Page blanche

[Roje]

J'envoie ces deux rapports avant le scan de Combofix.

 

Voici le rapport suite à l'utilisation de SEAF :

 

 

1. ========================= SEAF 1.0.1.0 - C_XX

2.

3. Commencé à: 14:58:17 le 08/05/2012

4.

5. Valeur(s) recherchée(s):

6. winsrv.dll

7. consrv.dll

8.

9. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès

10.

11. (!) --- Informations supplémentaires

12.

13. ====== Fichier(s) ======

14.

15.

16. "C:\Windows\System32\fr-FR\winsrv.dll.mui" [ ARCHIVE | 9 Ko ]

17. TC: 22/09/2011,01:30:34 | TM: 22/09/2011,01:30:34 | DA: 22/09/2011,01:30:34

18.

19. CompanyName: Microsoft Corporation

20. ProductName: Système d’exploitation Microsoft® Windows®

21. InternalName: winsrv

22. OriginalFileName: winsrv.dll.mui

23. LegalCopyright: © Microsoft Corporation. Tous droits réservés.

24. ProductVersion: 6.1.7600.16385

25. FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)

26.

27. =========================

28.

29.

30. "C:\Windows\SysWOW64\fr-FR\winsrv.dll.mui" [ ARCHIVE | 9 Ko ]

31. TC: 22/09/2011,01:30:34 | TM: 22/09/2011,01:30:34 | DA: 22/09/2011,01:30:34

32.

33. CompanyName: Microsoft Corporation

34. ProductName: Système d’exploitation Microsoft® Windows®

35. InternalName: winsrv

36. OriginalFileName: winsrv.dll.mui

37. LegalCopyright: © Microsoft Corporation. Tous droits réservés.

38. ProductVersion: 6.1.7600.16385

39. FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)

40.

41. =========================

42.

43.

44. "C:\Windows\winsxs\amd64_microsoft-windows-winsrv.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_3c41044b1116075a\winsrv.dll.mui" [ ARCHIVE | 9 Ko ]

45. TC: 22/09/2011,01:30:23 | TM: 22/09/2011,01:30:23 | DA: 22/09/2011,01:30:23

46.

47. CompanyName: Microsoft Corporation

48. ProductName: Système d’exploitation Microsoft® Windows®

49. InternalName: winsrv

50. OriginalFileName: winsrv.dll.mui

51. LegalCopyright: © Microsoft Corporation. Tous droits réservés.

52. ProductVersion: 6.1.7600.16385

53. FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)

54.

55. =========================

56.

57.

58. "C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll" [ ARCHIVE | 214 Ko ]

59. TC: 21/11/2010,05:24:16 | TM: 21/11/2010,05:24:16 | DA: 21/11/2010,05:24:16

60.

61. CompanyName: Microsoft Corporation

62. ProductName: Microsoft® Windows® Operating System

63. InternalName: winsrv

64. OriginalFileName: winsrv.dll

65. LegalCopyright: © Microsoft Corporation. All rights reserved.

66. ProductVersion: 6.1.7601.17514

67. FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)

68.

69. =========================

70.

71.

72. "C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17641_none_14812d55b30fc4e1\winsrv.dll" [ ARCHIVE | 215 Ko ]

73. TC: 25/12/2011,16:11:01 | TM: 24/06/2011,07:34:53 | DA: 25/12/2011,16:11:01

74.

75. CompanyName: Microsoft Corporation

76. ProductName: Microsoft® Windows® Operating System

77. InternalName: winsrv

78. OriginalFileName: winsrv.dll

79. LegalCopyright: © Microsoft Corporation. All rights reserved.

80. ProductVersion: 6.1.7601.17641

81. FileVersion: 6.1.7601.17641 (win7sp1_gdr.110623-1503)

82.

83. =========================

84.

85.

86. "C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21756_none_1504fba6cc30ff4f\winsrv.dll" [ ARCHIVE | 215 Ko ]

87. TC: 25/12/2011,16:11:02 | TM: 24/06/2011,07:27:05 | DA: 25/12/2011,16:11:02

88.

89. CompanyName: Microsoft Corporation

90. ProductName: Microsoft® Windows® Operating System

91. InternalName: winsrv

92. OriginalFileName: winsrv.dll

93. LegalCopyright: © Microsoft Corporation. All rights reserved.

94. ProductVersion: 6.1.7601.21756

95. FileVersion: 6.1.7601.21756 (win7sp1_ldr.110623-1505)

96.

97. =========================

98.

99.

100. "C:\Windows\winsxs\wow64_microsoft-windows-winsrv.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_4695ae9d4576c955\winsrv.dll.mui" [ ARCHIVE | 9 Ko ]

101. TC: 22/09/2011,01:30:34 | TM: 22/09/2011,01:30:34 | DA: 22/09/2011,01:30:34

102.

103. CompanyName: Microsoft Corporation

104. ProductName: Système d’exploitation Microsoft® Windows®

105. InternalName: winsrv

106. OriginalFileName: winsrv.dll.mui

107. LegalCopyright: © Microsoft Corporation. Tous droits réservés.

108. ProductVersion: 6.1.7600.16385

109. FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)

110.

111. =========================

112.

113.

114. =========================

115.

116. Fin à: 15:00:41 le 08/05/2012

117. 153140 Éléments analysés

118.

119. =========================

120. E.O.F

 

 

 

le rapport suite à l'inspection de TDSSKILLER :

 

15:08:43.0989 0676 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18

15:08:44.0239 0676 ============================================================

15:08:44.0239 0676 Current date / time: 2012/05/08 15:08:44.0239

15:08:44.0239 0676 SystemInfo:

15:08:44.0239 0676

15:08:44.0239 0676 OS Version: 6.1.7601 ServicePack: 1.0

15:08:44.0239 0676 Product type: Workstation

15:08:44.0239 0676 ComputerName: POUMA

15:08:44.0239 0676 UserName: mapou

15:08:44.0239 0676 Windows directory: C:\Windows

15:08:44.0239 0676 System windows directory: C:\Windows

15:08:44.0239 0676 Running under WOW64

15:08:44.0239 0676 Processor architecture: Intel x64

15:08:44.0239 0676 Number of processors: 2

15:08:44.0239 0676 Page size: 0x1000

15:08:44.0239 0676 Boot type: Safe boot with network

15:08:44.0239 0676 ============================================================

15:08:45.0580 0676 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

15:08:45.0580 0676 ============================================================

15:08:45.0580 0676 \Device\Harddisk0\DR0:

15:08:45.0580 0676 MBR partitions:

15:08:45.0580 0676 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1BF6000, BlocksNum 0x32000

15:08:45.0580 0676 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C28000, BlocksNum 0x3875D830

15:08:45.0580 0676 ============================================================

15:08:45.0627 0676 C: <-> \Device\Harddisk0\DR0\Partition1

15:08:45.0627 0676 ============================================================

15:08:45.0627 0676 Initialize success

15:08:45.0627 0676 ============================================================

15:08:56.0375 1460 ============================================================

15:08:56.0375 1460 Scan started

15:08:56.0375 1460 Mode: Manual;

15:08:56.0375 1460 ============================================================

15:08:57.0889 1460 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

15:08:57.0889 1460 1394ohci - ok

15:08:57.0998 1460 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

15:08:57.0998 1460 ACDaemon - ok

15:08:58.0045 1460 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

15:08:58.0045 1460 ACPI - ok

15:08:58.0076 1460 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

15:08:58.0076 1460 AcpiPmi - ok

15:08:58.0169 1460 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

15:08:58.0169 1460 AdobeARMservice - ok

15:08:58.0310 1460 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

15:08:58.0325 1460 AdobeFlashPlayerUpdateSvc - ok

15:08:58.0388 1460 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

15:08:58.0403 1460 adp94xx - ok

15:08:58.0466 1460 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

15:08:58.0481 1460 adpahci - ok

15:08:58.0497 1460 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

15:08:58.0497 1460 adpu320 - ok

15:08:58.0544 1460 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

15:08:58.0544 1460 AeLookupSvc - ok

15:08:58.0606 1460 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

15:08:58.0622 1460 AFD - ok

15:08:58.0669 1460 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

15:08:58.0669 1460 agp440 - ok

15:08:58.0700 1460 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

15:08:58.0715 1460 ALG - ok

15:08:58.0747 1460 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

15:08:58.0747 1460 aliide - ok

15:08:58.0809 1460 AMD External Events Utility (514089cb4a7df38dc4dd936ade4114d3) C:\Windows\system32\atiesrxx.exe

15:08:58.0825 1460 AMD External Events Utility - ok

15:08:58.0887 1460 AMD FUEL Service - ok

15:08:58.0934 1460 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

15:08:58.0934 1460 amdide - ok

15:08:58.0981 1460 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys

15:08:58.0981 1460 amdiox64 - ok

15:08:59.0027 1460 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

15:08:59.0027 1460 AmdK8 - ok

15:08:59.0605 1460 amdkmdag (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys

15:08:59.0807 1460 amdkmdag - ok

15:08:59.0948 1460 amdkmdap (9deb889d152f9c9dba98be8986084535) C:\Windows\system32\DRIVERS\atikmpag.sys

15:08:59.0948 1460 amdkmdap - ok

15:09:00.0010 1460 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

15:09:00.0010 1460 AmdPPM - ok

15:09:00.0041 1460 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

15:09:00.0041 1460 amdsata - ok

15:09:00.0088 1460 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

15:09:00.0088 1460 amdsbs - ok

15:09:00.0119 1460 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

15:09:00.0119 1460 amdxata - ok

15:09:00.0151 1460 amd_sata (caee7c1afc9f1c9ee8dd11acd18d22e7) C:\Windows\system32\drivers\amd_sata.sys

15:09:00.0151 1460 amd_sata - ok

15:09:00.0182 1460 amd_xata (23726116b4fbcc84fc45b95157c08f5f) C:\Windows\system32\drivers\amd_xata.sys

15:09:00.0197 1460 amd_xata - ok

15:09:00.0229 1460 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

15:09:00.0229 1460 AppID - ok

15:09:00.0260 1460 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

15:09:00.0260 1460 AppIDSvc - ok

15:09:00.0291 1460 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

15:09:00.0291 1460 Appinfo - ok

15:09:00.0322 1460 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

15:09:00.0322 1460 arc - ok

15:09:00.0353 1460 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

15:09:00.0353 1460 arcsas - ok

15:09:00.0385 1460 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

15:09:00.0385 1460 ArcSoftKsUFilter - ok

15:09:00.0478 1460 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

15:09:00.0478 1460 aspnet_state - ok

15:09:00.0509 1460 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

15:09:00.0509 1460 AsyncMac - ok

15:09:00.0556 1460 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

15:09:00.0556 1460 atapi - ok

15:09:00.0603 1460 AthBTPort (50f257e19554421b6891e3f998edca90) C:\Windows\system32\DRIVERS\btath_flt.sys

15:09:00.0603 1460 AthBTPort - ok

15:09:00.0697 1460 Atheros Bt&Wlan Coex Agent (650f111d5cda64c10ae4b9d1ba9d4fff) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

15:09:00.0697 1460 Atheros Bt&Wlan Coex Agent - ok

15:09:00.0743 1460 AtherosSvc (ebc3119394c9074a9cd87578a435050d) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

15:09:00.0743 1460 AtherosSvc - ok

15:09:00.0931 1460 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys

15:09:00.0977 1460 athr - ok

15:09:01.0133 1460 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys

15:09:01.0133 1460 AtiHDAudioService - ok

15:09:01.0211 1460 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

15:09:01.0227 1460 AudioEndpointBuilder - ok

15:09:01.0243 1460 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

15:09:01.0243 1460 AudioSrv - ok

15:09:01.0695 1460 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

15:09:01.0804 1460 AVGIDSAgent - ok

15:09:01.0929 1460 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

15:09:01.0929 1460 AVGIDSDriver - ok

15:09:01.0960 1460 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

15:09:01.0960 1460 AVGIDSEH - ok

15:09:01.0976 1460 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

15:09:01.0976 1460 AVGIDSFilter - ok

15:09:02.0023 1460 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

15:09:02.0038 1460 Avgldx64 - ok

15:09:02.0054 1460 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

15:09:02.0054 1460 Avgmfx64 - ok

15:09:02.0101 1460 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

15:09:02.0101 1460 Avgrkx64 - ok

15:09:02.0147 1460 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

15:09:02.0147 1460 Avgtdia - ok

15:09:02.0241 1460 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

15:09:02.0257 1460 avgwd - ok

15:09:02.0303 1460 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

15:09:02.0303 1460 AxInstSV - ok

15:09:02.0366 1460 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

15:09:02.0366 1460 b06bdrv - ok

15:09:02.0428 1460 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

15:09:02.0428 1460 b57nd60a - ok

15:09:02.0506 1460 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

15:09:02.0506 1460 BBSvc - ok

15:09:02.0553 1460 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

15:09:02.0553 1460 BDESVC - ok

15:09:02.0600 1460 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

15:09:02.0600 1460 Beep - ok

15:09:02.0678 1460 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

15:09:02.0678 1460 BFE - ok

15:09:02.0771 1460 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

15:09:02.0959 1460 BITS - ok

15:09:03.0115 1460 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

15:09:03.0130 1460 blbdrive - ok

15:09:03.0161 1460 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

15:09:03.0161 1460 bowser - ok

15:09:03.0177 1460 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

15:09:03.0177 1460 BrFiltLo - ok

15:09:03.0208 1460 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

15:09:03.0208 1460 BrFiltUp - ok

15:09:03.0255 1460 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

15:09:03.0271 1460 Browser - ok

15:09:03.0317 1460 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

15:09:03.0317 1460 Brserid - ok

15:09:03.0333 1460 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

15:09:03.0349 1460 BrSerWdm - ok

15:09:03.0364 1460 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:09:03.0395 1460 BrUsbMdm - ok

15:09:03.0442 1460 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

15:09:03.0442 1460 BrUsbSer - ok

15:09:03.0520 1460 BTATH_A2DP (b3bcd755fa9a359d10208cc9f09847cc) C:\Windows\system32\drivers\btath_a2dp.sys

15:09:03.0520 1460 BTATH_A2DP - ok

15:09:03.0536 1460 btath_avdt (9bbba9d6dbdefc8a6542bc7a6ebaf710) C:\Windows\system32\drivers\btath_avdt.sys

15:09:03.0551 1460 btath_avdt - ok

15:09:03.0583 1460 BTATH_BUS (d838dd1bcb328efcfad7a52de9e3cafd) C:\Windows\system32\DRIVERS\btath_bus.sys

15:09:03.0583 1460 BTATH_BUS - ok

15:09:03.0614 1460 BTATH_HCRP (a441b800e04cf8443faf519207563abb) C:\Windows\system32\DRIVERS\btath_hcrp.sys

15:09:03.0614 1460 BTATH_HCRP - ok

15:09:03.0645 1460 BTATH_LWFLT (b16f8429a35bba2a8ef9db2e08675b97) C:\Windows\system32\DRIVERS\btath_lwflt.sys

15:09:03.0661 1460 BTATH_LWFLT - ok

15:09:03.0692 1460 BTATH_RCP (c24231c6bdfe21735930084a22089aab) C:\Windows\system32\DRIVERS\btath_rcp.sys

15:09:03.0707 1460 BTATH_RCP - ok

15:09:03.0770 1460 BtFilter (3632fa4c6b3ce9ec827690deac266d8c) C:\Windows\system32\DRIVERS\btfilter.sys

15:09:03.0770 1460 BtFilter - ok

15:09:03.0817 1460 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

15:09:03.0817 1460 BthEnum - ok

15:09:03.0848 1460 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

15:09:03.0848 1460 BTHMODEM - ok

15:09:03.0910 1460 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

15:09:03.0910 1460 BthPan - ok

15:09:03.0973 1460 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

15:09:03.0988 1460 BTHPORT - ok

15:09:04.0035 1460 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

15:09:04.0035 1460 bthserv - ok

15:09:04.0066 1460 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

15:09:04.0066 1460 BTHUSB - ok

15:09:04.0113 1460 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

15:09:04.0113 1460 cdfs - ok

15:09:04.0144 1460 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

15:09:04.0144 1460 cdrom - ok

15:09:04.0175 1460 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

15:09:04.0175 1460 CertPropSvc - ok

15:09:04.0207 1460 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

15:09:04.0207 1460 circlass - ok

15:09:04.0253 1460 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

15:09:04.0253 1460 CLFS - ok

15:09:04.0363 1460 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:09:04.0363 1460 clr_optimization_v2.0.50727_32 - ok

15:09:04.0425 1460 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

15:09:04.0425 1460 clr_optimization_v2.0.50727_64 - ok

15:09:04.0503 1460 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:09:04.0503 1460 clr_optimization_v4.0.30319_32 - ok

15:09:04.0565 1460 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

15:09:04.0581 1460 clr_optimization_v4.0.30319_64 - ok

15:09:04.0612 1460 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

15:09:04.0612 1460 CmBatt - ok

15:09:04.0643 1460 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

15:09:04.0643 1460 cmdide - ok

15:09:04.0706 1460 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

15:09:04.0721 1460 CNG - ok

15:09:04.0862 1460 CnxtHdAudService (1f394df3714ed4280047810790e6df69) C:\Windows\system32\drivers\CHDRT64.sys

15:09:04.0893 1460 CnxtHdAudService - ok

15:09:05.0018 1460 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

15:09:05.0018 1460 Compbatt - ok

15:09:05.0049 1460 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

15:09:05.0049 1460 CompositeBus - ok

15:09:05.0065 1460 COMSysApp - ok

15:09:05.0111 1460 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

15:09:05.0111 1460 crcdisk - ok

15:09:05.0158 1460 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

15:09:05.0158 1460 CryptSvc - ok

15:09:05.0299 1460 cvhsvc (61a86809b62769643892bc0812b204aa) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

15:09:05.0314 1460 cvhsvc - ok

15:09:05.0470 1460 DCDhcpService (75e3c4bb1ed032310edcf5691a452b4b) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe

15:09:05.0470 1460 DCDhcpService - ok

15:09:05.0548 1460 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

15:09:05.0579 1460 DcomLaunch - ok

15:09:05.0626 1460 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

15:09:05.0626 1460 defragsvc - ok

15:09:05.0704 1460 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

15:09:05.0704 1460 DfsC - ok

15:09:05.0767 1460 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

15:09:05.0767 1460 Dhcp - ok

15:09:05.0798 1460 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

15:09:05.0798 1460 discache - ok

15:09:05.0845 1460 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

15:09:05.0845 1460 Disk - ok

15:09:05.0891 1460 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

15:09:05.0891 1460 Dnscache - ok

15:09:05.0923 1460 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

15:09:05.0938 1460 dot3svc - ok

15:09:05.0954 1460 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

15:09:05.0954 1460 DPS - ok

15:09:05.0985 1460 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

15:09:06.0001 1460 drmkaud - ok

15:09:06.0063 1460 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

15:09:06.0079 1460 DXGKrnl - ok

15:09:06.0141 1460 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys

15:09:06.0141 1460 e1yexpress - ok

15:09:06.0172 1460 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

15:09:06.0172 1460 EapHost - ok

15:09:06.0391 1460 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

15:09:06.0484 1460 ebdrv - ok

15:09:06.0578 1460 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

15:09:06.0578 1460 EFS - ok

15:09:06.0687 1460 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

15:09:06.0703 1460 ehRecvr - ok

15:09:06.0749 1460 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

15:09:06.0749 1460 ehSched - ok

15:09:06.0843 1460 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

15:09:06.0859 1460 elxstor - ok

15:09:06.0859 1460 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

15:09:06.0859 1460 ErrDev - ok

15:09:06.0937 1460 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

15:09:06.0937 1460 EventSystem - ok

15:09:06.0983 1460 ewusbnet (6bb25543428878bafbc2f8446343b160) C:\Windows\system32\DRIVERS\ewusbnet.sys

15:09:06.0983 1460 ewusbnet - ok

15:09:07.0015 1460 ew_hwusbdev (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys

15:09:07.0015 1460 ew_hwusbdev - ok

15:09:07.0061 1460 ew_usbenumfilter (55e0eda185869f7ea67ea97fd0655b39) C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys

15:09:07.0061 1460 ew_usbenumfilter - ok

15:09:07.0108 1460 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

15:09:07.0108 1460 exfat - ok

15:09:07.0124 1460 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

15:09:07.0124 1460 fastfat - ok

15:09:07.0202 1460 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

15:09:07.0217 1460 Fax - ok

15:09:07.0249 1460 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

15:09:07.0249 1460 fdc - ok

15:09:07.0280 1460 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

15:09:07.0280 1460 fdPHost - ok

15:09:07.0295 1460 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

15:09:07.0295 1460 FDResPub - ok

15:09:07.0327 1460 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

15:09:07.0342 1460 FileInfo - ok

15:09:07.0358 1460 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

15:09:07.0358 1460 Filetrace - ok

15:09:07.0436 1460 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

15:09:07.0436 1460 flpydisk - ok

15:09:07.0467 1460 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

15:09:07.0483 1460 FltMgr - ok

15:09:07.0561 1460 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

15:09:07.0576 1460 FontCache - ok

15:09:07.0670 1460 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

15:09:07.0670 1460 FontCache3.0.0.0 - ok

15:09:07.0732 1460 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

15:09:07.0732 1460 FsDepends - ok

15:09:07.0763 1460 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys

15:09:07.0763 1460 fssfltr - ok

15:09:07.0935 1460 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

15:09:07.0966 1460 fsssvc - ok

15:09:08.0075 1460 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

15:09:08.0075 1460 Fs_Rec - ok

15:09:08.0169 1460 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

15:09:08.0169 1460 fvevol - ok

15:09:08.0216 1460 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

15:09:08.0216 1460 gagp30kx - ok

15:09:08.0294 1460 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

15:09:08.0309 1460 gpsvc - ok

15:09:08.0341 1460 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

15:09:08.0356 1460 hcw85cir - ok

15:09:08.0403 1460 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

15:09:08.0419 1460 HdAudAddService - ok

15:09:08.0450 1460 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

15:09:08.0450 1460 HDAudBus - ok

15:09:08.0465 1460 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

15:09:08.0465 1460 HidBatt - ok

15:09:08.0481 1460 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

15:09:08.0497 1460 HidBth - ok

15:09:08.0497 1460 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

15:09:08.0497 1460 HidIr - ok

15:09:08.0528 1460 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

15:09:08.0528 1460 hidserv - ok

15:09:08.0590 1460 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

15:09:08.0590 1460 HidUsb - ok

15:09:08.0637 1460 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

15:09:08.0637 1460 hkmsvc - ok

15:09:08.0668 1460 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

15:09:08.0684 1460 HomeGroupListener - ok

15:09:08.0715 1460 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

15:09:08.0715 1460 HomeGroupProvider - ok

15:09:08.0746 1460 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

15:09:08.0746 1460 HpSAMD - ok

15:09:08.0824 1460 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

15:09:08.0840 1460 HTTP - ok

15:09:08.0871 1460 hwdatacard (6e05228393cd614b983568ec40c262c3) C:\Windows\system32\DRIVERS\ewusbmdm.sys

15:09:08.0871 1460 hwdatacard - ok

15:09:08.0887 1460 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

15:09:08.0902 1460 hwpolicy - ok

15:09:08.0933 1460 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

15:09:08.0933 1460 i8042prt - ok

15:09:08.0996 1460 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

15:09:08.0996 1460 iaStorV - ok

15:09:09.0214 1460 IconMan_R (3a0ff117b4adc5abe4d968e26a337158) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

15:09:09.0245 1460 IconMan_R - ok

15:09:09.0448 1460 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

15:09:09.0479 1460 idsvc - ok

15:09:09.0573 1460 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

15:09:09.0573 1460 iirsp - ok

15:09:09.0651 1460 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

15:09:09.0667 1460 IKEEXT - ok

15:09:09.0713 1460 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

15:09:09.0713 1460 intelide - ok

15:09:09.0729 1460 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys

15:09:09.0729 1460 intelppm - ok

15:09:09.0760 1460 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

15:09:09.0760 1460 IPBusEnum - ok

15:09:09.0791 1460 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:09:09.0791 1460 IpFilterDriver - ok

15:09:09.0838 1460 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

15:09:09.0854 1460 iphlpsvc - ok

15:09:09.0854 1460 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

15:09:09.0854 1460 IPMIDRV - ok

15:09:09.0885 1460 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

15:09:09.0901 1460 IPNAT - ok

15:09:09.0916 1460 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

15:09:09.0932 1460 IRENUM - ok

15:09:09.0963 1460 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

15:09:09.0963 1460 isapnp - ok

15:09:09.0994 1460 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

15:09:09.0994 1460 iScsiPrt - ok

15:09:10.0025 1460 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

15:09:10.0025 1460 kbdclass - ok

15:09:10.0057 1460 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

15:09:10.0057 1460 kbdhid - ok

15:09:10.0088 1460 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

15:09:10.0088 1460 KeyIso - ok

15:09:10.0119 1460 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

15:09:10.0119 1460 KSecDD - ok

15:09:10.0150 1460 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

15:09:10.0150 1460 KSecPkg - ok

15:09:10.0181 1460 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

15:09:10.0181 1460 ksthunk - ok

15:09:10.0228 1460 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

15:09:10.0244 1460 KtmRm - ok

15:09:10.0291 1460 L1C (173666119d217e3739205c169e2bf0e5) C:\Windows\system32\DRIVERS\L1C62x64.sys

15:09:10.0291 1460 L1C - ok

15:09:10.0353 1460 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

15:09:10.0353 1460 LanmanServer - ok

15:09:10.0369 1460 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

15:09:10.0384 1460 LanmanWorkstation - ok

15:09:10.0415 1460 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

15:09:10.0415 1460 lltdio - ok

15:09:10.0462 1460 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

15:09:10.0478 1460 lltdsvc - ok

15:09:10.0493 1460 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

15:09:10.0493 1460 lmhosts - ok

15:09:10.0540 1460 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

15:09:10.0540 1460 LSI_FC - ok

15:09:10.0556 1460 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

15:09:10.0556 1460 LSI_SAS - ok

15:09:10.0587 1460 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

15:09:10.0587 1460 LSI_SAS2 - ok

15:09:10.0603 1460 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

15:09:10.0603 1460 LSI_SCSI - ok

15:09:10.0634 1460 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

15:09:10.0634 1460 luafv - ok

15:09:10.0681 1460 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

15:09:10.0681 1460 Mcx2Svc - ok

15:09:10.0712 1460 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

15:09:10.0727 1460 megasas - ok

15:09:10.0743 1460 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

15:09:10.0759 1460 MegaSR - ok

15:09:10.0790 1460 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

15:09:10.0790 1460 MMCSS - ok

15:09:10.0821 1460 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

15:09:10.0821 1460 Modem - ok

15:09:10.0852 1460 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

15:09:10.0852 1460 monitor - ok

15:09:10.0868 1460 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

15:09:10.0883 1460 mouclass - ok

15:09:10.0915 1460 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

15:09:10.0915 1460 mouhid - ok

15:09:10.0946 1460 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

15:09:10.0946 1460 mountmgr - ok

15:09:10.0977 1460 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

15:09:10.0977 1460 mpio - ok

15:09:10.0993 1460 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

15:09:10.0993 1460 mpsdrv - ok

15:09:11.0071 1460 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

15:09:11.0086 1460 MpsSvc - ok

15:09:11.0117 1460 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

15:09:11.0117 1460 MRxDAV - ok

15:09:11.0164 1460 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:09:11.0164 1460 mrxsmb - ok

15:09:11.0211 1460 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:09:11.0211 1460 mrxsmb10 - ok

15:09:11.0258 1460 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:09:11.0258 1460 mrxsmb20 - ok

15:09:11.0273 1460 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

15:09:11.0289 1460 msahci - ok

15:09:11.0305 1460 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

15:09:11.0305 1460 msdsm - ok

15:09:11.0336 1460 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

15:09:11.0336 1460 MSDTC - ok

15:09:11.0398 1460 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

15:09:11.0398 1460 Msfs - ok

15:09:11.0429 1460 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

15:09:11.0429 1460 mshidkmdf - ok

15:09:11.0445 1460 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

15:09:11.0445 1460 msisadrv - ok

15:09:11.0523 1460 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

15:09:11.0539 1460 MSiSCSI - ok

15:09:11.0539 1460 msiserver - ok

15:09:11.0632 1460 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

15:09:11.0632 1460 MSKSSRV - ok

15:09:11.0648 1460 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

15:09:11.0648 1460 MSPCLOCK - ok

15:09:11.0679 1460 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

15:09:11.0679 1460 MSPQM - ok

15:09:11.0710 1460 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

15:09:11.0710 1460 MsRPC - ok

15:09:11.0741 1460 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

15:09:11.0757 1460 mssmbios - ok

15:09:11.0773 1460 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

15:09:11.0788 1460 MSTEE - ok

15:09:11.0788 1460 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

15:09:11.0804 1460 MTConfig - ok

15:09:11.0819 1460 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

15:09:11.0819 1460 Mup - ok

15:09:11.0882 1460 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

15:09:11.0882 1460 napagent - ok

15:09:11.0944 1460 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

15:09:11.0960 1460 NativeWifiP - ok

15:09:12.0022 1460 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

15:09:12.0038 1460 NDIS - ok

15:09:12.0085 1460 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

15:09:12.0085 1460 NdisCap - ok

15:09:12.0116 1460 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

15:09:12.0116 1460 NdisTapi - ok

15:09:12.0147 1460 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

15:09:12.0147 1460 Ndisuio - ok

15:09:12.0163 1460 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

15:09:12.0178 1460 NdisWan - ok

15:09:12.0194 1460 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

15:09:12.0194 1460 NDProxy - ok

15:09:12.0225 1460 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

15:09:12.0225 1460 NetBIOS - ok

15:09:12.0241 1460 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

15:09:12.0256 1460 NetBT - ok

15:09:12.0287 1460 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

15:09:12.0303 1460 Netlogon - ok

15:09:12.0350 1460 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

15:09:12.0365 1460 Netman - ok

15:09:12.0459 1460 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:09:12.0459 1460 NetMsmqActivator - ok

15:09:12.0475 1460 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:09:12.0475 1460 NetPipeActivator - ok

15:09:12.0521 1460 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

15:09:12.0537 1460 netprofm - ok

15:09:12.0537 1460 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:09:12.0537 1460 NetTcpActivator - ok

15:09:12.0553 1460 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:09:12.0553 1460 NetTcpPortSharing - ok

15:09:12.0615 1460 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

15:09:12.0615 1460 nfrd960 - ok

15:09:12.0693 1460 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

15:09:12.0693 1460 NlaSvc - ok

15:09:12.0724 1460 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

15:09:12.0724 1460 Npfs - ok

15:09:12.0755 1460 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

15:09:12.0755 1460 nsi - ok

15:09:12.0787 1460 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

15:09:12.0787 1460 nsiproxy - ok

15:09:12.0896 1460 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

15:09:12.0927 1460 Ntfs - ok

15:09:13.0021 1460 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

15:09:13.0021 1460 Null - ok

15:09:13.0785 1460 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys

15:09:14.0035 1460 nvlddmkm - ok

15:09:14.0144 1460 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

15:09:14.0144 1460 nvraid - ok

15:09:14.0175 1460 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

15:09:14.0191 1460 nvstor - ok

15:09:14.0237 1460 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

15:09:14.0237 1460 nv_agp - ok

15:09:14.0269 1460 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

15:09:14.0269 1460 ohci1394 - ok

15:09:14.0347 1460 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:09:14.0347 1460 ose - ok

15:09:14.0705 1460 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

15:09:14.0830 1460 osppsvc - ok

15:09:14.0955 1460 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

15:09:14.0955 1460 p2pimsvc - ok

15:09:15.0002 1460 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

15:09:15.0002 1460 p2psvc - ok

15:09:15.0064 1460 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

15:09:15.0080 1460 Parport - ok

15:09:15.0095 1460 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

15:09:15.0095 1460 partmgr - ok

15:09:15.0142 1460 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

15:09:15.0142 1460 PcaSvc - ok

15:09:15.0189 1460 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

15:09:15.0189 1460 pci - ok

15:09:15.0205 1460 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

15:09:15.0220 1460 pciide - ok

15:09:15.0236 1460 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

15:09:15.0236 1460 pcmcia - ok

15:09:15.0267 1460 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

15:09:15.0267 1460 pcw - ok

15:09:15.0314 1460 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

15:09:15.0329 1460 PEAUTH - ok

15:09:15.0407 1460 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

15:09:15.0423 1460 PerfHost - ok

15:09:15.0548 1460 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

15:09:15.0579 1460 pla - ok

15:09:15.0641 1460 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

15:09:15.0657 1460 PlugPlay - ok

15:09:15.0766 1460 PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

15:09:15.0782 1460 PMBDeviceInfoProvider - ok

15:09:15.0797 1460 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

15:09:15.0797 1460 PNRPAutoReg - ok

15:09:15.0844 1460 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

15:09:15.0860 1460 PNRPsvc - ok

15:09:15.0922 1460 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

15:09:15.0938 1460 PolicyAgent - ok

15:09:15.0985 1460 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

15:09:16.0000 1460 Power - ok

15:09:16.0063 1460 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

15:09:16.0063 1460 PptpMiniport - ok

15:09:16.0094 1460 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

15:09:16.0094 1460 Processor - ok

15:09:16.0125 1460 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

15:09:16.0125 1460 ProfSvc - ok

15:09:16.0156 1460 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

15:09:16.0156 1460 ProtectedStorage - ok

15:09:16.0203 1460 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

15:09:16.0203 1460 Psched - ok

15:09:16.0312 1460 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

15:09:16.0328 1460 ql2300 - ok

15:09:16.0468 1460 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

15:09:16.0468 1460 ql40xx - ok

15:09:16.0515 1460 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

15:09:16.0515 1460 QWAVE - ok

15:09:16.0531 1460 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

15:09:16.0531 1460 QWAVEdrv - ok

15:09:16.0562 1460 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

15:09:16.0562 1460 RasAcd - ok

15:09:16.0609 1460 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:09:16.0609 1460 RasAgileVpn - ok

15:09:16.0640 1460 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

15:09:16.0640 1460 RasAuto - ok

15:09:16.0671 1460 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:09:16.0671 1460 Rasl2tp - ok

15:09:16.0733 1460 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

15:09:16.0749 1460 RasMan - ok

15:09:16.0780 1460 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

15:09:16.0796 1460 RasPppoe - ok

15:09:16.0811 1460 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

15:09:16.0811 1460 RasSstp - ok

15:09:16.0843 1460 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

15:09:16.0858 1460 rdbss - ok

15:09:16.0874 1460 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

15:09:16.0874 1460 rdpbus - ok

15:09:16.0905 1460 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:09:16.0905 1460 RDPCDD - ok

15:09:16.0936 1460 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

15:09:16.0936 1460 RDPENCDD - ok

15:09:16.0952 1460 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

15:09:16.0952 1460 RDPREFMP - ok

15:09:16.0999 1460 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

15:09:17.0014 1460 RDPWD - ok

15:09:17.0045 1460 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

15:09:17.0061 1460 rdyboost - ok

15:09:17.0077 1460 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

15:09:17.0092 1460 RemoteAccess - ok

15:09:17.0123 1460 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

15:09:17.0123 1460 RemoteRegistry - ok

15:09:17.0170 1460 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

15:09:17.0186 1460 RFCOMM - ok

15:09:17.0217 1460 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

15:09:17.0217 1460 RpcEptMapper - ok

15:09:17.0248 1460 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

15:09:17.0248 1460 RpcLocator - ok

15:09:17.0295 1460 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

15:09:17.0311 1460 RpcSs - ok

15:09:17.0404 1460 RSPCIESTOR (9d21618e7a3b2c75cf1a2ecbbe723730) C:\Windows\system32\DRIVERS\RtsPStor.sys

15:09:17.0420 1460 RSPCIESTOR - ok

15:09:17.0451 1460 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

15:09:17.0451 1460 rspndr - ok

15:09:17.0498 1460 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

15:09:17.0498 1460 SamSs - ok

15:09:17.0529 1460 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

15:09:17.0529 1460 sbp2port - ok

15:09:17.0576 1460 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

15:09:17.0576 1460 SCardSvr - ok

15:09:17.0607 1460 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

15:09:17.0607 1460 scfilter - ok

15:09:17.0669 1460 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

15:09:17.0701 1460 Schedule - ok

15:09:17.0732 1460 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

15:09:17.0732 1460 SCPolicySvc - ok

15:09:17.0763 1460 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys

15:09:17.0779 1460 sdbus - ok

15:09:17.0810 1460 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

15:09:17.0810 1460 SDRSVC - ok

15:09:17.0903 1460 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

15:09:17.0919 1460 SeaPort - ok

15:09:17.0950 1460 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

15:09:17.0950 1460 secdrv - ok

15:09:17.0981 1460 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

15:09:17.0981 1460 seclogon - ok

15:09:18.0028 1460 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

15:09:18.0028 1460 SENS - ok

15:09:18.0059 1460 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

15:09:18.0059 1460 SensrSvc - ok

15:09:18.0091 1460 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

15:09:18.0091 1460 Serenum - ok

15:09:18.0106 1460 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

15:09:18.0122 1460 Serial - ok

15:09:18.0137 1460 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

15:09:18.0153 1460 sermouse - ok

15:09:18.0200 1460 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

15:09:18.0200 1460 SessionEnv - ok

15:09:18.0247 1460 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\DRIVERS\SFEP.sys

15:09:18.0247 1460 SFEP - ok

15:09:18.0278 1460 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

15:09:18.0278 1460 sffdisk - ok

15:09:18.0278 1460 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

15:09:18.0278 1460 sffp_mmc - ok

15:09:18.0293 1460 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

15:09:18.0293 1460 sffp_sd - ok

15:09:18.0309 1460 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

15:09:18.0325 1460 sfloppy - ok

15:09:18.0403 1460 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys

15:09:18.0418 1460 Sftfs - ok

15:09:18.0543 1460 sftlist (bfdb58616ff5ea540a5f58301d50641e) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

15:09:18.0543 1460 sftlist - ok

15:09:18.0605 1460 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys

15:09:18.0621 1460 Sftplay - ok

15:09:18.0637 1460 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys

15:09:18.0637 1460 Sftredir - ok

15:09:18.0652 1460 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys

15:09:18.0652 1460 Sftvol - ok

15:09:18.0699 1460 sftvsa (b94c3c4dca2093243c76ca218ede2a97) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

15:09:18.0699 1460 sftvsa - ok

15:09:18.0746 1460 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

15:09:18.0746 1460 SharedAccess - ok

15:09:18.0793 1460 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

15:09:18.0808 1460 ShellHWDetection - ok

15:09:18.0839 1460 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

15:09:18.0839 1460 SiSRaid2 - ok

15:09:18.0855 1460 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

15:09:18.0855 1460 SiSRaid4 - ok

15:09:18.0886 1460 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

15:09:18.0886 1460 Smb - ok

15:09:18.0917 1460 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

15:09:18.0917 1460 SNMPTRAP - ok

15:09:19.0042 1460 SOHCImp (ddf2ec98af6fc70608a4f9ce4db52758) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

15:09:19.0042 1460 SOHCImp - ok

15:09:19.0073 1460 SOHDs (5fa03f5ea6efef6d17b4a1a48c40a23c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

15:09:19.0073 1460 SOHDs - ok

15:09:19.0167 1460 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

15:09:19.0183 1460 SpfService - ok

15:09:19.0198 1460 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

15:09:19.0214 1460 spldr - ok

15:09:19.0261 1460 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

15:09:19.0261 1460 Spooler - ok

15:09:19.0495 1460 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

15:09:19.0541 1460 sppsvc - ok

15:09:19.0651 1460 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

15:09:19.0666 1460 sppuinotify - ok

15:09:19.0744 1460 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

15:09:19.0760 1460 srv - ok

15:09:19.0791 1460 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

15:09:19.0807 1460 srv2 - ok

15:09:19.0853 1460 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

15:09:19.0869 1460 srvnet - ok

15:09:19.0900 1460 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

15:09:19.0900 1460 SSDPSRV - ok

15:09:19.0931 1460 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

15:09:19.0931 1460 SstpSvc - ok

15:09:19.0963 1460 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

15:09:19.0963 1460 stexstor - ok

15:09:20.0041 1460 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

15:09:20.0056 1460 stisvc - ok

15:09:20.0087 1460 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

15:09:20.0087 1460 swenum - ok

15:09:20.0134 1460 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

15:09:20.0150 1460 swprv - ok

15:09:20.0275 1460 SynTP (c43e3ca9c672b2ec30b66cce0b89bd36) C:\Windows\system32\DRIVERS\SynTP.sys

15:09:20.0290 1460 SynTP - ok

15:09:20.0493 1460 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

15:09:20.0524 1460 SysMain - ok

15:09:20.0618 1460 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

15:09:20.0633 1460 TabletInputService - ok

15:09:20.0665 1460 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

15:09:20.0680 1460 TapiSrv - ok

15:09:20.0711 1460 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

15:09:20.0711 1460 TBS - ok

15:09:20.0867 1460 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

15:09:20.0899 1460 Tcpip - ok

15:09:21.0133 1460 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

15:09:21.0148 1460 TCPIP6 - ok

15:09:21.0273 1460 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

15:09:21.0273 1460 tcpipreg - ok

15:09:21.0304 1460 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

15:09:21.0304 1460 TDPIPE - ok

15:09:21.0320 1460 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

15:09:21.0335 1460 TDTCP - ok

15:09:21.0367 1460 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

15:09:21.0367 1460 tdx - ok

15:09:21.0398 1460 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

15:09:21.0398 1460 TermDD - ok

15:09:21.0476 1460 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

15:09:21.0491 1460 TermService - ok

15:09:21.0523 1460 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

15:09:21.0523 1460 Themes - ok

15:09:21.0554 1460 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

15:09:21.0554 1460 THREADORDER - ok

15:09:21.0601 1460 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

15:09:21.0601 1460 TrkWks - ok

15:09:21.0647 1460 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

15:09:21.0647 1460 TrustedInstaller - ok

15:09:21.0694 1460 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:09:21.0694 1460 tssecsrv - ok

15:09:21.0725 1460 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

15:09:21.0725 1460 TsUsbFlt - ok

15:09:21.0741 1460 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

15:09:21.0757 1460 TsUsbGD - ok

15:09:21.0788 1460 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

15:09:21.0788 1460 tunnel - ok

15:09:21.0819 1460 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

15:09:21.0819 1460 uagp35 - ok

15:09:21.0881 1460 uCamMonitor (1fe69f3c1ca1cf4b7ec7e2e9090fffdc) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

15:09:21.0897 1460 uCamMonitor - ok

15:09:21.0944 1460 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

15:09:21.0944 1460 udfs - ok

15:09:21.0975 1460 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

15:09:21.0991 1460 UI0Detect - ok

15:09:22.0022 1460 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

15:09:22.0022 1460 uliagpkx - ok

15:09:22.0053 1460 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

15:09:22.0053 1460 umbus - ok

15:09:22.0069 1460 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

15:09:22.0069 1460 UmPass - ok

15:09:22.0115 1460 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

15:09:22.0131 1460 upnphost - ok

15:09:22.0147 1460 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

15:09:22.0162 1460 usbccgp - ok

15:09:22.0178 1460 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

15:09:22.0178 1460 usbcir - ok

15:09:22.0193 1460 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

15:09:22.0209 1460 usbehci - ok

15:09:22.0240 1460 usbfilter (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys

15:09:22.0240 1460 usbfilter - ok

15:09:22.0303 1460 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

15:09:22.0318 1460 usbhub - ok

15:09:22.0334 1460 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

15:09:22.0334 1460 usbohci - ok

15:09:22.0349 1460 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

15:09:22.0349 1460 usbprint - ok

15:09:22.0381 1460 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:09:22.0396 1460 USBSTOR - ok

15:09:22.0427 1460 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

15:09:22.0427 1460 usbuhci - ok

15:09:22.0459 1460 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

15:09:22.0459 1460 usbvideo - ok

15:09:22.0490 1460 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

15:09:22.0490 1460 UxSms - ok

15:09:22.0583 1460 VAIO Event Service (dcb1f83ad167d16d263ce57c94e9eedf) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

15:09:22.0599 1460 VAIO Event Service - ok

15:09:22.0630 1460 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

15:09:22.0630 1460 VaultSvc - ok

15:09:22.0802 1460 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

15:09:22.0802 1460 VCFw - ok

15:09:22.0927 1460 VcmIAlzMgr (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

15:09:22.0927 1460 VcmIAlzMgr - ok

15:09:22.0989 1460 VcmINSMgr (2f06d134554ba84fe253dbc481dcfe6d) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

15:09:23.0005 1460 VcmINSMgr - ok

15:09:23.0083 1460 VcmXmlIfHelper (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

15:09:23.0083 1460 VcmXmlIfHelper - ok

15:09:23.0161 1460 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe

15:09:23.0161 1460 VCService - ok

15:09:23.0285 1460 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

15:09:23.0285 1460 vdrvroot - ok

15:09:23.0348 1460 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

15:09:23.0348 1460 vds - ok

15:09:23.0410 1460 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

15:09:23.0426 1460 vga - ok

15:09:23.0441 1460 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

15:09:23.0441 1460 VgaSave - ok

15:09:23.0473 1460 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

15:09:23.0473 1460 vhdmp - ok

15:09:23.0488 1460 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

15:09:23.0488 1460 viaide - ok

15:09:23.0519 1460 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

15:09:23.0519 1460 volmgr - ok

15:09:23.0566 1460 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

15:09:23.0566 1460 volmgrx - ok

15:09:23.0597 1460 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

15:09:23.0613 1460 volsnap - ok

15:09:23.0644 1460 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

15:09:23.0660 1460 vsmraid - ok

15:09:23.0800 1460 VSNService (03f6f618367cb16a2176b8db4215d1f9) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

15:09:23.0816 1460 VSNService - ok

15:09:23.0956 1460 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

15:09:23.0972 1460 VSS - ok

15:09:24.0143 1460 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe

15:09:24.0159 1460 vToolbarUpdater10.2.0 - ok

15:09:24.0331 1460 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

15:09:24.0362 1460 VUAgent - ok

15:09:24.0471 1460 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

15:09:24.0471 1460 vwifibus - ok

15:09:24.0502 1460 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

15:09:24.0518 1460 vwififlt - ok

15:09:24.0580 1460 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

15:09:24.0596 1460 W32Time - ok

15:09:24.0643 1460 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

15:09:24.0643 1460 WacomPen - ok

15:09:24.0674 1460 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

15:09:24.0689 1460 WANARP - ok

15:09:24.0689 1460 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

15:09:24.0689 1460 Wanarpv6 - ok

15:09:24.0830 1460 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

15:09:24.0845 1460 WatAdminSvc - ok

15:09:24.0955 1460 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

15:09:24.0986 1460 wbengine - ok

15:09:25.0095 1460 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

15:09:25.0095 1460 WbioSrvc - ok

15:09:25.0142 1460 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

15:09:25.0157 1460 wcncsvc - ok

15:09:25.0173 1460 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

15:09:25.0173 1460 WcsPlugInService - ok

15:09:25.0220 1460 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

15:09:25.0220 1460 Wd - ok

15:09:25.0282 1460 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

15:09:25.0282 1460 Wdf01000 - ok

15:09:25.0313 1460 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

15:09:25.0313 1460 WdiServiceHost - ok

15:09:25.0329 1460 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

15:09:25.0329 1460 WdiSystemHost - ok

15:09:25.0360 1460 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

15:09:25.0376 1460 WebClient - ok

15:09:25.0454 1460 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

15:09:25.0454 1460 Wecsvc - ok

15:09:25.0501 1460 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

15:09:25.0501 1460 wercplsupport - ok

15:09:25.0516 1460 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

15:09:25.0532 1460 WerSvc - ok

15:09:25.0563 1460 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

15:09:25.0563 1460 WfpLwf - ok

15:09:25.0594 1460 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

15:09:25.0594 1460 WIMMount - ok

15:09:25.0610 1460 WinDefend - ok

15:09:25.0625 1460 WinHttpAutoProxySvc - ok

15:09:25.0703 1460 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

15:09:25.0703 1460 Winmgmt - ok

15:09:25.0859 1460 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

15:09:25.0891 1460 WinRM - ok

15:09:26.0047 1460 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

15:09:26.0062 1460 Wlansvc - ok

15:09:26.0125 1460 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

15:09:26.0140 1460 wlcrasvc - ok

15:09:26.0312 1460 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

15:09:26.0359 1460 wlidsvc - ok

15:09:26.0468 1460 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

15:09:26.0468 1460 WmiAcpi - ok

15:09:26.0546 1460 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

15:09:26.0546 1460 wmiApSrv - ok

15:09:26.0577 1460 WMPNetworkSvc - ok

15:09:26.0624 1460 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

15:09:26.0624 1460 WPCSvc - ok

15:09:26.0655 1460 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

15:09:26.0655 1460 WPDBusEnum - ok

15:09:26.0671 1460 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

15:09:26.0686 1460 ws2ifsl - ok

15:09:26.0717 1460 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

15:09:26.0717 1460 wscsvc - ok

15:09:26.0733 1460 WSearch - ok

15:09:26.0889 1460 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

15:09:26.0920 1460 wuauserv - ok

15:09:27.0029 1460 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

15:09:27.0029 1460 WudfPf - ok

15:09:27.0076 1460 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:09:27.0092 1460 WUDFRd - ok

15:09:27.0123 1460 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

15:09:27.0123 1460 wudfsvc - ok

15:09:27.0170 1460 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

15:09:27.0170 1460 WwanSvc - ok

15:09:27.0263 1460 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

15:09:27.0341 1460 \Device\Harddisk0\DR0 - ok

15:09:27.0341 1460 Boot (0x1200) (c27a238810fe17e7afb81d86363bbbe0) \Device\Harddisk0\DR0\Partition0

15:09:27.0357 1460 \Device\Harddisk0\DR0\Partition0 - ok

15:09:27.0404 1460 Boot (0x1200) (a10d4cc5c605d363e83a7cb7db0364f0) \Device\Harddisk0\DR0\Partition1

15:09:27.0404 1460 \Device\Harddisk0\DR0\Partition1 - ok

15:09:27.0404 1460 ============================================================

15:09:27.0404 1460 Scan finished

15:09:27.0404 1460 ============================================================

15:09:27.0435 1616 Detected object count: 0

15:09:27.0435 1616 Actual detected object count: 0

[pear]

Bien.

 

 

Combofix est un logiciel très puissant qui ne doit pas être utilisé sans une aide compétente sous peine de risquer des dommages irréversibles.

Veuillez noter que ce logiciel est régulièrement mis à jour et que la version téléchargée sera obsolète dans quelques jours.

 

Télécharger combofix.exe de sUBs

et sauvegardez le sur le bureau

 

Fermez ou désactivez tous les programmes Antivirus, Antispyware, Pare-feu actifs car ils pourraient perturber le fonctionnement de cet outil

Pour cela:

Démarrer->Exécuter->Msconfig->Démarrage : décochez les protections Antivirus, Antispyware,Teatimeretc..

 

Cela est absolument nécessaire au succès de la procédure.

Bien évidemment, vous les rétablirez ensuite.

 

Si vous avez un message de Combofix disant que votre antivirus est actif alors que vous l'avez désactivé, recommencez la procédure en mode sans échec

 

Double cliquer sur combofix.exe pour le lancer.

Ne pas fermer la fenêtre qui vient de s'ouvrir , le bureau serait vide et cela pourrait entraîner un plantage du programme!

Pour lancer le scan

Connecter tous les disques amovibles (disque dur externe, clé USB…).

Taper sur la touche 1 pour démarrer le scan.

Si pour une raison quelconque, combofix ne se lançait pas,

Sous Vista, désactivez l'UAC

Démarrez en mode sans échec, choisissez le compte Administrateur, lancez Combofix

Si vous avez un message de Combofix disant que votre antivirus est actif alors que vous l'avez désactivé, recommencez la procédure en mode sans échec

Lorsque ComboFix tourne, ne touchez plus du tout à votre ordinateur, vous risqueriez de planter le programme.

 

Le scan pourrait prendre un certain temps, il y a 50 procédures successives:

Patientez au moins 30 minutes pendant l'analyse.

Si le programme gèle (+ de 30 minutes), fermez le en cliquant le "X" au haut à droite de la fenêtre.

A la fin,,un rapport sera généré : postez en le contenu dans un prochain message.

Si le rapport est trop long, postez le en deux fois.

Il se trouve à c:\combofix.txt

[Roje]

J'ai lancé ComboFix en ouvrant normalement l'ordinateur, je n'ai pas eu la peine de le lancer en mode sans échec avec prise en charge du réseau. Il fallait cela parce que je ne pouvais pas désactiver mon antivirus (AVG 2012) de cette façon.

 

Et voici le tant attendu rapport de Combofix:

 

ComboFix 12-05-08.01 - mapou 08/05/2012 16:10:32.1.2 - x64

Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3691.2480 [GMT 2:00]

Lancé depuis: c:\users\mapou\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Un nouveau point de restauration a été créé

.

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\ms00834AC7.dat

c:\users\mapou\AppData\Roaming\Setup_WebGameAR.exe

c:\users\mapou\AppData\Roaming\updates

c:\users\mapou\av.ocx

.

.

((((((((((((((((((((((((((((( Fichiers créés du 2012-04-08 au 2012-05-08 ))))))))))))))))))))))))))))))))))))

.

.

2012-05-08 14:19 . 2012-05-08 14:19 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-08 12:57 . 2012-05-08 13:07 -------- d-----w- c:\program files (x86)\SEAF

2012-05-06 20:52 . 2012-05-06 20:53 2871808 ----a-w- C:\explorer_Seven_SP1.exe

2012-05-05 17:47 . 2012-05-05 17:47 -------- d-----w- c:\users\mapou\AppData\Roaming\Malwarebytes

2012-05-05 17:46 . 2012-05-05 17:46 -------- d-----w- c:\programdata\Malwarebytes

2012-05-05 17:46 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-05-05 17:46 . 2012-05-05 17:46 -------- d-----w- C:\Malwarebytes' Anti-Malware

2012-05-05 11:36 . 2012-05-05 11:36 -------- d-----w- c:\users\mapou\AppData\Local\ElevatedDiagnostics

2012-04-26 07:43 . 2012-05-06 07:43 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-04-18 19:19 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2012-04-18 19:19 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll

2012-04-18 19:19 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2012-04-18 19:19 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll

2012-04-18 19:19 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll

2012-04-18 19:19 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-04-18 19:19 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll

.

.

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-06 07:43 . 2012-03-31 08:41 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-05-06 07:43 . 2011-12-26 08:54 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-17 13:01 . 2012-03-01 01:01 391520 ----a-w- c:\users\mapou\AppData\Roaming\kujytuo.exe

2012-02-17 06:38 . 2012-03-13 21:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-02-17 05:34 . 2012-03-13 21:38 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-02-17 04:58 . 2012-03-13 21:38 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-02-17 04:57 . 2012-03-13 21:38 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-02-10 06:36 . 2012-03-13 21:40 1544192 ----a-w- c:\windows\system32\DWrite.dll

2012-02-10 05:38 . 2012-03-13 21:40 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

.

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{85F5CF95-EC8F-49fc-BB3F-38C79455CBA2}]

2012-02-15 20:20 48488 ----a-w- c:\program files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-03-13 08:32 1869152 ----a-w- c:\program files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll" [2012-03-13 1869152]

"{A531D99C-5A22-449b-83DA-872725C6D0ED}"= "c:\program files (x86)\alotappbar\bin\ALOTHelper.dll" [2012-02-15 48488]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CLASSES_ROOT\clsid\{a531d99c-5a22-449b-83da-872725c6d0ed}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2011-04-02 83344]

"VRLPHelper"="c:\program files (x86)\Sony\Media Gallery\VRLPHelper.exe" [2011-04-02 186768]

"Facebook Update"="c:\users\mapou\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-02-15 137536]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]

"Start_Icon225_IEWLauncher"="c:\program files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\IEWLauncher.exe" [2011-07-13 251344]

"Start_Update"="c:\program files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\UpdteApp.exe" [2011-07-13 949704]

"Start_Statistics"="c:\program files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\OrangeStats.exe" [2011-07-13 772048]

"Start_SMSNotifier"="c:\program files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\SmsNotifier.exe" [2011-07-13 1674192]

"Start_HSSModule"="c:\program files (x86)\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\HSSModule.exe" [2011-07-13 419280]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-03-13 982880]

"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-16 928096]

.

c:\users\mapou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

doebxmnj.js [2012-2-28 2784]

OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-06 257696]

R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]

R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]

R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [x]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]

R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]

R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]

R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2011-07-19 104096]

R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]

R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]

R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]

R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]

R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [x]

S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [x]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-05-24 365568]

S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]

S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-04-14 2375168]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]

S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]

S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]

S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]

S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-08-12 971704]

S2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-03-13 918880]

S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]

S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]

S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]

.

.

Contenu du dossier 'Tâches planifiées'

.

2012-05-08 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 07:43]

.

2012-05-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2076924364-2834266567-2299245320-1001Core.job

- c:\users\mapou\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-15 09:25]

.

2012-05-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2076924364-2834266567-2299245320-1001UA.job

- c:\users\mapou\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-15 09:25]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-17 518784]

"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]

"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Examen supplémentaire -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://isearch.avg.com/?cid={72029AAC-96E0-4A62-9BC1-80B9D247D7A5}&mid=1bc1723461a147d1a0d2a9cd7a461df5-6a7c81a69edc6b9838fd965a47fdea68a5ab60c5&lang=fr&ds=AVG&pr=fr&d=2011-12-26 10:33&v=10.2.0.3&sap=hp

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll

.

- - - - ORPHELINS SUPPRIMES - - - -

.

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Heure de fin: 2012-05-08 16:22:56

ComboFix-quarantined-files.txt 2012-05-08 14:22

.

Avant-CF: 440 524 513 280 octets libres

Après-CF: 440 385 941 504 octets libres

.

- - End Of File - - FA6F655F029CA1A6A899FCE1BE409DCC

[Roje]

http://http://

Je rajoute du coup les 3 messages qui s'affichent lors du démarrage de l'ordinateur en ouverture normale :

 

1- tout d'abord un message du controleur du compte utilisateur qui me pose cette question :

 

"Voulez-vous autoriser le programme suivant à apporter des modifications à cet ordinateur ?"

 

nom du programme : Processus hôte Windows (Rundll32)

éditeur vérifié : Microsoft Windows.

 

Réponse par OUI ou par NON (j'ai jusqu'à maintenant cliqué sur NON)

 

En regardant les détails, y sont spécifiés deux emplacements : C:\windows\System32\Rundll32.exe et celui-ci : C\PROGRA~3\coarjsubsim.dat ... RunAs (le cheminn'est pas complet je crois c'est pour cela que j'ai mis des points)

 

 

2- Ensuite vient ce message là :

 

"C:\PROGRA~3\coarjsubsim.dat le module spécifié est introuvable"

 

 

3- et le dernier :

 

"une autre instance de OpenOffice.org a accès à vos paramètres personnels ou les bloques.

Un accès simultané peut provoquer des incohérences de vos paramètres personnels. Avant de continuer, assurez-vous que l'utilisateur "quitte bien OpenOffice.org sur l'hôte"

Etes-vous sûr de vouloir continuer ?"

 

Là aussi le message laisse le choix entre OUI et NON. (je clique sur NON à chaque fois pour l'instant)

 

Mes questions à moi :

- Dois-je autoriser les modifications au message 1 pour que les deux autres n'apparaissent plus ?

- Y a-t-il un danger à cliquer sur OUI à chaque question ?

- sachant que C\PROGRA~3\coarjsubsim.dat a été révélé comme virusé est-ce une version propre ou encore la version qui me pose des problèmes ?

 

Je pose les questions comme elles viennent et peuvent paraitre naïves car je n'ai pas spécialement compris toutes les manipulations ainsi que les raisons pour lesquelles l'ordinateur était en panne.

 

En tout cas merci pour votre aide si précieuse.

[pear]

Vos question:

 

1)et2)

 

Vous avez raison de refuser si vous ne connaissez pas la raison de la demande

 

Autoriser un programme inconnu à se logguer avec des droits admin ou system(Runas..) ce serait suicidaire.

 

coarjsubsim. a beau être absent, il serait utile de savoir qui l'appelle .

 

Peut-être que l'observateur d'évènements donnerait lune réponse.

Sinon :

Télécharger SEAF de C_XX

 

Double-cliquer sur le fichier SEAF.exe

Suivre les instructions à cocher sur cette fenêtre:

Occurences à rechercher, séparées par une virgules ->

Taper

coarjsubsim.

Cocher"Chercher également dans le régistre"

Calculer le cheksum:Md5 .

Cocher Informations supplémentaires

Après la recherche un rapport s'affiche à l'écran que vous copiez/collez dans votre réponse.

Il est aussi sauvegardé là:C:\SEAFlog.txt

 

3) je ne sais pas.

Consultez le forum Sofware de ce site.

 

Mes questions:

 

a)Il me semble que vous avez retrouvé un usage normal de votre machine.

Qu'en est-il exactement ?

Et sinon, avez vous installé explorer.exe à la racine de c: ?

Et faut-il l'utiliser pour remplacer une version défectueuse ?(Page blanche)

 

b)A quoi vous sert alotappbar.

Ce truc a été signalé comme dangereux.

 

c)Avant d'aller plus loin, faites cette vérification, svp:

 

Poste de travail->Outils ->Options des dossiers ->Affichage

Cocher "Afficher les dossiers cachés"

Décocher" Masquer les extension des fichiers dont le type est connu "ainsi que "Masquer les fichiers protégés du système d exploitation"

--> un message dit que cela peut endommager le système, ne pas en tenir compte, valider par oui.

 

Rendez vous à cette adresse:

Cliquez sur parcourir pour trouver ces fichiers

c:\users\mapou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\doebxmnj.js

et cliquez sur "envoyer le fichier"

Copiez /collez la réponse dans votre prochain message.

Note: il peut arriver que le fichier ait déjà été analysé. Si c'est le cas, cliquez sur le bouton Reanalyse file now

[Roje]

Bonjour,

 

En effet, l'usage normal de la machine est effectif. Plus de problème de page blanche. Seuls les trois messages s'affiches au démarrage.

 

Explorer.exe est dans la racine C: mais celui-ci a t-il remplacé l'ancien ? Dois-je remplacer selon la méthode que vous m'avez indiqué ?

 

Alotappbar (ou Alot Appbar) est inconnu dans ma recherche, rien n'est signalé dans mon ordinateur. En me renseignant, cela viendrait d'une barre d'outils mais je n'en trouve pas de trace. Ce fichier créerait une application "alotwidget.exe"

Dans quel rapport trouvez-vous cette trace ?

 

J'ai bien suivi le chemin indiqué pour arriver au fichier que vous m'indiquez. c:\users\mapou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\doebxmnj.js, par contre je ne sais pas "envoyer le fichier".

Par quel biais dois-je le faire ?

Avec quel logiciel dois-je le faire analyser ?

 

 

voici le rapport pour la recherche de coarjsubsim :

 

1. ========================= SEAF 1.0.1.0 - C_XX

2.

3. Commencé à: 22:05:35 le 08/05/2012

4.

5. Valeur(s) recherchée(s):

6. coarjsubsim.

7.

8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès

9.

10. (!) --- Informations supplémentaires

11. (!) --- Recherche registre

12.

13. ====== Fichier(s) ======

14.

15. Aucun fichier trouvé

16.

17.

18. ====== Entrée(s) du registre ======

19.

20. Aucun élément dans le registre trouvé

21.

22. =========================

23.

24. Fin à: 22:09:34 le 08/05/2012

25. 335023 Éléments analysés

26.

27. =========================

28. E.O.F

[pear]

1)Explorer.

Non, il n'a pas remplacé l'ancien.

Mais gardez le au chaud, il pourrait vous servir en cas d'infection.

 

 

2)Virus Total:

Cliquez sur parcourir(Choose File) pour trouver ces fichiers

c:\users\mapou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\doebxmnj.js

et cliquez sur "envoyer le fichier"(Scan it)

Si c'est inoffensif, pas de problème.

Si Virus Total voit plusiers antivirus le déclarer malsain,il y aura un problème car je mabsente demain pour 2 semaines.

Dans ce cas je vous suggère de le supprimer vous même ou d'ouvrir un nouveau sujet

 

3)Alotappbar apparait dans votre régistre dans le rapport Combofix.

Combo, Nettoyage

Déconnectez-vous du net et désactivez l'antivirus (juste le temps de la procédure !)

Connecter tous les disques amovibles (disque dur externe, clé USB…).

Dans certaines circonstances , le Mode sans échec peut être nécessaire

Vérifiez que l'antivirus soit bien désactivé car un redémarrage le réactive

 

# Dans le bloc-note ,copiez-collez ces lignes :

Killall::

File::

c:\program files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll

"c:\program files (x86)\alotappbar\bin\ALOTHelper.dll

Registry::

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{85F5CF95-EC8F-49fc-BB3F-38C79455CBA2}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{A531D99C-5A22-449b-83DA-872725C6D0ED}"=-

 

* Attention, ce code a été rédigé spécialement pour cet utilisateur, il serait dangereux de le réutiliser dans d'autres cas !

Enregistrez-le en lui donnant le nom CFScript.txt

Ouvrez Combofix

* Faire un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe

 

* Au message qui apparait dans une fenêtre bleue ( Type 1 to continue, or 2 to abort) , taper 1 puis valider.

* Patienter le temps du scan.

Le bureau va disparaitre à plusieurs reprises: c'est normal!

Ne toucher à rien tant que le scan n'est pas terminé.

 

Le rapport de ComboFix ne s'affichera qu'à la fin

Poster son contenu.

Si le fichier n'apparait pas, il se trouve ici > C:\ComboFix.txt

[Roje]

Voici le résultat de VirusTotal :

 

Un antivirus trouve la chose inquiétante: McAfee-GW-Edition donne ce commentaire : Heuristic.LooksLike.JS.Suspicious.

 

 

Ce que j'ai pu copier du rapport: Comme c'est du charabia pour moi autant je viens de coller un message qui ne veut rien dire.

 

 

SHA256:

 

75648340a9b1b228487c98399fd9d389d0bf47363ae3751f3b572da5072301d8

 

SHA1:

 

9a8b0dbd75a2c61876b245a0f4275fb219d50bdf

 

MD5:

 

4b8d648f31291ef9defee1fca336cff7

 

File size:

 

2.7 KB ( 2784 bytes )

 

File name:

 

C:\Users\mapou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\doebxmnj.js

 

File type:

 

Text

 

Detection ratio:

 

1 / 41

 

Analysis date:

 

2012-05-09 20:02:59 UTC ( 0 minute ago )

 

 

Je m'attaque au ComboFix.