AF3329579FFFB455AA2DAABBE2​2B, 7AD3B62ADFEC166F9E256F9FF8BAA0​568B2ED7308142BF8F5269E6EAA5E0​A656 ] sbp2port C:\Windows\system32\drivers\sb​p2port.sys
18:56:56.0072 0x1774 sbp2port - ok
18:56:56.0118 0x1774 [ 9B7395789E3791A3B6D000FE6F8B13​1E, E5F067F3F212BF5481668BE1779CBE​F053F511F8967589BE2E865ACB9A62​0024 ] SCardSvr C:\Windows\System32\SCardSvr.d​ll
18:56:56.0135 0x1774 SCardSvr - ok
18:56:56.0185 0x1774 [ 253F38D0D7074C02FF8DEB9836C97D​2B, CB5CAFCB8628BB22877F74ACF1DED0​BBAED8F4573A74DA7FE94BBBA58488​9116 ] scfilter C:\Windows\system32\DRIVERS\sc​filter.sys
18:56:56.0188 0x1774 scfilter - ok
18:56:56.0286 0x1774 [ 262F6592C3299C005FD6BEC90FC446​3A, 54095E37F0B6CC677A3E9BDD40F464​7C713273D197DB341063AA7F342A60​C4A7 ] Schedule C:\Windows\system32\schedsvc.d​ll
18:56:56.0378 0x1774 Schedule - ok
18:56:56.0412 0x1774 [ F17D1D393BBC69C5322FBFAFACA28C​7F, 62A1A92B3C52ADFD0B

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 19/10/2013 à 17:07:48  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


On va vérifier le PC :

Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

- Quitte les applications en cours afin de ne pas interrompre le scan.
- Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
- Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport standard". Fais de même avec "Tous les utilisateurs" à coté.
- Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".

Ne modifie pas les autres paramètres !

Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
/md5start
consrv.dll
volsnap.sys
hidserv.dll
appmgmts.dll
eventlog.dll
winlogon.exe
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
wininet.dll
wininit.exe
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
winlogon.exe
wininit.ini
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Session Manager\SubSystems /s
SAVEMBR:0
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\​*.sys /lockedfiles
%systemroot%\System32\config\*​.sav
c:\$recycle.bin\*.* /s


- Clique sur le bouton Analyse.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

Utilise cjoint.com pour poster en lien tes rapports :
http://cjoint.com/

- Clique sur Parcourir pour aller chercher le rapport OTL.txt sur le bureau
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

Après fais de même avec l'autre rapport Extras.txt


@++ :)

68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/10/2013 à 18:01:55  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
(Publicité)
68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/10/2013 à 18:27:06  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Et maintenant, ça donne quoi? ;)

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 19/10/2013 à 18:43:55  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


Télécharge combofix.exe (de sUBs) sur le bureau :

http://download.bleepingcomput [...] mboFix.exe
http://subs.geekstogo.com/Comb​oFix.exe

Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/des [...] -f31s4.htm


==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Il te sera demandé d’installer la console si elle n’est pas installer, clique sur Oui

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++ :)

68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/10/2013 à 19:06:00  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Il m'est impossible de désactiver l'antivirus (Avira)...
Je le désinstalle pour lancer le scan?

(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 19/10/2013 à 19:11:49  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


Fais simplement cliquer sur Activer Protection temps réel pour le décocher, le parapluie devrais ce fermé.
S"il te dit qu'il est encore activer passe outre et faire le scan.


@++ :)

68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/10/2013 à 19:17:03  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut,
j'ai essayé cette manip, mais une fenêtre me dit :
"c:\program files (x86)\avira\antivir desktop\ccuac.exe
Tentative d'opération non autorisée sur une clé du Registre marquée pour suppression."

68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/10/2013 à 20:27:38  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Re, j'ai réussi à désactiver Avira et voilà:

ComboFix 13-10-19.02 - Emilie 19/10/2013 22:10:05.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.407​8.2477 [gmt 2:00]
Lancé depuis: c:\users\Emilie\Desktop\ComboF​ix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83B​D5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C​6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132​C1ACF46}
.
.
((((((((((((((((((((((((((((((​(((((( Autres suppressions ))))))))))))))))))))))))))))))​))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Google\Desktop\Install
c:\program files (x86)\Google\Desktop\Install\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\9519~1\A535~1\E628~1\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\@
c:\program files (x86)\Google\Desktop\Install\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\9519~1\A535~1\E628~1\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\L\00000004.@
c:\program files (x86)\Google\Desktop\Install\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\9519~1\A535~1\E628~1\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\L\76603ac3
c:\program files (x86)\Google\Desktop\Install\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\9519~1\A535~1\E628~1\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\U\00000004.@
c:\program files (x86)\Google\Desktop\Install\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\9519~1\A535~1\E628~1\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\U\00000008.@
c:\program files (x86)\Google\Desktop\Install\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\9519~1\A535~1\E628~1\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\U\000000cb.@
c:\program files (x86)\Google\Desktop\Install\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\9519~1\A535~1\E628~1\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\U\80000000.@
c:\program files (x86)\Google\Desktop\Install\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\9519~1\A535~1\E628~1\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\U\80000032.@
c:\program files (x86)\Google\Desktop\Install\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\9519~1\A535~1\E628~1\{​86ad2f25-a469-4629-bdb3-3f4ed9​a2aa6b}\U\80000064.@
c:\programdata\wxDfast
c:\programdata\wxDfast\backgro​und.html
c:\programdata\wxDfast\bhoclas​s.dll
c:\programdata\wxDfast\content​.js
c:\programdata\wxDfast\data\co​ntent.js
c:\programdata\wxDfast\data\js​ondb.js
c:\programdata\wxDfast\hjakmoj​kcnhgipgkkbiempkfdndcnlah.crx
c:\programdata\wxDfast\setting​s.ini
c:\users\Emilie\AppData\Local\​lollipop
c:\users\Emilie\AppData\Roamin​g\Microsoft\~DFK1109ee0f.tmp
c:\users\Emilie\AppData\Roamin​g\Microsoft\bass.dll
c:\users\Emilie\AppData\Roamin​g\Microsoft\kfgresk.dll
c:\users\Emilie\AppData\Roamin​g\Microsoft\mjcriu.dll
c:\users\Emilie\AppData\Roamin​g\Microsoft\peaadje.dll
c:\users\Emilie\AppData\Roamin​g\Microsoft\qwadjb.dll
c:\users\Emilie\AppData\Roamin​g\Microsoft\rsaadjd.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-09-19 au 2013-10-19 ))))))))))))))))))))))))))))))​))))))
.
.
2013-10-19 20:21 . 2013-10-19 20:21 -------- d-----w- c:\users\Hamel\AppData\Local\t​emp
2013-10-19 20:21 . 2013-10-19 20:21 -------- d-----w- c:\users\Default\AppData\Local​\temp
2013-10-19 20:15 . 2013-10-19 20:15 75888 ----a-w- c:\programdata\Microsoft\Windo​ws Defender\Definition Updates\{FE559D26-3674-4842-B9​07-9849CD0FAF76}\offreg.dll
2013-10-19 17:20 . 2013-10-19 17:20 512 ----a-w- C:\PhysicalMBR.bin
2013-10-19 15:53 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windo​ws Defender\Definition Updates\{FE559D26-3674-4842-B9​07-9849CD0FAF76}\mpengine.dll
2013-10-19 14:27 . 2013-10-19 14:27 -------- d-----w- c:\program files\Enigma Software Group
2013-10-19 14:24 . 2013-10-19 15:57 -------- d-----w- c:\windows\86CA3695A4124BAE92B​649A60C2AC663.TMP
2013-10-19 14:24 . 2013-10-19 14:24 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-10-08 17:16 . 2013-10-08 17:16 -------- d-----w- c:\users\Emilie\AppData\Roamin​g\Malwarebytes
2013-10-08 17:16 . 2013-10-08 17:16 -------- d-----w- c:\programdata\Malwarebytes
2013-10-08 17:00 . 2013-10-08 17:13 -------- d-----w- c:\program files (x86)\trend micro
2013-10-07 20:15 . 2013-10-07 20:15 -------- d-----w- c:\program files (x86)\Google
.
.
.
((((((((((((((((((((((((((((((​(((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))​))))))))))))))))))
.
2013-10-10 14:44 . 2012-04-17 11:42 71048 ----a-w- c:\windows\SysWow64\FlashPlaye​rCPLApp.cpl
2013-10-10 14:44 . 2012-04-17 11:42 692616 ----a-w- c:\windows\SysWow64\FlashPlaye​rApp.exe
2013-09-18 19:07 . 2013-09-18 19:07 0 ----a-w- c:\windows\SysWow64\sho1A46.tm​p
2013-09-15 11:50 . 2012-06-28 16:46 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-10 16:33 . 2013-07-26 08:24 81112 ----a-w- c:\windows\system32\drivers\av​netflt.sys
2013-09-10 16:33 . 2013-07-26 08:22 132088 ----a-w- c:\windows\system32\drivers\av​ipbb.sys
2013-09-10 16:33 . 2013-07-26 08:22 105344 ----a-w- c:\windows\system32\drivers\av​gntflt.sys
2013-09-03 12:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.​exe
2013-08-10 05:22 . 2013-09-15 11:56 51712 ----a-w- c:\windows\system32\ie4uinit.e​xe
2013-08-10 05:22 . 2013-09-15 11:55 2241024 ----a-w- c:\windows\system32\wininet.dl​l
2013-08-10 05:22 . 2013-09-15 11:55 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-08-10 05:21 . 2013-09-15 11:55 19246592 ----a-w- c:\windows\system32\mshtml.dll
2013-08-10 05:21 . 2013-09-15 11:56 603136 ----a-w- c:\windows\system32\msfeeds.dl​l
2013-08-10 05:21 . 2013-09-15 11:55 53248 ----a-w- c:\windows\system32\jsproxy.dl​l
2013-08-10 05:20 . 2013-09-15 11:56 855552 ----a-w- c:\windows\system32\jscript.dl​l
2013-08-10 05:20 . 2013-09-15 11:56 3959296 ----a-w- c:\windows\system32\jscript9.d​ll
2013-08-10 05:20 . 2013-09-15 11:56 526336 ----a-w- c:\windows\system32\ieui.dll
2013-08-10 05:20 . 2013-09-15 11:56 67072 ----a-w- c:\windows\system32\iesetup.dl​l
2013-08-10 05:20 . 2013-09-15 11:56 39936 ----a-w- c:\windows\system32\iernonce.d​ll
2013-08-10 05:20 . 2013-09-15 11:56 136704 ----a-w- c:\windows\system32\iesysprep.​dll
2013-08-10 05:20 . 2013-09-15 11:56 2647040 ----a-w- c:\windows\system32\iertutil.d​ll
2013-08-10 05:20 . 2013-09-15 11:55 15404544 ----a-w- c:\windows\system32\ieframe.dl​l
2013-08-10 03:59 . 2013-09-15 11:55 1767936 ----a-w- c:\windows\SysWow64\wininet.dl​l
2013-08-10 03:58 . 2013-09-15 11:55 2876928 ----a-w- c:\windows\SysWow64\jscript9.d​ll
2013-08-10 03:58 . 2013-09-15 11:56 61440 ----a-w- c:\windows\SysWow64\iesetup.dl​l
2013-08-10 03:58 . 2013-09-15 11:56 109056 ----a-w- c:\windows\SysWow64\iesysprep.​dll
2013-08-10 03:17 . 2013-09-15 11:56 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-08-10 03:07 . 2013-09-15 11:56 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-08-10 02:27 . 2013-09-15 11:56 89600 ----a-w- c:\windows\system32\RegisterIE​PKEYs.exe
2013-08-10 02:17 . 2013-09-15 11:56 71680 ----a-w- c:\windows\SysWow64\RegisterIE​PKEYs.exe
2013-08-08 01:20 . 2013-09-13 21:33 3155456 ----a-w- c:\windows\system32\win32k.sys
2013-08-05 02:25 . 2013-09-13 21:34 155584 ----a-w- c:\windows\system32\drivers\at​aport.sys
2013-08-02 02:23 . 2013-09-13 21:34 5550528 ----a-w- c:\windows\system32\ntoskrnl.e​xe
2013-08-02 02:15 . 2013-09-13 21:34 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-02 02:15 . 2013-09-13 21:33 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-02 02:15 . 2013-09-13 21:33 362496 ----a-w- c:\windows\system32\wow64win.d​ll
2013-08-02 02:15 . 2013-09-13 21:33 13312 ----a-w- c:\windows\system32\wow64cpu.d​ll
2013-08-02 02:14 . 2013-09-13 21:33 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 02:14 . 2013-09-13 21:33 16384 ----a-w- c:\windows\system32\ntvdm64.dl​l
2013-08-02 02:13 . 2013-09-13 21:34 424448 ----a-w- c:\windows\system32\KernelBase​.dll
2013-08-02 02:13 . 2013-09-13 21:33 1161216 ----a-w- c:\windows\system32\kernel32.d​ll
2013-08-02 02:12 . 2013-09-13 21:33 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-13 21:33 6144 ---ha-w- c:\windows\system32\api-ms-win​-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 4608 ---ha-w- c:\windows\system32\api-ms-win​-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 4096 ---ha-w- c:\windows\system32\api-ms-win​-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 4096 ---ha-w- c:\windows\system32\api-ms-win​-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 6656 ----a-w- c:\windows\system32\apisetsche​ma.dll
2013-08-02 02:12 . 2013-09-13 21:33 4608 ---ha-w- c:\windows\system32\api-ms-win​-core-processthreads-l1-1-0.dl​l
2013-08-02 02:12 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\system32\api-ms-win​-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\system32\api-ms-win​-core-processenvironment-l1-1-​0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\system32\api-ms-win​-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\system32\api-ms-win​-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\system32\api-ms-win​-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 4096 ---ha-w- c:\windows\system32\api-ms-win​-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\system32\api-ms-win​-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\system32\api-ms-win​-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 4096 ---ha-w- c:\windows\system32\api-ms-win​-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 5120 ---ha-w- c:\windows\system32\api-ms-win​-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\system32\api-ms-win​-core-console-l1-1-0.dll
2013-08-02 01:59 . 2013-09-13 21:34 3968960 ----a-w- c:\windows\SysWow64\ntkrnlpa.e​xe
2013-08-02 01:59 . 2013-09-13 21:34 3913664 ----a-w- c:\windows\SysWow64\ntoskrnl.e​xe
2013-08-02 01:51 . 2013-09-13 21:34 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-02 01:50 . 2013-09-13 21:33 274944 ----a-w- c:\windows\SysWow64\KernelBase​.dll
2013-08-02 01:50 . 2013-09-13 21:33 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-02 01:48 . 2013-09-13 21:33 5120 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 4608 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-processthreads-l1-1-0.dl​l
2013-08-02 01:48 . 2013-09-13 21:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-processenvironment-l1-1-​0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3584 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 6656 ----a-w- c:\windows\SysWow64\apisetsche​ma.dll
2013-08-02 01:48 . 2013-09-13 21:33 4096 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 21:33 3072 ---ha-w- c:\windows\SysWow64\api-ms-win​-core-datetime-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((​((( Points de chargement Reg ))))))))))))))))))))))))))))))​))))))))))))))))))
.
.
*Note* les éléments vides &amp; les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[hkey_local_machine\software\wo​w6432node\microsoft\windows\cu​rrentversion\explorer\shellico​noverlayidentifiers\dropboxext​1]
@="{FB314ED9-A251-47B7-93E1-CD​D82E34AF8B}"

2013-06-05 17:17 130736 ----a-w- c:\users\Emilie\AppData\Roamin​g\Dropbox\bin\DropboxExt.19.dl​l
.
[hkey_local_machine\software\wo​w6432node\microsoft\windows\cu​rrentversion\explorer\shellico​noverlayidentifiers\dropboxext​2]
@="{FB314EDA-A251-47B7-93E1-CD​D82E34AF8B}"

2013-06-05 17:17 130736 ----a-w- c:\users\Emilie\AppData\Roamin​g\Dropbox\bin\DropboxExt.19.dl​l
.
[hkey_local_machine\software\wo​w6432node\microsoft\windows\cu​rrentversion\explorer\shellico​noverlayidentifiers\dropboxext​3]
@="{FB314EDB-A251-47B7-93E1-CD​D82E34AF8B}"

2013-06-05 17:17 130736 ----a-w- c:\users\Emilie\AppData\Roamin​g\Dropbox\bin\DropboxExt.19.dl​l
.
[hkey_current_user\software\mic​rosoft\windows\currentversion\​run]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2011-04-02 83344]
"Spotify Web Helper"="c:\users\Emilie\AppDa​ta\Roaming\Spotify\Data\Spotif​yWebHelper.exe" [2013-10-12 1140736]
"EPLTarget\P0000000000000000"=​"c:\windows\system32\spool\DRI​VERS\x64\3\E_IATIHAE.EXE" [2012-12-30 283232]
.
[hkey_local_machine\software\wo​w6432node\microsoft\windows\cu​rrentversion\run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatche​r.exe" [2010-11-26 648032]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.​exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe" [2013-04-04 958576]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"TkBellExe"="c:\program files (x86)\real\realplayer\update\r​ealsched.exe" [2013-05-03 295512]
"SunJavaUpdateSched"="c:\progr​am files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-09-10 347192]
.
c:\users\Emilie\AppData\Roamin​g\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
[hkey_local_machine\software\mi​crosoft\windows\currentversion​\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\mi​crosoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[hkey_local_machine\software\wo​w6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[hkey_local_machine\system\curr​entcontrolset\control\safeboot​\minimal\mcods]
@=""
.
R2 clr_optimization_v4.0.30319_64​;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Micr​osoft.NET\Framework64\v4.0.303​19\mscorsvw.exe;c:\windows\Mic​rosoft.NET\Framework64\v4.0.30​319\mscorsvw.exe [x]
R3 Apowersoft_AudioDevice;Apowers​oft_AudioDevice;c:\windows\sys​tem32\drivers\Apowersoft_Audio​Device.sys;c:\windows\SYSNATIV​E\drivers\Apowersoft_AudioDevi​ce.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIV​ERS\btath_flt.sys;c:\windows\S​YSNATIVE\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Dr​ivers\AthDfu.sys;c:\windows\SY​SNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\dri​vers\btath_a2dp.sys;c:\windows​\SYSNATIVE\drivers\btath_a2dp.​sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\dr​ivers\btath_avdt.sys;c:\window​s\SYSNATIVE\drivers\btath_avdt​.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\dri​vers\btath_hcrp.sys;c:\windows​\SYSNATIVE\drivers\btath_hcrp.​sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRI​VERS\btath_lwflt.sys;c:\window​s\SYSNATIVE\DRIVERS\btath_lwfl​t.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\dri​vers\btath_rcp.sys;c:\windows\​SYSNATIVE\drivers\btath_rcp.sy​s [x]
R3 BtFilter;BtFilter;c:\windows\s​ystem32\DRIVERS\btfilter.sys;c​:\windows\SYSNATIVE\DRIVERS\bt​filter.sys [x]
R3 DCDhcpService;DCDhcpService;c:​\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe​;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIV​ERS\ssudbus.sys;c:\windows\SYS​NATIVE\DRIVERS\ssudbus.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRI​VERS\e1y60x64.sys;c:\windows\S​YSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRI​VERS\point64.sys;c:\windows\SY​SNATIVE\DRIVERS\point64.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIV​ERS\ssudmdm.sys;c:\windows\SYS​NATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\s​ystem32\drivers\tsusbflt.sys;c​:\windows\SYSNATIVE\drivers\ts​usbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Ge​neric%;c:\windows\system32\dri​vers\TsUsbGD.sys;c:\windows\SY​SNATIVE\drivers\TsUsbGD.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64​.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64​.exe [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system​32\Wat\WatAdminSvc.exe;c:\wind​ows\SYSNATIVE\Wat\WatAdminSvc.​exe [x]
R4 AntiVirWebService;Avira Protection Web;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\progra​m files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S1 avkmgr;avkmgr;c:\windows\syste​m32\DRIVERS\avkmgr.sys;c:\wind​ows\SYSNATIVE\DRIVERS\avkmgr.s​ys [x]
S2 ABBYY.Licensing.FineReader.Spr​int.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9​.00\Licensing\NetworkLicenseSe​rver.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9​.00\Licensing\NetworkLicenseSe​rver.exe [x]
S2 AntiVirSchedulerService;Avira Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Atheros Bt&amp;Wlan Coex Agent;Atheros Bt&amp;Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\pro​gram files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\progr​am files (x86)\Bluetooth Suite\adminservice.exe;c:\prog​ram files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.ex​e;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.ex​e [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 MajIndexEducationService;Mise à jour automatique - Index Education;c:\program files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIn​dex.exe;c:\program files (x86)\Index Education\Mise a jour automatique\ServiceMiseAJourIn​dex.exe [x]
S2 PMBDeviceInfoProvider;PMBDevic​eInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoPr​ovider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoPr​ovider.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloa​der\rndlresolversvc.exe;c:\pro​gram files (x86)\RealNetworks\RealDownloa​der\rndlresolversvc.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\prog​ram files\Sony\VAIO Care\VCPerfService.exe [x]
S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\p​rogram files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\prog​ram files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TomTomHOMEService;TomTomHOMESe​rvice;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\pro​gram files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S2 uCamMonitor;CamMonitor;c:\prog​ram files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\prog​ram files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\prog​ram files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\progr​am files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
S2 VSNService;VSNService;c:\progr​am files\Sony\VAIO Smart Network\VSNService.exe;c:\prog​ram files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRI​VERS\ArcSoftKsUFilter.sys;c:\w​indows\SYSNATIVE\DRIVERS\ArcSo​ftKsUFilter.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\driver​s\btath_bus.sys;c:\windows\SYS​NATIVE\drivers\btath_bus.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRI​VERS\RtsPStor.sys;c:\windows\S​YSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRI​VERS\Rt64win7.sys;c:\windows\S​YSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\dri​vers\SFEP.sys;c:\windows\SYSNA​TIVE\drivers\SFEP.sys [x]
S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\pro​gram files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;​c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
Contenu du dossier 'Tâches planifiées'
.
2013-10-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\F​lash\FlashPlayerUpdateService.​exe [2012-04-17 14:44]
.
2013-10-19 c:\windows\Tasks\GoogleUpdateT​askUserS-1-5-21-70617266-34560​23979-3557911871-1000Core.job
- c:\users\Emilie\AppData\Local\​Google\Update\GoogleUpdate.exe [2013-10-19 19:51]
.
2013-10-19 c:\windows\Tasks\GoogleUpdateT​askUserS-1-5-21-70617266-34560​23979-3557911871-1000UA.job
- c:\users\Emilie\AppData\Local\​Google\Update\GoogleUpdate.exe [2013-10-19 19:51]
.
.
--------- X64 Entries -----------
.
.
[hkey_local_machine\software\mi​crosoft\windows\currentversion​\explorer\shelliconoverlayiden​tifiers\dropboxext1]
@="{FB314ED9-A251-47B7-93E1-CD​D82E34AF8B}"

2013-06-05 17:17 164016 ----a-w- c:\users\Emilie\AppData\Roamin​g\Dropbox\bin\DropboxExt64.19.​dll
.
[hkey_local_machine\software\mi​crosoft\windows\currentversion​\explorer\shelliconoverlayiden​tifiers\dropboxext2]
@="{FB314EDA-A251-47B7-93E1-CD​D82E34AF8B}"

2013-06-05 17:17 164016 ----a-w- c:\users\Emilie\AppData\Roamin​g\Dropbox\bin\DropboxExt64.19.​dll
.
[hkey_local_machine\software\mi​crosoft\windows\currentversion​\explorer\shelliconoverlayiden​tifiers\dropboxext3]
@="{FB314EDB-A251-47B7-93E1-CD​D82E34AF8B}"

2013-06-05 17:17 164016 ----a-w- c:\users\Emilie\AppData\Roamin​g\Dropbox\bin\DropboxExt64.19.​dll
.
[hkey_local_machine\software\mi​crosoft\windows\currentversion​\explorer\shelliconoverlayiden​tifiers\dropboxext4]
@="{FB314EDC-A251-47B7-93E1-CD​D82E34AF8B}"

2013-06-05 17:17 164016 ----a-w- c:\users\Emilie\AppData\Roamin​g\Dropbox\bin\DropboxExt64.19.​dll
.
[hkey_local_machine\software\mi​crosoft\windows\currentversion​\run]
"cAudioFilterAgent"="c:\progra​m files\Conexant\cAudioFilterAge​nt\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&amp;xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\​EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Wow6432Node-HKCU-Run-RESTART_S​TICKY_NOTES - c:\windows\System32\StikyNot.e​xe
Wow6432Node-HKLM-Run-KiesTrayA​gent - c:\program files (x86)\Samsung\Kies\KiesTrayAge​nt.exe
HKLM_Wow6432Node-ActiveSetup-{​2D46B6DC-2207-486B-B523-A557E6​D54B47} - start
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[hkey_local_machine\system\cont​rolset001\services\samplecolle​ctor]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\​% Processor Time:1/counter=\PhysicalDisk(_​Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)​\% Idle Time:1\" \"/expandcounter=\Processor(*)​\% C1 Time:1\" \"/expandcounter=\Processor(*)​\% C2 Time:1\" \"/expandcounter=\Processor(*)​\% C3 Time:1\" \"/expandcounter=\Processor(*)​\% Processor Time:1\" \"/directory=c:\programdata\So​ny Corporation\VAIO Care\inteldata\""
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.

@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Window​s\\system32\\Macromed\\Flash\\​FlashUtil64_11_9_900_117_Activ​eX.exe,-101"
.

"Enabled"=dword:00000001
.

@="c:\\Windows\\system32\\Macr​omed\\Flash\\FlashUtil64_11_9_​900_117_ActiveX.exe"
.

@="{FAB3E735-69C7-453B-A446-B6​823C6DF1C9}"
.

@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.

@="{00020424-0000-0000-C000-00​0000000046}"
.

@="{FAB3E735-69C7-453B-A446-B6​823C6DF1C9}"
"Version"="1.0"
.

@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Window​s\\SysWOW64\\Macromed\\Flash\\​FlashUtil32_11_9_900_117_Activ​eX.exe,-101"
.

"Enabled"=dword:00000001
.

@="c:\\Windows\\SysWOW64\\Macr​omed\\Flash\\FlashUtil32_11_9_​900_117_ActiveX.exe"
.

@="{FAB3E735-69C7-453B-A446-B6​823C6DF1C9}"
.

@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
Les éléments imbriqués ont été omis

(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 19/10/2013 à 20:54:19  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


OK, fais un nouveau scan avec RogueKiller et poste le rapport.


@++ :)

68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/10/2013 à 21:07:31  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Re-salut,

RogueKiller V8.7.4 _x64_ [oct 16 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : http://www.sur-la-toile.com/Ro​gueKiller/
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Emilie [droits d'admin]
Mode : Recherche -- Date : 10/19/2013 23:05:38
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 1 ¤¤¤
[susp PATH] JkDefrag.exe -- C:\Users\Emilie\AppData\Local\​Temp\$$_7D5A\JkDefrag.exe [-] -> TUÉ [termthr]

¤¤¤ Entrees de registre : 6 ¤¤¤
[hj POL] [pum] HKLM\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[hj POL] [pum] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[hj DESK] [pum] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595f​e6b30ee} (1) -> TROUVÉ
[hj DESK] [pum] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002​B30309D} (1) -> TROUVÉ
[hj DESK] [pum] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595f​e6b30ee} (1) -> TROUVÉ
[hj DESK] [pum] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002​B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [non CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\​etc\hosts


127.0.0.1 localhost


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Lecteurs de disque standard) - ST9500325AS +++++
--- User ---
[mbr] 3158c6cf8f725fc29c9109c7fbcef1​7e
[bsp] 450302a65fd4cdb459f4d755be376b​69 : Windows 7/8 MBR Code
Partition table:
0 - [xxxxxx] ACER (0x27) [visible] Offset (sectors): 2048 | Size: 14226 Mo
1 - [active] NTFS (0x07) [visible] Offset (sectors): 29138944 | Size: 100 Mo
2 - [xxxxxx] NTFS (0x07) [visible] Offset (sectors): 29343744 | Size: 462612 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_10192013_230538.txt >>

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 19/10/2013 à 21:25:22  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


- Fermes les applications et programmes en cours.
- Double clique sur RogueKiller.exe pour lancer le programme
(Vista/Seven - Faire un clique droit sur RogueKiller.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme)
- Attendre que le Prescan ait fini ...
- Lance un scan afin de débloquer le bouton Suppression à droite.
- Clic sur Suppression.
- Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), poste le rapport.


@++ :)

(Publicité)
68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 19/10/2013 à 21:31:08  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Voici!

RogueKiller V8.7.4 _x64_ [oct 16 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : http://www.sur-la-toile.com/Ro​gueKiller/
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Demarrage : Mode normal
Utilisateur : Emilie [droits d'admin]
Mode : Recherche -- Date : 10/19/2013 23:29:39
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 1 ¤¤¤
[susp PATH] JkDefrag.exe -- C:\Users\Emilie\AppData\Local\​Temp\$$_7D5A\JkDefrag.exe [-] -> TUÉ [termthr]

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [non CHARGE 0x0] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\​etc\hosts


127.0.0.1 localhost


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Lecteurs de disque standard) - ST9500325AS +++++
--- User ---
[mbr] 3158c6cf8f725fc29c9109c7fbcef1​7e
[bsp] 450302a65fd4cdb459f4d755be376b​69 : Windows 7/8 MBR Code
Partition table:
0 - [xxxxxx] ACER (0x27) [visible] Offset (sectors): 2048 | Size: 14226 Mo
1 - [active] NTFS (0x07) [visible] Offset (sectors): 29138944 | Size: 100 Mo
2 - [xxxxxx] NTFS (0x07) [visible] Offset (sectors): 29343744 | Size: 462612 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_10192013_232939.txt >>
RKreport[0]_D_10192013_232719.txt;RKrep​or​t[0]_S_10192013_230538.txt

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 19/10/2013 à 23:14:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


Refais un scan avec OTL comme la première fois(mode Analyse) avec les mêmes paramètres et la même liste sous personnalisation, tu auras seulement un rapport(OTL.txt) a me poster, voir a utilisé cjoint pour poster le rapport.


@++ :)

68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 20/10/2013 à 11:31:53  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour dédétraqué,
voici le rapport
http://cjoint.com/13oc/CJunFno​c9oH.htm

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 20/10/2013 à 15:14:23  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


Double clic sur OTL.exe pour le lancer.
(Vista/Seven --> Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

* Copie la liste qui se trouve dans la citation ci-dessous, et colle-la dans la zone sous " Personnalisation "
Bien inclure :OTL au début du script de correction

Citation :


:OTL
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AF​E6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~​1.DLL File not found
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AF​E6163AB} - c:\progra~1\mcafee\msk\mskapbh​o.dll File not found
O4 - HKU\S-1-5-21-70617266-34560239​79-3557911871-1000\..\Run: C:\Windows\system32\spool\DRIV​ERS\x64\3\E_IATIHAE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX430" File not found
O4 - HKU\S-1-5-21-70617266-34560239​79-3557911871-1000\..\Run: [spotify Web Helper] C:\Users\Emilie\AppData\Roamin​g\Spotify\Data\SpotifyWebHelpe​r.exe (Spotify Ltd)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA0​05127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA0​05127ED} - No CLSID value found.
[7 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2013/10/19 16:27:53 | 000,285,747 | ---- | C] () -- C:\shldr
[2013/08/10 22:55:54 | 000,000,000 | ---D | M] -- C:\Users\Emilie\AppData\Roamin​g\Media Finder
[2013/07/16 18:21:01 | 000,000,000 | ---D | M] -- C:\Users\Emilie\AppData\Roamin​g\OpenCandy
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:F53B274A
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:479B1CF9

:Commands
[emptytemp]



* Clique sur " Correction " pour lancer la suppression.

* Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

* Au redémarrage , autorise OTL a s'exécuter.

* Poste le rapport généré par OTL.


@++ :)

68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 20/10/2013 à 15:28:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Voici le rapport:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B9​47-BE8AF​E6163AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{27B4851A-3207-45A​2-B947-BE8AF​E6163AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B9​47-BE8AF​E6163AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{27B4851A-3207-45A​2-B947-BE8AF​E6163AB}\ not found.
Registry key HKEY_USERS\S-1-5-21-70617266-3​4560239​79-3557911871-1000\\So​ftware\Microsoft\Windows\Curre​ntVersion\Run not found.
Registry key HKEY_USERS\S-1-5-21-70617266-3​4560239​79-3557911871-1000\\So​ftware\Microsoft\Windows\Curre​ntVersion\Run not found.
File C:\Users\Emilie\AppData\Roamin​​g\Spotify\Data\SpotifyWebHelp​e​r.exe not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\ShellServiceObjectDelayLoad\\​WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{E6FB5E20-DE35-11C​F-9C87-00AA0​05127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\ShellServiceObjectDelayLoad\\​WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Cl​asses\CLSID\{E6FB5E20-DE35-11C​F-9C87-00AA0​05127ED}\ not found.
C:\Windows\SysWow64\sho1A46.tm​p deleted successfully.
C:\Windows\SysWow64\sho8770.tm​p deleted successfully.
C:\Windows\SysWow64\sho9C84.tm​p deleted successfully.
C:\Windows\SysWow64\sho9E1A.tm​p deleted successfully.
C:\Windows\SysWow64\shoC0BA.tm​p deleted successfully.
C:\Windows\SysWow64\shoD2AF.tm​p deleted successfully.
C:\Windows\SysWow64\shoD323.tm​p deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP\WiseCustomCa​ll.dll deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP\WiseCustomCa​lla.dll deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP\WiseCustomCa​lla2.dll deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP\WiseCustomCa​lla21.dll deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP\WiseCustomCa​lla31.exe deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP\WiseCustomCa​lla32.dll deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP\WiseCustomCa​lla33.dll deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP\WiseCustomCa​lla34.dll deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP\WiseCustomCa​lla37.dll deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP\WiseCustomCa​lla37.exe deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP\WiseData.ini deleted successfully.
C:\Windows\86CA3695A4124BAE92B​649A60C2AC663.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\shldr moved successfully.
Folder C:\Users\Emilie\AppData\Roamin​​g\Media Finder\ not found.
Folder C:\Users\Emilie\AppData\Roamin​​g\OpenCandy\ not found.
ADS C:\ProgramData\TEMP:F53B274A deleted successfully.
ADS C:\ProgramData\TEMP:479B1CF9 deleted successfully.
========== COMMANDS ==========

[emptytemp]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Emilie
->Temp folder emptied: 3154512 bytes
->Temporary Internet Files folder emptied: 54926257 bytes
->Java cache emptied: 79976622 bytes
->Google Chrome cache emptied: 421315900 bytes
->Flash cache emptied: 57217 bytes

User: Hamel
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 356037 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 104247300 bytes
%systemroot%\sysnative\config\​systemprofile\AppData\Local\Mi​crosoft\Windows\Temporary Internet Files folder emptied: 214192 bytes
RecycleBin emptied: 5135479 bytes

Total Files Cleaned = 638,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10202013_172212

Files\Folders moved on Reboot...
C:\Users\Emilie\AppData\Local\​Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Emilie\AppData\Local\​Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 20/10/2013 à 15:36:28  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


Télécharge Farbar Service Scanner (de Farbar) sur ton bureau.
http://download.bleepingcomput [...] ar/FSS.exe

Lance le et coche toute les cases
Patiente durant le scan, jusqu'à l'ouverture du rapport.
Poste le rapport dans ta prochaine réponse.
Note : Le rapport est également sauvegardé dans le répertoire d'exécution de Farbar Service Scanner sous le nom FSS.txt


@++ :)

68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 20/10/2013 à 15:39:08  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Farbar Service Scanner Version: 20-10-2013
Ran by Emilie (administrator) on 20-10-2013 at 17:38:09
Running from "C:\Users\Emilie\Desktop"
Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
Boot Mode: Normal
******************************​******************************​****

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============
Checking ServiceDll of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist.



File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\ns​iproxy.sys => MD5 is legit
C:\Windows\System32\drivers\af​d.sys
[2013-10-19 17:51] - [2013-09-14 03:10] - 0497152 ____A (Microsoft Corporation) 314C17917AC8523EC77A710215012A​65

C:\Windows\System32\drivers\td​x.sys => MD5 is legit
C:\Windows\System32\Drivers\tc​pip.sys
[2013-10-19 17:51] - [2013-09-08 04:30] - 1903552 ____A (Microsoft Corporation) 40AF23633D197905F03AB5628C558C​51

C:\Windows\System32\dnsrslvr.d​ll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mp​sdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsv​c.dll => MD5 is legit
C:\Windows\System32\wuaueng.dl​l => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.d​ll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.d​ll => MD5 is legit
C:\Windows\System32\iphlpsvc.d​ll => MD5 is legit
C:\Windows\System32\svchost.ex​e => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 20/10/2013 à 17:01:37  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


Télécharge ce fichier zip :
http://cjoint.com/13oc/CJus4Lp​s0A9.htm

Décompresse le fichier et double clique sur RemoteAccess.reg et accepte la fusion avec le registre.

Refais un scan avec Farbar Service Scanner et poste le rapport.


@++ :)

68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 20/10/2013 à 17:24:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Farbar Service Scanner Version: 20-10-2013
Ran by Emilie (administrator) on 20-10-2013 at 19:24:06
Running from "C:\Users\Emilie\Desktop"
Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)
Boot Mode: Normal
******************************​******************************​****

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\ns​iproxy.sys => MD5 is legit
C:\Windows\System32\drivers\af​d.sys
[2013-10-19 17:51] - [2013-09-14 03:10] - 0497152 ____A (Microsoft Corporation) 314C17917AC8523EC77A710215012A​65

C:\Windows\System32\drivers\td​x.sys => MD5 is legit
C:\Windows\System32\Drivers\tc​pip.sys
[2013-10-19 17:51] - [2013-09-08 04:30] - 1903552 ____A (Microsoft Corporation) 40AF23633D197905F03AB5628C558C​51

C:\Windows\System32\dnsrslvr.d​ll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mp​sdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsv​c.dll => MD5 is legit
C:\Windows\System32\wuaueng.dl​l => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.d​ll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.d​ll => MD5 is legit
C:\Windows\System32\iphlpsvc.d​ll => MD5 is legit
C:\Windows\System32\svchost.ex​e => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 20/10/2013 à 18:36:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


Cela est bon, as-tu d'autre souci?


@++ :)

68eilime
Bébé forumeur (De 10 à 49 messages postés)
  1. Posté le 20/10/2013 à 18:47:49  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut!

Non, tout est ok!
Merci beaucoup de ton aide et du temps que tu m'as accordé pour résoudre mon problème!
Bonne continuation.

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 20/10/2013 à 18:55:29  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut 68eilime


Bien de rien ;)

On va faire un ménage des outils téléchargés pour la désinfection, télécharge Del Fix (de Xplode), sur ton bureau :

http://general-changelog-team. [...] e/9-delfix

Lance-le, coche l'option "Supprimer les outils de désinfection".
Clique sur [exécuter]
Patiente durant l'opération..


-----


Je te donne quelques consignes de sécurité :

http://cjoint.com/13au/CHreEE7​Ky7s_fleche1.png Windows Update parfaitement à jour http://www.windowsupdate.com/
http://cjoint.com/13au/CHreEE7​Ky7s_fleche1.png Pare-feu bien paramétré pour XP, je te conseil :
ZoneAlarm, Vista/Seven -- le pare de WINDOWS est suffisant.
http://cjoint.com/13au/CHreEE7​Ky7s_fleche1.png Antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
http://cjoint.com/13au/CHreEE7​Ky7s_fleche1.png Une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
http://cjoint.com/13au/CHreEE7​Ky7s_fleche1.png Pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..)
Le danger des cracks !
Les risques sécuritaires du peer-to-peer
http://cjoint.com/13au/CHreEE7​Ky7s_fleche1.png Une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
http://cjoint.com/13au/CHreEE7​Ky7s_fleche1.png Nettoyage hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk)
http://cjoint.com/13au/CHreEE7​Ky7s_fleche1.png Scan hebdomadaire antispyware ( je conseil Malwarebytes )
http://cjoint.com/13au/CHreEE7​Ky7s_fleche1.png Un contrôle régulier de la console JAVA pour s'assurer qu'elle est à jour http://www.java.com/en/downloa​d/help/testvm.xml
http://cjoint.com/13au/CHreEE7​Ky7s_fleche1.png Faire régulièrement un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
http://www.malekal.com/scan_vu​lnerabilite.php

Je passe le sujet en résolu

Bonne journée/soirée et bon surf :super:


@++ :)

 Page :
1

Aller à :
 

Sujets relatifs
infection par JAVA et cheval Troie Drop.Sirefef PC Infecté Sirefef / 0Access
virus win32 sirefef-AHF et malware gen Comment supprimer les virus win32:sirefef-A0[Rtk] et ...
Plus de sujets relatifs à : TR/Sirefef.26726412

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
avira ancienne version 3
Supprimer qv06 11
l'opération demandée nécessite une élévation 1
desinstaller QV06 3
Supprimer QV06 de mon pc 19