Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Infection non totalement éradiquée [1]

evans

Par evans
dans Analyses et éradication malwares

 Partager

Messages recommandés

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

On va voir,Clique sur suppression et poste le rappport.

 

Relance l'outil et passe les Autres options:

 

- Suppression

- HostRAZ

- Proxyraz

- DNS Raz

- RaccourcisRaz (si les icônes ont disparu, uniquement).

- Rapport

 

Poste les rapports obtenus après chaque demande de manip stp.

 

++

Lien vers le commentaire
Partager sur d’autres sites

evans Member

evans

Posté(e)
  • Auteur
Posté(e)

Voici le premier rapport, après suppression :

 

RogueKiller V7.6.1 [28/06/2012] par Tigzy

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/56)

Blog: tigzy-RK

 

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version

Demarrage : Mode normal

Utilisateur: Louis [Droits d'admin]

Mode: Suppression -- Date: 01/07/2012 14:27:55

 

¤¤¤ Processus malicieux: 0 ¤¤¤

 

¤¤¤ Entrees de registre: 3 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{3A7B2F48-3860-4E50-9A09-91F8C517789F} : NameServer (212.27.54.252,212.27.53.252) -> NOT REMOVED, USE DNSFIX

[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{3A7B2F48-3860-4E50-9A09-91F8C517789F} : NameServer (212.27.54.252,212.27.53.252) -> NOT REMOVED, USE DNSFIX

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

 

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

 

¤¤¤ Driver: [CHARGE] ¤¤¤

IRP[iRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] sfsync04.sys @ 0xF72F2A7C)

 

¤¤¤ Infection : ¤¤¤

 

¤¤¤ Fichier HOSTS: ¤¤¤

127.0.0.1 localhost

::1 localhost

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 1000gratisproben.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

[...]

 

 

¤¤¤ MBR Verif: ¤¤¤

 

+++++ PhysicalDrive0: Maxtor 6Y120M0 +++++

--- User ---

[MBR] 1cd8cd2863b35ca10ddb0477190e3c42

[bSP] f3e33d5ff22b50a920b017d79798d7cf : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 20002 Mo

1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 40965750 | Size: 97229 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive3: WD My Passport 0730 USB Device +++++

--- User ---

[MBR] e762630b7375c7640f65f22472ad9463

[bSP] 187cb2b8db7cb7dc142ab5db8fefb6ed : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476907 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

 

Termine : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt

 

 

Après la deuxième Suppresion :

 

RogueKiller V7.6.1 [28/06/2012] par Tigzy

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/56)

Blog: tigzy-RK

 

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version

Demarrage : Mode normal

Utilisateur: Louis [Droits d'admin]

Mode: Suppression -- Date: 01/07/2012 14:30:12

 

¤¤¤ Processus malicieux: 0 ¤¤¤

 

¤¤¤ Entrees de registre: 2 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{3A7B2F48-3860-4E50-9A09-91F8C517789F} : NameServer (212.27.54.252,212.27.53.252) -> NOT REMOVED, USE DNSFIX

[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{3A7B2F48-3860-4E50-9A09-91F8C517789F} : NameServer (212.27.54.252,212.27.53.252) -> NOT REMOVED, USE DNSFIX

 

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

 

¤¤¤ Driver: [CHARGE] ¤¤¤

IRP[iRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] sfsync04.sys @ 0xF72F2A7C)

 

¤¤¤ Infection : ¤¤¤

 

¤¤¤ Fichier HOSTS: ¤¤¤

127.0.0.1 localhost

::1 localhost

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 1000gratisproben.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

[...]

 

 

¤¤¤ MBR Verif: ¤¤¤

 

+++++ PhysicalDrive0: Maxtor 6Y120M0 +++++

--- User ---

[MBR] 1cd8cd2863b35ca10ddb0477190e3c42

[bSP] f3e33d5ff22b50a920b017d79798d7cf : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 20002 Mo

1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 40965750 | Size: 97229 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive3: WD My Passport 0730 USB Device +++++

--- User ---

[MBR] e762630b7375c7640f65f22472ad9463

[bSP] 187cb2b8db7cb7dc142ab5db8fefb6ed : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476907 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

 

Termine : << RKreport[4].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

 

 

 

Après RaZHost :

 

RogueKiller V7.6.1 [28/06/2012] par Tigzy

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/56)

Blog: tigzy-RK

 

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version

Demarrage : Mode normal

Utilisateur: Louis [Droits d'admin]

Mode: HOSTS RAZ -- Date: 01/07/2012 14:31:06

 

¤¤¤ Processus malicieux: 0 ¤¤¤

 

¤¤¤ Driver: [CHARGE] ¤¤¤

 

¤¤¤ Fichier HOSTS: ¤¤¤

127.0.0.1 localhost

::1 localhost

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 1000gratisproben.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

[...]

 

 

¤¤¤ Nouveau fichier HOSTS: ¤¤¤

127.0.0.1 localhost

 

Termine : << RKreport[5].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt

 

 

 

Après ProxyRaZ :

 

RogueKiller V7.6.1 [28/06/2012] par Tigzy

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/56)

Blog: tigzy-RK

 

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version

Demarrage : Mode normal

Utilisateur: Louis [Droits d'admin]

Mode: Proxy RAZ -- Date: 01/07/2012 14:31:45

 

¤¤¤ Processus malicieux: 0 ¤¤¤

 

¤¤¤ Driver: [CHARGE] ¤¤¤

 

¤¤¤ Entrees de registre: 0 ¤¤¤

 

Termine : << RKreport[6].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;

RKreport[6].txt

 

 

 

Après DNSRaZ :

 

RogueKiller V7.6.1 [28/06/2012] par Tigzy

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/56)

Blog: tigzy-RK

 

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version

Demarrage : Mode normal

Utilisateur: Louis [Droits d'admin]

Mode: DNS RAZ -- Date: 01/07/2012 14:32:12

 

¤¤¤ Processus malicieux: 0 ¤¤¤

 

¤¤¤ Driver: [CHARGE] ¤¤¤

 

¤¤¤ Entrees de registre: 2 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{3A7B2F48-3860-4E50-9A09-91F8C517789F} : NameServer (212.27.54.252,212.27.53.252) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{3A7B2F48-3860-4E50-9A09-91F8C517789F} : NameServer (212.27.54.252,212.27.53.252) -> REPLACED ()

 

Termine : << RKreport[7].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;

RKreport[6].txt ; RKreport[7].txt

 

 

Pas eu besoin de Racc. RaZ.

 

Rapport :

 

RogueKiller V7.6.1 [28/06/2012] par Tigzy

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/56)

Blog: tigzy-RK

 

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version

Demarrage : Mode normal

Utilisateur: Louis [Droits d'admin]

Mode: DNS RAZ -- Date: 01/07/2012 14:32:12

 

¤¤¤ Processus malicieux: 0 ¤¤¤

 

¤¤¤ Driver: [CHARGE] ¤¤¤

 

¤¤¤ Entrees de registre: 2 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{3A7B2F48-3860-4E50-9A09-91F8C517789F} : NameServer (212.27.54.252,212.27.53.252) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{3A7B2F48-3860-4E50-9A09-91F8C517789F} : NameServer (212.27.54.252,212.27.53.252) -> REPLACED ()

 

Termine : << RKreport[7].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;

RKreport[6].txt ; RKreport[7].txt

Lien vers le commentaire
Partager sur d’autres sites
evans Member

evans

Posté(e)
  • Auteur
Posté(e)

Cela vient d'arriver!

 

Je rafraichissez la page internet quand soudain un fichier sans nom ni extension est apparu sur mon bureau. Mes icônes, la page internet, ... ont commencé à disparaître. J'ai put supprimer le fichier mais impossible de faire revenir mes icônes et autres, j'ai était obligé de redémarrer mon ordinateur!

Lien vers le commentaire
Partager sur d’autres sites
Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Ouais on va voir s'il n'y a pas de rootkit puis on fera un scan antivirus puissant si nécessaire.

 

Tes icônes et dossiers ne disparaissent plus?

 

 

 

Télécharge TDSSKiller de Kaspersky sur ton bureau.

 

Ou: http://support.kaspersky.com/fr/downloads/utils/tdsskiller.zip ; décompresse le zip.

 

Double-clique sur TDSSKiller.exe

L'écran de TDSSKiller s'affiche:

 

sshot-1-2dabd4e.jpg

 

- Laisser cochées les 2 options par défaut -Visible via l'onglet "change parameter".

 

object2scan-2d7aef9.jpg

 

Et coche les 2 options supplémentaires:

 

addoptions-2d7af1d.jpg

 

Clique sur Start scan pour lancer l'analyse.

 

 

- Si une menace est détectée (Threats detected) vérifie que, suivant le cas:

 

En général, laisse les options proposées par défaut par l'outil

 

 

l'option "delete" (effacer) est bien cochée pour la famille TDL2

 

l'option "delete" (effacer) est bien cochée pour tout objet de la forme chiffre_aléatoire:chiffre_aléatoire.exe

 

l'option "delete" (effacer) est bien cochée pour tout service de la forme chiffre et/ou lettre aléatoire (hidden file)

 

 

l'option "cure" (réparer ) pour la famille TDL3.

 

l'option "cure" (réparer ) pour la famille tdl4(\HardDisk0\MBR).

 

l'option "cure" (réparer) pour la famille Rootkit.Win32.ZAccess

 

puis clique sur Continue.

 

- laisse l'action par défaut "skip" (sauter) pour les "suspicious objects. low risks", avant de savoir ce que c'est, puis clique sur Continue.

 

2663-2-eng-2f88df2.png

 

 

En fin d'analyse il peut être demandé de relancer la machine:

 

 

clique sur Reboot Now.

 

- Si aucun reboot n'est demandé, clique sur le bouton Report et poste le contenu du fichier qui s'affiche.

 

- Si un reboot est demandé, aprés redémarrage tu trouveras le contenu du rapport de TDSSKiller ici:

SystemDrive\TDSSKiller.Version_Date_Heure_log.txt)

[systemDrive représente la partition sur laquelle est installé le système, généralement C:]

Lien vers le commentaire
Partager sur d’autres sites
evans Member

evans

Posté(e)
  • Auteur
Posté(e)

Les dossiers et bouttons ne disparaissent que péridodiquement et après un redémarrage ils réapparaissent, jusqu'à la prochaine crise....

 

Il a trouvé plusieurs choses mais ce ne sont pas des malwares apparement (pour certaines j'en suis sûr) :

 

14:57:15.0671 0548 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22

14:57:15.0890 0548 ============================================================

14:57:15.0890 0548 Current date / time: 2012/07/01 14:57:15.0890

14:57:15.0890 0548 SystemInfo:

14:57:15.0890 0548

14:57:15.0890 0548 OS Version: 5.1.2600 ServicePack: 2.0

14:57:15.0890 0548 Product type: Workstation

14:57:15.0890 0548 ComputerName: SN25P

14:57:15.0890 0548 UserName: Louis

14:57:15.0890 0548 Windows directory: C:\WINDOWS

14:57:15.0890 0548 System windows directory: C:\WINDOWS

14:57:15.0890 0548 Processor architecture: Intel x86

14:57:15.0890 0548 Number of processors: 2

14:57:15.0890 0548 Page size: 0x1000

14:57:15.0890 0548 Boot type: Normal boot

14:57:15.0890 0548 ============================================================

14:57:18.0703 0548 Drive \Device\Harddisk0\DR0 - Size: 0x1C9FEF0000 (114.50 Gb), SectorSize: 0x200, Cylinders: 0x3A62, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

14:57:18.0703 0548 Drive \Device\Harddisk1\DR5 - Size: 0x746EC00000 (465.73 Gb), SectorSize: 0x200, Cylinders: 0xED7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

14:57:18.0750 0548 ============================================================

14:57:18.0750 0548 \Device\Harddisk0\DR0:

14:57:18.0765 0548 MBR partitions:

14:57:18.0765 0548 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2711637

14:57:18.0796 0548 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x7D043F

14:57:18.0828 0548 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE1B33, BlocksNum 0x57E52EA

14:57:18.0875 0548 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x86C6E5C, BlocksNum 0x5E312C5

14:57:18.0875 0548 \Device\Harddisk1\DR5:

14:57:18.0875 0548 MBR partitions:

14:57:18.0875 0548 \Device\Harddisk1\DR5\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A375800

14:57:18.0875 0548 ============================================================

14:57:18.0906 0548 C: <-> \Device\Harddisk0\DR0\Partition0

14:57:18.0984 0548 D: <-> \Device\Harddisk0\DR0\Partition1

14:57:19.0062 0548 E: <-> \Device\Harddisk0\DR0\Partition2

14:57:19.0187 0548 F: <-> \Device\Harddisk0\DR0\Partition3

14:57:19.0281 0548 J: <-> \Device\Harddisk1\DR5\Partition0

14:57:19.0343 0548 ============================================================

14:57:19.0343 0548 Initialize success

14:57:19.0343 0548 ============================================================

14:59:10.0500 0328 ============================================================

14:59:10.0500 0328 Scan started

14:59:10.0500 0328 Mode: Manual; SigCheck; TDLFS;

14:59:10.0500 0328 ============================================================

14:59:11.0093 0328 Aavmker4 (5803b5f166ee9865a3c763127dce02fd) C:\WINDOWS\system32\drivers\Aavmker4.sys

14:59:11.0218 0328 Aavmker4 - ok

14:59:11.0296 0328 aawservice (17067069b9a7865028c1f2e6971d0ccc) E:\Ad-Aware\aawservice.exe

14:59:11.0343 0328 aawservice - ok

14:59:11.0343 0328 Abiosdsk - ok

14:59:11.0343 0328 abp480n5 - ok

14:59:11.0406 0328 acedrv11 (a6fe70357a68ad1e279cd1012419cce6) C:\WINDOWS\system32\drivers\acedrv11.sys

14:59:11.0437 0328 acedrv11 - ok

14:59:11.0484 0328 ACPI (0bd94fbfc14ea3606cd6ca4c0255baa3) C:\WINDOWS\system32\DRIVERS\ACPI.sys

14:59:12.0718 0328 ACPI - ok

14:59:12.0781 0328 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys

14:59:12.0890 0328 ACPIEC - ok

14:59:12.0890 0328 adpu160m - ok

14:59:12.0937 0328 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys

14:59:12.0968 0328 AFD - ok

14:59:12.0984 0328 Aha154x - ok

14:59:12.0984 0328 aic78u2 - ok

14:59:12.0984 0328 aic78xx - ok

14:59:13.0187 0328 Akamai (c775d704feb2b600a5bf7b0b088546af) c:\program files\fichiers communs\akamai/netsession_win_80c2ffa.dll

14:59:13.0187 0328 Suspicious file (Hidden): c:\program files\fichiers communs\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af

14:59:13.0203 0328 Akamai ( HiddenFile.Multi.Generic ) - warning

14:59:13.0203 0328 Akamai - detected HiddenFile.Multi.Generic (1)

14:59:13.0296 0328 Alerter (cb0067eb22b6bdd9e978934c5b951d8b) C:\WINDOWS\system32\alrsvc.dll

14:59:13.0390 0328 Alerter - ok

14:59:13.0406 0328 ALG (b43cc0f07752d456038cd0268e4d84e9) C:\WINDOWS\System32\alg.exe

14:59:13.0500 0328 ALG - ok

14:59:13.0515 0328 AliIde - ok

14:59:13.0578 0328 AmdK8 (31ffde1be912d7cbd3f189feb61f86b6) C:\WINDOWS\system32\DRIVERS\AmdK8.sys

14:59:13.0656 0328 AmdK8 - ok

14:59:13.0687 0328 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\WINDOWS\system32\DRIVERS\AmdLLD.sys

14:59:13.0718 0328 AmdLLD - ok

14:59:13.0718 0328 amsint - ok

14:59:13.0765 0328 AppMgmt (7e9d138dc991bcce6e6026cd74e69cc4) C:\WINDOWS\System32\appmgmts.dll

14:59:13.0875 0328 AppMgmt - ok

14:59:13.0906 0328 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

14:59:14.0015 0328 Arp1394 - ok

14:59:14.0015 0328 asc - ok

14:59:14.0031 0328 asc3350p - ok

14:59:14.0031 0328 asc3550 - ok

14:59:14.0187 0328 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

14:59:14.0234 0328 aspnet_state - ok

14:59:14.0265 0328 aswFsBlk (5679eaf49f7e2a93ceadcf0aaf6fa3a3) C:\WINDOWS\system32\drivers\aswFsBlk.sys

14:59:14.0281 0328 aswFsBlk - ok

14:59:14.0328 0328 aswMon2 (61c194bc48521cb55be2763a33f77d44) C:\WINDOWS\system32\drivers\aswMon2.sys

14:59:14.0343 0328 aswMon2 - ok

14:59:14.0343 0328 aswRdr (b221d97841c02ae79ec5c56172724f5c) C:\WINDOWS\system32\drivers\aswRdr.sys

14:59:14.0359 0328 aswRdr - ok

14:59:14.0421 0328 aswSnx (1aee85af4b664ea9e22ebe41e8f96571) C:\WINDOWS\system32\drivers\aswSnx.sys

14:59:14.0468 0328 aswSnx - ok

14:59:14.0484 0328 aswSP (3c9d1aeb0fafa8493335503ebee9a301) C:\WINDOWS\system32\drivers\aswSP.sys

14:59:14.0500 0328 aswSP - ok

14:59:14.0515 0328 aswTdi (74f58f4adafaf50b9a09cb6e17b4ee49) C:\WINDOWS\system32\drivers\aswTdi.sys

14:59:14.0531 0328 aswTdi - ok

14:59:14.0546 0328 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

14:59:14.0640 0328 AsyncMac - ok

14:59:14.0671 0328 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys

14:59:14.0765 0328 atapi - ok

14:59:14.0765 0328 Atdisk - ok

14:59:14.0828 0328 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys

14:59:14.0859 0328 atksgt - ok

14:59:14.0890 0328 AudioSrv (21620df34b0acf0a37f72396f855820c) C:\WINDOWS\System32\audiosrv.dll

14:59:14.0984 0328 AudioSrv - ok

14:59:15.0015 0328 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

14:59:15.0109 0328 audstub - ok

14:59:15.0250 0328 avast! Antivirus (b31f785751157aa8e2a33ea1cb4dc5be) E:\Avast5\AvastSvc.exe

14:59:15.0250 0328 avast! Antivirus - ok

14:59:15.0281 0328 AVG Anti-Rootkit (e8054a423e5d2bdae6062bab6da159c4) C:\WINDOWS\system32\DRIVERS\avgarkt.sys

14:59:15.0281 0328 AVG Anti-Rootkit ( UnsignedFile.Multi.Generic ) - warning

14:59:15.0281 0328 AVG Anti-Rootkit - detected UnsignedFile.Multi.Generic (1)

14:59:15.0296 0328 AvgArCln (ec08d1625f5c6cf2a57b79eb35186f8c) C:\WINDOWS\system32\DRIVERS\AvgArCln.sys

14:59:15.0328 0328 AvgArCln ( UnsignedFile.Multi.Generic ) - warning

14:59:15.0328 0328 AvgArCln - detected UnsignedFile.Multi.Generic (1)

14:59:15.0343 0328 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

14:59:15.0484 0328 Beep - ok

14:59:15.0531 0328 BITS (659f7b6c502051bfa37910614b225548) C:\WINDOWS\system32\qmgr.dll

14:59:15.0671 0328 BITS - ok

14:59:15.0718 0328 Browser (75ac49029966bffea09f96c1c194f684) C:\WINDOWS\System32\browser.dll

14:59:15.0812 0328 Browser - ok

14:59:15.0937 0328 catchme - ok

14:59:15.0968 0328 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

14:59:16.0078 0328 cbidf2k - ok

14:59:16.0093 0328 cd20xrnt - ok

14:59:16.0156 0328 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys

14:59:16.0250 0328 Cdfs - ok

14:59:16.0328 0328 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys

14:59:16.0421 0328 Cdrom - ok

14:59:16.0437 0328 CiSvc (abfac5d58218c0a655dfcae2d8a535f3) C:\WINDOWS\system32\cisvc.exe

14:59:16.0515 0328 CiSvc - ok

14:59:16.0515 0328 ClipSrv (e42101918c50f754fc15367814fec11c) C:\WINDOWS\system32\clipsrv.exe

14:59:16.0609 0328 ClipSrv - ok

14:59:16.0718 0328 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:59:16.0750 0328 clr_optimization_v2.0.50727_32 - ok

14:59:16.0812 0328 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:59:16.0875 0328 clr_optimization_v4.0.30319_32 - ok

14:59:16.0875 0328 CmdIde - ok

14:59:16.0890 0328 COMSysApp - ok

14:59:16.0890 0328 Cpqarray - ok

14:59:16.0906 0328 CryptSvc (cd73133eb24c572019944001fad1b8d9) C:\WINDOWS\System32\cryptsvc.dll

14:59:17.0000 0328 CryptSvc - ok

14:59:17.0000 0328 dac2w2k - ok

14:59:17.0000 0328 dac960nt - ok

14:59:17.0046 0328 DcomLaunch (5620353b93dd08016674e4fee280190b) C:\WINDOWS\system32\rpcss.dll

14:59:17.0953 0328 DcomLaunch - ok

14:59:18.0015 0328 Dhcp (06d73fccec17f51572400a933fd283f4) C:\WINDOWS\System32\dhcpcsvc.dll

14:59:18.0656 0328 Dhcp - ok

14:59:18.0703 0328 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys

14:59:18.0796 0328 Disk - ok

14:59:18.0796 0328 dmadmin - ok

14:59:18.0828 0328 dmboot (e2d3b7620310fe56685f9b15a6b404b3) C:\WINDOWS\system32\drivers\dmboot.sys

14:59:18.0984 0328 dmboot - ok

14:59:19.0000 0328 dmio (c77f5c20aa70197a69aa84baa9de43c8) C:\WINDOWS\system32\drivers\dmio.sys

14:59:19.0109 0328 dmio - ok

14:59:19.0140 0328 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

14:59:19.0250 0328 dmload - ok

14:59:19.0281 0328 dmserver (893cc650e9e7aa8c9ee14d61e7c150ce) C:\WINDOWS\System32\dmserver.dll

14:59:19.0375 0328 dmserver - ok

14:59:19.0421 0328 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys

14:59:19.0500 0328 DMusic - ok

14:59:19.0546 0328 Dnscache (8f59e8f3f98c5e6a8f760a3dd529d1ec) C:\WINDOWS\System32\dnsrslvr.dll

14:59:19.0609 0328 Dnscache - ok

14:59:19.0609 0328 dpti2o - ok

14:59:19.0609 0328 EagleNT - ok

14:59:19.0703 0328 Envy24HFS (542969287f982627caeb8ae71d9da3c0) C:\WINDOWS\system32\drivers\Envy24HF.sys

14:59:19.0781 0328 Envy24HFS - ok

14:59:19.0812 0328 ERSvc (a4661552caeaf05a7cae43431987910c) C:\WINDOWS\System32\ersvc.dll

14:59:19.0906 0328 ERSvc - ok

14:59:19.0937 0328 Eventlog (9d6bf82fe50d55f20f8e10e0f6653886) C:\WINDOWS\system32\services.exe

14:59:19.0984 0328 Eventlog - ok

14:59:20.0015 0328 EventSystem (a5b1b7c76134329aa7547f6e6da35410) C:\WINDOWS\System32\es.dll

14:59:20.0062 0328 EventSystem - ok

14:59:20.0109 0328 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys

14:59:20.0203 0328 Fastfat - ok

14:59:20.0234 0328 FastUserSwitchingCompatibility (d7dfbd1efa149ec158363b974dae0c6b) C:\WINDOWS\System32\shsvcs.dll

14:59:20.0296 0328 FastUserSwitchingCompatibility - ok

14:59:20.0312 0328 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys

14:59:20.0406 0328 Fdc - ok

14:59:20.0437 0328 Fips (8b121ff880683607ab2aef0340721718) C:\WINDOWS\system32\drivers\Fips.sys

14:59:20.0562 0328 Fips - ok

14:59:20.0593 0328 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

14:59:20.0671 0328 Flpydisk - ok

14:59:20.0703 0328 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys

14:59:20.0750 0328 FltMgr - ok

14:59:20.0890 0328 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

14:59:20.0890 0328 FontCache3.0.0.0 - ok

14:59:20.0937 0328 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

14:59:21.0031 0328 Fs_Rec - ok

14:59:21.0078 0328 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

14:59:21.0187 0328 Ftdisk - ok

14:59:21.0265 0328 getPlusHelper - ok

14:59:21.0296 0328 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys

14:59:21.0390 0328 Gpc - ok

14:59:21.0421 0328 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys

14:59:21.0437 0328 hamachi - ok

14:59:21.0484 0328 Hamachi2Svc - ok

14:59:21.0562 0328 helpsvc (3a18f1fe2e70e736014710ef85857ef8) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

14:59:21.0656 0328 helpsvc - ok

14:59:21.0687 0328 HidServ (bba013d455c7cd9d8c42e8c7cc7418f9) C:\WINDOWS\System32\hidserv.dll

14:59:21.0765 0328 HidServ - ok

14:59:21.0812 0328 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys

14:59:21.0921 0328 hidusb - ok

14:59:21.0937 0328 hpn - ok

14:59:22.0000 0328 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys

14:59:22.0031 0328 HTTP - ok

14:59:22.0078 0328 HTTPFilter (fdcd442cf729d30b5d9c07ade37901ab) C:\WINDOWS\System32\w3ssl.dll

14:59:22.0156 0328 HTTPFilter - ok

14:59:22.0171 0328 i2omgmt - ok

14:59:22.0171 0328 i2omp - ok

14:59:22.0187 0328 i8042prt (d1efcbd693b5ba21314d06368c471070) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

14:59:22.0281 0328 i8042prt - ok

14:59:22.0406 0328 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

14:59:22.0421 0328 IDriverT ( UnsignedFile.Multi.Generic ) - warning

14:59:22.0421 0328 IDriverT - detected UnsignedFile.Multi.Generic (1)

14:59:22.0468 0328 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

14:59:22.0515 0328 idsvc - ok

14:59:22.0546 0328 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys

14:59:22.0640 0328 Imapi - ok

14:59:22.0703 0328 ImapiService (17b7a4375868b8c38f2dfc98b3b420c6) C:\WINDOWS\system32\imapi.exe

14:59:22.0781 0328 ImapiService - ok

14:59:22.0796 0328 ini910u - ok

14:59:22.0796 0328 IntelIde - ok

14:59:22.0843 0328 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys

14:59:22.0921 0328 ip6fw - ok

14:59:22.0953 0328 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

14:59:23.0078 0328 IpFilterDriver - ok

14:59:23.0125 0328 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys

14:59:23.0218 0328 IpInIp - ok

14:59:23.0265 0328 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys

14:59:23.0281 0328 IpNat - ok

14:59:23.0296 0328 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys

14:59:23.0375 0328 IPSec - ok

14:59:23.0390 0328 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys

14:59:23.0484 0328 IRENUM - ok

14:59:23.0515 0328 isapnp (54632f1a7de61dc3615d756f2a90fa72) C:\WINDOWS\system32\DRIVERS\isapnp.sys

14:59:23.0640 0328 isapnp - ok

14:59:23.0734 0328 JavaQuickStarterService (c2c1660ddcc9bd67eb98d6d5f91c107f) C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

14:59:23.0750 0328 JavaQuickStarterService - ok

14:59:23.0781 0328 Kbdclass (e798705e8dc7fab596ef6bfdf167e007) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

14:59:23.0875 0328 Kbdclass - ok

14:59:23.0906 0328 kbdhid (62dd5eefcec4ef4163f1168d4262a9e4) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

14:59:23.0984 0328 kbdhid - ok

14:59:24.0015 0328 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys

14:59:24.0046 0328 kmixer - ok

14:59:24.0078 0328 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys

14:59:24.0125 0328 KMWDFILTER - ok

14:59:24.0171 0328 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys

14:59:24.0281 0328 KSecDD - ok

14:59:24.0312 0328 lanmanserver (aa3959a0e05e7390bfa2fd5bf0e0d2fd) C:\WINDOWS\System32\srvsvc.dll

14:59:24.0343 0328 lanmanserver - ok

14:59:24.0375 0328 lanmanworkstation (1a1a7ace3190224c82f70561fc7a4774) C:\WINDOWS\System32\wkssvc.dll

14:59:24.0421 0328 lanmanworkstation - ok

14:59:24.0421 0328 lbrtfdc - ok

14:59:24.0468 0328 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys

14:59:24.0484 0328 lirsgt - ok

14:59:24.0515 0328 LmHosts (2c6d3047910b70ccd571ba2698b0c98b) C:\WINDOWS\System32\lmhsvc.dll

14:59:24.0593 0328 LmHosts - ok

14:59:24.0703 0328 Lvckap (bd0d8c9e3aef163dafa0a3c27106d049) C:\WINDOWS\system32\drivers\Lvckap.sys

14:59:24.0812 0328 Lvckap ( UnsignedFile.Multi.Generic ) - warning

14:59:24.0812 0328 Lvckap - detected UnsignedFile.Multi.Generic (1)

14:59:24.0984 0328 lvmvdrv (c2ad4603075b1c58d92b6bb00e08e958) C:\WINDOWS\system32\drivers\lvmvdrv.sys

14:59:25.0125 0328 lvmvdrv ( UnsignedFile.Multi.Generic ) - warning

14:59:25.0125 0328 lvmvdrv - detected UnsignedFile.Multi.Generic (1)

14:59:25.0203 0328 LVPrcMon (4fd5a6335fb4fc1f758088b2f90613fe) C:\WINDOWS\system32\drivers\LVPrcMon.sys

14:59:25.0234 0328 LVPrcMon ( UnsignedFile.Multi.Generic ) - warning

14:59:25.0234 0328 LVPrcMon - detected UnsignedFile.Multi.Generic (1)

14:59:25.0296 0328 LVPrcSrv (493b1d854f98d611cca249014c6e631a) c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

14:59:25.0312 0328 LVPrcSrv ( UnsignedFile.Multi.Generic ) - warning

14:59:25.0312 0328 LVPrcSrv - detected UnsignedFile.Multi.Generic (1)

14:59:25.0359 0328 LVUSBSta (c0883f7914afa7feaa41ada0d513ac16) C:\WINDOWS\system32\drivers\lvusbsta.sys

14:59:25.0437 0328 LVUSBSta - ok

14:59:25.0515 0328 maconfservice (9ffbb926985cefed196ddd00478bbb93) C:\Program Files\ma-config.com\maconfservice.exe

14:59:25.0546 0328 maconfservice - ok

14:59:25.0578 0328 Messenger (de71362123e81d268088e78543752576) C:\WINDOWS\System32\msgsvc.dll

14:59:25.0671 0328 Messenger - ok

14:59:25.0718 0328 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

14:59:25.0828 0328 mnmdd - ok

14:59:25.0859 0328 mnmsrvc (5b219f99cf6d5be05a6c6e86c38cb7ce) C:\WINDOWS\System32\mnmsrvc.exe

14:59:25.0953 0328 mnmsrvc - ok

14:59:25.0968 0328 Modem (5ac7e16f5b40a6da14b5f2b3ada4693e) C:\WINDOWS\system32\drivers\Modem.sys

14:59:26.0046 0328 Modem - ok

14:59:26.0078 0328 Mouclass (7d4f19411bd941e1d432a99e24230386) C:\WINDOWS\system32\DRIVERS\mouclass.sys

14:59:26.0171 0328 Mouclass - ok

14:59:26.0203 0328 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys

14:59:26.0312 0328 mouhid - ok

14:59:26.0328 0328 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys

14:59:26.0406 0328 MountMgr - ok

14:59:26.0421 0328 mraid35x - ok

14:59:26.0437 0328 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

14:59:26.0500 0328 MRxDAV - ok

14:59:26.0562 0328 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

14:59:26.0656 0328 MRxSmb - ok

14:59:26.0687 0328 MSDTC (11ca338b8765db8e2d1b459f2cfad147) C:\WINDOWS\System32\msdtc.exe

14:59:26.0765 0328 MSDTC - ok

14:59:26.0781 0328 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys

14:59:26.0859 0328 Msfs - ok

14:59:26.0859 0328 MSIServer - ok

14:59:26.0906 0328 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys

14:59:26.0984 0328 MSKSSRV - ok

14:59:27.0000 0328 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

14:59:27.0078 0328 MSPCLOCK - ok

14:59:27.0093 0328 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys

14:59:27.0171 0328 MSPQM - ok

14:59:27.0203 0328 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

14:59:27.0296 0328 mssmbios - ok

14:59:27.0343 0328 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys

14:59:27.0421 0328 MSTEE - ok

14:59:27.0421 0328 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys

14:59:27.0500 0328 Mup - ok

14:59:27.0546 0328 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

14:59:27.0625 0328 NABTSFEC - ok

14:59:27.0640 0328 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys

14:59:27.0718 0328 NDIS - ok

14:59:27.0750 0328 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

14:59:27.0843 0328 NdisIP - ok

14:59:27.0875 0328 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

14:59:27.0984 0328 NdisTapi - ok

14:59:28.0000 0328 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

14:59:28.0140 0328 Ndisuio - ok

14:59:28.0171 0328 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

14:59:28.0250 0328 NdisWan - ok

14:59:28.0281 0328 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys

14:59:28.0406 0328 NDProxy - ok

14:59:28.0406 0328 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys

14:59:28.0484 0328 NetBIOS - ok

14:59:28.0500 0328 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys

14:59:28.0578 0328 NetBT - ok

14:59:28.0625 0328 NetDDE (d40598fd7b7dccbfb22d777e0dfb1cf0) C:\WINDOWS\system32\netdde.exe

14:59:28.0703 0328 NetDDE - ok

14:59:28.0718 0328 NetDDEdsdm (d40598fd7b7dccbfb22d777e0dfb1cf0) C:\WINDOWS\system32\netdde.exe

14:59:28.0796 0328 NetDDEdsdm - ok

14:59:28.0828 0328 Netlogon (259af82a0932eea4f316f92db94707b6) C:\WINDOWS\system32\lsass.exe

14:59:28.0906 0328 Netlogon - ok

14:59:28.0937 0328 Netman (0d55724d88488bbfc53bc2ea219240f3) C:\WINDOWS\System32\netman.dll

14:59:28.0984 0328 Netman - ok

14:59:29.0093 0328 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

14:59:29.0140 0328 NetTcpPortSharing - ok

14:59:29.0187 0328 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys

14:59:29.0281 0328 NIC1394 - ok

14:59:29.0328 0328 Nla (8a52de10680a40ecd04fa2c0fbc34190) C:\WINDOWS\System32\mswsock.dll

14:59:29.0375 0328 Nla - ok

14:59:29.0390 0328 nmwcd (f6c40e0a565ee3ce5aeeb325e10054f2) C:\WINDOWS\system32\drivers\ccdcmb.sys

14:59:29.0578 0328 nmwcd - ok

14:59:29.0609 0328 nmwcdc (2a394e9e1fa3565e4b2fea470ffe4d6b) C:\WINDOWS\system32\drivers\ccdcmbo.sys

14:59:29.0671 0328 nmwcdc - ok

14:59:29.0718 0328 nmwcdnsu (99b224f8026cb534724aa3c408561e45) C:\WINDOWS\system32\drivers\nmwcdnsu.sys

14:59:29.0796 0328 nmwcdnsu - ok

14:59:29.0796 0328 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys

14:59:29.0890 0328 Npfs - ok

14:59:29.0890 0328 npggsvc - ok

14:59:29.0968 0328 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys

14:59:30.0062 0328 Ntfs - ok

14:59:30.0109 0328 NtLmSsp (259af82a0932eea4f316f92db94707b6) C:\WINDOWS\System32\lsass.exe

14:59:30.0187 0328 NtLmSsp - ok

14:59:30.0234 0328 NtmsSvc (951543ffb84012d13f4cb09da2eace96) C:\WINDOWS\system32\ntmssvc.dll

14:59:30.0375 0328 NtmsSvc - ok

14:59:30.0406 0328 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

14:59:30.0531 0328 Null - ok

14:59:30.0968 0328 nv (7b5a17bd54bb9142843dbe99a1caaed8) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

14:59:31.0671 0328 nv - ok

14:59:31.0843 0328 NVENETFD (ac050fdc2d24c678bc49b5d5671e13be) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

14:59:31.0890 0328 NVENETFD - ok

14:59:31.0921 0328 nvnetbus (81339157c429aada7a6aea97f3177da7) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

14:59:31.0953 0328 nvnetbus - ok

14:59:31.0984 0328 NVSvc (5150b108ea88831e1c599603d8b89621) C:\WINDOWS\system32\nvsvc32.exe

14:59:32.0000 0328 NVSvc - ok

14:59:32.0156 0328 nvUpdatusService (83e8ab7bb3c8956c53fec071c94f0bbb) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

14:59:32.0218 0328 nvUpdatusService - ok

14:59:32.0312 0328 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

14:59:32.0437 0328 NwlnkFlt - ok

14:59:32.0437 0328 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

14:59:32.0578 0328 NwlnkFwd - ok

14:59:32.0734 0328 oflpydin - ok

14:59:32.0781 0328 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

14:59:32.0859 0328 ohci1394 - ok

14:59:32.0906 0328 Parport (318696359ac7df48d1e51974ec527dd2) C:\WINDOWS\system32\DRIVERS\parport.sys

14:59:32.0984 0328 Parport - ok

14:59:33.0031 0328 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys

14:59:33.0171 0328 PartMgr - ok

14:59:33.0250 0328 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys

14:59:33.0359 0328 ParVdm - ok

14:59:33.0390 0328 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

14:59:33.0421 0328 pccsmcfd - ok

14:59:33.0437 0328 PCI (7c5da5c1ed801ad8b0309d5514f0b75e) C:\WINDOWS\system32\DRIVERS\pci.sys

14:59:33.0515 0328 PCI - ok

14:59:33.0515 0328 PCIDump - ok

14:59:33.0546 0328 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys

14:59:33.0656 0328 PCIIde - ok

14:59:33.0671 0328 Pcmcia (641da274e163617ea7a33506bc6da8e3) C:\WINDOWS\system32\drivers\Pcmcia.sys

14:59:33.0781 0328 Pcmcia - ok

14:59:33.0781 0328 PDCOMP - ok

14:59:33.0781 0328 PDFRAME - ok

14:59:33.0796 0328 PDRELI - ok

14:59:33.0796 0328 PDRFRAME - ok

14:59:33.0828 0328 pepifilter (e111fab6c740a1a44e750c2061a23239) C:\WINDOWS\system32\DRIVERS\lv302af.sys

14:59:33.0843 0328 pepifilter - ok

14:59:33.0843 0328 perc2 - ok

14:59:33.0843 0328 perc2hib - ok

14:59:33.0937 0328 PID_08A0 (36eddcefdd036fffa95aa84d1645dd67) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS

14:59:34.0015 0328 PID_08A0 - ok

14:59:34.0062 0328 PlugPlay (9d6bf82fe50d55f20f8e10e0f6653886) C:\WINDOWS\system32\services.exe

14:59:34.0093 0328 PlugPlay - ok

14:59:34.0125 0328 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\WINDOWS\system32\PnkBstrA.exe

14:59:34.0140 0328 PnkBstrA - ok

14:59:34.0187 0328 PolicyAgent (259af82a0932eea4f316f92db94707b6) C:\WINDOWS\system32\lsass.exe

14:59:34.0265 0328 PolicyAgent - ok

14:59:34.0296 0328 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys

14:59:34.0390 0328 PptpMiniport - ok

14:59:34.0390 0328 Processor (f480712b761e538bc8e44ede60f3a3c3) C:\WINDOWS\system32\DRIVERS\processr.sys

14:59:34.0468 0328 Processor - ok

14:59:34.0515 0328 project (d2a3683f5eb91fb9c38ccc8a4c7bc273) C:\WINDOWS\system32\Drivers\register.sys

14:59:34.0515 0328 project ( UnsignedFile.Multi.Generic ) - warning

14:59:34.0515 0328 project - detected UnsignedFile.Multi.Generic (1)

14:59:34.0515 0328 ProtectedStorage (259af82a0932eea4f316f92db94707b6) C:\WINDOWS\system32\lsass.exe

14:59:34.0593 0328 ProtectedStorage - ok

14:59:34.0609 0328 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys

14:59:34.0687 0328 PSched - ok

14:59:34.0703 0328 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

14:59:34.0843 0328 Ptilink - ok

14:59:34.0875 0328 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys

14:59:34.0890 0328 PxHelp20 - ok

14:59:34.0906 0328 ql1080 - ok

14:59:34.0906 0328 Ql10wnt - ok

14:59:34.0906 0328 ql12160 - ok

14:59:34.0921 0328 ql1240 - ok

14:59:34.0921 0328 ql1280 - ok

14:59:34.0937 0328 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

14:59:35.0062 0328 RasAcd - ok

14:59:35.0109 0328 RasAuto (03d5509f513eac463d1c5b3601ebc62c) C:\WINDOWS\System32\rasauto.dll

14:59:35.0203 0328 RasAuto - ok

14:59:35.0218 0328 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

14:59:35.0296 0328 Rasl2tp - ok

14:59:35.0343 0328 RasMan (1c22fcff92dcdaa0e186ac159bb66720) C:\WINDOWS\System32\rasmans.dll

14:59:35.0375 0328 RasMan - ok

14:59:35.0375 0328 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

14:59:35.0453 0328 RasPppoe - ok

14:59:35.0453 0328 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

14:59:35.0593 0328 Raspti - ok

14:59:35.0609 0328 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys

14:59:35.0656 0328 Rdbss - ok

14:59:35.0671 0328 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

14:59:35.0796 0328 RDPCDD - ok

14:59:35.0812 0328 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

14:59:35.0906 0328 rdpdr - ok

14:59:35.0937 0328 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys

14:59:35.0968 0328 RDPWD - ok

14:59:36.0000 0328 RDSessMgr (f35a23e5b6413f93ccca0d05d00183fb) C:\WINDOWS\system32\sessmgr.exe

14:59:36.0093 0328 RDSessMgr - ok

14:59:36.0109 0328 redbook (2cc30b68dd62b73d444a41322cd7fc4c) C:\WINDOWS\system32\DRIVERS\redbook.sys

14:59:36.0203 0328 redbook - ok

14:59:36.0281 0328 RemoteAccess (6e2cbbd6956a605ef98ffd4843928fed) C:\WINDOWS\System32\mprdim.dll

14:59:36.0406 0328 RemoteAccess - ok

14:59:36.0468 0328 RemoteRegistry (b6f76ce10953a141545a0d01f1776885) C:\WINDOWS\system32\regsvc.dll

14:59:36.0562 0328 RemoteRegistry - ok

14:59:36.0625 0328 RpcLocator (dab8e0b2f07dc4d44f8f72bf3994630b) C:\WINDOWS\System32\locator.exe

14:59:36.0703 0328 RpcLocator - ok

14:59:36.0750 0328 RpcSs (5620353b93dd08016674e4fee280190b) C:\WINDOWS\System32\rpcss.dll

14:59:36.0781 0328 RpcSs - ok

14:59:36.0812 0328 RSVP (414964844f4793acb868d057e8ed997e) C:\WINDOWS\System32\rsvp.exe

14:59:36.0937 0328 RSVP - ok

14:59:36.0968 0328 SamSs (259af82a0932eea4f316f92db94707b6) C:\WINDOWS\system32\lsass.exe

14:59:37.0046 0328 SamSs - ok

14:59:37.0093 0328 SCardSvr (8866078139c403a28cb4cb460ca6dc90) C:\WINDOWS\System32\SCardSvr.exe

14:59:37.0171 0328 SCardSvr - ok

14:59:37.0203 0328 Schedule (a65e74cc5831ced5762aa16033ed20ee) C:\WINDOWS\system32\schedsvc.dll

14:59:37.0281 0328 Schedule - ok

14:59:37.0312 0328 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

14:59:37.0375 0328 Secdrv - ok

14:59:37.0375 0328 seclogon (27adc5543dbdfff3fcb8d14d36395072) C:\WINDOWS\System32\seclogon.dll

14:59:37.0453 0328 seclogon - ok

14:59:37.0468 0328 SENS (3c6be06a5e464056f7a10e4d66ef92c0) C:\WINDOWS\system32\sens.dll

14:59:37.0562 0328 SENS - ok

14:59:37.0562 0328 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys

14:59:37.0640 0328 serenum - ok

14:59:37.0656 0328 Serial (653201755ca96ab4aaa4131daf6da356) C:\WINDOWS\system32\DRIVERS\serial.sys

14:59:37.0734 0328 Serial - ok

14:59:37.0859 0328 ServiceLayer (f31e9531af225ca25350d5e87e999b31) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

14:59:37.0906 0328 ServiceLayer - ok

14:59:37.0953 0328 sfdrv01 (9e7dee11fd5a4355941a45f13c0ed59a) C:\WINDOWS\system32\drivers\sfdrv01.sys

14:59:37.0968 0328 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning

14:59:37.0968 0328 sfdrv01 - detected UnsignedFile.Multi.Generic (1)

14:59:37.0984 0328 sfhlp02 (ecefb59d2206d281e6d317af0ea0d8bd) C:\WINDOWS\system32\drivers\sfhlp02.sys

14:59:38.0000 0328 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning

14:59:38.0000 0328 sfhlp02 - detected UnsignedFile.Multi.Generic (1)

14:59:38.0000 0328 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys

14:59:38.0078 0328 Sfloppy - ok

14:59:38.0109 0328 sfsync02 (798d918d8f20380008277ce3ce5319d1) C:\WINDOWS\system32\drivers\sfsync02.sys

14:59:38.0109 0328 sfsync02 ( UnsignedFile.Multi.Generic ) - warning

14:59:38.0109 0328 sfsync02 - detected UnsignedFile.Multi.Generic (1)

14:59:38.0125 0328 sfsync04 (05e3038180cd846b0bca0e915163606a) C:\WINDOWS\system32\drivers\sfsync04.sys

14:59:38.0140 0328 sfsync04 ( UnsignedFile.Multi.Generic ) - warning

14:59:38.0140 0328 sfsync04 - detected UnsignedFile.Multi.Generic (1)

14:59:38.0171 0328 sfvfs02 (d5a7e09d2c6a702809e49190d52adc9f) C:\WINDOWS\system32\drivers\sfvfs02.sys

14:59:38.0187 0328 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning

14:59:38.0187 0328 sfvfs02 - detected UnsignedFile.Multi.Generic (1)

14:59:38.0234 0328 SharedAccess (bc919495f27aeedac71c123e859413d0) C:\WINDOWS\System32\ipnathlp.dll

14:59:38.0328 0328 SharedAccess - ok

14:59:38.0375 0328 ShellHWDetection (d7dfbd1efa149ec158363b974dae0c6b) C:\WINDOWS\System32\shsvcs.dll

14:59:38.0390 0328 ShellHWDetection - ok

14:59:38.0421 0328 SilverLink (392834adb35deb199b03ae6a6caab23a) C:\WINDOWS\system32\Drivers\SilvrLnk.sys

14:59:38.0484 0328 SilverLink - ok

14:59:38.0484 0328 Simbad - ok

14:59:38.0531 0328 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys

14:59:38.0593 0328 SLIP - ok

14:59:38.0609 0328 Sparrow - ok

14:59:38.0656 0328 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys

14:59:38.0671 0328 splitter - ok

14:59:38.0718 0328 Spooler (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe

14:59:38.0750 0328 Spooler - ok

14:59:38.0828 0328 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys

14:59:38.0828 0328 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b

14:59:38.0828 0328 sptd ( LockedFile.Multi.Generic ) - warning

14:59:38.0828 0328 sptd - detected LockedFile.Multi.Generic (1)

14:59:38.0859 0328 sr (b52181023b827acda36c1b76751ebffd) C:\WINDOWS\system32\DRIVERS\sr.sys

14:59:38.0953 0328 sr - ok

14:59:39.0000 0328 srservice (ce978404558ce2d82896ac2032f06dbf) C:\WINDOWS\system32\srsvc.dll

14:59:39.0093 0328 srservice - ok

14:59:39.0109 0328 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys

14:59:39.0171 0328 Srv - ok

14:59:39.0203 0328 SSDPSRV (dcb185c829538971e47affe77ba138c3) C:\WINDOWS\System32\ssdpsrv.dll

14:59:39.0296 0328 SSDPSRV - ok

14:59:39.0328 0328 ss_bus (54946449a0eb74915a4bb34f7ee51a5a) C:\WINDOWS\system32\DRIVERS\ss_bus.sys

14:59:39.0343 0328 ss_bus - ok

14:59:39.0375 0328 ss_mdfl (4450bc0b2e9d7d9b90e3c3de4ea00a78) C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys

14:59:39.0390 0328 ss_mdfl - ok

14:59:39.0437 0328 ss_mdm (30b8d0dd01ead1243f329caf7d7d1517) C:\WINDOWS\system32\DRIVERS\ss_mdm.sys

14:59:39.0453 0328 ss_mdm - ok

14:59:39.0468 0328 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys

14:59:39.0484 0328 StarOpen ( UnsignedFile.Multi.Generic ) - warning

14:59:39.0484 0328 StarOpen - detected UnsignedFile.Multi.Generic (1)

14:59:39.0546 0328 Steam Client Service - ok

14:59:39.0609 0328 stisvc (fe705fae1e50436b06d7558d6a4e247e) C:\WINDOWS\system32\wiaservc.dll

14:59:39.0656 0328 stisvc - ok

14:59:39.0703 0328 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

14:59:39.0781 0328 streamip - ok

14:59:39.0812 0328 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys

14:59:39.0890 0328 swenum - ok

14:59:39.0921 0328 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys

14:59:40.0062 0328 swmidi - ok

14:59:40.0062 0328 SwPrv - ok

14:59:40.0078 0328 symc810 - ok

14:59:40.0078 0328 symc8xx - ok

14:59:40.0078 0328 sym_hi - ok

14:59:40.0093 0328 sym_u3 - ok

14:59:40.0125 0328 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys

14:59:40.0218 0328 sysaudio - ok

14:59:40.0265 0328 SysmonLog (0faad412d36e668260a6d5699875d534) C:\WINDOWS\system32\smlogsvc.exe

14:59:40.0343 0328 SysmonLog - ok

14:59:40.0375 0328 TapiSrv (720da0c9db8996ad9b7f5164b2242daa) C:\WINDOWS\System32\tapisrv.dll

14:59:40.0406 0328 TapiSrv - ok

14:59:40.0484 0328 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys

14:59:40.0531 0328 Tcpip - ok

14:59:40.0562 0328 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys

14:59:40.0656 0328 TDPIPE - ok

14:59:40.0687 0328 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys

14:59:40.0765 0328 TDTCP - ok

14:59:40.0781 0328 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys

14:59:40.0859 0328 TermDD - ok

14:59:40.0921 0328 TermService (78f90c3e230ad122bcb116abad5fefe9) C:\WINDOWS\System32\termsrv.dll

14:59:41.0015 0328 TermService - ok

14:59:41.0093 0328 Themes (d7dfbd1efa149ec158363b974dae0c6b) C:\WINDOWS\System32\shsvcs.dll

14:59:41.0109 0328 Themes - ok

14:59:41.0140 0328 TICalc (0dabaa63799b0bf20f95c73ce5d9ca87) C:\WINDOWS\system32\drivers\TICalc.sys

14:59:41.0156 0328 TICalc ( UnsignedFile.Multi.Generic ) - warning

14:59:41.0156 0328 TICalc - detected UnsignedFile.Multi.Generic (1)

14:59:41.0203 0328 TlntSvr (d244322be1a7c8ad252ec5397ea6d296) C:\WINDOWS\System32\tlntsvr.exe

14:59:41.0296 0328 TlntSvr - ok

14:59:41.0296 0328 TosIde - ok

14:59:41.0343 0328 TrkWks (215e18ca64cea34540ad2984f4a06fae) C:\WINDOWS\system32\trkwks.dll

14:59:41.0437 0328 TrkWks - ok

14:59:41.0453 0328 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys

14:59:41.0546 0328 Udfs - ok

14:59:41.0546 0328 ultra - ok

14:59:41.0593 0328 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys

14:59:41.0703 0328 Update - ok

14:59:41.0734 0328 upnphost (96b3c690ed82e36e04c130f916e3ae91) C:\WINDOWS\System32\upnphost.dll

14:59:41.0781 0328 upnphost - ok

14:59:41.0828 0328 upperdev (47f5f9d837d80ffd5882a14db9da0a67) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

14:59:41.0875 0328 upperdev - ok

14:59:41.0906 0328 UPS (394c9b28c1a97e1ae0421be88ddac102) C:\WINDOWS\System32\ups.exe

14:59:41.0984 0328 UPS - ok

14:59:42.0015 0328 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys

14:59:42.0093 0328 usbaudio - ok

14:59:42.0140 0328 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

14:59:42.0218 0328 usbccgp - ok

14:59:42.0250 0328 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys

14:59:42.0343 0328 usbehci - ok

14:59:42.0390 0328 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys

14:59:42.0484 0328 usbhub - ok

14:59:42.0500 0328 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys

14:59:42.0578 0328 usbohci - ok

14:59:42.0593 0328 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys

14:59:42.0687 0328 usbprint - ok

14:59:42.0718 0328 UsbserFilt (e44f0d17be0908b58dcc99ccb99c6c32) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys

14:59:42.0781 0328 UsbserFilt - ok

14:59:42.0812 0328 usbstor (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

14:59:42.0906 0328 usbstor - ok

14:59:42.0906 0328 vfilter - ok

14:59:42.0953 0328 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys

14:59:43.0046 0328 VgaSave - ok

14:59:43.0062 0328 ViaIde - ok

14:59:43.0109 0328 VolSnap (313b1a0d5db26dfe1c34a6c13b2ce0a7) C:\WINDOWS\system32\drivers\VolSnap.sys

14:59:43.0187 0328 VolSnap - ok

14:59:43.0234 0328 VSS (ce38755ff8c161a66e45fc0c10cdee87) C:\WINDOWS\System32\vssvc.exe

14:59:43.0328 0328 VSS - ok

14:59:43.0343 0328 W32Time (b46f3abac633b2cfd34de56fe5130735) C:\WINDOWS\system32\w32time.dll

14:59:43.0437 0328 W32Time - ok

14:59:43.0453 0328 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys

14:59:43.0531 0328 Wanarp - ok

14:59:43.0562 0328 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys

14:59:43.0578 0328 WDC_SAM - ok

14:59:43.0687 0328 WDDMService (bf847a3972cc6b5ce26e0ea742dd52d9) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

14:59:43.0718 0328 WDDMService ( UnsignedFile.Multi.Generic ) - warning

14:59:43.0718 0328 WDDMService - detected UnsignedFile.Multi.Generic (1)

14:59:43.0765 0328 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

14:59:43.0796 0328 Wdf01000 - ok

14:59:43.0921 0328 WDFME (b5966f1dff6e20576f3c8c2d93d129fd) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

14:59:43.0968 0328 WDFME ( UnsignedFile.Multi.Generic ) - warning

14:59:43.0968 0328 WDFME - detected UnsignedFile.Multi.Generic (1)

14:59:44.0031 0328 WDICA - ok

14:59:44.0078 0328 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys

14:59:44.0125 0328 wdmaud - ok

14:59:44.0187 0328 WDSC (92f0088ca18bb08bb596ef2608256f8a) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

14:59:44.0234 0328 WDSC ( UnsignedFile.Multi.Generic ) - warning

14:59:44.0234 0328 WDSC - detected UnsignedFile.Multi.Generic (1)

14:59:44.0281 0328 WebClient (f0d5d252e806ad366bfbdec81324e8f7) C:\WINDOWS\System32\webclnt.dll

14:59:44.0328 0328 WebClient - ok

14:59:44.0343 0328 WINFLASH - ok

14:59:44.0390 0328 winmgmt (d62dd45d691350a7029a554831b42bba) C:\WINDOWS\system32\wbem\WMIsvc.dll

14:59:44.0468 0328 winmgmt - ok

14:59:44.0578 0328 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE

14:59:44.0656 0328 wlidsvc - ok

14:59:44.0750 0328 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

14:59:44.0828 0328 WmdmPmSN - ok

14:59:44.0875 0328 Wmi (ffc53381078f5d442cbb7f4633b47c2e) C:\WINDOWS\System32\advapi32.dll

14:59:44.0953 0328 Wmi - ok

14:59:44.0968 0328 WmiApSrv (93a3fc4cf42587a7ab54788f19b9259c) C:\WINDOWS\System32\wbem\wmiapsrv.exe

14:59:45.0046 0328 WmiApSrv - ok

14:59:45.0218 0328 WMPNetworkSvc (c9bea742ce225cc993c9465fddae4656) C:\Program Files\Windows Media Player\WMPNetwk.exe

14:59:45.0296 0328 WMPNetworkSvc - ok

14:59:45.0343 0328 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

14:59:45.0375 0328 WpdUsb - ok

14:59:45.0562 0328 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

14:59:45.0609 0328 WPFFontCache_v0400 - ok

14:59:45.0656 0328 wscsvc (53760d195988739a9945e5f738b85723) C:\WINDOWS\system32\wscsvc.dll

14:59:45.0781 0328 wscsvc - ok

14:59:45.0812 0328 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

14:59:45.0890 0328 WSTCODEC - ok

14:59:45.0906 0328 wuauserv (a01a65bea57e71de6afb80940d3e1f77) C:\WINDOWS\system32\wuauserv.dll

14:59:46.0000 0328 wuauserv - ok

14:59:46.0031 0328 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

14:59:46.0093 0328 WudfPf - ok

14:59:46.0109 0328 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

14:59:46.0125 0328 WudfRd - ok

14:59:46.0171 0328 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

14:59:46.0187 0328 WudfSvc - ok

14:59:46.0265 0328 WZCSVC (2536e6bacdd146c5c2398b2d41b372e5) C:\WINDOWS\System32\wzcsvc.dll

14:59:46.0375 0328 WZCSVC - ok

14:59:46.0375 0328 XDva157 - ok

14:59:46.0421 0328 xmlprov (912591e2055e26566d1cb54092a7e8b0) C:\WINDOWS\System32\xmlprov.dll

14:59:46.0515 0328 xmlprov - ok

14:59:46.0531 0328 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0

14:59:46.0953 0328 \Device\Harddisk0\DR0 - ok

14:59:46.0953 0328 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR5

14:59:47.0375 0328 \Device\Harddisk1\DR5 - ok

14:59:47.0390 0328 Boot (0x1200) (c1e04ad180fd7d1320c50195534e0789) \Device\Harddisk0\DR0\Partition0

14:59:47.0390 0328 \Device\Harddisk0\DR0\Partition0 - ok

14:59:47.0390 0328 Boot (0x1200) (1d189d148ff63d006f060da1f3c0987a) \Device\Harddisk0\DR0\Partition1

14:59:47.0406 0328 \Device\Harddisk0\DR0\Partition1 - ok

14:59:47.0421 0328 Boot (0x1200) (bcfe06e73d0cca2cd6519986c393f9f9) \Device\Harddisk0\DR0\Partition2

14:59:47.0421 0328 \Device\Harddisk0\DR0\Partition2 - ok

14:59:47.0437 0328 Boot (0x1200) (bc70a3c9147b9f4a4567bfb1494e7951) \Device\Harddisk0\DR0\Partition3

14:59:47.0437 0328 \Device\Harddisk0\DR0\Partition3 - ok

14:59:47.0437 0328 Boot (0x1200) (e164ab8671c941be3d308aa6e0e547d4) \Device\Harddisk1\DR5\Partition0

14:59:47.0437 0328 \Device\Harddisk1\DR5\Partition0 - ok

14:59:47.0437 0328 ============================================================

14:59:47.0437 0328 Scan finished

14:59:47.0437 0328 ============================================================

14:59:47.0562 2280 Detected object count: 20

14:59:47.0562 2280 Actual detected object count: 20

15:00:36.0921 2280 Akamai ( HiddenFile.Multi.Generic ) - skipped by user

15:00:36.0921 2280 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

15:00:36.0921 2280 AVG Anti-Rootkit ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0921 2280 AVG Anti-Rootkit ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0921 2280 AvgArCln ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0921 2280 AvgArCln ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0921 2280 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0921 2280 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0921 2280 Lvckap ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0921 2280 Lvckap ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0921 2280 lvmvdrv ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0921 2280 lvmvdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0921 2280 LVPrcMon ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0921 2280 LVPrcMon ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0921 2280 LVPrcSrv ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0921 2280 LVPrcSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0921 2280 project ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0921 2280 project ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0921 2280 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0921 2280 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0937 2280 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0937 2280 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0937 2280 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0937 2280 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0937 2280 sfsync04 ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0937 2280 sfsync04 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0937 2280 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0937 2280 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0937 2280 sptd ( LockedFile.Multi.Generic ) - skipped by user

15:00:36.0937 2280 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

15:00:36.0937 2280 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0937 2280 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0937 2280 TICalc ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0937 2280 TICalc ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0937 2280 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0937 2280 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0937 2280 WDFME ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0937 2280 WDFME ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:00:36.0937 2280 WDSC ( UnsignedFile.Multi.Generic ) - skipped by user

15:00:36.0937 2280 WDSC ( UnsignedFile.Multi.Generic ) - User select action: Skip

Lien vers le commentaire
Partager sur d’autres sites
Apollo Devil Member !

Apollo

Posté(e)
Posté(e) (modifié)

Ok,

 

icone_10.png CureIt Dr.Web

Il ne nécessite pas d'installation.

 

arrow210.gif Lance le fichier launch.exe après avoir désactivé ton antivirus résident.

Il va te demander de faire la mise à jour.

Une fois celle-ci effectuée, il va lancer un scan rapide.

Quand tout ceci est terminé, tu choisis scan sélectif et tu coches au moins C qui contient le système. Perso, je scannerais toutes les partitions et supports externes.

 

arrow210.gifA la fin du scan, tu mets tout en quarantaine et tu postes le rapport.

Comme il sera assez conséquent, héberge-le sur Cjoint comme indiqué sur ce tutoriel

 

@++

 

NB, cela peut être long, choisis toi-même le moment pour lancer cet outil.

Modifié par Apollo
Lien vers le commentaire
Partager sur d’autres sites
Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Je ne peux avoir accès à la page... je ne peux donc pas consulter le rapport.

 

Comment se comporte le pc après cette analyse?

 

++

Lien vers le commentaire
Partager sur d’autres sites
evans Member

evans

Posté(e)
  • Auteur
Posté(e) (modifié)

Voici le lien, j'ai essayé ça marche :

Download CureIt.log from Sendspace.com - send big files the easy way

 

Pour ce qui est de l'ordinateur, pour le moment c'est RAS mais je ne pourrai en être sûr qu'après un certain temps d'utilisation.

J'ai aussi remarqué quelque chose dans le panneau matériel du gestionnaire de périphérique. J'ai deux points d'exclamation jaune avec une erreur code 19 devant :

- Filtre de Décodeur DRM ( Noyau Microsoft)

- Suppresseur d'écho acoustique ( Noyau Microsoft)

d'après mes recherches sur le net cela pourrait être la cause du ralentissement de mon ordinateur en plus d'un potentiel virus. Peut-tu confirmer ou dois-je m'adresser à un autre secteur du forum?

Modifié par evans
Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...