FORUM D’ENTRAIDE INFORMATIQUE (FEI)
Site d’assistance et de sécurité informatique

[Résolu] ihavenet infection

Aide à la désinfection (pages publicitaires, moteur de recherche remplacé, redirections, virus...).
Règles du forum : Entraide concernant la désinfection et la sécurité informatique : en cas de publicités intempestives, pop-up, redirections, logiciels indésirables, ralentissements suspects, virus, etc.
Une désinfection complète vous sera assurée : désinfection, sécurisation, puis prévention.
Seuls les helpers (personnes qualifiées et formées à la désinfection) ainsi que le staff sont autorisés à apporter leur aide dans cette section.
Merci également de prendre connaissance de la charte générale du forum.
 Sujet verrouillé
  • Avatar du membre
Avatar du membre

[Résolu] ihavenet infection

par mnicom
 mer. 27 mars 2013 17:16 #43397
Bonjour,

mon PC qui fonctionne sous Windows 7, a été infecté par ihavenet et j'essaie de m'en débarasser.

J'ai d'abord tenté une restauration système pour remonter avant une mise à jour Java douteuse et le problème a semblé être résolu mais il est réapparu 2jours plus tard (hier).

Du coup j'ai suivi les 1ères étapes préconisées dans le sujet suivant "http://www.forum-entraide-informatique. ... u-ihavenet"

J'en suis au post du Dimanche 9 décembre dans lequel est proposé une solution personnalisée avec ZHP Fix.
Voici les rapports que j'ai eu jusqu'à présent en réalisant les différentes étapes:

1er rapport ZHP
j'ai oublié de le sauvegarder


1er rapport Adwcleaner (Recherche):
http://cjoint.com/?CCBq27cRlDt

1er rapport Adwcleaner (Suppression):
http://cjoint.com/?CCBq5cUB47z

rapport/log Malwyrebytes' anti Malware:
1. http://cjoint.com/?CCBrbYMPeDR

2. http://cjoint.com/?CCBreuGbtWY

2eme rapport ZHP diag:
http://cjoint.com/?CCBqY7BTWuf

2eme rapport Adwcleaner (Recherche):
http://cjoint.com/?CCBrif0GP4Y

2eme rapport Adwcleaner (Suppression):
http://cjoint.com/?CCBrjsIwOYP

3eme rapport ZHP diag:
http://cjoint.com/?CCBrkWYT6FO


Voilà où j'en suis actuellement.
Est-ce que quelqu'un sait comment résoudre définitivement mon problème avec iihavenet?

Merci

Re: [Résolu] ihavenet infection

par dédétraqué
 sam. 30 mars 2013 21:48 #43531
Salut mnicom


On va vérifier le PC :

Télécharge OTL (de OldTimer) et enregistre-le sur ton Bureau.

- Quitte les applications en cours afin de ne pas interrompre le scan.
- Faire double clique sur OTL.exe présent sur le bureau pour lancer le programme
Vista/Seven -- Faire un clique droit sur OTL.exe présent sur le bureau et choisir exécuter en tant qu'administrateur pour lancer le programme
- Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche "Rapport standard". Fais de même avec "Tous les utilisateurs" à coté.
- Coche également les cases à côté de "Recherche LOP" et "Recherche Purity".

Ne modifie pas les autres paramètres !

Copie la liste qui se trouve en gras ci-dessous, et colle-la dans la zone sous " Personnalisation "

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
%SYSTEMDRIVE%\*.exe
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
/md5start
consrv.dll
volsnap.sys
hidserv.dll
appmgmts.dll
eventlog.dll
winlogon.exe
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
wininet.dll
wininit.exe
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
explorer.exe
svchost.exe
userinit.exe
qmgr.dll
ws2_32.dll
proquota.exe
imm32.dll
kernel32.dll
ndis.sys
autochk.exe
spoolsv.exe
xmlprov.dll
ntmssvc.dll
mswsock.dll
Beep.SYS
ntfs.sys
termsrv.dll
sfcfiles.dll
st3shark.sys
winlogon.exe
wininit.ini
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
SAVEMBR:0
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
c:\$recycle.bin\*.* /s

- Clique sur le bouton Analyse.
- Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTListIT2 (donc par défaut sur le Bureau).

Utilise cjoint.com pour poster en lien tes rapports :
http://cjoint.com/

- Clique sur Parcourir pour aller chercher le rapport OTL.txt sur le bureau
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

Après fais de même avec l'autre rapport Extras.txt


@++

Re: [Résolu] ihavenet infection

par dédétraqué
 mar. 2 avr. 2013 15:03 #43846
Salut mnicom


Via Programmes et fonctionnalités désinstalle Anvisoft

-----

Faire un scan de ce fichier rgb9rastq.dll ici :

http://www.virustotal.com/fr/


[*]Clique sur Choose file
[*]Une nouvelle fenêtre va s'ouvrir, dans cette fenêtre dans le bas ou c'est marqué Nom de fichier tu copie/colle ceci :
C:\Users\Nico\AppData\Roaming\rgb9rastq.dll

[*]Après tu clique sur Ouvrir et sur Scan it! et attendre le résultat de l’analyse.
[*]Si il te dit que le fichier a déjà été analysé, sélectionne le bouton Reanalyse.

Attendre le résultat de l'analyse, poste le lien de la page quand le scan du fichier sera terminer.


@++ 

Re: [Résolu] ihavenet infection

par dédétraqué
 mer. 3 avr. 2013 03:52 #43884
Salut mnicom


Double clic sur OTL.exe pour le lancer.
(Vista/Seven -- Faire un clique droit sur OTL.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

* Copie la liste qui se trouve en citation ci-dessous, et colle-la dans la zone sous " Personnalisation "

:OTL
O4 - HKU\S-1-5-21-3736134730-113916812-3330031704-1002\..\Run: [Klro] C:\Users\Nico\AppData\Roaming\rgb9rastq.dll ()
O8 - Extra context menu item: Envoyer à OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Exporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013/03/23 21:04:02 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Roaming\Anvisoft
[2013/03/23 21:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
[2013/03/23 21:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\Anvisoft
[2 C:\Users\Nico\Documents\*.tmp files - C:\Users\Nico\Documents\*.tmp - ]
[1 C:\Users\Nico\Desktop\*.tmp files - C:\Users\Nico\Desktop\*.tmp - ]
[2013/03/20 17:42:59 | 000,159,744 | RHS- | M] () -- C:\Users\Nico\AppData\Roaming\rgb9rastq.dll

:Commands
[Emptytemp]

* Clique sur " Correction " pour lancer la suppression.

* Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur Oui.

* Au redémarrage , autorise OTL a s'exécuter.

* Poste le rapport généré par OTL.


-----


Image Télécharge sur ton bureau TdssKiller de kaspersky , exécute le , un rapport sera crée ici:

C:\TDSSKillerVersion_Date_Time_log.txt.
(Vista/Seven -- Faire un clique droit sur tdsskiller.exe pour lancer le programme et choisi "Exécuter en tant qu'administrateur".

[*] Exécute le , La fenêtre suivante va s'ouvrir :

Image

[*] Clique sur Start scan et laisse l'outil scanner ton disque dur sans l'interrompre et sans utiliser le PC.
[*] Si des fichiers infectés sont trouvées, une nouvelle fenêtre va s'ouvrir:

Image

[*] Si TDSS.tdl2 est détecté l'option delete sera cochée par défaut.

[*] Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.

[*] Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.

[*] Si Suspicious file est indiqué, laisse l'option cochée sur Skip

[*] Clique sur Continue puis sur Reboot now pour redémarrer le PC.

[*] Copie-colle le rapport généré dans ta prochaine réponse (Il est aussi sauvegardé à la racine de ta partition système sous le nom

Tutoriel-- http://support.kaspersky.com/viruses/so ... =208280684


@++
Avatar du membre

Re: [Résolu] ihavenet infection

par mnicom
 mer. 3 avr. 2013 14:18 #43896
Salut dédétraqué,

voici le rapport OTL:
http://cjoint.com/?CDdopaC4k36 ,

Pour le rapport Tdss killer, je ne l'ai pas retrouvé après avoir redémarré l'ordinateur.

J'ai donc refait un scan qui m'a donné les mêmes résultats (1 suspicious object trouvé) et j'ai
copié le rapport depuis le logiciel:

14:13:08.0764 2840 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:13:08.0951 2840 ============================================================
14:13:08.0951 2840 Current date / time: 2013/04/03 14:13:08.0951
14:13:08.0951 2840 SystemInfo:
14:13:08.0951 2840
14:13:08.0951 2840 OS Version: 6.1.7600 ServicePack: 0.0
14:13:08.0951 2840 Product type: Workstation
14:13:08.0951 2840 ComputerName: NICO-PC
14:13:08.0951 2840 UserName: Nico
14:13:08.0951 2840 Windows directory: C:\Windows
14:13:08.0951 2840 System windows directory: C:\Windows
14:13:08.0951 2840 Processor architecture: Intel x86
14:13:08.0951 2840 Number of processors: 1
14:13:08.0951 2840 Page size: 0x1000
14:13:08.0951 2840 Boot type: Normal boot
14:13:08.0951 2840 ============================================================
14:13:11.0884 2840 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:13:11.0884 2840 ============================================================
14:13:11.0884 2840 \Device\Harddisk0\DR0:
14:13:11.0884 2840 MBR partitions:
14:13:11.0884 2840 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1BCEA800
14:13:11.0884 2840 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BCEB000, BlocksNum 0x14D9000
14:13:11.0884 2840 ============================================================
14:13:11.0915 2840 C: \Device\Harddisk0\DR0\Partition1
14:13:11.0962 2840 D: \Device\Harddisk0\DR0\Partition2
14:13:11.0962 2840 ============================================================
14:13:11.0962 2840 Initialize success
14:13:11.0962 2840 ============================================================
14:13:24.0286 0340 ============================================================
14:13:24.0286 0340 Scan started
14:13:24.0286 0340 Mode: Manual; SigCheck; TDLFS;
14:13:24.0286 0340 ============================================================
14:13:25.0783 0340 ================ Scan system memory ========================
14:13:25.0783 0340 System memory - ok
14:13:25.0799 0340 ================ Scan services =============================
14:13:26.0049 0340 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:13:26.0189 0340 1394ohci - ok
14:13:26.0485 0340 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
14:13:26.0501 0340 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
14:13:26.0626 0340 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
14:13:26.0641 0340 ACPI - ok
14:13:26.0719 0340 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
14:13:26.0813 0340 AcpiPmi - ok
14:13:26.0891 0340 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:13:26.0938 0340 adp94xx - ok
14:13:26.0985 0340 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:13:27.0031 0340 adpahci - ok
14:13:27.0063 0340 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:13:27.0078 0340 adpu320 - ok
14:13:27.0125 0340 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:13:27.0187 0340 AeLookupSvc - ok
14:13:27.0234 0340 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
14:13:27.0328 0340 AFD - ok
14:13:27.0359 0340 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
14:13:27.0375 0340 agp440 - ok
14:13:27.0437 0340 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
14:13:27.0453 0340 aic78xx - ok
14:13:27.0499 0340 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
14:13:27.0562 0340 ALG - ok
14:13:27.0609 0340 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
14:13:27.0624 0340 aliide - ok
14:13:27.0624 0340 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
14:13:27.0655 0340 amdagp - ok
14:13:27.0671 0340 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
14:13:27.0687 0340 amdide - ok
14:13:27.0718 0340 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:13:27.0749 0340 AmdK8 - ok
14:13:27.0780 0340 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:13:27.0811 0340 AmdPPM - ok
14:13:27.0874 0340 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:13:27.0889 0340 amdsata - ok
14:13:27.0936 0340 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:13:27.0967 0340 amdsbs - ok
14:13:27.0999 0340 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:13:28.0030 0340 amdxata - ok
14:13:28.0217 0340 [ E41F55D0B71734BB68FF26963EB250E4 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:13:28.0233 0340 AntiVirSchedulerService - ok
14:13:28.0326 0340 [ 880AE0BEDE234F27AC252049373B8CB9 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:13:28.0357 0340 AntiVirService - ok
14:13:28.0420 0340 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
14:13:28.0545 0340 AppID - ok
14:13:28.0591 0340 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:13:28.0825 0340 AppIDSvc - ok
14:13:28.0872 0340 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
14:13:28.0919 0340 Appinfo - ok
14:13:29.0044 0340 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:13:29.0059 0340 Apple Mobile Device - ok
14:13:29.0122 0340 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
14:13:29.0184 0340 AppMgmt - ok
14:13:29.0262 0340 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:13:29.0278 0340 arc - ok
14:13:29.0309 0340 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:13:29.0325 0340 arcsas - ok
14:13:29.0496 0340 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:13:29.0559 0340 aspnet_state - ok
14:13:29.0605 0340 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:13:29.0730 0340 AsyncMac - ok
14:13:29.0746 0340 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
14:13:29.0761 0340 atapi - ok
14:13:29.0839 0340 [ 8A6F60BAA4660BCFA1919E29E89ACF89 ] athr C:\Windows\system32\DRIVERS\athr.sys
14:13:29.0949 0340 athr - ok
14:13:30.0011 0340 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:13:30.0073 0340 AudioEndpointBuilder - ok
14:13:30.0105 0340 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:13:30.0153 0340 Audiosrv - ok
14:13:30.0224 0340 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:13:30.0270 0340 avgntflt - ok
14:13:30.0317 0340 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:13:30.0348 0340 avipbb - ok
14:13:30.0458 0340 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:13:30.0473 0340 avkmgr - ok
14:13:30.0536 0340 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:13:30.0598 0340 AxInstSV - ok
14:13:30.0660 0340 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
14:13:30.0738 0340 b06bdrv - ok
14:13:30.0801 0340 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:13:30.0879 0340 b57nd60x - ok
14:13:30.0972 0340 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
14:13:31.0019 0340 BDESVC - ok
14:13:31.0050 0340 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
14:13:31.0097 0340 Beep - ok
14:13:31.0128 0340 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
14:13:31.0238 0340 BFE - ok
14:13:31.0284 0340 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
14:13:31.0347 0340 BITS - ok
14:13:31.0378 0340 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:13:31.0503 0340 blbdrive - ok
14:13:31.0986 0340 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:13:32.0158 0340 Bonjour Service - ok
14:13:33.0188 0340 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:13:33.0390 0340 bowser - ok
14:13:33.0515 0340 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:13:33.0921 0340 BrFiltLo - ok
14:13:33.0968 0340 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:13:34.0014 0340 BrFiltUp - ok
14:13:34.0046 0340 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
14:13:34.0155 0340 Browser - ok
14:13:34.0233 0340 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:13:34.0326 0340 Brserid - ok
14:13:34.0358 0340 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:13:34.0404 0340 BrSerWdm - ok
14:13:34.0420 0340 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:13:34.0467 0340 BrUsbMdm - ok
14:13:34.0482 0340 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:13:34.0592 0340 BrUsbSer - ok
14:13:34.0607 0340 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:13:34.0654 0340 BTHMODEM - ok
14:13:34.0748 0340 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
14:13:34.0826 0340 bthserv - ok
14:13:34.0904 0340 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:13:34.0997 0340 cdfs - ok
14:13:35.0044 0340 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:13:35.0075 0340 cdrom - ok
14:13:35.0153 0340 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
14:13:35.0287 0340 CertPropSvc - ok
14:13:35.0334 0340 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:13:35.0365 0340 circlass - ok
14:13:35.0397 0340 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
14:13:35.0459 0340 CLFS - ok
14:13:35.0615 0340 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:13:35.0646 0340 clr_optimization_v2.0.50727_32 - ok
14:13:35.0755 0340 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:13:35.0943 0340 clr_optimization_v4.0.30319_32 - ok
14:13:35.0989 0340 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:13:36.0036 0340 CmBatt - ok
14:13:36.0099 0340 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
14:13:36.0114 0340 cmdide - ok
14:13:36.0161 0340 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
14:13:36.0223 0340 CNG - ok
14:13:36.0255 0340 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:13:36.0333 0340 Compbatt - ok
14:13:36.0364 0340 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:13:36.0379 0340 CompositeBus - ok
14:13:36.0411 0340 COMSysApp - ok
14:13:36.0442 0340 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:13:36.0457 0340 crcdisk - ok
14:13:36.0535 0340 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:13:36.0598 0340 CryptSvc - ok
14:13:36.0660 0340 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
14:13:36.0785 0340 CSC - ok
14:13:36.0957 0340 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
14:13:37.0284 0340 CscService - ok
14:13:37.0331 0340 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
14:13:37.0409 0340 DcomLaunch - ok
14:13:37.0471 0340 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
14:13:37.0799 0340 defragsvc - ok
14:13:37.0861 0340 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:13:37.0939 0340 DfsC - ok
14:13:37.0971 0340 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:13:38.0049 0340 Dhcp - ok
14:13:38.0080 0340 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
14:13:38.0142 0340 discache - ok
14:13:38.0423 0340 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:13:38.0844 0340 Disk - ok
14:13:38.0953 0340 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:13:39.0141 0340 Dnscache - ok
14:13:39.0219 0340 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
14:13:39.0359 0340 dot3svc - ok
14:13:39.0593 0340 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
14:13:39.0671 0340 DPS - ok
14:13:40.0061 0340 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:13:40.0659 0340 drmkaud - ok
14:13:40.0810 0340 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:13:41.0028 0340 DXGKrnl - ok
14:13:41.0075 0340 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
14:13:41.0169 0340 EapHost - ok
14:13:41.0559 0340 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
14:13:42.0089 0340 ebdrv - ok
14:13:42.0151 0340 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
14:13:42.0276 0340 EFS - ok
14:13:42.0744 0340 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:13:42.0885 0340 ehRecvr - ok
14:13:42.0963 0340 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
14:13:43.0134 0340 ehSched - ok
14:13:43.0228 0340 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:13:43.0306 0340 elxstor - ok
14:13:43.0431 0340 [ 0786BF6298B4927FCFBB0B34614AEC79 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
14:13:43.0587 0340 EPSON_EB_RPCV4_04 - ok
14:13:43.0649 0340 [ 41655972D8829F0974812FFE342031B5 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
14:13:43.0696 0340 EPSON_PM_RPCV4_04 - ok
14:13:43.0727 0340 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
14:13:43.0774 0340 ErrDev - ok
14:13:43.0883 0340 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
14:13:43.0961 0340 EventSystem - ok
14:13:44.0023 0340 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
14:13:44.0242 0340 exfat - ok
14:13:44.0304 0340 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:13:44.0398 0340 fastfat - ok
14:13:44.0476 0340 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
14:13:44.0554 0340 Fax - ok
14:13:44.0616 0340 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:13:44.0663 0340 fdc - ok
14:13:44.0741 0340 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
14:13:44.0835 0340 fdPHost - ok
14:13:44.0897 0340 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
14:13:45.0708 0340 FDResPub - ok
14:13:45.0991 0340 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:13:46.0095 0340 FileInfo - ok
14:13:46.0252 0340 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:13:46.0722 0340 Filetrace - ok
14:13:46.0754 0340 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:13:47.0144 0340 flpydisk - ok
14:13:47.0175 0340 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:13:47.0456 0340 FltMgr - ok
14:13:48.0002 0340 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\Windows\system32\FntCache.dll
14:13:48.0174 0340 FontCache - ok
14:13:48.0876 0340 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:13:48.0938 0340 FontCache3.0.0.0 - ok
14:13:49.0001 0340 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:13:49.0079 0340 FsDepends - ok
14:13:49.0157 0340 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:13:49.0640 0340 Fs_Rec - ok
14:13:49.0952 0340 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:13:50.0030 0340 fvevol - ok
14:13:50.0139 0340 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:13:50.0186 0340 gagp30kx - ok
14:13:50.0264 0340 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:13:50.0280 0340 GEARAspiWDM - ok
14:13:50.0951 0340 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
14:13:51.0231 0340 gpsvc - ok
14:13:51.0247 0340 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:13:51.0325 0340 hcw85cir - ok
14:13:51.0434 0340 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:13:51.0543 0340 HdAudAddService - ok
14:13:51.0559 0340 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:13:51.0637 0340 HDAudBus - ok
14:13:51.0684 0340 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:13:51.0715 0340 HidBatt - ok
14:13:51.0762 0340 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:13:51.0855 0340 HidBth - ok
14:13:51.0871 0340 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:13:52.0294 0340 HidIr - ok
14:13:52.0412 0340 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
14:13:52.0839 0340 hidserv - ok
14:13:52.0906 0340 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:13:52.0990 0340 HidUsb - ok
14:13:53.0364 0340 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:13:53.0583 0340 hkmsvc - ok
14:13:53.0614 0340 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:13:53.0692 0340 HomeGroupListener - ok
14:13:53.0739 0340 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:13:53.0770 0340 HomeGroupProvider - ok
14:13:54.0082 0340 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
14:13:54.0363 0340 HpSAMD - ok
14:13:54.0784 0340 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:13:55.0470 0340 HTTP - ok
14:13:55.0704 0340 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:13:56.0001 0340 hwpolicy - ok
14:13:56.0063 0340 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:13:56.0578 0340 i8042prt - ok
14:13:57.0529 0340 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:13:57.0904 0340 iaStorV - ok
14:13:58.0759 0340 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:13:58.0884 0340 idsvc - ok
14:14:01.0130 0340 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
14:14:01.0411 0340 igfx - ok
14:14:01.0473 0340 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:14:01.0660 0340 iirsp - ok
14:14:02.0284 0340 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
14:14:03.0018 0340 IKEEXT - ok
14:14:03.0096 0340 [ 88D586E3D6EE17D5C7B8540F72F49148 ] InstallClick C:\Program Files\RIFT Technologies\InstallClick Connector\installclick.exe
14:14:03.0158 0340 InstallClick - ok
14:14:03.0236 0340 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
14:14:03.0267 0340 intelide - ok
14:14:03.0314 0340 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:14:03.0345 0340 intelppm - ok
14:14:03.0392 0340 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:14:04.0423 0340 IPBusEnum - ok
14:14:04.0439 0340 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:14:04.0704 0340 IpFilterDriver - ok
14:14:04.0782 0340 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:14:04.0907 0340 iphlpsvc - ok
14:14:04.0953 0340 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:14:05.0187 0340 IPMIDRV - ok
14:14:05.0219 0340 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:14:05.0967 0340 IPNAT - ok
14:14:06.0139 0340 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:14:06.0170 0340 iPod Service - ok
14:14:06.0217 0340 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:14:06.0326 0340 IRENUM - ok
14:14:06.0373 0340 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
14:14:06.0404 0340 isapnp - ok
14:14:06.0420 0340 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:14:06.0451 0340 iScsiPrt - ok
14:14:06.0498 0340 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:14:06.0529 0340 kbdclass - ok
14:14:06.0545 0340 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:14:06.0591 0340 kbdhid - ok
14:14:06.0623 0340 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
14:14:06.0638 0340 KeyIso - ok
14:14:06.0747 0340 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:14:06.0779 0340 KSecDD - ok
14:14:06.0825 0340 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:14:06.0841 0340 KSecPkg - ok
14:14:06.0903 0340 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
14:14:07.0122 0340 KtmRm - ok
14:14:07.0278 0340 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
14:14:07.0309 0340 LanmanServer - ok
14:14:07.0387 0340 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:14:07.0449 0340 LanmanWorkstation - ok
14:14:07.0527 0340 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:14:07.0590 0340 lltdio - ok
14:14:07.0621 0340 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:14:07.0699 0340 lltdsvc - ok
14:14:07.0730 0340 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
14:14:07.0808 0340 lmhosts - ok
14:14:07.0855 0340 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:14:07.0886 0340 LSI_FC - ok
14:14:07.0902 0340 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:14:07.0949 0340 LSI_SAS - ok
14:14:07.0964 0340 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:14:07.0995 0340 LSI_SAS2 - ok
14:14:08.0011 0340 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:14:08.0042 0340 LSI_SCSI - ok
14:14:08.0073 0340 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
14:14:08.0136 0340 luafv - ok
14:14:08.0245 0340 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:14:08.0261 0340 MBAMProtector - ok
14:14:08.0339 0340 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:14:08.0354 0340 MBAMScheduler - ok
14:14:08.0401 0340 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:14:08.0432 0340 MBAMService - ok
14:14:08.0479 0340 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:14:08.0588 0340 Mcx2Svc - ok
14:14:08.0619 0340 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:14:08.0651 0340 megasas - ok
14:14:08.0682 0340 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:14:08.0729 0340 MegaSR - ok
14:14:08.0807 0340 Microsoft SharePoint Workspace Audit Service - ok
14:14:08.0853 0340 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
14:14:08.0931 0340 MMCSS - ok
14:14:08.0947 0340 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
14:14:09.0020 0340 Modem - ok
14:14:09.0067 0340 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:14:09.0098 0340 monitor - ok
14:14:09.0130 0340 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:14:09.0145 0340 mouclass - ok
14:14:09.0176 0340 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:14:09.0239 0340 mouhid - ok
14:14:09.0270 0340 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:14:09.0301 0340 mountmgr - ok
14:14:09.0442 0340 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:14:09.0473 0340 MozillaMaintenance - ok
14:14:09.0488 0340 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
14:14:09.0520 0340 mpio - ok
14:14:09.0551 0340 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:14:09.0629 0340 mpsdrv - ok
14:14:09.0691 0340 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
14:14:09.0847 0340 MpsSvc - ok
14:14:09.0863 0340 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:14:09.0925 0340 MRxDAV - ok
14:14:09.0972 0340 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:14:10.0034 0340 mrxsmb - ok
14:14:10.0081 0340 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:14:10.0144 0340 mrxsmb10 - ok
14:14:10.0206 0340 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:14:10.0253 0340 mrxsmb20 - ok
14:14:10.0284 0340 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
14:14:10.0300 0340 msahci - ok
14:14:10.0331 0340 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
14:14:10.0378 0340 msdsm - ok
14:14:10.0409 0340 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
14:14:10.0471 0340 MSDTC - ok
14:14:10.0518 0340 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:14:10.0565 0340 Msfs - ok
14:14:10.0580 0340 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:14:10.0674 0340 mshidkmdf - ok
14:14:10.0690 0340 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
14:14:10.0721 0340 msisadrv - ok
14:14:10.0799 0340 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:14:10.0877 0340 MSiSCSI - ok
14:14:10.0892 0340 msiserver - ok
14:14:10.0986 0340 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:14:11.0080 0340 MSKSSRV - ok
14:14:11.0111 0340 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:14:11.0173 0340 MSPCLOCK - ok
14:14:11.0204 0340 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:14:11.0267 0340 MSPQM - ok
14:14:11.0298 0340 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:14:11.0329 0340 MsRPC - ok
14:14:11.0360 0340 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:14:11.0376 0340 mssmbios - ok
14:14:11.0407 0340 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:14:11.0470 0340 MSTEE - ok
14:14:11.0501 0340 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:14:11.0548 0340 MTConfig - ok
14:14:11.0563 0340 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
14:14:11.0579 0340 Mup - ok
14:14:11.0641 0340 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
14:14:11.0704 0340 napagent - ok
14:14:11.0766 0340 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:14:11.0828 0340 NativeWifiP - ok
14:14:11.0875 0340 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:14:11.0906 0340 NDIS - ok
14:14:11.0938 0340 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:14:11.0984 0340 NdisCap - ok
14:14:12.0016 0340 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:14:12.0078 0340 NdisTapi - ok
14:14:12.0109 0340 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:14:12.0156 0340 Ndisuio - ok
14:14:12.0172 0340 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:14:12.0250 0340 NdisWan - ok
14:14:12.0296 0340 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:14:12.0343 0340 NDProxy - ok
14:14:12.0359 0340 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:14:12.0468 0340 NetBIOS - ok
14:14:12.0530 0340 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:14:12.0608 0340 NetBT - ok
14:14:12.0640 0340 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
14:14:12.0671 0340 Netlogon - ok
14:14:12.0733 0340 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
14:14:12.0796 0340 Netman - ok
14:14:12.0874 0340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:14:12.0920 0340 NetMsmqActivator - ok
14:14:12.0936 0340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:14:12.0952 0340 NetPipeActivator - ok
14:14:13.0014 0340 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
14:14:13.0092 0340 netprofm - ok
14:14:13.0108 0340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:14:13.0123 0340 NetTcpActivator - ok
14:14:13.0139 0340 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:14:13.0154 0340 NetTcpPortSharing - ok
14:14:13.0232 0340 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:14:13.0310 0340 nfrd960 - ok
14:14:13.0342 0340 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
14:14:13.0482 0340 NlaSvc - ok
14:14:13.0513 0340 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:14:13.0576 0340 Npfs - ok
14:14:13.0607 0340 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
14:14:14.0088 0340 nsi - ok
14:14:14.0142 0340 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:14:14.0342 0340 nsiproxy - ok
14:14:14.0487 0340 [ 5126C5402C730C2A953275D8497A4715 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:14:14.0754 0340 Ntfs - ok
14:14:14.0774 0340 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
14:14:15.0225 0340 Null - ok
14:14:15.0247 0340 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:14:15.0469 0340 nvraid - ok
14:14:15.0500 0340 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:14:15.0594 0340 nvstor - ok
14:14:15.0625 0340 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
14:14:15.0734 0340 nv_agp - ok
14:14:15.0797 0340 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:14:15.0843 0340 ohci1394 - ok
14:14:15.0953 0340 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:14:16.0046 0340 ose - ok
14:14:16.0265 0340 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:14:16.0545 0340 osppsvc - ok
14:14:16.0623 0340 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:14:16.0655 0340 p2pimsvc - ok
14:14:16.0717 0340 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
14:14:16.0733 0340 p2psvc - ok
14:14:16.0795 0340 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:14:16.0842 0340 Parport - ok
14:14:16.0904 0340 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:14:16.0920 0340 partmgr - ok
14:14:16.0967 0340 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
14:14:17.0013 0340 Parvdm - ok
14:14:17.0029 0340 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:14:17.0076 0340 PcaSvc - ok
14:14:17.0107 0340 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
14:14:17.0138 0340 pci - ok
14:14:17.0169 0340 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:14:17.0201 0340 pciide - ok
14:14:17.0232 0340 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:14:17.0294 0340 pcmcia - ok
14:14:17.0325 0340 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
14:14:17.0357 0340 pcw - ok
14:14:17.0388 0340 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:14:17.0528 0340 PEAUTH - ok
14:14:17.0606 0340 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:14:17.0731 0340 PeerDistSvc - ok
14:14:17.0856 0340 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
14:14:17.0996 0340 pla - ok
14:14:18.0059 0340 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:14:18.0230 0340 PlugPlay - ok
14:14:18.0246 0340 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:14:18.0293 0340 PNRPAutoReg - ok
14:14:18.0339 0340 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:14:18.0355 0340 PNRPsvc - ok
14:14:18.0417 0340 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:14:18.0527 0340 PolicyAgent - ok
14:14:18.0651 0340 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
14:14:18.0714 0340 Power - ok
14:14:18.0776 0340 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:14:18.0854 0340 PptpMiniport - ok
14:14:18.0885 0340 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:14:18.0932 0340 Processor - ok
14:14:19.0010 0340 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll
14:14:19.0073 0340 ProfSvc - ok
14:14:19.0104 0340 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:14:19.0119 0340 ProtectedStorage - ok
14:14:19.0166 0340 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:14:19.0229 0340 Psched - ok
14:14:19.0322 0340 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:14:19.0463 0340 ql2300 - ok
14:14:19.0541 0340 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:14:19.0681 0340 ql40xx - ok
14:14:19.0759 0340 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
14:14:19.0821 0340 QWAVE - ok
14:14:19.0899 0340 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:14:19.0946 0340 QWAVEdrv - ok
14:14:19.0977 0340 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:14:20.0055 0340 RasAcd - ok
14:14:20.0087 0340 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:14:20.0180 0340 RasAgileVpn - ok
14:14:20.0243 0340 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
14:14:20.0321 0340 RasAuto - ok
14:14:20.0352 0340 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:14:20.0444 0340 Rasl2tp - ok
14:14:21.0427 0340 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
14:14:21.0926 0340 RasMan - ok
14:14:21.0973 0340 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:14:22.0316 0340 RasPppoe - ok
14:14:22.0441 0340 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:14:22.0534 0340 RasSstp - ok
14:14:22.0565 0340 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:14:22.0737 0340 rdbss - ok
14:14:22.0815 0340 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:14:22.0831 0340 rdpbus - ok
14:14:22.0877 0340 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:14:22.0924 0340 RDPCDD - ok
14:14:23.0002 0340 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:14:23.0205 0340 RDPDR - ok
14:14:23.0236 0340 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:14:23.0283 0340 RDPENCDD - ok
14:14:23.0345 0340 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:14:23.0455 0340 RDPREFMP - ok
14:14:23.0548 0340 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:14:23.0689 0340 RDPWD - ok
14:14:23.0751 0340 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:14:23.0813 0340 rdyboost - ok
14:14:23.0876 0340 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
14:14:23.0938 0340 RemoteAccess - ok
14:14:23.0954 0340 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:14:24.0016 0340 RemoteRegistry - ok
14:14:24.0110 0340 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:14:24.0188 0340 RpcEptMapper - ok
14:14:24.0250 0340 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
14:14:24.0437 0340 RpcLocator - ok
14:14:24.0484 0340 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
14:14:24.0547 0340 RpcSs - ok
14:14:24.0593 0340 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:14:24.0625 0340 rspndr - ok
14:14:24.0703 0340 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
14:14:24.0749 0340 RTL8167 - ok
14:14:24.0796 0340 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
14:14:24.0843 0340 s3cap - ok
14:14:24.0874 0340 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
14:14:24.0890 0340 SamSs - ok
14:14:24.0921 0340 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
14:14:24.0952 0340 sbp2port - ok
14:14:25.0015 0340 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:14:25.0139 0340 SCardSvr - ok
14:14:25.0186 0340 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:14:25.0295 0340 scfilter - ok
14:14:25.0498 0340 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
14:14:25.0592 0340 Schedule - ok
14:14:25.0607 0340 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:14:25.0654 0340 SCPolicySvc - ok
14:14:25.0717 0340 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:14:25.0748 0340 SDRSVC - ok
14:14:25.0826 0340 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:14:25.0904 0340 secdrv - ok
14:14:25.0919 0340 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
14:14:25.0982 0340 seclogon - ok
14:14:26.0029 0340 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
14:14:26.0075 0340 SENS - ok
14:14:26.0185 0340 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:14:26.0419 0340 SensrSvc - ok
14:14:26.0434 0340 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:14:26.0465 0340 Serenum - ok
14:14:26.0543 0340 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:14:26.0575 0340 Serial - ok
14:14:26.0590 0340 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:14:26.0699 0340 sermouse - ok
14:14:26.0855 0340 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
14:14:26.0996 0340 SessionEnv - ok
14:14:27.0043 0340 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
14:14:27.0183 0340 sffdisk - ok
14:14:27.0214 0340 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:14:27.0261 0340 sffp_mmc - ok
14:14:27.0292 0340 [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
14:14:27.0370 0340 sffp_sd - ok
14:14:27.0401 0340 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:14:27.0433 0340 sfloppy - ok
14:14:27.0464 0340 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:14:27.0698 0340 SharedAccess - ok
14:14:27.0885 0340 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:14:28.0837 0340 ShellHWDetection - ok
14:14:28.0868 0340 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
14:14:28.0977 0340 sisagp - ok
14:14:29.0008 0340 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:14:29.0024 0340 SiSRaid2 - ok
14:14:29.0039 0340 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:14:29.0071 0340 SiSRaid4 - ok
14:14:29.0180 0340 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:14:29.0180 0340 SkypeUpdate - ok
14:14:29.0227 0340 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:14:29.0445 0340 Smb - ok
14:14:29.0570 0340 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:14:29.0695 0340 SNMPTRAP - ok
14:14:29.0773 0340 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
14:14:29.0960 0340 spldr - ok
14:14:30.0163 0340 [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler C:\Windows\System32\spoolsv.exe
14:14:30.0272 0340 Spooler - ok
14:14:31.0038 0340 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
14:14:31.0194 0340 sppsvc - ok
14:14:31.0303 0340 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:14:31.0428 0340 sppuinotify - ok
14:14:31.0475 0340 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:14:31.0522 0340 srv - ok
14:14:31.0615 0340 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:14:31.0631 0340 srv2 - ok
14:14:31.0678 0340 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:14:31.0724 0340 srvnet - ok
14:14:31.0771 0340 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:14:31.0990 0340 SSDPSRV - ok
14:14:32.0068 0340 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
14:14:32.0114 0340 ssmdrv - ok
14:14:32.0161 0340 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:14:32.0286 0340 SstpSvc - ok
14:14:32.0380 0340 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:14:32.0426 0340 stexstor - ok
14:14:32.0473 0340 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
14:14:32.0567 0340 StiSvc - ok
14:14:32.0598 0340 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
14:14:32.0629 0340 storflt - ok
14:14:32.0676 0340 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
14:14:32.0738 0340 StorSvc - ok
14:14:32.0801 0340 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
14:14:32.0848 0340 storvsc - ok
14:14:32.0910 0340 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:14:33.0035 0340 swenum - ok
14:14:33.0113 0340 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
14:14:33.0191 0340 swprv - ok
14:14:33.0238 0340 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
14:14:33.0394 0340 SysMain - ok
14:14:33.0425 0340 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:14:33.0472 0340 TabletInputService - ok
14:14:33.0487 0340 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
14:14:33.0612 0340 TapiSrv - ok
14:14:33.0643 0340 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
14:14:33.0721 0340 TBS - ok
14:14:33.0799 0340 [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:14:33.0924 0340 Tcpip - ok
14:14:33.0986 0340 [ BBCEAEFF1FD72A026F827CBB2F4AA8AD ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:14:34.0018 0340 TCPIP6 - ok
14:14:34.0080 0340 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:14:34.0142 0340 tcpipreg - ok
14:14:34.0174 0340 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:14:34.0205 0340 TDPIPE - ok
14:14:34.0267 0340 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:14:34.0298 0340 TDTCP - ok
14:14:34.0330 0340 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:14:34.0392 0340 tdx - ok
14:14:34.0673 0340 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:14:34.0751 0340 TermDD - ok
14:14:34.0813 0340 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
14:14:34.0969 0340 TermService - ok
14:14:35.0000 0340 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
14:14:35.0078 0340 Themes - ok
14:14:35.0141 0340 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
14:14:35.0172 0340 THREADORDER - ok
14:14:35.0234 0340 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
14:14:35.0312 0340 TrkWks - ok
14:14:35.0453 0340 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:14:35.0484 0340 TrustedInstaller - ok
14:14:35.0515 0340 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:14:35.0562 0340 tssecsrv - ok
14:14:35.0624 0340 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:14:35.0665 0340 tunnel - ok
14:14:35.0714 0340 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:14:35.0792 0340 uagp35 - ok
14:14:35.0823 0340 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:14:35.0886 0340 udfs - ok
14:14:35.0964 0340 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:14:36.0011 0340 UI0Detect - ok
14:14:36.0026 0340 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
14:14:36.0057 0340 uliagpkx - ok
14:14:36.0089 0340 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:14:36.0135 0340 umbus - ok
14:14:36.0151 0340 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:14:36.0182 0340 UmPass - ok
14:14:36.0245 0340 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:14:36.0291 0340 UmRdpService - ok
14:14:36.0338 0340 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
14:14:36.0401 0340 upnphost - ok
14:14:36.0463 0340 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
14:14:36.0479 0340 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
14:14:36.0479 0340 USBAAPL - detected UnsignedFile.Multi.Generic (1)
14:14:36.0572 0340 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:14:36.0635 0340 usbccgp - ok
14:14:36.0681 0340 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
14:14:36.0713 0340 usbcir - ok
14:14:36.0775 0340 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:14:36.0806 0340 usbehci - ok
14:14:36.0837 0340 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:14:36.0884 0340 usbhub - ok
14:14:36.0900 0340 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:14:36.0947 0340 usbohci - ok
14:14:37.0009 0340 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:14:37.0025 0340 usbprint - ok
14:14:37.0087 0340 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:14:37.0149 0340 usbscan - ok
14:14:37.0212 0340 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:14:37.0399 0340 USBSTOR - ok
14:14:37.0477 0340 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:14:37.0617 0340 usbuhci - ok
14:14:37.0742 0340 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:14:37.0805 0340 usbvideo - ok
14:14:37.0836 0340 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
14:14:37.0867 0340 UxSms - ok
14:14:37.0898 0340 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
14:14:37.0914 0340 VaultSvc - ok
14:14:37.0976 0340 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
14:14:38.0007 0340 vdrvroot - ok
14:14:38.0039 0340 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
14:14:38.0101 0340 vds - ok
14:14:38.0132 0340 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:14:38.0148 0340 vga - ok
14:14:38.0179 0340 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:14:38.0226 0340 VgaSave - ok
14:14:38.0241 0340 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
14:14:38.0319 0340 vhdmp - ok
14:14:38.0413 0340 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
14:14:38.0460 0340 viaagp - ok
14:14:38.0475 0340 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
14:14:38.0538 0340 ViaC7 - ok
14:14:38.0553 0340 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
14:14:38.0585 0340 viaide - ok
14:14:38.0709 0340 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
14:14:38.0741 0340 vmbus - ok
14:14:38.0787 0340 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
14:14:38.0819 0340 VMBusHID - ok
14:14:38.0850 0340 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
14:14:38.0865 0340 volmgr - ok
14:14:38.0897 0340 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:14:38.0975 0340 volmgrx - ok
14:14:39.0021 0340 [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:14:39.0068 0340 volsnap - ok
14:14:39.0131 0340 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:14:39.0162 0340 vsmraid - ok
14:14:39.0224 0340 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
14:14:39.0318 0340 VSS - ok
14:14:39.0349 0340 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:14:39.0365 0340 vwifibus - ok
14:14:39.0411 0340 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:14:39.0474 0340 vwififlt - ok
14:14:39.0505 0340 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
14:14:39.0567 0340 W32Time - ok
14:14:39.0599 0340 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:14:39.0661 0340 WacomPen - ok
14:14:39.0755 0340 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:14:39.0801 0340 WANARP - ok
14:14:39.0817 0340 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:14:39.0864 0340 Wanarpv6 - ok
14:14:39.0989 0340 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:14:40.0113 0340 WatAdminSvc - ok
14:14:40.0191 0340 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
14:14:40.0316 0340 wbengine - ok
14:14:40.0347 0340 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:14:40.0394 0340 WbioSrvc - ok
14:14:40.0441 0340 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:14:40.0519 0340 wcncsvc - ok
14:14:40.0566 0340 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:14:40.0644 0340 WcsPlugInService - ok
14:14:40.0691 0340 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:14:40.0706 0340 Wd - ok
14:14:40.0806 0340 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:14:40.0931 0340 Wdf01000 - ok
14:14:40.0946 0340 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:14:40.0977 0340 WdiServiceHost - ok
14:14:40.0993 0340 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:14:41.0024 0340 WdiSystemHost - ok
14:14:41.0149 0340 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
14:14:41.0211 0340 WebClient - ok
14:14:41.0274 0340 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:14:41.0321 0340 Wecsvc - ok
14:14:41.0352 0340 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:14:41.0399 0340 wercplsupport - ok
14:14:41.0445 0340 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
14:14:41.0492 0340 WerSvc - ok
14:14:41.0617 0340 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:14:41.0711 0340 WfpLwf - ok
14:14:41.0742 0340 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:14:41.0773 0340 WIMMount - ok
14:14:41.0882 0340 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:14:41.0898 0340 WinDefend - ok
14:14:41.0929 0340 WinHttpAutoProxySvc - ok
14:14:42.0038 0340 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:14:42.0085 0340 Winmgmt - ok
14:14:42.0179 0340 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
14:14:42.0257 0340 WinRM - ok
14:14:42.0366 0340 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:14:42.0459 0340 WinUsb - ok
14:14:42.0600 0340 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:14:42.0662 0340 Wlansvc - ok
14:14:42.0693 0340 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:14:42.0787 0340 WmiAcpi - ok
14:14:42.0881 0340 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:14:42.0912 0340 wmiApSrv - ok
14:14:43.0115 0340 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:14:43.0177 0340 WMPNetworkSvc - ok
14:14:43.0239 0340 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:14:43.0286 0340 WPCSvc - ok
14:14:43.0317 0340 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:14:43.0349 0340 WPDBusEnum - ok
14:14:43.0395 0340 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:14:43.0567 0340 ws2ifsl - ok
14:14:43.0614 0340 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll
14:14:43.0661 0340 wscsvc - ok
14:14:43.0676 0340 WSearch - ok
14:14:43.0770 0340 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:14:43.0832 0340 wuauserv - ok
14:14:43.0879 0340 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:14:43.0926 0340 WudfPf - ok
14:14:43.0988 0340 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:14:44.0097 0340 WUDFRd - ok
14:14:44.0253 0340 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:14:44.0378 0340 wudfsvc - ok
14:14:44.0456 0340 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:14:44.0550 0340 WwanSvc - ok
14:14:44.0659 0340 ================ Scan global ===============================
14:14:44.0737 0340 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
14:14:44.0815 0340 [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
14:14:44.0846 0340 [ 8531AAF69394EFB93BC653916C46D245 ] C:\Windows\system32\winsrv.dll
14:14:45.0002 0340 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:14:45.0127 0340 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:14:45.0143 0340 [Global] - ok
14:14:45.0158 0340 ================ Scan MBR ==================================
14:14:45.0189 0340 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:14:45.0845 0340 \Device\Harddisk0\DR0 - ok
14:14:45.0845 0340 ================ Scan VBR ==================================
14:14:45.0876 0340 [ 808ED9D3F7AAD7C6950B77C20DBB353B ] \Device\Harddisk0\DR0\Partition1
14:14:45.0876 0340 \Device\Harddisk0\DR0\Partition1 - ok
14:14:45.0923 0340 [ 771FCAE4DE608BCF3EB30839078EF6AD ] \Device\Harddisk0\DR0\Partition2
14:14:45.0923 0340 \Device\Harddisk0\DR0\Partition2 - ok
14:14:45.0938 0340 ============================================================
14:14:45.0938 0340 Scan finished
14:14:45.0938 0340 ============================================================
14:14:45.0954 2840 Detected object count: 1
14:14:45.0954 2840 Actual detected object count: 1
14:17:08.0483 2840 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
14:17:08.0483 2840 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip

Merci, @+

Re: [Résolu] ihavenet infection

par dédétraqué
 mer. 3 avr. 2013 16:51 #43914
Salut mnicom


Télécharge combofix.exe (de sUBs) sur le bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/desactiver_l ... -f31s4.htm


== Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini.

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Il te sera demandé d’installer la console si elle n’est pas installer, clique sur Oui

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++
Avatar du membre

Re: [Résolu] ihavenet infection

par mnicom
 mer. 3 avr. 2013 22:24 #43948
Salut dédétraqué,

voici le rapport que j'ai obtenu avec Combofix:

ComboFix 13-04-02.01 - Nico 03/04/2013 22:03:20.1.1 - x86
Microsoft Windows 7 Professionnel 6.1.7600.0.1252.33.1036.18.3003.1915 [GMT 2:00]
Lancé depuis: c:\users\Nico\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Nicoco\Documents\~WRL0004.tmp
c:\users\Nicoco\Documents\~WRL1132.tmp
c:\users\Nicoco\Documents\~WRL1708.tmp
c:\users\Nicoco\Documents\~WRL1801.tmp
c:\users\Nicoco\Documents\~WRL3528.tmp
c:\users\Nicoco\Documents\~WRL3789.tmp
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2013-03-03 au 2013-04-03 ))))))))))))))))))))))))))))))))))))
.
.
2013-04-03 20:11 . 2013-04-03 20:12 -------- d-----w- c:\users\Nico\AppData\Local\temp
2013-04-03 20:11 . 2013-04-03 20:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-03 20:11 . 2013-04-03 20:11 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EF4906A5-892B-4EC1-917C-E49F34ED6741}\offreg.dll
2013-04-03 11:11 . 2013-04-03 11:11 -------- d-----w- C:\_OTL
2013-04-02 14:58 . 2013-03-19 04:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EF4906A5-892B-4EC1-917C-E49F34ED6741}\mpengine.dll
2013-04-01 21:34 . 2013-04-01 21:34 512 ----a-w- C:\PhysicalMBR.bin
2013-03-27 10:32 . 2013-03-27 10:32 -------- d-----w- c:\users\Nico\AppData\Local\Programs
2013-03-27 10:31 . 2013-03-27 10:31 -------- d-----w- c:\users\Nico\AppData\Roaming\Malwarebytes
2013-03-27 10:31 . 2013-03-27 10:31 -------- d-----w- c:\programdata\Malwarebytes
2013-03-27 10:31 . 2013-03-27 10:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-27 10:31 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-27 10:02 . 2013-03-27 15:22 -------- d-----w- C:\ZHP
2013-03-27 10:02 . 2013-03-27 15:22 -------- d-----w- c:\program files\ZHPDiag
2013-03-25 07:30 . 2013-03-25 07:30 -------- d-----w- c:\users\Nico\AppData\Roaming\Avira
2013-03-25 07:24 . 2013-04-01 21:39 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-03-25 07:24 . 2013-04-01 21:39 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-03-25 07:24 . 2013-04-01 21:39 135136 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-03-25 07:23 . 2013-03-25 07:23 -------- d-----w- c:\programdata\Avira
2013-03-25 07:23 . 2013-03-25 07:23 -------- d-----w- c:\program files\Avira
2013-03-21 01:55 . 2013-03-21 01:55 -------- d-----w- c:\windows\system32\EventProviders
2013-03-18 21:05 . 2013-02-12 13:51 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-14 13:33 . 2013-03-14 13:33 -------- d-----w- c:\users\Nico\AppData\Local\Apps
2013-03-14 13:33 . 2013-03-28 18:41 -------- d-----w- c:\users\Nico\AppData\Local\Deployment
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-21 09:33 . 2013-01-16 17:36 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-21 09:33 . 2013-01-16 17:36 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-02 13:42 . 2013-02-02 13:42 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-02 13:42 . 2012-02-19 18:53 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-17 00:28 . 2012-02-19 18:51 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:02 . 2013-02-13 10:43 3957608 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:02 . 2013-02-13 10:43 3902312 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 04:55 . 2013-02-13 10:43 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 04:55 . 2013-02-13 10:43 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-01-04 04:50 . 2013-02-13 10:43 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:46 . 2013-02-13 10:43 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-04 04:43 . 2013-02-13 10:43 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-04 03:00 . 2013-02-13 10:43 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:59 . 2013-02-13 10:43 271360 ----a-w- c:\windows\system32\conhost.exe
2013-01-04 02:43 . 2013-02-13 10:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 02:43 . 2013-02-13 10:43 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-04 02:43 . 2013-02-13 10:43 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 02:43 . 2013-02-13 10:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-03-10 13:15 . 2013-03-10 13:14 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
"Facebook Update"="c:\users\Nico\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-01-15 138096]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-04-01 345312]
.
c:\users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Nico\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 AntiVirSchedulerService;Avira Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [x]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [x]
S2 InstallClick;InstallClick Connector;c:\program files\RIFT Technologies\InstallClick Connector\installclick.exe [x]
S3 RTL8167;Pilote Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - 16856419
*NewlyCreated* - 64344916
*Deregistered* - 16856419
*Deregistered* - 64344916
.
Contenu du dossier 'Tâches planifiées'
.
2013-04-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3736134730-113916812-3330031704-1002Core.job
- c:\users\Nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-15 09:51]
.
2013-04-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3736134730-113916812-3330031704-1002UA.job
- c:\users\Nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-15 09:51]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 212.27.40.240 212.27.40.241
FF - ProfilePath - c:\users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhgu1d2l.default\
FF - prefs.js: browser.search.selectedEngine - -
FF - prefs.js: browser.startup.homepage - http://www.google.fr
FF - ExtSQL: 2013-02-24 11:34; newtaburl@sogame.cat; c:\users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhgu1d2l.default\extensions\newtaburl@sogame.cat.xpi
FF - ExtSQL: 2013-02-24 11:36; {66E978CD-981F-47DF-AC42-E3CF417C1467}; c:\users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhgu1d2l.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2013-04-03 22:18:47
ComboFix-quarantined-files.txt 2013-04-03 20:18
.
Avant-CF: 120 225 640 448 octets libres
Après-CF: 120 122 150 912 octets libres
.
- - End Of File - - 8608DB736E9B47F9043D0DF1575D85D6


@++
Avatar du membre

Re: [Résolu] ihavenet infection

par mnicom
 jeu. 4 avr. 2013 18:31 #43983
Salut dédétraqué,

tip top, merci beaucoup.

Est-ce que je puex supprimer certains des programmes que j'ai téléchargés pour me débarrasser du virus?
Et lesquels pourraient m'être utiles pour la suite?


Enfin, question pratique, il faut que je mette [Résolu] comme titre pour le sujet?


Encore merci


@++

Re: [Résolu] ihavenet infection

par dédétraqué
 jeu. 4 avr. 2013 22:03 #43993
Salut mnicom


Bien de rien

On va faire un ménage des outils téléchargés pour la désinfection, télécharge Del Fix (de Xplode), sur ton bureau :

http://www.general-changelog-team.fr/fr ... /26-delfix

Lance-le, coche l'option "Supprimer les outils de désinfection".
Clique sur [Exécuter]
Patiente durant l'opération..


-----


Je te donne quelques consignes de sécurité :

Image Windows Update parfaitement à jour http://www.windowsupdate.com/
Image Pare-feu bien paramétré pour XP, je te conseil :
ZoneAlarm, Vista/Seven -- le pare de WINDOWS est suffisant.
Image Antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
Image Une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
Image Pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..)
Le danger des cracks !
Les risques sécuritaires du peer-to-peer
Image Une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
Image Nettoyage hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk)
Image Scan hebdomadaire antispyware ( je conseil [url=http://www.malekal.com/tutorial_Malware ... alware.php]Malwarebytes[/urlhttp://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php]Malwarebytes[/url ] )
Image Un contrôle régulier de la console JAVA pour s'assurer qu'elle est à jour http://www.java.com/en/download/help/testvm.xml
Image Faire régulièrement un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
http://www.malekal.com/scan_vulnerabilite.php

Je m'occupe pour mettre le sujet en résolu car tu peux pas en étant pas inscris.

Bonne journée/soirée et bon surf


@++
 Sujet verrouillé
 Retourner vers « Désinfection »
Hello everyone.

Methods, etc. but does that mean that physical sex[…]

FLTL_READ_MORE
BUG souris USB qui se débranche + BUG clavier fou

Bonsoir. J'ai été nettoyé et […]

FLTL_READ_MORE
Infecté par puabundler:win32/rostpay

C' est bien ce qu'il me semble, vous allez le fair[…]

FLTL_READ_MORE
Impossible de mettre le wifi à mon nouveau pc w11

Bonjour, Après avoir contacter pleins de si[…]

FLTL_READ_MORE
FLTL_VIEW_MORE_TOPICS