Se connecter / S'enregistrer
Votre question

Virus Ukash ordinateur bloqué

Tags :
  • Virus
  • Ordinateur
  • Sécurité
Dernière réponse : dans Sécurité et virus
25 Septembre 2012 19:42:46

Bonjour ,

Aujourd'hui alors que je surfais sur le net, je clique sur une pub sans faire exprès et tout a coup une page m'affiche que mon ordinateur est bloqué pour avoir été sur des sites interdis!

Alors je me suis renseigné et j'ai vu que c'était un virus et donc j'aimerais me debarasser de ce virus.

Pourriez-vous m'aider ? Je suis sur windows xp
PS:le mode sans echec mache , je suis dessus actuellement

J'ai déjà fait l'etape de l'analyse OTL , je vous met les liens
OTL.txt: http://pjjoint.malekal.com/files.php?id=20120925_b9q9k5...
Extras.txt: http://pjjoint.malekal.com/files.php?id=20120925_f7y12r...

Autres pages sur : virus ukash ordinateur bloque

25 Septembre 2012 21:47:08

Bonsoir
à faire en mode sans echec avec prise en charge réseau:
Télécharge ComboFix de sUBs : Combofix
Sauvegarde-le sur ton bureau et pas ailleurs!

Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

viens sur le forum et édition "coller"

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

<@_@>
26 Septembre 2012 16:06:15

Voila j'ai effectuer l'analyse

ComboFix 12-09-26.01 - Administrateur 26/09/2012 15:45:18.1.2 - x86 NETWORK
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1023.678 [GMT 2:00]
Lancé depuis: d:\documents and settings\Administrateur\Bureau\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Autorun.inf
d:\documents and settings\Administrateur\Application Data\app
d:\documents and settings\Administrateur\Application Data\app\Jerakine_lang.dat
d:\documents and settings\Administrateur\Application Data\app\Jerakine_lang_vesrion.dat
d:\documents and settings\molho jacques\WINDOWS
d:\recycler\S-1-5-18\$fa3f7d1a07ee03806b5b23fdc394a155\@
d:\recycler\S-1-5-18\$fa3f7d1a07ee03806b5b23fdc394a155\n
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-08-26 au 2012-09-26 ))))))))))))))))))))))))))))))))))))
.
.
2012-09-26 13:40 . 2012-09-26 13:40 -------- d--h--w- d:\documents and settings\Administrateur\Voisinage réseau
2012-09-26 13:40 . 2012-09-26 13:40 -------- d--h--w- d:\documents and settings\Administrateur\Voisinage d'impression
2012-09-25 16:18 . 2012-09-25 16:18 -------- d-sh--w- d:\documents and settings\NetworkService\IETldCache
2012-09-14 10:39 . 2012-09-14 10:39 -------- d-----w- D:\Riot Games
2012-09-14 09:47 . 2012-09-25 11:18 -------- d-----w- d:\documents and settings\All Users\Application Data\PMB Files
2012-09-14 09:47 . 2012-09-14 09:47 -------- d-----w- d:\program files\Pando Networks
2012-08-31 21:30 . 2012-08-31 21:30 -------- d-----w- d:\program files\Microsoft
2012-08-31 21:29 . 2012-08-31 21:30 -------- d-----r- d:\program files\Skype
2012-08-31 21:29 . 2012-08-31 21:29 -------- d-----w- d:\program files\Fichiers communs\Skype
2012-08-29 14:24 . 2012-08-29 14:24 696520 ----a-w- d:\windows\system32\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-29 14:24 . 2011-06-25 07:34 73416 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-16 14:12 . 2011-11-11 14:22 3623592 ----a-w- d:\program files\Fichiers communs\ApnToolbarInstaller.exe
2011-09-16 14:12 . 2011-11-11 14:22 143240 ----a-w- d:\program files\Fichiers communs\ApnStub.exe
2010-01-26 10:11 . 2011-11-11 14:22 444283 ----a-w- d:\program files\Fichiers communs\WinPcapNmap.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-23 20:20 1515688 ----a-w- d:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "d:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 57344]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"NeroFilterCheck"="d:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"ApnUpdater"="d:\program files\Ask.com\Updater\Updater.exe" [2011-08-23 887976]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2008-05-02 13529088]
"nwiz"="nwiz.exe" [2008-05-02 1630208]
"NvMediaCenter"="d:\windows\system32\NvMcTray.dll" [2008-05-02 86016]
"SunJavaUpdateSched"="d:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2011-09-30 252296]
"WinSyncProviders"="d:\documents and settings\molho jacques\Local Settings\Application Data\Microsoft\Windows\1923\WinSyncProviders.exe" [2012-09-25 113664]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
d:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\
DSLMON.lnk - d:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2011-10-15 962663]
Microsoft Office.lnk - d:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
S2 BBSvc;BingBar Service;d:\program files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [11/06/2012 16:22 193616]
S2 drhard;drhard;d:\windows\system32\drivers\drhard.sys [24/08/2010 17:29 23600]
S2 gupdate;Service Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [05/02/2010 19:57 135664]
S2 npf;NetGroup Packet Filter Driver;d:\windows\system32\drivers\npf.sys [27/01/2010 04:09 50704]
S2 Skype C2C Service;Skype C2C Service;d:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [13/08/2012 13:33 3064000]
S2 SkypeUpdate;Skype Updater;d:\program files\Skype\Updater\Updater.exe [13/07/2012 13:28 160944]
S3 adiusbae;USB ADSL LAN Adapter;d:\windows\system32\drivers\adiusbae.sys [15/10/2011 10:32 117673]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;d:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [29/08/2012 16:24 250568]
S3 BBUpdate;BBUpdate;d:\program files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [11/06/2012 16:22 240208]
S3 gupdatem;Service Google Update (gupdatem);d:\program files\Google\Update\GoogleUpdate.exe [05/02/2010 19:57 135664]
S3 Ltn_stk7070P;PCTV based TV tuner device;d:\windows\system32\drivers\Ltn_stk7070P.sys [22/05/2008 09:40 466048]
S3 Ltn_stkrc;PCTV Infrared Receiver;d:\windows\system32\drivers\Ltn_stkrc.sys [22/05/2008 09:40 13440]
.
Contenu du dossier 'Tâches planifiées'
.
2012-09-25 d:\windows\Tasks\Adobe Flash Player Updater.job
- d:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-29 14:24]
.
2012-09-17 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 12:21]
.
2012-09-25 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 17:57]
.
2012-09-25 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 17:57]
.
2012-09-25 d:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- d:\program files\Ask.com\UpdateTask.exe [2011-08-23 20:20]
.
2012-09-25 d:\windows\Tasks\User_Feed_Synchronization-{4D84BFC3-FE43-4456-BDD6-AA00E633D642}.job
- d:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Examen supplémentaire -------
.
TCP: DhcpNameServer = 192.168.0.254
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-VSD3DRefDebug - d:\documents and settings\Gamin\Local Settings\Application Data\Microsoft\Windows\742\VSD3DRefDebug.exe
AddRemove-Age of Empires 2.0 - d:\program files\Microsoft Games\Age of Empires II\UNINSTAL.EXE
AddRemove-V-Ray for 3dsmax R8 for x86 - d:\program files\Chaos Group\V-Ray\3dsmax R8 for x86\uninstall\wininstaller.exe-uninstall=d:\program files\Chaos Group\V-Ray\3dsmax R8 for x86\uninstall\install.log
AddRemove-{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA} - d:\program files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exeUNINSTALL
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-26 15:54
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3160023AS rev.3.20 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-10
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-1844237615-688789844-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,7a,e5,62,b3,bd,86,4e,b8,1e,9e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,7a,e5,62,b3,bd,86,4e,b8,1e,9e,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Heure de fin: 2012-09-26 15:56:58
ComboFix-quarantined-files.txt 2012-09-26 13:56
.
Avant-CF: 123 613 356 032 octets libres
Après-CF: 124 282 650 624 octets libres
.
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect
.
- - End Of File - - 9404AACD4E7C9F34D7E1DC4633E72C88
Contenus similaires
26 Septembre 2012 21:02:50

Bonsoir
étape 1

  • Télécharge TDSSKiller de Kaspersky et enregistre-le sur ton Bureau
  • Double-clique sur TDSSKiller.exe
    /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
  • Clique sur Change parameters et coche la case Loaded modules. Le message Reboot is required s'affiche.
    Il faut le valider en cliquant sur Reboot now.
  • Au redémarrage, valider la demande Voulez-vous exécuter ce fichier (Editeur Kasperky.Labs).
    L'outil TDSSKiller se relance.
  • Clique de nouveau sur Change parameters et coche dans Additionnal options les cases Verify driver digital signatures et Detect TDLFS file system. Valide par OK
  • Clique sur Start scan pour lancer l'analyse. Laisse travailler l'outil sans l'interrompre.
  • En fin d'analyse, si l'outil a trouvé des éléments suspects ou malicieux, laisse les options indiquées par l'outil pour l'action à effectuer :
    • Si TDSS.tdl2 est détecté, l'option delete soit cochée par défaut
    • Si TDSS.tdl3 est détecté, l'option Cure soit bien cochée
    • Si TDSS.tdl4 (mbr) est détecté, l'option Cure soit bien cochée
    • Si Suspicious object est indiqué, l'option Skip soit cochée

  • Clique ensuite sur Continue, puis clique sur Reboot computer
  • Au redémarrage, poste le rapport TDSSKiller.Version_Date_Heure_log.txt dans ta réponse sur le forum
    Le rapport TDSSKiller.Version_Date_Heure_log.txt est enregistré sous C:\TDSSKiller.Version_Date_Heure_log.txt


  • Tutoriel d'utilisation TDSSKiller en images




    étape 2



    • Rends-toi sur cette page AdwCleaner de Xplode , clique sur Télécharger et enregistre le fichier sur ton Bureau
    • Double-clique sur l'icône AdwCleaner0.exe pour lancer l'installation
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Sur le menu principal, clique sur Recherche et patiente le temps de l'analyse
    • A la fin du scan, un rapport AdwCleaner[R].txt s'ouvre. Poste le rapport dans ta prochaine réponse
      Le rapport se trouve sous C:\AdwCleaner[R].txt


      Tutoriel: AdwCleaner (Xplode)



  • <@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**
    27 Septembre 2012 13:15:21

    AdwCleaner :
    # AdwCleaner v2.003 - Rapport créé le 27/09/2012 à 13:08:56
    # Mis à jour le 23/09/2012 par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
    # Nom d'utilisateur : Administrateur - ARCHITEC-LYGXGO
    # Mode de démarrage : Mode sans échec avec prise en charge réseau
    # Exécuté depuis : D:\Documents and Settings\Administrateur\Bureau\adwcleaner.exe
    # Option [Recherche]


    ***** [Services] *****


    ***** [Fichiers / Dossiers] *****

    Dossier Présent : D:\Documents and Settings\All Users\Application Data\Ask
    Dossier Présent : D:\Documents and Settings\All Users\Application Data\Babylon
    Dossier Présent : D:\Documents and Settings\molho jacques\Application Data\Babylon
    Dossier Présent : D:\Documents and Settings\molho jacques\Application Data\BabylonToolbar
    Dossier Présent : D:\Documents and Settings\molho jacques\Application Data\OpenCandy
    Dossier Présent : D:\Documents and Settings\molho jacques\Local Settings\Application Data\AskToolbar
    Dossier Présent : D:\Documents and Settings\molho jacques\Local Settings\Application Data\Babylon
    Dossier Présent : D:\Documents and Settings\molho jacques\Local Settings\Application Data\OpenCandy
    Dossier Présent : D:\Program Files\Ask.com
    Dossier Présent : D:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Fichier Présent : D:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

    ***** [Registre] *****

    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Présente : HKLM\Software\APN
    Clé Présente : HKLM\Software\AskToolbar
    Clé Présente : HKLM\Software\Babylon
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Clé Présente : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    Clé Présente : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    Clé Présente : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    Clé Présente : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

    ***** [Navigateurs] *****

    -\\ Internet Explorer v8.0.6001.18702

    [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?babsrc=NT_ss&affID=100489&mntrId=1941353c000000000000000ea6981a09

    *************************

    AdwCleaner[R1].txt - [4318 octets] - [27/09/2012 13:08:56]

    ########## EOF - D:\AdwCleaner[R1].txt - [4378 octets] ##########
    27 Septembre 2012 13:17:31

    TDSSKiller :
    # AdwCleaner v2.003 - Rapport créé le 27/09/2012 à 13:08:56
    # Mis à jour le 23/09/2012 par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
    # Nom d'utilisateur : Administrateur - ARCHITEC-LYGXGO
    # Mode de démarrage : Mode sans échec avec prise en charge réseau
    # Exécuté depuis : D:\Documents and Settings\Administrateur\Bureau\adwcleaner.exe
    # Option [Recherche]


    ***** [Services] *****


    ***** [Fichiers / Dossiers] *****

    Dossier Présent : D:\Documents and Settings\All Users\Application Data\Ask
    Dossier Présent : D:\Documents and Settings\All Users\Application Data\Babylon
    Dossier Présent : D:\Documents and Settings\molho jacques\Application Data\Babylon
    Dossier Présent : D:\Documents and Settings\molho jacques\Application Data\BabylonToolbar
    Dossier Présent : D:\Documents and Settings\molho jacques\Application Data\OpenCandy
    Dossier Présent : D:\Documents and Settings\molho jacques\Local Settings\Application Data\AskToolbar
    Dossier Présent : D:\Documents and Settings\molho jacques\Local Settings\Application Data\Babylon
    Dossier Présent : D:\Documents and Settings\molho jacques\Local Settings\Application Data\OpenCandy
    Dossier Présent : D:\Program Files\Ask.com
    Dossier Présent : D:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Fichier Présent : D:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

    ***** [Registre] *****

    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Présente : HKLM\Software\APN
    Clé Présente : HKLM\Software\AskToolbar
    Clé Présente : HKLM\Software\Babylon
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Clé Présente : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    Clé Présente : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    Clé Présente : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    Clé Présente : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Clé Présente : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Valeur Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

    ***** [Navigateurs] *****

    -\\ Internet Explorer v8.0.6001.18702

    [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?babsrc=NT_ss&affID=100489&mntrId=1941353c000000000000000ea6981a09

    *************************

    AdwCleaner[R1].txt - [4318 octets] - [27/09/2012 13:08:56]

    ########## EOF - D:\AdwCleaner[R1].txt - [4378 octets] ##########
    27 Septembre 2012 20:34:30

    Bonsoir
    tu m'as mis 2 fois le rapport Adwcleaner.
    poste ton rapport tdsskiller stp
    et dis-moi si le pc veut bien redémarrer en mode normal.
    puis:


    • Ferme toutes les applications, y compris ton navigateur
    • Relance AdwCleaner par un double-clique sur l'icône AdwCleaner0.exe.
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Sur le menu principal, clique sur Suppression et patiente le temps de l'analyse
    • A la fin du scan, un rapport AdwCleaner.txt s'ouvre. Poste le rapport dans ta prochaine réponse
      Le rapport se trouve sous C:\AdwCleaner.txt

      Tutoriel: AdwCleaner (Xplode)


  • +++++++++++++++++++++++++++++++++++++++++


    28 Septembre 2012 11:58:26

    # AdwCleaner v2.003 - Rapport créé le 28/09/2012 à 11:47:11
    # Mis à jour le 23/09/2012 par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
    # Nom d'utilisateur : Administrateur - ARCHITEC-LYGXGO
    # Mode de démarrage : Mode sans échec avec prise en charge réseau
    # Exécuté depuis : D:\Documents and Settings\Administrateur\Bureau\adwcleaner.exe
    # Option [Suppression]


    ***** [Services] *****


    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : D:\Documents and Settings\All Users\Application Data\Ask
    Dossier Supprimé : D:\Documents and Settings\All Users\Application Data\Babylon
    Dossier Supprimé : D:\Documents and Settings\molho jacques\Application Data\Babylon
    Dossier Supprimé : D:\Documents and Settings\molho jacques\Application Data\BabylonToolbar
    Dossier Supprimé : D:\Documents and Settings\molho jacques\Application Data\OpenCandy
    Dossier Supprimé : D:\Documents and Settings\molho jacques\Local Settings\Application Data\AskToolbar
    Dossier Supprimé : D:\Documents and Settings\molho jacques\Local Settings\Application Data\Babylon
    Dossier Supprimé : D:\Documents and Settings\molho jacques\Local Settings\Application Data\OpenCandy
    Dossier Supprimé : D:\Program Files\Ask.com
    Dossier Supprimé : D:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Fichier Supprimé : D:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

    ***** [Registre] *****

    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Supprimée : HKLM\Software\APN
    Clé Supprimée : HKLM\Software\AskToolbar
    Clé Supprimée : HKLM\Software\Babylon
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Clé Supprimée : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    Clé Supprimée : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    Clé Supprimée : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

    ***** [Navigateurs] *****

    -\\ Internet Explorer v8.0.6001.18702

    Restauré : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restauré : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restauré : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restauré : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Restauré : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
    Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?babsrc=NT_ss&affID=100489&mntrId=1941353c000000000000000ea6981a09 --> hxxp://www.google.com

    *************************

    AdwCleaner[R1].txt - [4447 octets] - [27/09/2012 13:08:56]
    AdwCleaner[S2].txt - [4902 octets] - [28/09/2012 11:47:11]

    ########## EOF - D:\AdwCleaner[S2].txt - [4962 octets] ##########
    28 Septembre 2012 11:59:44

    12:57:10.0328 0416 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
    12:57:10.0437 0416 ============================================================
    12:57:10.0437 0416 Current date / time: 2012/09/27 12:57:10.0437
    12:57:10.0437 0416 SystemInfo:
    12:57:10.0437 0416
    12:57:10.0437 0416 OS Version: 5.1.2600 ServicePack: 3.0
    12:57:10.0437 0416 Product type: Workstation
    12:57:10.0437 0416 ComputerName: ARCHITEC-LYGXGO
    12:57:10.0437 0416 UserName: Administrateur
    12:57:10.0437 0416 Windows directory: D:\WINDOWS
    12:57:10.0437 0416 System windows directory: D:\WINDOWS
    12:57:10.0437 0416 Processor architecture: Intel x86
    12:57:10.0437 0416 Number of processors: 2
    12:57:10.0437 0416 Page size: 0x1000
    12:57:10.0437 0416 Boot type: Safe boot with network
    12:57:10.0437 0416 ============================================================
    12:57:11.0593 0416 BG loaded
    12:57:11.0906 0416 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
    12:57:11.0921 0416 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
    12:57:12.0046 0416 ============================================================
    12:57:12.0046 0416 \Device\Harddisk0\DR0:
    12:57:12.0046 0416 MBR partitions:
    12:57:12.0046 0416 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7DBCD1
    12:57:12.0046 0416 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7DBD4F, BlocksNum 0x12238EB1
    12:57:12.0046 0416 \Device\Harddisk1\DR1:
    12:57:12.0046 0416 MBR partitions:
    12:57:12.0046 0416 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
    12:57:12.0046 0416 ============================================================
    12:57:12.0046 0416 C: <-> \Device\Harddisk0\DR0\Partition1
    12:57:12.0093 0416 E: <-> \Device\Harddisk0\DR0\Partition2
    12:57:12.0140 0416 D: <-> \Device\Harddisk1\DR1\Partition1
    12:57:12.0140 0416 ============================================================
    12:57:12.0140 0416 Initialize success
    12:57:12.0140 0416 ============================================================
    12:57:20.0890 0600 ============================================================
    12:57:20.0890 0600 Scan started
    12:57:20.0890 0600 Mode: Manual; SigCheck; TDLFS;
    12:57:20.0890 0600 ============================================================
    12:57:21.0953 0600 ================ Scan system memory ========================
    12:57:21.0968 0600 System memory - ok
    12:57:21.0968 0600 ================ Scan services =============================
    12:57:22.0187 0600 Abiosdsk - ok
    12:57:22.0203 0600 abp480n5 - ok
    12:57:22.0265 0600 [ E5E6DBFC41EA8AAD005CB9A57A96B43B ] ACPI D:\WINDOWS\system32\DRIVERS\ACPI.sys
    12:57:22.0671 0600 ACPI - ok
    12:57:22.0703 0600 [ E4ABC1212B70BB03D35E60681C447210 ] ACPIEC D:\WINDOWS\system32\drivers\ACPIEC.sys
    12:57:22.0890 0600 ACPIEC - ok
    12:57:22.0937 0600 [ 6278AB04AAE16C1438F3C4D34706C3B7 ] ADILOADER D:\WINDOWS\system32\Drivers\adildr.sys
    12:57:22.0953 0600 ADILOADER - ok
    12:57:23.0015 0600 [ BDAB1CD900C9130F79132A1A29328AAA ] adiusbae D:\WINDOWS\system32\DRIVERS\adiusbae.sys
    12:57:23.0046 0600 adiusbae - ok
    12:57:23.0156 0600 [ D01DD9E6A7DFE540181147A38B13F43A ] Adobe LM Service D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    12:57:23.0171 0600 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
    12:57:23.0171 0600 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
    12:57:23.0281 0600 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    12:57:23.0296 0600 AdobeFlashPlayerUpdateSvc - ok
    12:57:23.0328 0600 adpu160m - ok
    12:57:23.0375 0600 [ 8BED39E3C35D6A489438B8141717A557 ] aec D:\WINDOWS\system32\drivers\aec.sys
    12:57:23.0562 0600 aec - ok
    12:57:23.0609 0600 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD D:\WINDOWS\System32\drivers\afd.sys
    12:57:23.0640 0600 AFD - ok
    12:57:23.0687 0600 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 D:\WINDOWS\system32\DRIVERS\agp440.sys
    12:57:23.0859 0600 agp440 - ok
    12:57:23.0890 0600 Aha154x - ok
    12:57:23.0906 0600 aic78u2 - ok
    12:57:23.0937 0600 aic78xx - ok
    12:57:24.0156 0600 [ 00696C0AB6AABA7FD4E64AB61BE95F6A ] ALCXWDM D:\WINDOWS\system32\drivers\ALCXWDM.SYS
    12:57:24.0421 0600 ALCXWDM - ok
    12:57:24.0468 0600 [ 758FDC60D41716EF889D849989B4B1CD ] Alerter D:\WINDOWS\system32\alrsvc.dll
    12:57:24.0671 0600 Alerter - ok
    12:57:24.0687 0600 [ 5E9A6658A2A69AE7EB195113B7A2E7A9 ] ALG D:\WINDOWS\System32\alg.exe
    12:57:24.0875 0600 ALG - ok
    12:57:24.0906 0600 AliIde - ok
    12:57:24.0937 0600 amsint - ok
    12:57:25.0000 0600 [ F36C9F78FC902C8DCE4D3B576BB0435A ] AppMgmt D:\WINDOWS\System32\appmgmts.dll
    12:57:25.0187 0600 AppMgmt - ok
    12:57:25.0234 0600 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 D:\WINDOWS\system32\DRIVERS\arp1394.sys
    12:57:25.0406 0600 Arp1394 - ok
    12:57:25.0421 0600 asc - ok
    12:57:25.0453 0600 asc3350p - ok
    12:57:25.0484 0600 asc3550 - ok
    12:57:25.0656 0600 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    12:57:25.0671 0600 aspnet_state - ok
    12:57:25.0703 0600 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac D:\WINDOWS\system32\DRIVERS\asyncmac.sys
    12:57:25.0875 0600 AsyncMac - ok
    12:57:25.0921 0600 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi D:\WINDOWS\system32\DRIVERS\atapi.sys
    12:57:26.0109 0600 atapi - ok
    12:57:26.0125 0600 Atdisk - ok
    12:57:26.0171 0600 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc D:\WINDOWS\system32\DRIVERS\atmarpc.sys
    12:57:26.0359 0600 Atmarpc - ok
    12:57:26.0406 0600 [ B4005AEF7873144634765B570DAC466E ] AudioSrv D:\WINDOWS\System32\audiosrv.dll
    12:57:26.0578 0600 AudioSrv - ok
    12:57:26.0625 0600 [ D9F724AA26C010A217C97606B160ED68 ] audstub D:\WINDOWS\system32\DRIVERS\audstub.sys
    12:57:26.0812 0600 audstub - ok
    12:57:26.0906 0600 [ 5A3DF3C98F3883394F8E4B703EB270CA ] Autodesk Licensing Service D:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    12:57:26.0921 0600 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - warning
    12:57:26.0921 0600 Autodesk Licensing Service - detected UnsignedFile.Multi.Generic (1)
    12:57:26.0968 0600 [ 1B9C81AB9A456EABD9F8335F04B5F495 ] basic2 D:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys
    12:57:27.0156 0600 basic2 - ok
    12:57:27.0312 0600 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc D:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
    12:57:27.0343 0600 BBSvc - ok
    12:57:27.0390 0600 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate D:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
    12:57:27.0406 0600 BBUpdate - ok
    12:57:27.0468 0600 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep D:\WINDOWS\system32\drivers\Beep.sys
    12:57:27.0656 0600 Beep - ok
    12:57:27.0734 0600 [ BAA0B6E647C1AD593E9BAE5CC31BCFFB ] BITS D:\WINDOWS\system32\qmgr.dll
    12:57:27.0953 0600 BITS - ok
    12:57:28.0000 0600 [ 06B54A7B1EF7CB16BFD0E208D343FA71 ] Browser D:\WINDOWS\System32\browser.dll
    12:57:28.0171 0600 Browser - ok
    12:57:28.0296 0600 catchme - ok
    12:57:28.0328 0600 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k D:\WINDOWS\system32\drivers\cbidf2k.sys
    12:57:28.0515 0600 cbidf2k - ok
    12:57:28.0546 0600 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE D:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    12:57:28.0718 0600 CCDECODE - ok
    12:57:28.0734 0600 cd20xrnt - ok
    12:57:28.0796 0600 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio D:\WINDOWS\system32\drivers\Cdaudio.sys
    12:57:28.0984 0600 Cdaudio - ok
    12:57:29.0000 0600 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs D:\WINDOWS\system32\drivers\Cdfs.sys
    12:57:29.0187 0600 Cdfs - ok
    12:57:29.0218 0600 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom D:\WINDOWS\system32\DRIVERS\cdrom.sys
    12:57:29.0390 0600 Cdrom - ok
    12:57:29.0421 0600 Changer - ok
    12:57:29.0484 0600 [ 793EF38A5FD086C3C8E48A8A861562ED ] CiSvc D:\WINDOWS\system32\cisvc.exe
    12:57:29.0656 0600 CiSvc - ok
    12:57:29.0703 0600 [ 8B30CBB0C07D49B2658FB190946B0E7E ] ClipSrv D:\WINDOWS\system32\clipsrv.exe
    12:57:29.0890 0600 ClipSrv - ok
    12:57:29.0953 0600 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    12:57:29.0968 0600 clr_optimization_v2.0.50727_32 - ok
    12:57:30.0015 0600 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    12:57:30.0031 0600 clr_optimization_v4.0.30319_32 - ok
    12:57:30.0062 0600 CmdIde - ok
    12:57:30.0078 0600 COMSysApp - ok
    12:57:30.0140 0600 Cpqarray - ok
    12:57:30.0203 0600 [ 7A6D0B71035E123FDDA2156A25578AD3 ] CryptSvc D:\WINDOWS\System32\cryptsvc.dll
    12:57:30.0375 0600 CryptSvc - ok
    12:57:30.0406 0600 dac2w2k - ok
    12:57:30.0437 0600 dac960nt - ok
    12:57:30.0500 0600 [ 0203B1AAD358F206CB0A3C1F93CCE17A ] DcomLaunch D:\WINDOWS\system32\rpcss.dll
    12:57:30.0562 0600 DcomLaunch - ok
    12:57:30.0625 0600 [ 318F535DC05551D96DEEB90B6D6904DE ] Dhcp D:\WINDOWS\System32\dhcpcsvc.dll
    12:57:30.0812 0600 Dhcp - ok
    12:57:30.0859 0600 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk D:\WINDOWS\system32\DRIVERS\disk.sys
    12:57:31.0031 0600 Disk - ok
    12:57:31.0062 0600 dmadmin - ok
    12:57:31.0125 0600 [ F5DEADD42335FB33EDCA74ECB2F36CBA ] dmboot D:\WINDOWS\system32\drivers\dmboot.sys
    12:57:31.0343 0600 dmboot - ok
    12:57:31.0390 0600 [ 5A7C47C9B3F9FB92A66410A7509F0C71 ] dmio D:\WINDOWS\system32\DRIVERS\dmio.sys
    12:57:31.0578 0600 dmio - ok
    12:57:31.0609 0600 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload D:\WINDOWS\system32\drivers\dmload.sys
    12:57:31.0796 0600 dmload - ok
    12:57:31.0843 0600 [ 6797C23D6B79935482D7F0E8CA5E5B67 ] dmserver D:\WINDOWS\System32\dmserver.dll
    12:57:32.0015 0600 dmserver - ok
    12:57:32.0046 0600 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic D:\WINDOWS\system32\drivers\DMusic.sys
    12:57:32.0234 0600 DMusic - ok
    12:57:32.0296 0600 [ 1A1E59377FB6CACD711CC5073C4A7D79 ] Dnscache D:\WINDOWS\System32\dnsrslvr.dll
    12:57:32.0312 0600 Dnscache - ok
    12:57:32.0359 0600 [ 3FCF86F03D0302443C21CE6E5BBF7A25 ] Dot3svc D:\WINDOWS\System32\dot3svc.dll
    12:57:32.0546 0600 Dot3svc - ok
    12:57:32.0562 0600 dpti2o - ok
    12:57:32.0625 0600 [ 0071F8825D14B16955CD0A0699AB7A6C ] drhard D:\WINDOWS\system32\drivers\drhard.sys
    12:57:32.0640 0600 drhard ( UnsignedFile.Multi.Generic ) - warning
    12:57:32.0640 0600 drhard - detected UnsignedFile.Multi.Generic (1)
    12:57:32.0703 0600 [ B3C118FCBC6E3D5EB9AED284E5DAA5E8 ] driverhardwarev2 D:\Program Files\HardwareDetection\driverhardwarev2.sys
    12:57:32.0734 0600 driverhardwarev2 ( UnsignedFile.Multi.Generic ) - warning
    12:57:32.0734 0600 driverhardwarev2 - detected UnsignedFile.Multi.Generic (1)
    12:57:32.0750 0600 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud D:\WINDOWS\system32\drivers\drmkaud.sys
    12:57:32.0937 0600 drmkaud - ok
    12:57:32.0984 0600 [ 8B5FC9087D2CAB110BC2ED5CC5E7B8AC ] EapHost D:\WINDOWS\System32\eapsvc.dll
    12:57:33.0156 0600 EapHost - ok
    12:57:33.0203 0600 [ 94F948CB12C4D35483F1E815DEB16C7B ] ERSvc D:\WINDOWS\System32\ersvc.dll
    12:57:33.0390 0600 ERSvc - ok
    12:57:33.0437 0600 [ C3FB1D70CB88722267949694BA51759E ] Eventlog D:\WINDOWS\system32\services.exe
    12:57:33.0468 0600 Eventlog - ok
    12:57:33.0531 0600 [ EC16AE9B37EACF871629227A3F3913FD ] EventSystem D:\WINDOWS\System32\es.dll
    12:57:33.0546 0600 EventSystem - ok
    12:57:33.0593 0600 [ C823DEBE2548656549F84A875D65237B ] Fallback D:\WINDOWS\system32\DRIVERS\HSF_FALL.sys
    12:57:33.0765 0600 Fallback - ok
    12:57:33.0828 0600 [ 38D332A6D56AF32635675F132548343E ] Fastfat D:\WINDOWS\system32\drivers\Fastfat.sys
    12:57:34.0000 0600 Fastfat - ok
    12:57:34.0062 0600 [ 1B8542F338CDD86929A084A455837158 ] FastUserSwitchingCompatibility D:\WINDOWS\System32\shsvcs.dll
    12:57:34.0078 0600 FastUserSwitchingCompatibility - ok
    12:57:34.0109 0600 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc D:\WINDOWS\system32\DRIVERS\fdc.sys
    12:57:34.0296 0600 Fdc - ok
    12:57:34.0343 0600 [ 31F923EB2170FC172C81ABDA0045D18C ] Fips D:\WINDOWS\system32\drivers\Fips.sys
    12:57:34.0531 0600 Fips - ok
    12:57:34.0593 0600 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk D:\WINDOWS\system32\DRIVERS\flpydisk.sys
    12:57:34.0765 0600 Flpydisk - ok
    12:57:34.0937 0600 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr D:\WINDOWS\system32\drivers\fltmgr.sys
    12:57:35.0156 0600 FltMgr - ok
    12:57:35.0218 0600 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    12:57:35.0234 0600 FontCache3.0.0.0 - ok
    12:57:35.0250 0600 [ 6483414841D4CAB6C3B4DB2AC6EDD70B ] Fsks D:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys
    12:57:35.0453 0600 Fsks - ok
    12:57:35.0468 0600 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec D:\WINDOWS\system32\drivers\Fs_Rec.sys
    12:57:35.0687 0600 Fs_Rec - ok
    12:57:35.0703 0600 [ A86859B77B908C18C2657F284AA29FE3 ] Ftdisk D:\WINDOWS\system32\DRIVERS\ftdisk.sys
    12:57:35.0890 0600 Ftdisk - ok
    12:57:35.0937 0600 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc D:\WINDOWS\system32\DRIVERS\msgpc.sys
    12:57:36.0140 0600 Gpc - ok
    12:57:36.0203 0600 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate D:\Program Files\Google\Update\GoogleUpdate.exe
    12:57:36.0218 0600 gupdate - ok
    12:57:36.0218 0600 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem D:\Program Files\Google\Update\GoogleUpdate.exe
    12:57:36.0234 0600 gupdatem - ok
    12:57:36.0296 0600 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    12:57:36.0312 0600 gusvc - ok
    12:57:36.0375 0600 [ 1247F83B705AF0E796330442F7967CF8 ] helpsvc D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    12:57:36.0593 0600 helpsvc - ok
    12:57:36.0656 0600 [ A3B9B4A68BC839CE5A264D5908092261 ] HidServ D:\WINDOWS\System32\hidserv.dll
    12:57:36.0828 0600 HidServ - ok
    12:57:36.0843 0600 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb D:\WINDOWS\system32\DRIVERS\hidusb.sys
    12:57:37.0015 0600 hidusb - ok
    12:57:37.0062 0600 [ 17B3C3D40CDBA40C2E331D28BE4DE27F ] hkmsvc D:\WINDOWS\System32\kmsvc.dll
    12:57:37.0234 0600 hkmsvc - ok
    12:57:37.0250 0600 hpn - ok
    12:57:37.0250 0600 hpt3xx - ok
    12:57:37.0296 0600 [ 970178E8E003EB1481293830069624B9 ] HSFHWBS2 D:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
    12:57:37.0453 0600 HSFHWBS2 - ok
    12:57:37.0515 0600 [ EBB354438A4C5A3327FB97306260714A ] HSF_DP D:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
    12:57:37.0718 0600 HSF_DP - ok
    12:57:37.0781 0600 [ 74E379857D4C0DFB56DE2D19B8F4C434 ] hsf_msft D:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
    12:57:38.0046 0600 hsf_msft - ok
    12:57:38.0125 0600 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP D:\WINDOWS\system32\Drivers\HTTP.sys
    12:57:38.0187 0600 HTTP - ok
    12:57:38.0218 0600 [ BD31CFACE38D1800ABDB43F4260AF0D5 ] HTTPFilter D:\WINDOWS\System32\w3ssl.dll
    12:57:38.0500 0600 HTTPFilter - ok
    12:57:38.0515 0600 i2omgmt - ok
    12:57:38.0531 0600 i2omp - ok
    12:57:38.0578 0600 [ A09BDC4ED10E3B2E0EC27BB94AF32516 ] i8042prt D:\WINDOWS\system32\DRIVERS\i8042prt.sys
    12:57:38.0765 0600 i8042prt - ok
    12:57:38.0859 0600 [ DAF66902F08796F9C694901660E5A64A ] IDriverT D:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    12:57:38.0875 0600 IDriverT ( UnsignedFile.Multi.Generic ) - warning
    12:57:38.0875 0600 IDriverT - detected UnsignedFile.Multi.Generic (1)
    12:57:38.0968 0600 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    12:57:39.0031 0600 idsvc - ok
    12:57:39.0046 0600 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi D:\WINDOWS\system32\DRIVERS\imapi.sys
    12:57:39.0375 0600 Imapi - ok
    12:57:39.0421 0600 [ C4221678BBAA55239C23632875759961 ] ImapiService D:\WINDOWS\system32\imapi.exe
    12:57:39.0750 0600 ImapiService - ok
    12:57:39.0750 0600 ini910u - ok
    12:57:39.0765 0600 IntelIde - ok
    12:57:39.0828 0600 [ AD340800C35A42D4DE1641A37FEEA34C ] intelppm D:\WINDOWS\system32\DRIVERS\intelppm.sys
    12:57:40.0078 0600 intelppm - ok
    12:57:40.0109 0600 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw D:\WINDOWS\system32\drivers\ip6fw.sys
    12:57:40.0343 0600 ip6fw - ok
    12:57:40.0375 0600 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver D:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    12:57:40.0609 0600 IpFilterDriver - ok
    12:57:40.0609 0600 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp D:\WINDOWS\system32\DRIVERS\ipinip.sys
    12:57:41.0062 0600 IpInIp - ok
    12:57:41.0109 0600 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat D:\WINDOWS\system32\DRIVERS\ipnat.sys
    12:57:41.0406 0600 IpNat - ok
    12:57:41.0468 0600 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec D:\WINDOWS\system32\DRIVERS\ipsec.sys
    12:57:41.0656 0600 IPSec - ok
    12:57:41.0671 0600 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM D:\WINDOWS\system32\DRIVERS\irenum.sys
    12:57:41.0828 0600 IRENUM - ok
    12:57:41.0890 0600 [ 355836975A67B6554BCA60328CD6CB74 ] isapnp D:\WINDOWS\system32\DRIVERS\isapnp.sys
    12:57:42.0062 0600 isapnp - ok
    12:57:42.0281 0600 [ 973DB7AC74C554C546F8B0B7B98FB855 ] JavaQuickStarterService D:\Program Files\Java\jre7\bin\jqs.exe
    12:57:42.0312 0600 JavaQuickStarterService - ok
    12:57:42.0437 0600 [ 9C5E3FDBFCC30CF71A49CA178B9AD442 ] K56 D:\WINDOWS\system32\DRIVERS\HSF_K56K.sys
    12:57:42.0671 0600 K56 - ok
    12:57:42.0687 0600 [ 16813155807C6881F4BFBF6657424659 ] Kbdclass D:\WINDOWS\system32\DRIVERS\kbdclass.sys
    12:57:42.0843 0600 Kbdclass - ok
    12:57:42.0875 0600 [ 94C59CB884BA010C063687C3A50DCE8E ] kbdhid D:\WINDOWS\system32\DRIVERS\kbdhid.sys
    12:57:43.0062 0600 kbdhid - ok
    12:57:43.0109 0600 [ 692BCF44383D056AED41B045A323D378 ] kmixer D:\WINDOWS\system32\drivers\kmixer.sys
    12:57:43.0281 0600 kmixer - ok
    12:57:43.0328 0600 [ B467646C54CC746128904E1654C750C1 ] KSecDD D:\WINDOWS\system32\drivers\KSecDD.sys
    12:57:43.0343 0600 KSecDD - ok
    12:57:43.0468 0600 [ 1DB8078A32E03AC8F5EB5E6DCAC2AA34 ] lanmanserver D:\WINDOWS\System32\srvsvc.dll
    12:57:43.0500 0600 lanmanserver - ok
    12:57:43.0578 0600 [ AD54EAD46D92F413BE189AABC1C59490 ] lanmanworkstation D:\WINDOWS\System32\wkssvc.dll
    12:57:43.0609 0600 lanmanworkstation - ok
    12:57:43.0625 0600 lbrtfdc - ok
    12:57:43.0703 0600 [ 575ED0F5DCB34E5C243D2A7EBC860484 ] LightScribeService D:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    12:57:43.0703 0600 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
    12:57:43.0703 0600 LightScribeService - detected UnsignedFile.Multi.Generic (1)
    12:57:43.0781 0600 [ 0F357C079AC529A844AB5B18E4EEF881 ] LmHosts D:\WINDOWS\System32\lmhsvc.dll
    12:57:43.0953 0600 LmHosts - ok
    12:57:44.0031 0600 [ 23B55D27A0AFB7FE9CBCB20B617CC168 ] Ltn_stk7070P D:\WINDOWS\system32\DRIVERS\Ltn_stk7070P.sys
    12:57:44.0062 0600 Ltn_stk7070P - ok
    12:57:44.0078 0600 [ 1FA7503D019291C027FEDAE509BC5500 ] Ltn_stkrc D:\WINDOWS\system32\DRIVERS\Ltn_stkrc.sys
    12:57:44.0109 0600 Ltn_stkrc - ok
    12:57:44.0250 0600 [ 195741AEE20369980796B557358CD774 ] mdmxsdk D:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    12:57:44.0406 0600 mdmxsdk - ok
    12:57:44.0437 0600 [ E67A66A3781C1A483F0F8992664CBE0D ] Messenger D:\WINDOWS\System32\msgsvc.dll
    12:57:44.0609 0600 Messenger - ok
    12:57:44.0734 0600 [ AA0C4A2C33CE075DF2C272D678734991 ] mi-raysat_3dsmax8 D:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
    12:57:44.0750 0600 mi-raysat_3dsmax8 ( UnsignedFile.Multi.Generic ) - warning
    12:57:44.0750 0600 mi-raysat_3dsmax8 - detected UnsignedFile.Multi.Generic (1)
    12:57:44.0843 0600 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd D:\WINDOWS\system32\drivers\mnmdd.sys
    12:57:45.0031 0600 mnmdd - ok
    12:57:45.0062 0600 [ D3A2870CD96CDA7BCFF3DC54F64087AD ] mnmsrvc D:\WINDOWS\System32\mnmsrvc.exe
    12:57:45.0234 0600 mnmsrvc - ok
    12:57:45.0281 0600 [ 510ADE9327FE84C10254E1902697E25F ] Modem D:\WINDOWS\system32\drivers\Modem.sys
    12:57:45.0453 0600 Modem - ok
    12:57:45.0468 0600 [ 027C01BD7EF3349AAEBC883D8A799EFB ] Mouclass D:\WINDOWS\system32\DRIVERS\mouclass.sys
    12:57:45.0625 0600 Mouclass - ok
    12:57:45.0671 0600 [ 124D6846040C79B9C997F78EF4B2A4E5 ] mouhid D:\WINDOWS\system32\DRIVERS\mouhid.sys
    12:57:45.0859 0600 mouhid - ok
    12:57:45.0984 0600 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr D:\WINDOWS\system32\drivers\MountMgr.sys
    12:57:46.0156 0600 MountMgr - ok
    12:57:46.0203 0600 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE D:\WINDOWS\system32\DRIVERS\MPE.sys
    12:57:46.0375 0600 MPE - ok
    12:57:46.0375 0600 mraid35x - ok
    12:57:46.0406 0600 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV D:\WINDOWS\system32\DRIVERS\mrxdav.sys
    12:57:46.0562 0600 MRxDAV - ok
    12:57:46.0718 0600 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb D:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    12:57:46.0750 0600 MRxSmb - ok
    12:57:46.0796 0600 [ 8648D670AE0D95C95E7BBB5B80661796 ] MSDTC D:\WINDOWS\System32\msdtc.exe
    12:57:47.0000 0600 MSDTC - ok
    12:57:47.0062 0600 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs D:\WINDOWS\system32\drivers\Msfs.sys
    12:57:47.0234 0600 Msfs - ok
    12:57:47.0234 0600 MSIServer - ok
    12:57:47.0281 0600 [ C1536905AD2067812A238BCE998F4BFF ] Msk280carcdf D:\WINDOWS\system32\drivers\1394bus.sys
    12:57:47.0468 0600 Msk280carcdf - ok
    12:57:47.0500 0600 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV D:\WINDOWS\system32\drivers\MSKSSRV.sys
    12:57:47.0703 0600 MSKSSRV - ok
    12:57:47.0703 0600 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK D:\WINDOWS\system32\drivers\MSPCLOCK.sys
    12:57:47.0921 0600 MSPCLOCK - ok
    12:57:48.0031 0600 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM D:\WINDOWS\system32\drivers\MSPQM.sys
    12:57:48.0218 0600 MSPQM - ok
    12:57:48.0296 0600 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios D:\WINDOWS\system32\DRIVERS\mssmbios.sys
    12:57:48.0468 0600 mssmbios - ok
    12:57:48.0562 0600 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE D:\WINDOWS\system32\drivers\MSTEE.sys
    12:57:48.0765 0600 MSTEE - ok
    12:57:48.0890 0600 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup D:\WINDOWS\system32\drivers\Mup.sys
    12:57:48.0906 0600 Mup - ok
    12:57:48.0937 0600 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    12:57:49.0125 0600 NABTSFEC - ok
    12:57:49.0171 0600 [ 69E4FBBABAEEE1BFF422E091DA3171DA ] napagent D:\WINDOWS\System32\qagentrt.dll
    12:57:49.0328 0600 napagent - ok
    12:57:49.0359 0600 [ 1DF7F42665C94B825322FAE71721130D ] NDIS D:\WINDOWS\system32\drivers\NDIS.sys
    12:57:49.0531 0600 NDIS - ok
    12:57:49.0562 0600 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP D:\WINDOWS\system32\DRIVERS\NdisIP.sys
    12:57:49.0812 0600 NdisIP - ok
    12:57:49.0843 0600 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi D:\WINDOWS\system32\DRIVERS\ndistapi.sys
    12:57:49.0875 0600 NdisTapi - ok
    12:57:49.0890 0600 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio D:\WINDOWS\system32\DRIVERS\ndisuio.sys
    12:57:50.0078 0600 Ndisuio - ok
    12:57:50.0093 0600 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan D:\WINDOWS\system32\DRIVERS\ndiswan.sys
    12:57:50.0265 0600 NdisWan - ok
    12:57:50.0312 0600 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy D:\WINDOWS\system32\drivers\NDProxy.sys
    12:57:50.0343 0600 NDProxy - ok
    12:57:50.0375 0600 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS D:\WINDOWS\system32\DRIVERS\netbios.sys
    12:57:50.0531 0600 NetBIOS - ok
    12:57:50.0546 0600 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT D:\WINDOWS\system32\DRIVERS\netbt.sys
    12:57:50.0718 0600 NetBT - ok
    12:57:50.0765 0600 [ 5C9B1D83755B36237B70F95DF3D46A52 ] NetDDE D:\WINDOWS\system32\netdde.exe
    12:57:50.0937 0600 NetDDE - ok
    12:57:50.0937 0600 [ 5C9B1D83755B36237B70F95DF3D46A52 ] NetDDEdsdm D:\WINDOWS\system32\netdde.exe
    12:57:51.0109 0600 NetDDEdsdm - ok
    12:57:51.0140 0600 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] Netlogon D:\WINDOWS\system32\lsass.exe
    12:57:51.0375 0600 Netlogon - ok
    12:57:51.0406 0600 [ BE0CB143FA427D93440DED18DB8C918B ] Netman D:\WINDOWS\System32\netman.dll
    12:57:51.0609 0600 Netman - ok
    12:57:51.0656 0600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    12:57:51.0687 0600 NetTcpPortSharing - ok
    12:57:51.0718 0600 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 D:\WINDOWS\system32\DRIVERS\nic1394.sys
    12:57:51.0906 0600 NIC1394 - ok
    12:57:51.0937 0600 [ 6F5F546A92C7B6AE45DB1D6910781EB0 ] Nla D:\WINDOWS\System32\mswsock.dll
    12:57:51.0968 0600 Nla - ok
    12:57:52.0031 0600 [ B9730495E0CF674680121E34BD95A73B ] npf D:\WINDOWS\system32\drivers\npf.sys
    12:57:52.0078 0600 npf - ok
    12:57:52.0109 0600 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs D:\WINDOWS\system32\drivers\Npfs.sys
    12:57:52.0281 0600 Npfs - ok
    12:57:52.0312 0600 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs D:\WINDOWS\system32\drivers\Ntfs.sys
    12:57:52.0484 0600 Ntfs - ok
    12:57:52.0500 0600 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] NtLmSsp D:\WINDOWS\System32\lsass.exe
    12:57:52.0671 0600 NtLmSsp - ok
    12:57:52.0718 0600 [ 037D92B3A7853A183FCAB77FB1D13D6C ] NtmsSvc D:\WINDOWS\system32\ntmssvc.dll
    12:57:52.0953 0600 NtmsSvc - ok
    12:57:52.0984 0600 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null D:\WINDOWS\system32\drivers\Null.sys
    12:57:53.0171 0600 Null - ok
    12:57:53.0484 0600 [ 8E72E452B9CC1E455D19E3C9FA964D37 ] nv D:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    12:57:53.0781 0600 nv ( UnsignedFile.Multi.Generic ) - warning
    12:57:53.0781 0600 nv - detected UnsignedFile.Multi.Generic (1)
    12:57:53.0875 0600 [ 934833B3CD462A6F8A96F64D024C8B20 ] NVSvc D:\WINDOWS\system32\nvsvc32.exe
    12:57:53.0890 0600 NVSvc ( UnsignedFile.Multi.Generic ) - warning
    12:57:53.0890 0600 NVSvc - detected UnsignedFile.Multi.Generic (1)
    12:57:53.0937 0600 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt D:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    12:57:54.0125 0600 NwlnkFlt - ok
    12:57:54.0171 0600 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd D:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    12:57:54.0375 0600 NwlnkFwd - ok
    12:57:54.0421 0600 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 D:\WINDOWS\system32\DRIVERS\ohci1394.sys
    12:57:54.0578 0600 ohci1394 - ok
    12:57:54.0609 0600 [ 8FD0BDBEA875D06CCF6C945CA9ABAF75 ] Parport D:\WINDOWS\system32\DRIVERS\parport.sys
    12:57:54.0781 0600 Parport - ok
    12:57:54.0796 0600 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr D:\WINDOWS\system32\drivers\PartMgr.sys
    12:57:54.0984 0600 PartMgr - ok
    12:57:55.0046 0600 [ 9575C5630DB8FB804649A6959737154C ] ParVdm D:\WINDOWS\system32\drivers\ParVdm.sys
    12:57:55.0234 0600 ParVdm - ok
    12:57:55.0265 0600 [ 043410877BDA580C528F45165F7125BC ] PCI D:\WINDOWS\system32\DRIVERS\pci.sys
    12:57:55.0437 0600 PCI - ok
    12:57:55.0453 0600 PCIDump - ok
    12:57:55.0500 0600 [ F4BFDE7209C14A07AAA61E4D6AE69EAC ] PCIIde D:\WINDOWS\system32\DRIVERS\pciide.sys
    12:57:55.0671 0600 PCIIde - ok
    12:57:55.0718 0600 [ F0406CBC60BDB0394A0E17FFB04CDD3D ] Pcmcia D:\WINDOWS\system32\drivers\Pcmcia.sys
    12:57:55.0875 0600 Pcmcia - ok
    12:57:55.0890 0600 PDCOMP - ok
    12:57:55.0921 0600 PDFRAME - ok
    12:57:55.0953 0600 PDRELI - ok
    12:57:55.0984 0600 PDRFRAME - ok
    12:57:56.0015 0600 perc2 - ok
    12:57:56.0031 0600 perc2hib - ok
    12:57:56.0140 0600 [ C3FB1D70CB88722267949694BA51759E ] PlugPlay D:\WINDOWS\system32\services.exe
    12:57:56.0156 0600 PlugPlay - ok
    12:57:56.0187 0600 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] PolicyAgent D:\WINDOWS\system32\lsass.exe
    12:57:56.0343 0600 PolicyAgent - ok
    12:57:56.0375 0600 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport D:\WINDOWS\system32\DRIVERS\raspptp.sys
    12:57:56.0546 0600 PptpMiniport - ok
    12:57:56.0562 0600 [ E19C9632AC828F6F214391E2BDDA11CB ] Processor D:\WINDOWS\system32\DRIVERS\processr.sys
    12:57:56.0750 0600 Processor - ok
    12:57:56.0765 0600 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] ProtectedStorage D:\WINDOWS\system32\lsass.exe
    12:57:56.0937 0600 ProtectedStorage - ok
    12:57:56.0968 0600 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched D:\WINDOWS\system32\DRIVERS\psched.sys
    12:57:57.0140 0600 PSched - ok
    12:57:57.0156 0600 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink D:\WINDOWS\system32\DRIVERS\ptilink.sys
    12:57:57.0375 0600 Ptilink - ok
    12:57:57.0390 0600 ql1080 - ok
    12:57:57.0421 0600 Ql10wnt - ok
    12:57:57.0453 0600 ql12160 - ok
    12:57:57.0468 0600 ql1240 - ok
    12:57:57.0500 0600 ql1280 - ok
    12:57:57.0546 0600 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd D:\WINDOWS\system32\DRIVERS\rasacd.sys
    12:57:57.0734 0600 RasAcd - ok
    12:57:57.0765 0600 [ 78DA9CCDAC683EF5AA87D1C919F6D221 ] RasAuto D:\WINDOWS\System32\rasauto.dll
    12:57:57.0953 0600 RasAuto - ok
    12:57:57.0984 0600 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp D:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    12:57:58.0156 0600 Rasl2tp - ok
    12:57:58.0203 0600 [ 0A48DF90B4784F9B90A2671AF992C914 ] RasMan D:\WINDOWS\System32\rasmans.dll
    12:57:58.0375 0600 RasMan - ok
    12:57:58.0390 0600 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe D:\WINDOWS\system32\DRIVERS\raspppoe.sys
    12:57:58.0546 0600 RasPppoe - ok
    12:57:58.0578 0600 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti D:\WINDOWS\system32\DRIVERS\raspti.sys
    12:57:58.0765 0600 Raspti - ok
    12:57:58.0828 0600 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss D:\WINDOWS\system32\DRIVERS\rdbss.sys
    12:57:58.0984 0600 Rdbss - ok
    12:57:59.0031 0600 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD D:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    12:57:59.0218 0600 RDPCDD - ok
    12:57:59.0265 0600 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr D:\WINDOWS\system32\DRIVERS\rdpdr.sys
    12:57:59.0437 0600 rdpdr - ok
    12:57:59.0500 0600 [ FC105DD312ED64EB66BFF111E8EC6EAC ] RDPWD D:\WINDOWS\system32\drivers\RDPWD.sys
    12:57:59.0515 0600 RDPWD - ok
    12:57:59.0562 0600 [ 9F63D9C5B238ED1C375D417EFF3D5BE7 ] RDSessMgr D:\WINDOWS\system32\sessmgr.exe
    12:57:59.0734 0600 RDSessMgr - ok
    12:57:59.0781 0600 [ D8EB2A7904DB6C916EB5361878DDCBAE ] redbook D:\WINDOWS\system32\DRIVERS\redbook.sys
    12:57:59.0968 0600 redbook - ok
    12:58:00.0000 0600 [ 7DA370C31673C99497BD07068EE6E354 ] RemoteAccess D:\WINDOWS\System32\mprdim.dll
    12:58:00.0171 0600 RemoteAccess - ok
    12:58:00.0234 0600 [ E598D81197E2E0EC42A0C55772BB00E8 ] RemoteRegistry D:\WINDOWS\system32\regsvc.dll
    12:58:00.0406 0600 RemoteRegistry - ok
    12:58:00.0437 0600 [ BB7549BD94D1AAC3599C7606C50C48A0 ] Rksample D:\WINDOWS\system32\DRIVERS\HSF_SAMP.sys
    12:58:00.0625 0600 Rksample - ok
    12:58:00.0656 0600 [ 499C59A2584F6D4EA41E944DA571D993 ] RpcLocator D:\WINDOWS\System32\locator.exe
    12:58:00.0812 0600 RpcLocator - ok
    12:58:00.0859 0600 [ 0203B1AAD358F206CB0A3C1F93CCE17A ] RpcSs D:\WINDOWS\System32\rpcss.dll
    12:58:00.0890 0600 RpcSs - ok
    12:58:00.0937 0600 [ 414964844F4793ACB868D057E8ED997E ] RSVP D:\WINDOWS\System32\rsvp.exe
    12:58:01.0125 0600 RSVP - ok
    12:58:01.0171 0600 [ 1E11171C0B9989E1BDAA59E96B2E81C4 ] RTL8023xp D:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
    12:58:01.0234 0600 RTL8023xp - ok
    12:58:01.0281 0600 [ D507C1400284176573224903819FFDA3 ] rtl8139 D:\WINDOWS\system32\DRIVERS\RTL8139.SYS
    12:58:01.0437 0600 rtl8139 - ok
    12:58:01.0468 0600 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] SamSs D:\WINDOWS\system32\lsass.exe
    12:58:01.0640 0600 SamSs - ok
    12:58:01.0671 0600 [ 67949CC8A865296C1333C96A4E1A2D66 ] SCardSvr D:\WINDOWS\System32\SCardSvr.exe
    12:58:01.0859 0600 SCardSvr - ok
    12:58:01.0906 0600 [ 55F5C5C1BE1A78E285033E432BA01597 ] Schedule D:\WINDOWS\system32\schedsvc.dll
    12:58:02.0078 0600 Schedule - ok
    12:58:02.0140 0600 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv D:\WINDOWS\system32\DRIVERS\secdrv.sys
    12:58:02.0296 0600 Secdrv - ok
    12:58:02.0328 0600 [ 5AC311C0AF2AF5EC221670BB8DC479D3 ] seclogon D:\WINDOWS\System32\seclogon.dll
    12:58:02.0500 0600 seclogon - ok
    12:58:02.0531 0600 [ 3531366F38F453D08FE72E7B32DFE786 ] SENS D:\WINDOWS\system32\sens.dll
    12:58:02.0703 0600 SENS - ok
    12:58:02.0750 0600 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum D:\WINDOWS\system32\DRIVERS\serenum.sys
    12:58:02.0921 0600 serenum - ok
    12:58:02.0937 0600 [ 93D313C31F7AD9EA2B75F26075413C7C ] Serial D:\WINDOWS\system32\DRIVERS\serial.sys
    12:58:03.0093 0600 Serial - ok
    12:58:03.0203 0600 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy D:\WINDOWS\system32\DRIVERS\sfloppy.sys
    12:58:03.0375 0600 Sfloppy - ok
    12:58:03.0437 0600 [ F4CE708A7D17A625DE6C0FD746D50E88 ] SharedAccess D:\WINDOWS\System32\ipnathlp.dll
    12:58:03.0640 0600 SharedAccess - ok
    12:58:03.0671 0600 [ 1B8542F338CDD86929A084A455837158 ] ShellHWDetection D:\WINDOWS\System32\shsvcs.dll
    12:58:03.0703 0600 ShellHWDetection - ok
    12:58:03.0718 0600 Simbad - ok
    12:58:03.0937 0600 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service D:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    12:58:04.0093 0600 Skype C2C Service - ok
    12:58:04.0156 0600 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate D:\Program Files\Skype\Updater\Updater.exe
    12:58:04.0171 0600 SkypeUpdate - ok
    12:58:04.0203 0600 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP D:\WINDOWS\system32\DRIVERS\SLIP.sys
    12:58:04.0390 0600 SLIP - ok
    12:58:04.0437 0600 [ D9E8E0CE154A2F6430D9EFABDF730867 ] SoftFax D:\WINDOWS\system32\DRIVERS\HSF_FAXX.sys
    12:58:04.0640 0600 SoftFax - ok
    12:58:04.0656 0600 Sparrow - ok
    12:58:04.0734 0600 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter D:\WINDOWS\system32\drivers\splitter.sys
    12:58:04.0890 0600 splitter - ok
    12:58:04.0937 0600 [ 60784F891563FB1B767F70117FC2428F ] Spooler D:\WINDOWS\system32\spoolsv.exe
    12:58:04.0953 0600 Spooler - ok
    12:58:04.0984 0600 [ 39626E6DC1FB39434EC40C42722B660A ] sr D:\WINDOWS\system32\DRIVERS\sr.sys
    12:58:05.0156 0600 sr - ok
    12:58:05.0218 0600 [ 6ED29124A1C83BD0CF6B26BD01CA6F6F ] srservice D:\WINDOWS\system32\srsvc.dll
    12:58:05.0390 0600 srservice - ok
    12:58:05.0453 0600 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv D:\WINDOWS\system32\DRIVERS\srv.sys
    12:58:05.0500 0600 Srv - ok
    12:58:05.0531 0600 [ EA9E0DB8684CEF2FD3BADD671DF5A112 ] SSDPSRV D:\WINDOWS\System32\ssdpsrv.dll
    12:58:05.0703 0600 SSDPSRV - ok
    12:58:05.0750 0600 [ D76B0E8A4ECAD1ADCC75FD14A7ACC54C ] stisvc D:\WINDOWS\system32\wiaservc.dll
    12:58:05.0937 0600 stisvc - ok
    12:58:05.0968 0600 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip D:\WINDOWS\system32\DRIVERS\StreamIP.sys
    12:58:06.0156 0600 streamip - ok
    12:58:06.0203 0600 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum D:\WINDOWS\system32\DRIVERS\swenum.sys
    12:58:06.0375 0600 swenum - ok
    12:58:06.0406 0600 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi D:\WINDOWS\system32\drivers\swmidi.sys
    12:58:06.0562 0600 swmidi - ok
    12:58:06.0578 0600 SwPrv - ok
    12:58:06.0609 0600 symc810 - ok
    12:58:06.0640 0600 symc8xx - ok
    12:58:06.0671 0600 sym_hi - ok
    12:58:06.0703 0600 sym_u3 - ok
    12:58:06.0750 0600 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio D:\WINDOWS\system32\drivers\sysaudio.sys
    12:58:06.0921 0600 sysaudio - ok
    12:58:06.0953 0600 [ 0899061318A6B1D9596AABFC77F45E44 ] SysmonLog D:\WINDOWS\system32\smlogsvc.exe
    12:58:07.0125 0600 SysmonLog - ok
    12:58:07.0156 0600 [ 8E5231171AD6595FF002E848CC54FCD7 ] TapiSrv D:\WINDOWS\System32\tapisrv.dll
    12:58:07.0328 0600 TapiSrv - ok
    12:58:07.0390 0600 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip D:\WINDOWS\system32\DRIVERS\tcpip.sys
    12:58:07.0421 0600 Tcpip - ok
    12:58:07.0453 0600 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE D:\WINDOWS\system32\drivers\TDPIPE.sys
    12:58:07.0640 0600 TDPIPE - ok
    12:58:07.0671 0600 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP D:\WINDOWS\system32\drivers\TDTCP.sys
    12:58:07.0828 0600 TDTCP - ok
    12:58:07.0859 0600 [ 88155247177638048422893737429D9E ] TermDD D:\WINDOWS\system32\DRIVERS\termdd.sys
    12:58:08.0015 0600 TermDD - ok
    12:58:08.0078 0600 [ 710BC85A8C22626EE094439E3EA0D38C ] TermService D:\WINDOWS\System32\termsrv.dll
    12:58:08.0250 0600 TermService - ok
    12:58:08.0281 0600 [ 1B8542F338CDD86929A084A455837158 ] Themes D:\WINDOWS\System32\shsvcs.dll
    12:58:08.0296 0600 Themes - ok
    12:58:08.0359 0600 [ D859A9D2F026CE5804485068FFD6EAF2 ] TlntSvr D:\WINDOWS\System32\tlntsvr.exe
    12:58:08.0515 0600 TlntSvr - ok
    12:58:08.0578 0600 [ 8021A499DB46B2961C285168671CB9AF ] Tones D:\WINDOWS\system32\DRIVERS\HSF_TONE.sys
    12:58:08.0765 0600 Tones - ok
    12:58:08.0781 0600 TosIde - ok
    12:58:08.0828 0600 [ E1A84A5067627407A53C2C4F8D8A1D2E ] TrkWks D:\WINDOWS\system32\trkwks.dll
    12:58:09.0000 0600 TrkWks - ok
    12:58:09.0062 0600 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs D:\WINDOWS\system32\drivers\Udfs.sys
    12:58:09.0234 0600 Udfs - ok
    12:58:09.0250 0600 ultra - ok
    12:58:09.0328 0600 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update D:\WINDOWS\system32\DRIVERS\update.sys
    12:58:09.0515 0600 Update - ok
    12:58:09.0562 0600 [ BD8166A495B02308F364B36249475F22 ] upnphost D:\WINDOWS\System32\upnphost.dll
    12:58:09.0750 0600 upnphost - ok
    12:58:09.0781 0600 [ 1EDC93D7BD731B5CA6248AE245099B60 ] UPS D:\WINDOWS\System32\ups.exe
    12:58:09.0968 0600 UPS - ok
    12:58:10.0015 0600 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp D:\WINDOWS\system32\DRIVERS\usbccgp.sys
    12:58:10.0171 0600 usbccgp - ok
    12:58:10.0203 0600 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci D:\WINDOWS\system32\DRIVERS\usbehci.sys
    12:58:10.0375 0600 usbehci - ok
    12:58:10.0390 0600 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub D:\WINDOWS\system32\DRIVERS\usbhub.sys
    12:58:10.0562 0600 usbhub - ok
    12:58:10.0609 0600 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    12:58:10.0765 0600 usbstor - ok
    12:58:10.0812 0600 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci D:\WINDOWS\system32\DRIVERS\usbuhci.sys
    12:58:10.0968 0600 usbuhci - ok
    12:58:11.0015 0600 [ 269C0ADE94B90029B12497747BE408CB ] V124 D:\WINDOWS\system32\DRIVERS\HSF_V124.sys
    12:58:11.0234 0600 V124 - ok
    12:58:11.0281 0600 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave D:\WINDOWS\System32\drivers\vga.sys
    12:58:11.0437 0600 VgaSave - ok
    12:58:11.0453 0600 ViaIde - ok
    12:58:11.0515 0600 [ 46DE1126684369BACE4849E4FC8C43CA ] VolSnap D:\WINDOWS\system32\drivers\VolSnap.sys
    12:58:11.0687 0600 VolSnap - ok
    12:58:11.0750 0600 [ 5A4DA252B2C0550AB83D129C02CF6C19 ] VSS D:\WINDOWS\System32\vssvc.exe
    12:58:11.0937 0600 VSS - ok
    12:58:11.0984 0600 [ C1F726EE0B043B074A68992BC4AEF8FD ] W32Time D:\WINDOWS\system32\w32time.dll
    12:58:12.0156 0600 W32Time - ok
    12:58:12.0187 0600 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp D:\WINDOWS\system32\DRIVERS\wanarp.sys
    12:58:12.0343 0600 Wanarp - ok
    12:58:12.0359 0600 WDICA - ok
    12:58:12.0406 0600 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud D:\WINDOWS\system32\drivers\wdmaud.sys
    12:58:12.0562 0600 wdmaud - ok
    12:58:12.0625 0600 [ 714670E64FBE6D28D99871ED9A52A334 ] WebClient D:\WINDOWS\System32\webclnt.dll
    12:58:12.0796 0600 WebClient - ok
    12:58:12.0859 0600 [ 1225EBEA76AAC3C84DF6C54FE5E5D8BE ] winachsf D:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys
    12:58:13.0046 0600 winachsf - ok
    12:58:13.0156 0600 [ 5E9DEAE9980FF34BCD6DDE2E9E2BF911 ] winmgmt D:\WINDOWS\system32\wbem\WMIsvc.dll
    12:58:13.0328 0600 winmgmt - ok
    12:58:13.0437 0600 [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc D:\Program Files\Windows Live\installer\WLSetupSvc.exe
    12:58:13.0468 0600 WLSetupSvc - ok
    12:58:13.0515 0600 [ AA370F0D5B900E13D40E9CB834B5DA10 ] WmdmPmSN D:\WINDOWS\system32\mspmsnsv.dll
    12:58:13.0687 0600 WmdmPmSN - ok
    12:58:13.0765 0600 [ 31C1FD0BBDC5B81C21EDBA4331EDAE55 ] Wmi D:\WINDOWS\System32\advapi32.dll
    12:58:13.0796 0600 Wmi - ok
    12:58:13.0859 0600 [ 4E8E8A58F56B25D0795F484E5EB7F898 ] WmiApSrv D:\WINDOWS\System32\wbem\wmiapsrv.exe
    12:58:14.0015 0600 WmiApSrv - ok
    12:58:14.0187 0600 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    12:58:14.0234 0600 WPFFontCache_v0400 - ok
    12:58:14.0281 0600 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL D:\WINDOWS\System32\drivers\ws2ifsl.sys
    12:58:14.0484 0600 WS2IFSL - ok
    12:58:14.0531 0600 [ C1FD85DB4A80A98D60ECB7A828E77FE0 ] wscsvc D:\WINDOWS\system32\wscsvc.dll
    12:58:14.0718 0600 wscsvc - ok
    12:58:14.0750 0600 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    12:58:14.0921 0600 WSTCODEC - ok
    12:58:14.0953 0600 [ 75D6C5C3D2C93B1F9931E5DFB693AE2A ] wuauserv D:\WINDOWS\system32\wuauserv.dll
    12:58:15.0125 0600 wuauserv - ok
    12:58:15.0203 0600 [ C336E54EE0C291A02F004667DB1E66CB ] WZCSVC D:\WINDOWS\System32\wzcsvc.dll
    12:58:15.0421 0600 WZCSVC - ok
    12:58:15.0453 0600 [ F92A87FDDA0C11C8604FBC2B864FA726 ] xmlprov D:\WINDOWS\System32\xmlprov.dll
    12:58:15.0640 0600 xmlprov - ok
    12:58:15.0687 0600 ================ Scan global ===============================
    12:58:15.0734 0600 [ 61013AB2E38550619637AA6CC02383D4 ] D:\WINDOWS\system32\basesrv.dll
    12:58:15.0781 0600 [ 8FB644D08037BB9CF532F697CCC0A8E6 ] D:\WINDOWS\system32\winsrv.dll
    12:58:15.0812 0600 [ 8FB644D08037BB9CF532F697CCC0A8E6 ] D:\WINDOWS\system32\winsrv.dll
    12:58:15.0828 0600 [ C3FB1D70CB88722267949694BA51759E ] D:\WINDOWS\system32\services.exe
    12:58:15.0843 0600 [Global] - ok
    12:58:15.0843 0600 ================ Scan MBR ==================================
    12:58:15.0875 0600 [ C99C3199CFAA4CBDCD91493F6D113A50 ] \Device\Harddisk0\DR0
    12:58:17.0875 0600 \Device\Harddisk0\DR0 - ok
    12:58:17.0890 0600 [ C99C3199CFAA4CBDCD91493F6D113A50 ] \Device\Harddisk1\DR1
    12:58:17.0953 0600 \Device\Harddisk1\DR1 - ok
    12:58:17.0953 0600 ================ Scan VBR ==================================
    12:58:17.0968 0600 [ A61A0A3853C0F43ADF741558DB49B043 ] \Device\Harddisk0\DR0\Partition1
    12:58:17.0968 0600 \Device\Harddisk0\DR0\Partition1 - ok
    12:58:18.0015 0600 [ B95BD3CFB87A3C14367DB95E7731378B ] \Device\Harddisk0\DR0\Partition2
    12:58:18.0015 0600 \Device\Harddisk0\DR0\Partition2 - ok
    12:58:18.0046 0600 [ 9290D04592B4EF5A2C9C2C5537B9AF1D ] \Device\Harddisk1\DR1\Partition1
    12:58:18.0046 0600 \Device\Harddisk1\DR1\Partition1 - ok
    12:58:18.0046 0600 ================ Scan active images ========================
    12:58:18.0062 0600 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] D:\WINDOWS\system32\drivers\usbport.sys
    12:58:18.0062 0600 D:\WINDOWS\system32\drivers\usbport.sys - ok
    12:58:18.0093 0600 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] D:\WINDOWS\system32\drivers\usbuhci.sys
    12:58:18.0093 0600 D:\WINDOWS\system32\drivers\usbuhci.sys - ok
    12:58:18.0109 0600 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] D:\WINDOWS\system32\drivers\usbehci.sys
    12:58:18.0109 0600 D:\WINDOWS\system32\drivers\usbehci.sys - ok
    12:58:18.0125 0600 [ 1E11171C0B9989E1BDAA59E96B2E81C4 ] D:\WINDOWS\system32\drivers\Rtnicxp.sys
    12:58:18.0125 0600 D:\WINDOWS\system32\drivers\Rtnicxp.sys - ok
    12:58:18.0156 0600 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] D:\WINDOWS\system32\drivers\fdc.sys
    12:58:18.0156 0600 D:\WINDOWS\system32\drivers\fdc.sys - ok
    12:58:18.0187 0600 [ 083A052659F5310DD8B6A6CB05EDCF8E ] D:\WINDOWS\system32\drivers\imapi.sys
    12:58:18.0187 0600 D:\WINDOWS\system32\drivers\imapi.sys - ok
    12:58:18.0203 0600 [ 1F4260CC5B42272D71F79E570A27A4FE ] D:\WINDOWS\system32\drivers\cdrom.sys
    12:58:18.0203 0600 D:\WINDOWS\system32\drivers\cdrom.sys - ok
    12:58:18.0234 0600 [ 0753515F78DF7F271A5E61C20BCD36A1 ] D:\WINDOWS\system32\drivers\ks.sys
    12:58:18.0234 0600 D:\WINDOWS\system32\drivers\ks.sys - ok
    12:58:18.0265 0600 [ D8EB2A7904DB6C916EB5361878DDCBAE ] D:\WINDOWS\system32\drivers\redbook.sys
    12:58:18.0265 0600 D:\WINDOWS\system32\drivers\redbook.sys - ok
    12:58:18.0281 0600 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] D:\WINDOWS\system32\drivers\rasl2tp.sys
    12:58:18.0281 0600 D:\WINDOWS\system32\drivers\rasl2tp.sys - ok
    12:58:18.0312 0600 [ 0109C4F3850DFBAB279542515386AE22 ] D:\WINDOWS\system32\drivers\ndistapi.sys
    12:58:18.0312 0600 D:\WINDOWS\system32\drivers\ndistapi.sys - ok
    12:58:18.0343 0600 [ EDC1531A49C80614B2CFDA43CA8659AB ] D:\WINDOWS\system32\drivers\ndiswan.sys
    12:58:18.0343 0600 D:\WINDOWS\system32\drivers\ndiswan.sys - ok
    12:58:18.0359 0600 [ 5BC962F2654137C9909C3D4603587DEE ] D:\WINDOWS\system32\drivers\raspppoe.sys
    12:58:18.0359 0600 D:\WINDOWS\system32\drivers\raspppoe.sys - ok
    12:58:18.0375 0600 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] D:\WINDOWS\system32\drivers\raspptp.sys
    12:58:18.0375 0600 D:\WINDOWS\system32\drivers\raspptp.sys - ok
    12:58:18.0406 0600 [ 0539D5E53587F82D1B4FD74C5BE205CF ] D:\WINDOWS\system32\drivers\tdi.sys
    12:58:18.0406 0600 D:\WINDOWS\system32\drivers\tdi.sys - ok
    12:58:18.0437 0600 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] D:\WINDOWS\system32\drivers\msgpc.sys
    12:58:18.0437 0600 D:\WINDOWS\system32\drivers\msgpc.sys - ok
    12:58:18.0453 0600 [ 09298EC810B07E5D582CB3A3F9255424 ] D:\WINDOWS\system32\drivers\psched.sys
    12:58:18.0453 0600 D:\WINDOWS\system32\drivers\psched.sys - ok
    12:58:18.0484 0600 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] D:\WINDOWS\system32\drivers\ptilink.sys
    12:58:18.0484 0600 D:\WINDOWS\system32\drivers\ptilink.sys - ok
    12:58:18.0515 0600 [ FDBB1D60066FCFBB7452FD8F9829B242 ] D:\WINDOWS\system32\drivers\raspti.sys
    12:58:18.0515 0600 D:\WINDOWS\system32\drivers\raspti.sys - ok
    12:58:18.0531 0600 [ 15CABD0F7C00C47C70124907916AF3F1 ] D:\WINDOWS\system32\drivers\rdpdr.sys
    12:58:18.0531 0600 D:\WINDOWS\system32\drivers\rdpdr.sys - ok
    12:58:18.0562 0600 [ 88155247177638048422893737429D9E ] D:\WINDOWS\system32\drivers\termdd.sys
    12:58:18.0562 0600 D:\WINDOWS\system32\drivers\termdd.sys - ok
    12:58:18.0593 0600 [ 16813155807C6881F4BFBF6657424659 ] D:\WINDOWS\system32\drivers\kbdclass.sys
    12:58:18.0593 0600 D:\WINDOWS\system32\drivers\kbdclass.sys - ok
    12:58:18.0609 0600 [ 027C01BD7EF3349AAEBC883D8A799EFB ] D:\WINDOWS\system32\drivers\mouclass.sys
    12:58:18.0609 0600 D:\WINDOWS\system32\drivers\mouclass.sys - ok
    12:58:18.0625 0600 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] D:\WINDOWS\system32\drivers\swenum.sys
    12:58:18.0625 0600 D:\WINDOWS\system32\drivers\swenum.sys - ok
    12:58:18.0656 0600 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] D:\WINDOWS\system32\drivers\update.sys
    12:58:18.0656 0600 D:\WINDOWS\system32\drivers\update.sys - ok
    12:58:18.0687 0600 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] D:\WINDOWS\system32\drivers\mssmbios.sys
    12:58:18.0687 0600 D:\WINDOWS\system32\drivers\mssmbios.sys - ok
    12:58:18.0703 0600 [ 596EB39B50D6EBD9B734DC4AE0544693 ] D:\WINDOWS\system32\drivers\usbd.sys
    12:58:18.0703 0600 D:\WINDOWS\system32\drivers\usbd.sys - ok
    12:58:18.0734 0600 [ 1AB3CDDE553B6E064D2E754EFE20285C ] D:\WINDOWS\system32\drivers\usbhub.sys
    12:58:18.0734 0600 D:\WINDOWS\system32\drivers\usbhub.sys - ok
    12:58:18.0765 0600 [ 9282BD12DFB069D3889EB3FCC1000A9B ] D:\WINDOWS\system32\drivers\ndproxy.sys
    12:58:18.0765 0600 D:\WINDOWS\system32\drivers\ndproxy.sys - ok
    12:58:18.0781 0600 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] D:\WINDOWS\system32\drivers\flpydisk.sys
    12:58:18.0781 0600 D:\WINDOWS\system32\drivers\flpydisk.sys - ok
    12:58:18.0812 0600 [ DA1F27D85E0D1525F6621372E7B685E9 ] D:\WINDOWS\system32\drivers\beep.sys
    12:58:18.0812 0600 D:\WINDOWS\system32\drivers\beep.sys - ok
    12:58:18.0843 0600 [ C1B486A7658353D33A10CC15211A873B ] D:\WINDOWS\system32\drivers\cdaudio.sys
    12:58:18.0843 0600 D:\WINDOWS\system32\drivers\cdaudio.sys - ok
    12:58:18.0859 0600 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] D:\WINDOWS\system32\drivers\fs_rec.sys
    12:58:18.0859 0600 D:\WINDOWS\system32\drivers\fs_rec.sys - ok
    12:58:18.0875 0600 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] D:\WINDOWS\system32\drivers\null.sys
    12:58:18.0875 0600 D:\WINDOWS\system32\drivers\null.sys - ok
    12:58:18.0906 0600 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] D:\WINDOWS\system32\drivers\vga.sys
    12:58:18.0906 0600 D:\WINDOWS\system32\drivers\vga.sys - ok
    12:58:18.0921 0600 [ E28726B72C46821A28830E077D39A55B ] D:\WINDOWS\system32\drivers\videoprt.sys
    12:58:18.0921 0600 D:\WINDOWS\system32\drivers\videoprt.sys - ok
    12:58:18.0953 0600 [ C941EA2454BA8350021D774DAF0F1027 ] D:\WINDOWS\system32\drivers\msfs.sys
    12:58:18.0953 0600 D:\WINDOWS\system32\drivers\msfs.sys - ok
    12:58:18.0984 0600 [ 4912D5B403614CE99C28420F75353332 ] D:\WINDOWS\system32\drivers\rdpcdd.sys
    12:58:18.0984 0600 D:\WINDOWS\system32\drivers\rdpcdd.sys - ok
    12:58:19.0000 0600 [ 23C74D75E36E7158768DD63D92789A91 ] D:\WINDOWS\system32\drivers\ipsec.sys
    12:58:19.0000 0600 D:\WINDOWS\system32\drivers\ipsec.sys - ok
    12:58:19.0031 0600 [ 3182D64AE053D6FB034F44B6DEF8034A ] D:\WINDOWS\system32\drivers\npfs.sys
    12:58:19.0031 0600 D:\WINDOWS\system32\drivers\npfs.sys - ok
    12:58:19.0062 0600 [ FE0D99D6F31E4FAD8159F690D68DED9C ] D:\WINDOWS\system32\drivers\rasacd.sys
    12:58:19.0062 0600 D:\WINDOWS\system32\drivers\rasacd.sys - ok
    12:58:19.0078 0600 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] D:\WINDOWS\system32\drivers\tcpip.sys
    12:58:19.0078 0600 D:\WINDOWS\system32\drivers\tcpip.sys - ok
    12:58:19.0109 0600 [ CC748EA12C6EFFDE940EE98098BF96BB ] D:\WINDOWS\system32\drivers\ipnat.sys
    12:58:19.0109 0600 D:\WINDOWS\system32\drivers\ipnat.sys - ok
    12:58:19.0125 0600 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] D:\WINDOWS\system32\drivers\netbt.sys
    12:58:19.0125 0600 D:\WINDOWS\system32\drivers\netbt.sys - ok
    12:58:19.0156 0600 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] D:\WINDOWS\system32\drivers\ws2ifsl.sys
    12:58:19.0156 0600 D:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
    12:58:19.0171 0600 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] D:\WINDOWS\system32\drivers\afd.sys
    12:58:19.0171 0600 D:\WINDOWS\system32\drivers\afd.sys - ok
    12:58:19.0203 0600 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] D:\WINDOWS\system32\drivers\netbios.sys
    12:58:19.0203 0600 D:\WINDOWS\system32\drivers\netbios.sys - ok
    12:58:19.0234 0600 [ 7AD224AD1A1437FE28D89CF22B17780A ] D:\WINDOWS\system32\drivers\rdbss.sys
    12:58:19.0234 0600 D:\WINDOWS\system32\drivers\rdbss.sys - ok
    12:58:19.0250 0600 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] D:\WINDOWS\system32\drivers\mrxsmb.sys
    12:58:19.0250 0600 D:\WINDOWS\system32\drivers\mrxsmb.sys - ok
    12:58:19.0281 0600 [ 4B4813A9B148654EFEE5D95F44BD7E5D ] D:\WINDOWS\system32\ntdll.dll
    12:58:19.0281 0600 D:\WINDOWS\system32\ntdll.dll - ok
    12:58:19.0312 0600 [ 48E430297DA757F5CC2793CCFACAD5E7 ] D:\WINDOWS\system32\smss.exe
    12:58:19.0312 0600 D:\WINDOWS\system32\smss.exe - ok
    12:58:19.0328 0600 [ B16CCBF66BF41F994D2810CC2299D9D6 ] D:\WINDOWS\system32\autochk.exe
    12:58:19.0328 0600 D:\WINDOWS\system32\autochk.exe - ok
    12:58:19.0359 0600 [ 38D332A6D56AF32635675F132548343E ] D:\WINDOWS\system32\drivers\fastfat.sys
    12:58:19.0359 0600 D:\WINDOWS\system32\drivers\fastfat.sys - ok
    12:58:19.0375 0600 [ 96ECCF28FDBF1B2CC12725818A63628D ] D:\WINDOWS\system32\drivers\hidparse.sys
    12:58:19.0375 0600 D:\WINDOWS\system32\drivers\hidparse.sys - ok
    12:58:19.0406 0600 [ 1AF592532532A402ED7C060F6954004F ] D:\WINDOWS\system32\drivers\hidclass.sys
    12:58:19.0406 0600 D:\WINDOWS\system32\drivers\hidclass.sys - ok
    12:58:19.0421 0600 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] D:\WINDOWS\system32\drivers\hidusb.sys
    28 Septembre 2012 12:06:55

    Suite du rapport TDSS:

    12:58:19.0421 0600 D:\WINDOWS\system32\drivers\hidusb.sys - ok
    12:58:19.0453 0600 [ E17C85D5B5CF477638433B851A98499E ] D:\WINDOWS\system32\sfcfiles.dll
    12:58:19.0453 0600 D:\WINDOWS\system32\sfcfiles.dll - ok
    12:58:19.0484 0600 [ 173F317CE0DB8E21322E71B7E60A27E8 ] D:\WINDOWS\system32\drivers\usbccgp.sys
    12:58:19.0484 0600 D:\WINDOWS\system32\drivers\usbccgp.sys - ok
    12:58:19.0500 0600 [ 124D6846040C79B9C997F78EF4B2A4E5 ] D:\WINDOWS\system32\drivers\mouhid.sys
    12:58:19.0500 0600 D:\WINDOWS\system32\drivers\mouhid.sys - ok
    12:58:19.0531 0600 [ 94C59CB884BA010C063687C3A50DCE8E ] D:\WINDOWS\system32\drivers\kbdhid.sys
    12:58:19.0531 0600 D:\WINDOWS\system32\drivers\kbdhid.sys - ok
    12:58:19.0546 0600 [ A32426D9B14A089EAA1D922E0C5801A9 ] D:\WINDOWS\system32\drivers\usbstor.sys
    12:58:19.0546 0600 D:\WINDOWS\system32\drivers\usbstor.sys - ok
    12:58:19.0578 0600 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] D:\WINDOWS\system32\drivers\udfs.sys
    12:58:19.0578 0600 D:\WINDOWS\system32\drivers\udfs.sys - ok
    12:58:19.0609 0600 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] D:\WINDOWS\system32\drivers\atapi.sys
    12:58:19.0609 0600 D:\WINDOWS\system32\drivers\atapi.sys - ok
    12:58:19.0625 0600 [ 2F31B7F954BED437F2C75026C65CAF7B ] D:\WINDOWS\system32\drivers\wmilib.sys
    12:58:19.0625 0600 D:\WINDOWS\system32\drivers\wmilib.sys - ok
    12:58:19.0640 0600 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] D:\WINDOWS\system32\drivers\dxapi.sys
    12:58:19.0640 0600 D:\WINDOWS\system32\drivers\dxapi.sys - ok
    12:58:19.0671 0600 [ 9A10AACBFDC4922715375FB4065EC930 ] D:\WINDOWS\system32\watchdog.sys
    12:58:19.0671 0600 D:\WINDOWS\system32\watchdog.sys - ok
    12:58:19.0703 0600 [ D331A16F0A6AA63A738BB24F0E2D13EF ] D:\WINDOWS\system32\win32k.sys
    12:58:19.0703 0600 D:\WINDOWS\system32\win32k.sys - ok
    12:58:19.0718 0600 [ E0E8A531CFCE1C2E5D79F683282C10C3 ] D:\WINDOWS\system32\csrss.exe
    12:58:19.0718 0600 D:\WINDOWS\system32\csrss.exe - ok
    12:58:19.0750 0600 [ C83F29D368C8758160164581A6C32E03 ] D:\WINDOWS\system32\csrsrv.dll
    12:58:19.0750 0600 D:\WINDOWS\system32\csrsrv.dll - ok
    12:58:19.0781 0600 [ 61013AB2E38550619637AA6CC02383D4 ] D:\WINDOWS\system32\basesrv.dll
    12:58:19.0781 0600 D:\WINDOWS\system32\basesrv.dll - ok
    12:58:19.0812 0600 [ 8FB644D08037BB9CF532F697CCC0A8E6 ] D:\WINDOWS\system32\winsrv.dll
    12:58:19.0812 0600 D:\WINDOWS\system32\winsrv.dll - ok
    12:58:19.0828 0600 [ 66842C38B301F07CA574F7D4403BC31E ] D:\WINDOWS\system32\gdi32.dll
    12:58:19.0828 0600 D:\WINDOWS\system32\gdi32.dll - ok
    12:58:19.0859 0600 [ 98F08549604D090B6B2514AF845F329F ] D:\WINDOWS\system32\kernel32.dll
    12:58:19.0859 0600 D:\WINDOWS\system32\kernel32.dll - ok
    12:58:19.0875 0600 [ E853F84D3CE2FAA2A802E33CF89AC023 ] D:\WINDOWS\system32\user32.dll
    12:58:19.0875 0600 D:\WINDOWS\system32\user32.dll - ok
    12:58:19.0890 0600 [ AC7280566A7BB85CB3291F04DDC1198E ] D:\WINDOWS\system32\drivers\dxg.sys
    12:58:19.0890 0600 D:\WINDOWS\system32\drivers\dxg.sys - ok
    12:58:19.0921 0600 [ A73F5D6705B1D820C19B18782E176EFD ] D:\WINDOWS\system32\drivers\dxgthk.sys
    12:58:19.0921 0600 D:\WINDOWS\system32\drivers\dxgthk.sys - ok
    12:58:19.0953 0600 [ 88AD080D4070E1F9B76D850CC1DD2284 ] D:\WINDOWS\system32\vga.dll
    12:58:19.0953 0600 D:\WINDOWS\system32\vga.dll - ok
    12:58:19.0968 0600 [ A91F243301E492B15CD6B18F03172E28 ] D:\WINDOWS\system32\framebuf.dll
    12:58:19.0968 0600 D:\WINDOWS\system32\framebuf.dll - ok
    12:58:20.0000 0600 [ B8F3B3BFCFA5AB8CB8360F3336E028BD ] D:\WINDOWS\system32\vga256.dll
    12:58:20.0000 0600 D:\WINDOWS\system32\vga256.dll - ok
    12:58:20.0031 0600 [ 0D0823465BDB04D0964F944BCF4845D2 ] D:\WINDOWS\system32\vga64k.dll
    12:58:20.0031 0600 D:\WINDOWS\system32\vga64k.dll - ok
    12:58:20.0046 0600 [ DD73D6B9F6B4CB630CF35B438B540174 ] D:\WINDOWS\system32\winlogon.exe
    12:58:20.0046 0600 D:\WINDOWS\system32\winlogon.exe - ok
    12:58:20.0078 0600 [ 31C1FD0BBDC5B81C21EDBA4331EDAE55 ] D:\WINDOWS\system32\advapi32.dll
    12:58:20.0078 0600 D:\WINDOWS\system32\advapi32.dll - ok
    12:58:20.0109 0600 [ 4C0EF524387B3DBB463878489EDC4F31 ] D:\WINDOWS\system32\rpcrt4.dll
    12:58:20.0109 0600 D:\WINDOWS\system32\rpcrt4.dll - ok
    12:58:20.0125 0600 [ 3C154747965320BFC9DB48AA45FC568D ] D:\WINDOWS\system32\secur32.dll
    12:58:20.0125 0600 D:\WINDOWS\system32\secur32.dll - ok
    12:58:20.0140 0600 [ B680FB8584C4491B8C6FDC8D580B4C57 ] D:\WINDOWS\system32\authz.dll
    12:58:20.0140 0600 D:\WINDOWS\system32\authz.dll - ok
    12:58:20.0171 0600 [ 3891413139EAABFEFE9B0CA49B5CD395 ] D:\WINDOWS\system32\msvcrt.dll
    12:58:20.0171 0600 D:\WINDOWS\system32\msvcrt.dll - ok
    12:58:20.0203 0600 [ D4605AA8D3D4E32B7FCCCE5545F9440C ] D:\WINDOWS\system32\crypt32.dll
    12:58:20.0203 0600 D:\WINDOWS\system32\crypt32.dll - ok
    12:58:20.0218 0600 [ 6BF05FB48E745E5EE0ABF9C029453E84 ] D:\WINDOWS\system32\msasn1.dll
    12:58:20.0218 0600 D:\WINDOWS\system32\msasn1.dll - ok
    12:58:20.0250 0600 [ A70348B3EEBF35C646375F765293E31C ] D:\WINDOWS\system32\nddeapi.dll
    12:58:20.0250 0600 D:\WINDOWS\system32\nddeapi.dll - ok
    12:58:20.0281 0600 [ F93478DF30C64537DAA79BAF28954636 ] D:\WINDOWS\system32\profmap.dll
    12:58:20.0281 0600 D:\WINDOWS\system32\profmap.dll - ok
    12:58:20.0296 0600 [ 28725D80C4B7A64562D49FB6DA0CD82D ] D:\WINDOWS\system32\netapi32.dll
    12:58:20.0296 0600 D:\WINDOWS\system32\netapi32.dll - ok
    12:58:20.0328 0600 [ 320FCCF34AFB98536CF01A3E93D8BE8E ] D:\WINDOWS\system32\userenv.dll
    12:58:20.0328 0600 D:\WINDOWS\system32\userenv.dll - ok
    12:58:20.0359 0600 [ B9BEA255887D284848C82B60C49524A3 ] D:\WINDOWS\system32\psapi.dll
    12:58:20.0359 0600 D:\WINDOWS\system32\psapi.dll - ok
    12:58:20.0375 0600 [ DB0D85E918793D34AB30A4D927207E7D ] D:\WINDOWS\system32\regapi.dll
    12:58:20.0375 0600 D:\WINDOWS\system32\regapi.dll - ok
    12:58:20.0406 0600 [ F372DC84DFE63BF4115C0A6B1F4CF680 ] D:\WINDOWS\system32\setupapi.dll
    12:58:20.0406 0600 D:\WINDOWS\system32\setupapi.dll - ok
    12:58:20.0421 0600 [ A71A42AD584FAD1A8D1EC5D807C6E528 ] D:\WINDOWS\system32\version.dll
    12:58:20.0421 0600 D:\WINDOWS\system32\version.dll - ok
    12:58:20.0453 0600 [ 1F31B8DAD0B8D0AD8CBCA308A2B110C1 ] D:\WINDOWS\system32\winsta.dll
    12:58:20.0453 0600 D:\WINDOWS\system32\winsta.dll - ok
    12:58:20.0484 0600 [ 4FCC72EE3C57E7F77B49FF305024D082 ] D:\WINDOWS\system32\wintrust.dll
    12:58:20.0484 0600 D:\WINDOWS\system32\wintrust.dll - ok
    12:58:20.0500 0600 [ E544DCE5582B9D2E1A49282EAF5CCA09 ] D:\WINDOWS\system32\imagehlp.dll
    12:58:20.0500 0600 D:\WINDOWS\system32\imagehlp.dll - ok
    12:58:20.0531 0600 [ FB836F9E62D82904C983AD21296A5D9C ] D:\WINDOWS\system32\ws2_32.dll
    12:58:20.0531 0600 D:\WINDOWS\system32\ws2_32.dll - ok
    12:58:20.0562 0600 [ 36A608BF354FCC64AD6C0F2B5E2B8806 ] D:\WINDOWS\system32\ws2help.dll
    12:58:20.0562 0600 D:\WINDOWS\system32\ws2help.dll - ok
    12:58:20.0578 0600 [ 0469B73DB32E5520F342C5E163AA3CCA ] D:\WINDOWS\system32\imm32.dll
    12:58:20.0578 0600 D:\WINDOWS\system32\imm32.dll - ok
    12:58:20.0609 0600 [ C39F03304E24BEADA6DCDE68C1B1269B ] D:\WINDOWS\system32\kbdfr.dll
    12:58:20.0609 0600 D:\WINDOWS\system32\kbdfr.dll - ok
    12:58:20.0625 0600 [ 56C5B179FE3308B655EB6208C3256FEC ] D:\WINDOWS\system32\kbdus.dll
    12:58:20.0625 0600 D:\WINDOWS\system32\kbdus.dll - ok
    12:58:20.0640 0600 [ 0B83193246EB84B2902C0BA23027DE6C ] D:\WINDOWS\system32\msgina.dll
    12:58:20.0640 0600 D:\WINDOWS\system32\msgina.dll - ok
    12:58:20.0671 0600 [ 4C96AB448A3014EBC11E1D3868071391 ] D:\WINDOWS\system32\comctl32.dll
    12:58:20.0671 0600 D:\WINDOWS\system32\comctl32.dll - ok
    12:58:20.0703 0600 [ D6F63FC79FEAB7C4F3D9F8B67C981C95 ] D:\WINDOWS\system32\odbc32.dll
    12:58:20.0703 0600 D:\WINDOWS\system32\odbc32.dll - ok
    12:58:20.0734 0600 [ FB13293CBD3446CB95DBE745B2407724 ] D:\WINDOWS\system32\comdlg32.dll
    12:58:20.0734 0600 D:\WINDOWS\system32\comdlg32.dll - ok
    12:58:20.0750 0600 [ 6C6C2AF24336B3068461B8A5B5F85CF7 ] D:\WINDOWS\system32\shell32.dll
    12:58:20.0750 0600 D:\WINDOWS\system32\shell32.dll - ok
    12:58:20.0781 0600 [ DAD612DCA47C459B845EBA363103747E ] D:\WINDOWS\system32\shlwapi.dll
    12:58:20.0781 0600 D:\WINDOWS\system32\shlwapi.dll - ok
    12:58:20.0812 0600 [ 4C0E80754A78105B12A8CEFEC89AA970 ] D:\WINDOWS\system32\sxs.dll
    12:58:20.0812 0600 D:\WINDOWS\system32\sxs.dll - ok
    12:58:20.0828 0600 [ AD6F8920E9BC4ADF4F2844E3ED0D47AF ] D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
    12:58:20.0828 0600 D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
    12:58:20.0859 0600 [ C0723E4D763B555018A20685159F27CC ] D:\WINDOWS\system32\odbcint.dll
    12:58:20.0859 0600 D:\WINDOWS\system32\odbcint.dll - ok
    12:58:20.0875 0600 [ 1B8542F338CDD86929A084A455837158 ] D:\WINDOWS\system32\shsvcs.dll
    12:58:20.0875 0600 D:\WINDOWS\system32\shsvcs.dll - ok
    12:58:20.0906 0600 [ C329366E0388493DD0003FF28D1B7EA6 ] D:\WINDOWS\system32\ole32.dll
    12:58:20.0906 0600 D:\WINDOWS\system32\ole32.dll - ok
    12:58:20.0921 0600 [ 9A4E7ECBB5B7FB86F3B926AB039F4FEC ] D:\WINDOWS\system32\sfc.dll
    12:58:20.0921 0600 D:\WINDOWS\system32\sfc.dll - ok
    12:58:20.0953 0600 [ 2EFDF3184665D3DE8509617C180C1DB6 ] D:\WINDOWS\system32\sfc_os.dll
    12:58:20.0953 0600 D:\WINDOWS\system32\sfc_os.dll - ok
    12:58:20.0968 0600 [ 720E6C8052B0EB97A3BAC7F259BA6BDD ] D:\WINDOWS\system32\apphelp.dll
    12:58:20.0984 0600 D:\WINDOWS\system32\apphelp.dll - ok
    12:58:21.0000 0600 [ C3FB1D70CB88722267949694BA51759E ] D:\WINDOWS\system32\services.exe
    12:58:21.0000 0600 D:\WINDOWS\system32\services.exe - ok
    12:58:21.0031 0600 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] D:\WINDOWS\system32\lsass.exe
    12:58:21.0031 0600 D:\WINDOWS\system32\lsass.exe - ok
    12:58:21.0046 0600 [ 4DF4320F4F40383FD2DD3F8705C3ED41 ] D:\WINDOWS\system32\ncobjapi.dll
    12:58:21.0046 0600 D:\WINDOWS\system32\ncobjapi.dll - ok
    12:58:21.0078 0600 [ AC068C394AB003657A42EB8D9513B665 ] D:\WINDOWS\system32\lsasrv.dll
    12:58:21.0078 0600 D:\WINDOWS\system32\lsasrv.dll - ok
    12:58:21.0109 0600 [ 699756C96ECF0F548B0220BD04F36929 ] D:\WINDOWS\system32\msvcp60.dll
    12:58:21.0109 0600 D:\WINDOWS\system32\msvcp60.dll - ok
    12:58:21.0125 0600 [ 755B8C42A9F0CFC2A7EBD751BEC8F228 ] D:\WINDOWS\system32\scesrv.dll
    12:58:21.0125 0600 D:\WINDOWS\system32\scesrv.dll - ok
    12:58:21.0140 0600 [ 5D0355AFAFFFAB8313DB50A7365C9615 ] D:\WINDOWS\system32\mpr.dll
    12:58:21.0140 0600 D:\WINDOWS\system32\mpr.dll - ok
    12:58:21.0171 0600 [ AC019B054AF557847D381AC9D304FC94 ] D:\WINDOWS\system32\ntdsapi.dll
    12:58:21.0171 0600 D:\WINDOWS\system32\ntdsapi.dll - ok
    12:58:21.0203 0600 [ D76A076ADB74F8132924E498D63123A2 ] D:\WINDOWS\system32\dnsapi.dll
    12:58:21.0203 0600 D:\WINDOWS\system32\dnsapi.dll - ok
    12:58:21.0218 0600 [ A69A4933D5B4F3A9314E399DB7D6A90C ] D:\WINDOWS\system32\umpnpmgr.dll
    12:58:21.0218 0600 D:\WINDOWS\system32\umpnpmgr.dll - ok
    12:58:21.0250 0600 [ 4FF61856F650F3D7D8C4F4166ABAF237 ] D:\WINDOWS\system32\shimeng.dll
    12:58:21.0250 0600 D:\WINDOWS\system32\shimeng.dll - ok
    12:58:21.0281 0600 [ FCD55D9E36491B42D74F3BB205534806 ] D:\WINDOWS\system32\wldap32.dll
    12:58:21.0281 0600 D:\WINDOWS\system32\wldap32.dll - ok
    12:58:21.0296 0600 [ 44FD9CFD9D732B25C10792CE0AEB3E7D ] D:\WINDOWS\AppPatch\acadproc.dll
    12:58:21.0296 0600 D:\WINDOWS\AppPatch\acadproc.dll - ok
    12:58:21.0328 0600 [ 0993F9BF1A1A0BA7C35F375FDF4D2399 ] D:\WINDOWS\system32\samlib.dll
    12:58:21.0328 0600 D:\WINDOWS\system32\samlib.dll - ok
    12:58:21.0359 0600 [ 3F73D7C5F4CF07F6A6A4E9FF6E9F3292 ] D:\WINDOWS\system32\samsrv.dll
    12:58:21.0359 0600 D:\WINDOWS\system32\samsrv.dll - ok
    12:58:21.0375 0600 [ C2AA2CBC8FB636B5E1630388021ECE41 ] D:\WINDOWS\system32\cryptdll.dll
    12:58:21.0375 0600 D:\WINDOWS\system32\cryptdll.dll - ok
    12:58:21.0390 0600 [ A3CE34D81C45AA0CFD5551C0D7B34D9A ] D:\WINDOWS\AppPatch\acgenral.dll
    12:58:21.0390 0600 D:\WINDOWS\AppPatch\acgenral.dll - ok
    12:58:21.0421 0600 [ 3C08E7E9D85C6F426C814B1C2DE260A1 ] D:\WINDOWS\system32\winmm.dll
    12:58:21.0421 0600 D:\WINDOWS\system32\winmm.dll - ok
    12:58:21.0453 0600 [ 6B69E574751C19882A5F3FC0897E23EE ] D:\WINDOWS\system32\oleaut32.dll
    12:58:21.0453 0600 D:\WINDOWS\system32\oleaut32.dll - ok
    12:58:21.0468 0600 [ 18F726D6767FD3632A3617F476E115E2 ] D:\WINDOWS\system32\msacm32.dll
    12:58:21.0468 0600 D:\WINDOWS\system32\msacm32.dll - ok
    12:58:21.0500 0600 [ 34BC64F7AA90E6F0AE22145D813778C0 ] D:\WINDOWS\system32\uxtheme.dll
    12:58:21.0500 0600 D:\WINDOWS\system32\uxtheme.dll - ok
    12:58:21.0531 0600 [ 9B5B153F4D0D5CB14D9865435182BD70 ] D:\WINDOWS\system32\msapsspc.dll
    12:58:21.0531 0600 D:\WINDOWS\system32\msapsspc.dll - ok
    12:58:21.0546 0600 [ 7A660EDC0757849DF5F8706FB6E9F740 ] D:\WINDOWS\system32\msvcrt40.dll
    12:58:21.0546 0600 D:\WINDOWS\system32\msvcrt40.dll - ok
    12:58:21.0578 0600 [ 2B52E52025FC2B6786DAF93A73764656 ] D:\WINDOWS\system32\schannel.dll
    12:58:21.0578 0600 D:\WINDOWS\system32\schannel.dll - ok
    12:58:21.0593 0600 [ 6CC5C1DAC782A63BBC18AFC1A23ACB68 ] D:\WINDOWS\system32\digest.dll
    12:58:21.0593 0600 D:\WINDOWS\system32\digest.dll - ok
    12:58:21.0609 0600 [ 25F3FBFB7CBC160674B1AC246FD13DC0 ] D:\WINDOWS\system32\msnsspc.dll
    12:58:21.0609 0600 D:\WINDOWS\system32\msnsspc.dll - ok
    12:58:21.0640 0600 [ 311E6986FAC7964C0C41D6A2CBEE13C9 ] D:\WINDOWS\system32\msctfime.ime
    12:58:21.0640 0600 D:\WINDOWS\system32\msctfime.ime - ok
    12:58:21.0671 0600 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] D:\WINDOWS\system32\msprivs.dll
    12:58:21.0671 0600 D:\WINDOWS\system32\msprivs.dll - ok
    12:58:21.0687 0600 [ 6174DF600CDBABD766535878133014F6 ] D:\WINDOWS\system32\kerberos.dll
    12:58:21.0687 0600 D:\WINDOWS\system32\kerberos.dll - ok
    12:58:21.0718 0600 [ 1E644E3533DCE2B580A663AE1ACBD539 ] D:\WINDOWS\system32\atmfd.dll
    12:58:21.0718 0600 D:\WINDOWS\system32\atmfd.dll - ok
    12:58:21.0750 0600 [ D4063AD48776866B1C8C9C040FCB7F4E ] D:\WINDOWS\system32\iphlpapi.dll
    12:58:21.0750 0600 D:\WINDOWS\system32\iphlpapi.dll - ok
    12:58:21.0765 0600 [ 2921BBEAB3EB2A09E7CBC7CAE2A18110 ] D:\WINDOWS\system32\msv1_0.dll
    12:58:21.0765 0600 D:\WINDOWS\system32\msv1_0.dll - ok
    12:58:21.0796 0600 [ 04821179C3171554C1BD1F9888A113E2 ] D:\WINDOWS\system32\netlogon.dll
    12:58:21.0796 0600 D:\WINDOWS\system32\netlogon.dll - ok
    12:58:21.0828 0600 [ C1F726EE0B043B074A68992BC4AEF8FD ] D:\WINDOWS\system32\w32time.dll
    12:58:21.0828 0600 D:\WINDOWS\system32\w32time.dll - ok
    12:58:21.0843 0600 [ A3D1365C368971FA7D1CBB35D88A2F46 ] D:\WINDOWS\system32\wdigest.dll
    12:58:21.0843 0600 D:\WINDOWS\system32\wdigest.dll - ok
    12:58:21.0859 0600 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] D:\WINDOWS\system32\rsaenh.dll
    12:58:21.0859 0600 D:\WINDOWS\system32\rsaenh.dll - ok
    12:58:21.0890 0600 [ 706FB033F7D948F43BA8FF8294DB5F47 ] D:\WINDOWS\system32\winscard.dll
    12:58:21.0890 0600 D:\WINDOWS\system32\winscard.dll - ok
    12:58:21.0921 0600 [ 62D111CA822FA630753FDBBE5C5DFAEA ] D:\WINDOWS\system32\wtsapi32.dll
    12:58:21.0921 0600 D:\WINDOWS\system32\wtsapi32.dll - ok
    12:58:21.0937 0600 [ 973B36634C544948C663E8269AA1B3A3 ] D:\WINDOWS\system32\scecli.dll
    12:58:21.0937 0600 D:\WINDOWS\system32\scecli.dll - ok
    12:58:21.0968 0600 [ E4BDF223CD75478BF44567B4D5C2634D ] D:\WINDOWS\system32\svchost.exe
    12:58:21.0968 0600 D:\WINDOWS\system32\svchost.exe - ok
    12:58:22.0000 0600 [ 24BF6C92EA2DC0DB979A7555EEC33214 ] D:\WINDOWS\system32\ntmarta.dll
    12:58:22.0000 0600 D:\WINDOWS\system32\ntmarta.dll - ok
    12:58:22.0015 0600 [ 0203B1AAD358F206CB0A3C1F93CCE17A ] D:\WINDOWS\system32\rpcss.dll
    12:58:22.0015 0600 D:\WINDOWS\system32\rpcss.dll - ok
    12:58:22.0046 0600 [ B359F906D24B3214581783D2073C4970 ] D:\WINDOWS\system32\xpsp2res.dll
    12:58:22.0046 0600 D:\WINDOWS\system32\xpsp2res.dll - ok
    12:58:22.0078 0600 [ 4EC800BDF80521B0207BD2301DFC7D14 ] D:\WINDOWS\system32\eventlog.dll
    12:58:22.0078 0600 D:\WINDOWS\system32\eventlog.dll - ok
    12:58:22.0093 0600 [ B40094D81DF18A5CBEBFE43F2578C048 ] D:\WINDOWS\system32\logonui.exe
    12:58:22.0093 0600 D:\WINDOWS\system32\logonui.exe - ok
    12:58:22.0109 0600 [ 6DCE6F063EBAC4E49AD245E7E13AC802 ] D:\WINDOWS\system32\duser.dll
    12:58:22.0109 0600 D:\WINDOWS\system32\duser.dll - ok
    12:58:22.0140 0600 [ 6F5F546A92C7B6AE45DB1D6910781EB0 ] D:\WINDOWS\system32\mswsock.dll
    12:58:22.0140 0600 D:\WINDOWS\system32\mswsock.dll - ok
    12:58:22.0171 0600 [ B99FEE786F755C84974CD285E21055C2 ] D:\WINDOWS\system32\msimg32.dll
    12:58:22.0171 0600 D:\WINDOWS\system32\msimg32.dll - ok
    12:58:22.0187 0600 [ E62B0BE3FC855066C872F5B50A6BCD1B ] D:\WINDOWS\system32\hnetcfg.dll
    12:58:22.0187 0600 D:\WINDOWS\system32\hnetcfg.dll - ok
    12:58:22.0218 0600 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] D:\WINDOWS\system32\oleacc.dll
    12:58:22.0218 0600 D:\WINDOWS\system32\oleacc.dll - ok
    12:58:22.0250 0600 [ 395609BFE5A0D88DFCD93BE5AA35B46A ] D:\WINDOWS\system32\wshtcpip.dll
    12:58:22.0250 0600 D:\WINDOWS\system32\wshtcpip.dll - ok
    12:58:22.0265 0600 [ EF4092F4129A220AEAADC04C229CD5BF ] D:\WINDOWS\system32\winrnr.dll
    12:58:22.0265 0600 D:\WINDOWS\system32\winrnr.dll - ok
    12:58:22.0296 0600 [ E17BBF14DBE41CAB571BBD244F97C25F ] D:\WINDOWS\system32\rasadhlp.dll
    12:58:22.0296 0600 D:\WINDOWS\system32\rasadhlp.dll - ok
    12:58:22.0328 0600 [ F927A4434C5028758A842943EF1A3849 ] D:\WINDOWS\system32\drivers\ndisuio.sys
    12:58:22.0328 0600 D:\WINDOWS\system32\drivers\ndisuio.sys - ok
    12:58:22.0343 0600 [ 6B646A601AEC823032AF4DC19273CFDA ] D:\WINDOWS\system32\cscdll.dll
    12:58:22.0343 0600 D:\WINDOWS\system32\cscdll.dll - ok
    12:58:22.0359 0600 [ 48ABB5A17B3FDAAB6631224D74DDBCAF ] D:\WINDOWS\system32\dimsntfy.dll
    12:58:22.0359 0600 D:\WINDOWS\system32\dimsntfy.dll - ok
    12:58:22.0390 0600 [ C664757F8243499BA6E45102AF459DE6 ] D:\WINDOWS\system32\wlnotify.dll
    12:58:22.0390 0600 D:\WINDOWS\system32\wlnotify.dll - ok
    12:58:22.0406 0600 [ BD6C84E39CB7073BDA60A0B16B9298C2 ] D:\WINDOWS\system32\clbcatq.dll
    12:58:22.0406 0600 D:\WINDOWS\system32\clbcatq.dll - ok
    12:58:22.0437 0600 [ 8E13BAECA74D85AF4BAF4CBA8986D433 ] D:\WINDOWS\system32\winspool.drv
    12:58:22.0437 0600 D:\WINDOWS\system32\winspool.drv - ok
    12:58:22.0468 0600 [ 318F535DC05551D96DEEB90B6D6904DE ] D:\WINDOWS\system32\dhcpcsvc.dll
    12:58:22.0468 0600 D:\WINDOWS\system32\dhcpcsvc.dll - ok
    12:58:22.0484 0600 [ 1A1E59377FB6CACD711CC5073C4A7D79 ] D:\WINDOWS\system32\dnsrslvr.dll
    12:58:22.0484 0600 D:\WINDOWS\system32\dnsrslvr.dll - ok
    12:58:22.0515 0600 [ F4B7146C7EED6C4E158DCD9B5266C25A ] D:\WINDOWS\system32\comres.dll
    12:58:22.0515 0600 D:\WINDOWS\system32\comres.dll - ok
    12:58:22.0546 0600 [ 7D40457C56283F554B79D731FE4A9D11 ] D:\WINDOWS\system32\WgaLogon.dll
    12:58:22.0546 0600 D:\WINDOWS\system32\WgaLogon.dll - ok
    12:58:22.0578 0600 [ D205A22D708D9CE7D0FB2520A537D379 ] D:\WINDOWS\system32\shgina.dll
    12:58:22.0578 0600 D:\WINDOWS\system32\shgina.dll - ok
    12:58:22.0609 0600 [ 02CE839BC89E01F5EB78C8425CC66A4A ] D:\WINDOWS\system32\msxml3.dll
    12:58:22.0609 0600 D:\WINDOWS\system32\msxml3.dll - ok
    12:58:22.0625 0600 [ 0F357C079AC529A844AB5B18E4EEF881 ] D:\WINDOWS\system32\lmhsvc.dll
    12:58:22.0625 0600 D:\WINDOWS\system32\lmhsvc.dll - ok
    12:58:22.0640 0600 [ C336E54EE0C291A02F004667DB1E66CB ] D:\WINDOWS\system32\wzcsvc.dll
    12:58:22.0640 0600 D:\WINDOWS\system32\wzcsvc.dll - ok
    12:58:22.0671 0600 [ B800291E82B664F6AA3BA6793B184374 ] D:\WINDOWS\system32\rtutils.dll
    12:58:22.0671 0600 D:\WINDOWS\system32\rtutils.dll - ok
    12:58:22.0703 0600 [ 7EEC6BF7E76798D5DCCDD5012BC0AA43 ] D:\WINDOWS\system32\wmi.dll
    12:58:22.0703 0600 D:\WINDOWS\system32\wmi.dll - ok
    12:58:22.0718 0600 [ 6A4DE85C3E0D5A899BF26E20DA01400B ] D:\WINDOWS\system32\eapolqec.dll
    12:58:22.0718 0600 D:\WINDOWS\system32\eapolqec.dll - ok
    12:58:22.0750 0600 [ 6C7C1DA920EFF48BC9BFEA8B6E2F26D3 ] D:\WINDOWS\system32\atl.dll
    12:58:22.0750 0600 D:\WINDOWS\system32\atl.dll - ok
    12:58:22.0781 0600 [ 25FD28EE12744651183D25F68AC85941 ] D:\WINDOWS\system32\qutil.dll
    12:58:22.0781 0600 D:\WINDOWS\system32\qutil.dll - ok
    12:58:22.0796 0600 [ 44D9CBBC81605DACC764630644A00956 ] D:\WINDOWS\system32\dot3api.dll
    12:58:22.0796 0600 D:\WINDOWS\system32\dot3api.dll - ok
    12:58:22.0828 0600 [ 59E75C286235BC60AB887156EA8C4412 ] D:\WINDOWS\system32\esent.dll
    12:58:22.0828 0600 D:\WINDOWS\system32\esent.dll - ok
    12:58:22.0859 0600 [ AD54EAD46D92F413BE189AABC1C59490 ] D:\WINDOWS\system32\wkssvc.dll
    12:58:22.0859 0600 D:\WINDOWS\system32\wkssvc.dll - ok
    12:58:22.0875 0600 [ 60F096FC7A97C0A1D30E7CB4D124692B ] D:\WINDOWS\system32\rastls.dll
    12:58:22.0875 0600 D:\WINDOWS\system32\rastls.dll - ok
    12:58:22.0890 0600 [ B2152F29739C90393813DE1F447E0D23 ] D:\WINDOWS\system32\cryptui.dll
    12:58:22.0890 0600 D:\WINDOWS\system32\cryptui.dll - ok
    12:58:22.0921 0600 [ B0DF02C2326381D64149F3EEFAE5E09D ] D:\WINDOWS\system32\wininet.dll
    12:58:22.0921 0600 D:\WINDOWS\system32\wininet.dll - ok
    12:58:22.0937 0600 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] D:\WINDOWS\system32\normaliz.dll
    12:58:22.0953 0600 D:\WINDOWS\system32\normaliz.dll - ok
    12:58:22.0968 0600 [ ADB554816B123B5C013BACE6600D24A0 ] D:\WINDOWS\system32\urlmon.dll
    12:58:22.0968 0600 D:\WINDOWS\system32\urlmon.dll - ok
    12:58:23.0000 0600 [ 294D67200BCA9770CCCC1561F7CA9FB7 ] D:\WINDOWS\system32\iertutil.dll
    12:58:23.0000 0600 D:\WINDOWS\system32\iertutil.dll - ok
    12:58:23.0015 0600 [ 81C659C43186D3A3BAA7423192BCAB0B ] D:\WINDOWS\system32\mprapi.dll
    12:58:23.0015 0600 D:\WINDOWS\system32\mprapi.dll - ok
    12:58:23.0046 0600 [ 020A947166B2762E74FDB43B655371AC ] D:\WINDOWS\system32\activeds.dll
    12:58:23.0046 0600 D:\WINDOWS\system32\activeds.dll - ok
    12:58:23.0078 0600 [ D0724A5AD95933A44FC8586844FAE23A ] D:\WINDOWS\system32\adsldpc.dll
    12:58:23.0078 0600 D:\WINDOWS\system32\adsldpc.dll - ok
    12:58:23.0093 0600 [ 8D5C2324E028F59D2F5E27B4DAE23486 ] D:\WINDOWS\system32\rasapi32.dll
    12:58:23.0093 0600 D:\WINDOWS\system32\rasapi32.dll - ok
    12:58:23.0109 0600 [ 39CF739698665485B9C749CAAC382A5A ] D:\WINDOWS\system32\rasman.dll
    12:58:23.0109 0600 D:\WINDOWS\system32\rasman.dll - ok
    12:58:23.0140 0600 [ F7314C66432307309F95873FEACBAB74 ] D:\WINDOWS\system32\tapi32.dll
    12:58:23.0140 0600 D:\WINDOWS\system32\tapi32.dll - ok
    12:58:23.0171 0600 [ B6EE2F0EF95F9A2D1D51AF38DAB15610 ] D:\WINDOWS\system32\riched20.dll
    12:58:23.0171 0600 D:\WINDOWS\system32\riched20.dll - ok
    12:58:23.0187 0600 [ EC5265F600241F8A53499344606CE639 ] D:\WINDOWS\system32\raschap.dll
    12:58:23.0187 0600 D:\WINDOWS\system32\raschap.dll - ok
    12:58:23.0218 0600 [ 1EF62ABB6D2240D9DA84F8F2FCAA0AD7 ] D:\WINDOWS\system32\cscui.dll
    12:58:23.0218 0600 D:\WINDOWS\system32\cscui.dll - ok
    12:58:23.0250 0600 [ 9F2C862E39BF8E8FC51C3F6A6BCEB415 ] D:\WINDOWS\system32\powrprof.dll
    12:58:23.0250 0600 D:\WINDOWS\system32\powrprof.dll - ok
    12:58:23.0265 0600 [ DD340A75E031E96898ECF6461DAB9908 ] D:\WINDOWS\system32\dpcdll.dll
    12:58:23.0265 0600 D:\WINDOWS\system32\dpcdll.dll - ok
    12:58:23.0296 0600 [ E74DDB12188C2FF57A78624DBF7332FC ] D:\WINDOWS\system32\userinit.exe
    12:58:23.0296 0600 D:\WINDOWS\system32\userinit.exe - ok
    12:58:23.0328 0600 [ E309791E4F7444BE1D236D770769CE15 ] D:\WINDOWS\system32\WgaTray.exe
    12:58:23.0328 0600 D:\WINDOWS\system32\WgaTray.exe - ok
    12:58:23.0343 0600 [ F2317622D29F9FF0F88AEECD5F60F0DD ] D:\WINDOWS\explorer.exe
    12:58:23.0343 0600 D:\WINDOWS\explorer.exe - ok
    12:58:23.0359 0600 [ AE9312A67A395866C714FEC9E1B31FAA ] D:\WINDOWS\system32\browseui.dll
    12:58:23.0359 0600 D:\WINDOWS\system32\browseui.dll - ok
    12:58:23.0390 0600 [ C8551E8FF00993A6E3DF958111BC467A ] D:\WINDOWS\system32\shdocvw.dll
    12:58:23.0390 0600 D:\WINDOWS\system32\shdocvw.dll - ok
    12:58:23.0406 0600 [ 938488D25648D26E6BFE3E47DC2EC5E8 ] D:\WINDOWS\system32\cryptnet.dll
    12:58:23.0406 0600 D:\WINDOWS\system32\cryptnet.dll - ok
    12:58:23.0437 0600 [ 72DAFF6D64D506E62BF4D3300DB7CBAE ] D:\WINDOWS\system32\sensapi.dll
    12:58:23.0437 0600 D:\WINDOWS\system32\sensapi.dll - ok
    12:58:23.0468 0600 [ 0AFF6CEEBADA36B4A8249A0871A54364 ] D:\WINDOWS\system32\winhttp.dll
    12:58:23.0468 0600 D:\WINDOWS\system32\winhttp.dll - ok
    12:58:23.0484 0600 [ CC26451A90025F6C55F64146C333DEA5 ] D:\WINDOWS\system32\LegitCheckControl.dll
    12:58:23.0484 0600 D:\WINDOWS\system32\LegitCheckControl.dll - ok
    12:58:23.0515 0600 [ 410B35BE068D47B4EBA3060EA17D48A6 ] D:\WINDOWS\system32\desk.cpl
    12:58:23.0515 0600 D:\WINDOWS\system32\desk.cpl - ok
    12:58:23.0546 0600 [ 7A6D0B71035E123FDDA2156A25578AD3 ] D:\WINDOWS\system32\cryptsvc.dll
    12:58:23.0546 0600 D:\WINDOWS\system32\cryptsvc.dll - ok
    12:58:23.0562 0600 [ 2039105821E3DB12B23A2D1D1870F23A ] D:\WINDOWS\system32\wbem\wbemprox.dll
    12:58:23.0562 0600 D:\WINDOWS\system32\wbem\wbemprox.dll - ok
    12:58:23.0593 0600 [ B029FCE838CA4F8A6B5E9F477B710B40 ] D:\WINDOWS\system32\certcli.dll
    12:58:23.0593 0600 D:\WINDOWS\system32\certcli.dll - ok
    12:58:23.0609 0600 [ 4619995154067B893CCBD9D0712EE1E0 ] D:\WINDOWS\system32\wbem\wbemcomn.dll
    12:58:23.0609 0600 D:\WINDOWS\system32\wbem\wbemcomn.dll - ok
    12:58:23.0640 0600 [ 4E18B81BF58E5FA5D777D5E5A3AF7032 ] D:\WINDOWS\system32\themeui.dll
    12:58:23.0640 0600 D:\WINDOWS\system32\themeui.dll - ok
    12:58:23.0656 0600 [ 6797C23D6B79935482D7F0E8CA5E5B67 ] D:\WINDOWS\system32\dmserver.dll
    12:58:23.0656 0600 D:\WINDOWS\system32\dmserver.dll - ok
    12:58:23.0687 0600 [ 1247F83B705AF0E796330442F7967CF8 ] D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    12:58:23.0687 0600 D:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - ok
    12:58:23.0718 0600 [ 1DB8078A32E03AC8F5EB5E6DCAC2AA34 ] D:\WINDOWS\system32\srvsvc.dll
    12:58:23.0718 0600 D:\WINDOWS\system32\srvsvc.dll - ok
    12:58:23.0734 0600 [ F4CE708A7D17A625DE6C0FD746D50E88 ] D:\WINDOWS\system32\ipnathlp.dll
    12:58:23.0734 0600 D:\WINDOWS\system32\ipnathlp.dll - ok
    12:58:23.0765 0600 [ C068B14827C0DC9E4C4919FE1C451957 ] D:\WINDOWS\system32\netshell.dll
    12:58:23.0765 0600 D:\WINDOWS\system32\netshell.dll - ok
    12:58:23.0796 0600 [ E086FA4790D49BFAF83135206DC1AB53 ] D:\WINDOWS\system32\credui.dll
    12:58:23.0796 0600 D:\WINDOWS\system32\credui.dll - ok
    12:58:23.0812 0600 [ 9FFCE88E42E745699A0EB7374966D180 ] D:\WINDOWS\system32\dot3dlg.dll
    12:58:23.0812 0600 D:\WINDOWS\system32\dot3dlg.dll - ok
    12:58:23.0843 0600 [ 0F6F57851C988588DCC9A9E46A570675 ] D:\WINDOWS\system32\onex.dll
    12:58:23.0843 0600 D:\WINDOWS\system32\onex.dll - ok
    12:58:23.0875 0600 [ 10BE121A3BF8F63B710436260194AD4F ] D:\WINDOWS\system32\eappcfg.dll
    12:58:23.0875 0600 D:\WINDOWS\system32\eappcfg.dll - ok
    12:58:23.0906 0600 [ BECEF773547F696A767221A4CBF7FDD1 ] D:\WINDOWS\system32\eappprxy.dll
    12:58:23.0906 0600 D:\WINDOWS\system32\eappprxy.dll - ok
    12:58:23.0921 0600 [ B0360D1A39DA96B6F535216A6AC8AE59 ] D:\WINDOWS\system32\netmsg.dll
    12:58:23.0921 0600 D:\WINDOWS\system32\netmsg.dll - ok
    12:58:23.0953 0600 [ 6ED29124A1C83BD0CF6B26BD01CA6F6F ] D:\WINDOWS\system32\srsvc.dll
    12:58:23.0953 0600 D:\WINDOWS\system32\srsvc.dll - ok
    12:58:23.0984 0600 [ 5E9DEAE9980FF34BCD6DDE2E9E2BF911 ] D:\WINDOWS\system32\wbem\wmisvc.dll
    12:58:23.0984 0600 D:\WINDOWS\system32\wbem\wmisvc.dll - ok
    12:58:24.0000 0600 [ D2FD0D6C2873B4FFF4D5C99B15D7D18A ] D:\WINDOWS\system32\vssapi.dll
    12:58:24.0000 0600 D:\WINDOWS\system32\vssapi.dll - ok
    12:58:24.0031 0600 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] D:\WINDOWS\system32\drivers\srv.sys
    12:58:24.0031 0600 D:\WINDOWS\system32\drivers\srv.sys - ok
    12:58:24.0062 0600 [ 06B54A7B1EF7CB16BFD0E208D343FA71 ] D:\WINDOWS\system32\browser.dll
    12:58:24.0062 0600 D:\WINDOWS\system32\browser.dll - ok
    12:58:24.0078 0600 [ 710BC85A8C22626EE094439E3EA0D38C ] D:\WINDOWS\system32\termsrv.dll
    12:58:24.0078 0600 D:\WINDOWS\system32\termsrv.dll - ok
    12:58:24.0109 0600 [ BEEEA120648CAF4CE151514ED0BF9A47 ] D:\WINDOWS\system32\wbem\wbemcore.dll
    12:58:24.0109 0600 D:\WINDOWS\system32\wbem\wbemcore.dll - ok
    12:58:24.0125 0600 [ 1BDA51C28FAAB97D8A88D59C8A221485 ] D:\WINDOWS\system32\icaapi.dll
    12:58:24.0125 0600 D:\WINDOWS\system32\icaapi.dll - ok
    12:58:24.0156 0600 [ 5D8327DDCF473E983A766F42C35E68E7 ] D:\WINDOWS\system32\mstlsapi.dll
    12:58:24.0156 0600 D:\WINDOWS\system32\mstlsapi.dll - ok
    12:58:24.0171 0600 [ 6289915A4B7698C7E3F9A3D2A573CF65 ] D:\WINDOWS\system32\wbem\esscli.dll
    12:58:24.0171 0600 D:\WINDOWS\system32\wbem\esscli.dll - ok
    12:58:24.0203 0600 [ 95F1233F03C9AAC0635C8C12FC886FEB ] D:\WINDOWS\system32\wbem\fastprox.dll
    12:58:24.0203 0600 D:\WINDOWS\system32\wbem\fastprox.dll - ok
    12:58:24.0234 0600 [ BE0CB143FA427D93440DED18DB8C918B ] D:\WINDOWS\system32\netman.dll
    12:58:24.0234 0600 D:\WINDOWS\system32\netman.dll - ok
    12:58:24.0250 0600 [ 16E6E31F50CCA2881E89F82213991F11 ] D:\WINDOWS\system32\wzcsapi.dll
    12:58:24.0250 0600 D:\WINDOWS\system32\wzcsapi.dll - ok
    12:58:24.0281 0600 [ 7FF18746DCE115E3902B5482556BA586 ] D:\WINDOWS\system32\wbem\wbemsvc.dll
    12:58:24.0281 0600 D:\WINDOWS\system32\wbem\wbemsvc.dll - ok
    12:58:24.0312 0600 [ BC93944F67A691C4491779CD42586621 ] D:\WINDOWS\system32\wbem\wmiutils.dll
    12:58:24.0312 0600 D:\WINDOWS\system32\wbem\wmiutils.dll - ok
    12:58:24.0328 0600 [ 9D2B0EE8ACCA0716278E5993F00122CC ] D:\WINDOWS\system32\wbem\repdrvfs.dll
    12:58:24.0328 0600 D:\WINDOWS\system32\wbem\repdrvfs.dll - ok
    12:58:24.0359 0600 [ 9E089957CE51884586E5958D5E982469 ] D:\WINDOWS\system32\wbem\wmiprvsd.dll
    12:58:24.0359 0600 D:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
    12:58:24.0375 0600 [ 684202417DCA4864BE6F66A550152037 ] D:\WINDOWS\system32\wbem\wbemess.dll
    12:58:24.0375 0600 D:\WINDOWS\system32\wbem\wbemess.dll - ok
    12:58:24.0390 0600 [ 5512539D9850E3C57E32F6BD2CA2E56C ] D:\WINDOWS\system32\netcfgx.dll
    12:58:24.0390 0600 D:\WINDOWS\system32\netcfgx.dll - ok
    12:58:24.0421 0600 [ 798A9E6828997EEF4517ADA8A2259831 ] D:\WINDOWS\system32\wbem\wmiprvse.exe
    12:58:24.0421 0600 D:\WINDOWS\system32\wbem\wmiprvse.exe - ok
    12:58:24.0453 0600 [ 6321C6479712074655591E7347446A54 ] D:\WINDOWS\system32\clusapi.dll
    12:58:24.0453 0600 D:\WINDOWS\system32\clusapi.dll - ok
    12:58:24.0468 0600 [ 8BC58C4B4471EA21D80FC28FF5788B3B ] D:\WINDOWS\system32\licwmi.dll
    12:58:24.0468 0600 D:\WINDOWS\system32\licwmi.dll - ok
    12:58:24.0500 0600 [ 500E490175F5F0AE4CA0FA5FC68E6EC2 ] D:\WINDOWS\system32\wbem\framedyn.dll
    12:58:24.0500 0600 D:\WINDOWS\system32\wbem\framedyn.dll - ok
    12:58:24.0546 0600 [ 3B206DB81EB6A74F04716BD5627FD6E3 ] D:\WINDOWS\system32\licdll.dll
    12:58:24.0546 0600 D:\WINDOWS\system32\licdll.dll - ok
    12:58:24.0562 0600 [ B9F40A9D7A3A4FF550A0DB09E371828D ] D:\WINDOWS\system32\msxml6.dll
    12:58:24.0562 0600 D:\WINDOWS\system32\msxml6.dll - ok
    12:58:24.0593 0600 [ E9BD5A6B07A47C7789C5470CD96F165D ] D:\WINDOWS\system32\wbem\cimwin32.dll
    12:58:24.0593 0600 D:\WINDOWS\system32\wbem\cimwin32.dll - ok
    12:58:24.0609 0600 [ 5C64008E661307C4A3C3C25D9086CDE7 ] D:\WINDOWS\system32\linkinfo.dll
    12:58:24.0609 0600 D:\WINDOWS\system32\linkinfo.dll - ok
    12:58:24.0625 0600 [ D204DE1B5FFE3F0153B61FA3E3167F70 ] D:\WINDOWS\system32\ntshrui.dll
    12:58:24.0625 0600 D:\WINDOWS\system32\ntshrui.dll - ok
    12:58:24.0656 0600 [ E425C5CD1E069D86963E930C69C67AE7 ] D:\WINDOWS\system32\cfgmgr32.dll
    12:58:24.0656 0600 D:\WINDOWS\system32\cfgmgr32.dll - ok
    12:58:24.0687 0600 [ 4183FD9DF3A5D8ED23BFA235BAF2C5C2 ] D:\WINDOWS\system32\verclsid.exe
    12:58:24.0687 0600 D:\WINDOWS\system32\verclsid.exe - ok
    12:58:24.0703 0600 [ 6683CAC7A3B844CD87C9210A08F16DD7 ] D:\WINDOWS\system32\ieframe.dll
    12:58:24.0703 0600 D:\WINDOWS\system32\ieframe.dll - ok
    12:58:24.0734 0600 [ EC16AE9B37EACF871629227A3F3913FD ] D:\WINDOWS\system32\es.dll
    12:58:24.0734 0600 D:\WINDOWS\system32\es.dll - ok
    12:58:24.0765 0600 [ C2653DE22CFDF7E8EC6D2E1BAB313A6E ] D:\WINDOWS\system32\msi.dll
    12:58:24.0765 0600 D:\WINDOWS\system32\msi.dll - ok
    12:58:24.0781 0600 [ D416C2C145B6A35BB931205B2A98C5FF ] D:\WINDOWS\system32\upnp.dll
    12:58:24.0781 0600 D:\WINDOWS\system32\upnp.dll - ok
    12:58:24.0812 0600 [ 4B98A2F8BCD96801D396706FB5D2ECE8 ] D:\WINDOWS\system32\ssdpapi.dll
    12:58:24.0812 0600 D:\WINDOWS\system32\ssdpapi.dll - ok
    12:58:24.0843 0600 [ 9511AAF68AE867EEB7C7EBA2FA6C9A81 ] D:\WINDOWS\system32\mlang.dll
    12:58:24.0843 0600 D:\WINDOWS\system32\mlang.dll - ok
    12:58:24.0859 0600 [ 3DECFCFA6F1AB66C198137F2B5640819 ] D:\WINDOWS\system32\browselc.dll
    12:58:24.0859 0600 D:\WINDOWS\system32\browselc.dll - ok
    12:58:24.0875 0600 [ 2094BC9A0FC9C0E15EEA5F4A9581DD14 ] D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.dll
    12:58:24.0875 0600 D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.dll - ok
    12:58:24.0906 0600 [ C9564CF4976E7E96B4052737AA2492B4 ] D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
    12:58:24.0906 0600 D:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
    12:58:24.0937 0600 [ 17C964594AC92EE0B67D9EA08F8A8FD0 ] D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA
    12:58:24.0937 0600 D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\pdfshell.FRA - ok
    12:58:24.0953 0600 [ 7801791108C9FA442DD48BCD98869F21 ] D:\Program Files\WinRAR\RarExt.dll
    12:58:24.0953 0600 D:\Program Files\WinRAR\RarExt.dll - ok
    12:58:24.0984 0600 [ B60DDDD2D63CE41CB8C487FCFBB6419E ] D:\Program Files\Internet Explorer\iexplore.exe
    12:58:24.0984 0600 D:\Program Files\Internet Explorer\iexplore.exe - ok
    12:58:25.0015 0600 [ E31B5E2EB3FF1A54D466357C9506451C ] D:\WINDOWS\AppPatch\aclayers.dll
    12:58:25.0015 0600 D:\WINDOWS\AppPatch\aclayers.dll - ok
    12:58:25.0031 0600 [ E3568C217393B773E2AA965149B96C5E ] D:\Program Files\Internet Explorer\xpshims.dll
    12:58:25.0031 0600 D:\Program Files\Internet Explorer\xpshims.dll - ok
    12:58:25.0062 0600 [ 11734790410900D2CD6B7839020E4DD9 ] D:\WINDOWS\system32\ieui.dll
    12:58:25.0062 0600 D:\WINDOWS\system32\ieui.dll - ok
    12:58:25.0093 0600 [ A29043A8710A1B6E0D0FAC1E530B19EB ] D:\Program Files\Internet Explorer\ieproxy.dll
    12:58:25.0093 0600 D:\Program Files\Internet Explorer\ieproxy.dll - ok
    12:58:25.0109 0600 [ E6D1786DC910BA9C8BC420C4AC1B235E ] D:\WINDOWS\system32\msimtf.dll
    12:58:25.0109 0600 D:\WINDOWS\system32\msimtf.dll - ok
    12:58:25.0125 0600 [ 16B216B0010FC71DE47D9C44FBA0FB11 ] D:\WINDOWS\system32\msctf.dll
    12:58:25.0125 0600 D:\WINDOWS\system32\msctf.dll - ok
    12:58:25.0156 0600 [ 59DC5BB82E4C8E0B3EADCFDBC44BA6E4 ] D:\WINDOWS\system32\ctfmon.exe
    12:58:25.0156 0600 D:\WINDOWS\system32\ctfmon.exe - ok
    12:58:25.0187 0600 [ 37DFB0E036EC87829C548B7B7D9CC7B1 ] D:\WINDOWS\system32\msutb.dll
    12:58:25.0187 0600 D:\WINDOWS\system32\msutb.dll - ok
    12:58:25.0203 0600 [ 47E6E8B18DEFC9B29E677AD48A2A2A58 ] D:\WINDOWS\ime\sptip.dll
    12:58:25.0203 0600 D:\WINDOWS\ime\sptip.dll - ok
    12:58:25.0234 0600 [ D1E18F4AE94FFEC7270BE0A10C0B295E ] D:\WINDOWS\system32\xmllite.dll
    12:58:25.0234 0600 D:\WINDOWS\system32\xmllite.dll - ok
    12:58:25.0265 0600 [ 00250B9AC33628105371C07E815C3333 ] D:\WINDOWS\system32\msfeeds.dll
    12:58:25.0265 0600 D:\WINDOWS\system32\msfeeds.dll - ok
    12:58:25.0281 0600 [ B9EC85600AED78E78761D774DF129B8D ] D:\WINDOWS\system32\actxprxy.dll
    12:58:25.0281 0600 D:\WINDOWS\system32\actxprxy.dll - ok
    12:58:25.0312 0600 [ 09F0AF2BE3E126D87663290F542BC38E ] D:\WINDOWS\system32\mshtml.dll
    12:58:25.0312 0600 D:\WINDOWS\system32\mshtml.dll - ok
    12:58:25.0343 0600 [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] D:\WINDOWS\system32\msls31.dll
    12:58:25.0343 0600 D:\WINDOWS\system32\msls31.dll - ok
    12:58:25.0359 0600 [ 319553626A10BC650E49EB17FD2FF41E ] D:\WINDOWS\system32\jscript.dll
    12:58:25.0359 0600 D:\WINDOWS\system32\jscript.dll - ok
    12:58:25.0375 0600 [ B603565F745D3D0763B5B226C5AB2641 ] D:\WINDOWS\system32\iepeers.dll
    12:58:25.0375 0600 D:\WINDOWS\system32\iepeers.dll - ok
    12:58:25.0406 0600 [ E441C6889101BEEB1237855D0683C763 ] D:\WINDOWS\system32\usp10.dll
    12:58:25.0406 0600 D:\WINDOWS\system32\usp10.dll - ok
    12:58:25.0421 0600 [ C7D41058EEB57F425FBD1585F9DE71C4 ] D:\WINDOWS\system32\Macromed\Flash\Flash32_11_4_402_265.ocx
    12:58:25.0421 0600 D:\WINDOWS\system32\Macromed\Flash\Flash32_11_4_402_265.ocx - ok
    12:58:25.0453 0600 [ 4BB396EA6CAA50F2208078602549F2F2 ] D:\WINDOWS\system32\dsound.dll
    12:58:25.0453 0600 D:\WINDOWS\system32\dsound.dll - ok
    12:58:25.0484 0600 [ FB27AB345F51FFB375E180CAFA282653 ] D:\WINDOWS\system32\mscms.dll
    12:58:25.0484 0600 D:\WINDOWS\system32\mscms.dll - ok
    12:58:25.0500 0600 [ 9FE236A0477811CA50F9D000A63C3240 ] D:\WINDOWS\system32\lz32.dll
    12:58:25.0500 0600 D:\WINDOWS\system32\lz32.dll - ok
    12:58:25.0531 0600 [ ABF7F61F57A0A0AD05C29A1B47AA3B6B ] D:\WINDOWS\system32\t2embed.dll
    12:58:25.0531 0600 D:\WINDOWS\system32\t2embed.dll - ok
    12:58:25.0562 0600 [ 42B928FC8518D793BF7A5EAFC57B1D8B ] D:\WINDOWS\system32\imgutil.dll
    12:58:25.0562 0600 D:\WINDOWS\system32\imgutil.dll - ok
    12:58:25.0578 0600 [ E5FA1B044DAC5F6F600A1742D73F6936 ] D:\WINDOWS\system32\pngfilt.dll
    12:58:25.0578 0600 D:\WINDOWS\system32\pngfilt.dll - ok
    12:58:25.0609 0600 [ 709DDCA6F254DFBA33FA16789D76552B ] D:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
    12:58:25.0609 0600 D:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll - ok
    12:58:25.0625 0600 [ 5BFEBBB3E8615D552D3269925ED9621F ] D:\WINDOWS\system32\dciman32.dll
    12:58:25.0625 0600 D:\WINDOWS\system32\dciman32.dll - ok
    12:58:25.0656 0600 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] D:\WINDOWS\system32\dssenh.dll
    12:58:25.0656 0600 D:\WINDOWS\system32\dssenh.dll - ok
    12:58:25.0671 0600 [ 359882623BB981FC1C956A4EAE3A5ABB ] D:\WINDOWS\system32\vbscript.dll
    12:58:25.0671 0600 D:\WINDOWS\system32\vbscript.dll - ok
    12:58:25.0703 0600 [ C873A78FA2A342A916DAF2839091CB1E ] D:\WINDOWS\system32\ddrawex.dll
    12:58:25.0703 0600 D:\WINDOWS\system32\ddrawex.dll - ok
    12:58:25.0734 0600 [ 75BD925DAB6E5323EDB6D5CFCDEB16D1 ] D:\WINDOWS\system32\ddraw.dll
    12:58:25.0734 0600 D:\WINDOWS\system32\ddraw.dll - ok
    12:58:25.0750 0600 [ 165BD78BFFD6DC57962F9B14C6772D07 ] D:\WINDOWS\system32\d3dim700.dll
    12:58:25.0750 0600 D:\WINDOWS\system32\d3dim700.dll - ok
    12:58:25.0781 0600 [ 057D53F1490598D41D9D4DEE9A92B0B1 ] D:\WINDOWS\system32\dxtmsft.dll
    12:58:25.0781 0600 D:\WINDOWS\system32\dxtmsft.dll - ok
    12:58:25.0812 0600 [ 5E1A0476E009A1930A524DFF4CA13982 ] D:\WINDOWS\system32\dxtrans.dll
    12:58:25.0812 0600 D:\WINDOWS\system32\dxtrans.dll - ok
    12:58:25.0843 0600 [ 32C806669C5B20297FA8C8F6960BA00B ] D:\WINDOWS\system32\drprov.dll
    12:58:25.0843 0600 D:\WINDOWS\system32\drprov.dll - ok
    12:58:25.0859 0600 [ 2FEC80530BFFED3EC6E65009890282BC ] D:\WINDOWS\system32\ntlanman.dll
    12:58:25.0859 0600 D:\WINDOWS\system32\ntlanman.dll - ok
    12:58:25.0875 0600 [ 26A4426A733EF2F517450B478A4E2E38 ] D:\WINDOWS\system32\netui0.dll
    12:58:25.0875 0600 D:\WINDOWS\system32\netui0.dll - ok
    12:58:25.0906 0600 [ 0056AABFAABA070038F3F026FADA0EFB ] D:\WINDOWS\system32\netui1.dll
    12:58:25.0906 0600 D:\WINDOWS\system32\netui1.dll - ok
    12:58:25.0921 0600 [ 25D39FB041260C141A2C3F49EA13C97B ] D:\WINDOWS\system32\netrap.dll
    12:58:25.0921 0600 D:\WINDOWS\system32\netrap.dll - ok
    12:58:25.0953 0600 [ EA4644B042117F19AA6291E748A33F44 ] D:\WINDOWS\system32\davclnt.dll
    12:58:25.0953 0600 D:\WINDOWS\system32\davclnt.dll - ok
    12:58:25.0984 0600 [ 05524E9BC195E9C6AF26EBACE042DA28 ] D:\WINDOWS\system32\wbem\ncprov.dll
    12:58:25.0984 0600 D:\WINDOWS\system32\wbem\ncprov.dll - ok
    12:58:26.0000 0600 [ EB33DD73457BD12473A794AE8A0F6E3E ] D:\WINDOWS\system32\wbem\wbemcons.dll
    12:58:26.0000 0600 D:\WINDOWS\system32\wbem\wbemcons.dll - ok
    12:58:26.0031 0600 [ 25FFD3B5CD6C6FC03438D5873A8087A6 ] D:\WINDOWS\system32\cabinet.dll
    12:58:26.0031 0600 D:\WINDOWS\system32\cabinet.dll - ok
    12:58:26.0062 0600 [ 9ED9F21D73F9D71E30EAB71835E656EB ] D:\Documents and Settings\Administrateur\Bureau\tdsskiller.exe
    12:58:26.0062 0600 D:\Documents and Settings\Administrateur\Bureau\tdsskiller.exe - ok
    12:58:26.0078 0600 [ 2A8681AEA24003040CA7D677BE9F1702 ] D:\WINDOWS\system32\drivers\68531333.sys
    12:58:26.0078 0600 D:\WINDOWS\system32\drivers\68531333.sys - ok
    12:58:26.0109 0600 [ C885B02847F5D2FD45A24E219ED93B32 ] D:\WINDOWS\system32\drivers\cdfs.sys
    12:58:26.0109 0600 D:\WINDOWS\system32\drivers\cdfs.sys - ok
    12:58:26.0125 0600 [ 71168A78553850858AC307AB248167A4 ] D:\Program Files\WinRAR\Formats\7z.fmt
    12:58:26.0125 0600 D:\Program Files\WinRAR\Formats\7z.fmt - ok
    12:58:26.0156 0600 [ FFE0ABFBD57F36991042316C59657E6C ] D:\Program Files\WinRAR\Formats\ace.fmt
    12:58:26.0156 0600 D:\Program Files\WinRAR\Formats\ace.fmt - ok
    12:58:26.0171 0600 [ 4C01AA6DA5E10789515E3D6B59A79145 ] D:\Program Files\WinRAR\Formats\arj.fmt
    12:58:26.0171 0600 D:\Program Files\WinRAR\Formats\arj.fmt - ok
    12:58:26.0203 0600 [ A2D8E9A32876A15A1EBA2BCF80FFA6D5 ] D:\Program Files\WinRAR\Formats\bz2.fmt
    12:58:26.0203 0600 D:\Program Files\WinRAR\Formats\bz2.fmt - ok
    12:58:26.0234 0600 [ A18B81D8E598D7B99AC71D0A941AA5C5 ] D:\Program Files\WinRAR\Formats\cab.fmt
    12:58:26.0234 0600 D:\Program Files\WinRAR\Formats\cab.fmt - ok
    12:58:26.0250 0600 [ 47B5649F15F3AE4EBFF8C19AA7940FB9 ] D:\Program Files\WinRAR\Formats\gz.fmt
    12:58:26.0250 0600 D:\Program Files\WinRAR\Formats\gz.fmt - ok
    12:58:26.0281 0600 [ E0C00248A45096B788D957122830153A ] D:\Program Files\WinRAR\Formats\iso.fmt
    12:58:26.0281 0600 D:\Program Files\WinRAR\Formats\iso.fmt - ok
    12:58:26.0312 0600 [ B282BD58577A9088A731E12A794BDCBF ] D:\Program Files\WinRAR\Formats\lzh.fmt
    12:58:26.0312 0600 D:\Program Files\WinRAR\Formats\lzh.fmt - ok
    12:58:26.0328 0600 [ 144318C1FF92ED641E86ABACBFA5EB6C ] D:\Program Files\WinRAR\Formats\tar.fmt
    12:58:26.0328 0600 D:\Program Files\WinRAR\Formats\tar.fmt - ok
    12:58:26.0359 0600 [ 0FA2BC9E7E3E913697A74ED2160BF735 ] D:\Program Files\WinRAR\Formats\uue.fmt
    12:58:26.0359 0600 D:\Program Files\WinRAR\Formats\uue.fmt - ok
    12:58:26.0375 0600 [ 8A80EE5F1EB3ECF905B0212A79CE0449 ] D:\Program Files\WinRAR\Formats\z.fmt
    12:58:26.0375 0600 D:\Program Files\WinRAR\Formats\z.fmt - ok
    12:58:26.0406 0600 [ 2DCC5C800F51D487178814CA9EADA181 ] D:\WINDOWS\system32\notepad.exe
    12:58:26.0406 0600 D:\WINDOWS\system32\notepad.exe - ok
    12:58:26.0421 0600 [ 29BD913D8FD1FEB6728DC9B43B55C1D2 ] D:\WINDOWS\system32\msrating.dll
    12:58:26.0421 0600 D:\WINDOWS\system32\msrating.dll - ok
    12:58:26.0453 0600 [ F6F33BCB1B98CF28B4AC89F4A9EF1D1E ] D:\WINDOWS\system32\dispex.dll
    12:58:26.0453 0600 D:\WINDOWS\system32\dispex.dll - ok
    12:58:26.0484 0600 [ 2A8681AEA24003040CA7D677BE9F1702 ] D:\WINDOWS\system32\drivers\33960520.sys
    12:58:26.0484 0600 D:\WINDOWS\system32\drivers\33960520.sys - ok
    12:58:26.0484 0600 ============================================================
    12:58:26.0484 0600 Scan finished
    12:58:26.0484 0600 ============================================================
    12:58:26.0625 2016 Detected object count: 9
    12:58:26.0625 2016 Actual detected object count: 9
    12:59:21.0390 2016 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
    12:59:21.0390 2016 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:59:21.0406 2016 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
    12:59:21.0406 2016 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:59:21.0406 2016 drhard ( UnsignedFile.Multi.Generic ) - skipped by user
    12:59:21.0406 2016 drhard ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:59:21.0406 2016 driverhardwarev2 ( UnsignedFile.Multi.Generic ) - skipped by user
    12:59:21.0406 2016 driverhardwarev2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:59:21.0421 2016 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
    12:59:21.0421 2016 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:59:21.0421 2016 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
    12:59:21.0421 2016 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:59:21.0437 2016 mi-raysat_3dsmax8 ( UnsignedFile.Multi.Generic ) - skipped by user
    12:59:21.0437 2016 mi-raysat_3dsmax8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:59:21.0437 2016 nv ( UnsignedFile.Multi.Generic ) - skipped by user
    12:59:21.0437 2016 nv ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:59:21.0453 2016 NVSvc ( UnsignedFile.Multi.Generic ) - skipped by user
    12:59:21.0453 2016 NVSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    13:07:41.0703 0496 Deinitialize success
    28 Septembre 2012 20:52:14

    Bonsoir
    tu ne m'as pas répondu.
    Le pc redémarre normalement?
    29 Septembre 2012 09:59:28

    Bonjour,
    Désolé , je n'avais pas vu votre question , non mon ordinateur ne marche toujours pas en mode normal !
    29 Septembre 2012 10:22:45

    Bonjour
    ok,
    je vais avoir besoin d'un nouveau rapport OTL comme suit:
    (n'utilise pas pijoint car il est en surcharge, utilise ceci:) 
    http://www.sendspace.com/


  • Télécharge OTL (de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • sous Personnalisation (dans le cadre blanc), copie_colle le contenu du cadre ci dessous:


    netsvcs
    msconfig
    drivers32
    /md5start
    explorer.exe
    wininit.exe
    winlogon.exe
    userinit.exe
    svchost.exe
    services.exe
    /md5stop
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    hklm\system\CurrentControlSet\Control\Session Manager\SubSystems /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    nslookup http://www.google.fr /c
    SAVEMBR:0
    CREATERESTOREPOINT



  • Enfin, clique sur le bouton Analyse. Laisse travailler l'outil.
  • Une fois l'analyse terminée, une fenêtre va s'ouvrir dans le Bloc-notes : OTL.txt au même endroit que OTL (donc par défaut sur le Bureau).

    Pour me transmettre le rapport :
    Utilise ce service:
    http://www.sendspace.com/
    30 Septembre 2012 17:53:53

    bonjour


  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Sous l'onglet Personnalisation (dans le cadre blanc) en bas de la fenêtre, copie-colle le texte suivant (entre les deux espaces) :

    :OTL
    O4 - HKLM..\Run: [WinSyncProviders] D:\Documents and Settings\molho jacques\Local Settings\Application Data\Microsoft\Windows\1923\WinSyncProviders.exe ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    :commands
    [reboot]

  • Puis clique sur le bouton Correction en haut de la fenêtre.
  • Laisse le programme travailler, redémarre une fois le fix terminé.
  • Poste le rapport qui s'affichera après redémarrage.


    ++++++++++++



    • Télécharge RogueKiller de Tigzy et enregistre-le sur ton Bureau
    • /!\ Important -> Quitte tous les programmes en cours
    • Double-clique sur RogueKiller.exe sur ton Bureau
      /!\ Sous Vista et Windows 7, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
    • Sélectionne l'option Recherche
    • Copie-colle le contenu du rapport RKreport.txt dans ta prochaine réponse

  • Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois. Au besoin le renommer en Winlogon.exe

    • Si des éléments infectieux ont été trouvés, relance RogueKiller et lance la Suppression et valide
    • Copie-colle le contenu du 2nd rapport RKreport.txt dans ta prochaine réponse

    30 Septembre 2012 21:04:22

    Bonjour,
    Merci beaucoup RogueKiller a supprimer le virus et maintenant mon ordinateur re-fonctionne normalement !
    J'ai installé google chrome car apparemment c'est plus sécurisé que internet explorer.

    Je vous remercie pour l'aide que vous m'avez fourni!
    30 Septembre 2012 21:17:04

    re
    j'attends tes rapports, ce n'est pas terminé. :) 
    1 Octobre 2012 21:28:01

    Bonsoir,
    Je vous posterais cela demain car je ne suis pas sur mon ordinateur acctuellement
    1 Octobre 2012 21:31:07

    Bonsoir
    pas de soucis :hello: 
    2 Octobre 2012 18:21:36

    1er rapport RK:
    RogueKiller V8.1.0 [28/09/2012] par Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
    Website: http://www.sur-la-toile.com/RogueKiller/
    Blog: http://tigzyrk.blogspot.com

    Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Demarrage : Mode sans echec avec prise en charge reseau
    Utilisateur : Administrateur [Droits d'admin]
    Mode : Recherche -- Date : 30/09/2012 20:04:56

    ¤¤¤ Processus malicieux : 0 ¤¤¤

    ¤¤¤ Entrees de registre : 3 ¤¤¤
    [RUN][Rans.Gendarm] HKLM\[...]\Run : TapiSysprep (D:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\163\TapiSysprep.exe) -> TROUVÉ
    [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> TROUVÉ
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver : [NON CHARGE] ¤¤¤

    ¤¤¤ Infection : Rans.Gendarm ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    --> D:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: ST3160023AS +++++
    --- User ---
    [MBR] 850439cc6177cd30e7e309fd9d67e677
    [BSP] 8bcf8970a24eb879ef971775dfb8221d : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 4023 Mo
    1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 8240400 | Size: 148593 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: ST3160023AS +++++
    --- User ---
    [MBR] 373a555e1bd5819b3429d4c84c6ed639
    [BSP] 4e8db7b0f5601bc4d14678470b32f9e0 : Windows XP MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Termine : << RKreport[1].txt >>
    RKreport[1].txt

    2nd rapport RK:
    RogueKiller V8.1.0 [28/09/2012] par Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...
    Website: http://www.sur-la-toile.com/RogueKiller/
    Blog: http://tigzyrk.blogspot.com

    Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Demarrage : Mode sans echec avec prise en charge reseau
    Utilisateur : Administrateur [Droits d'admin]
    Mode : Suppression -- Date : 30/09/2012 20:37:52

    ¤¤¤ Processus malicieux : 0 ¤¤¤

    ¤¤¤ Entrees de registre : 3 ¤¤¤
    [RUN][Rans.Gendarm] HKLM\[...]\Run : TapiSysprep (D:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\163\TapiSysprep.exe) -> SUPPRIMÉ
    [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> SUPPRIMÉ
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REMPLACÉ (0)

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver : [NON CHARGE] ¤¤¤

    ¤¤¤ Infection : Rans.Gendarm ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    --> D:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: ST3160023AS +++++
    --- User ---
    [MBR] 850439cc6177cd30e7e309fd9d67e677
    [BSP] 8bcf8970a24eb879ef971775dfb8221d : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 4023 Mo
    1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 8240400 | Size: 148593 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: ST3160023AS +++++
    --- User ---
    [MBR] 373a555e1bd5819b3429d4c84c6ed639
    [BSP] 4e8db7b0f5601bc4d14678470b32f9e0 : Windows XP MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Termine : << RKreport[2].txt >>
    RKreport[1].txt ; RKreport[2].txt





    2 Octobre 2012 21:10:43

    Bonsoir :) 


    On va vérifier que plusieurs programmes sont bien à jour:


    • Télécharge SX Check&Update (de igor 51) sur ton Bureau.

      /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
    • Double-clique sur SXC&U.exe situé sur ton Bureau pour le lancer.

    • Au menu principal, choisis l'option Rapport.




    • Poste le rapport qui s'affiche à ton écran.

  • /!\ Pense à réactiver ton antivirus /!\


    +++++++++++++++++++++++++++++
    4 Octobre 2012 20:36:33

    Bonsoir d'accord ,
    Desolé je ne peux plus tellement acceder a mon ordinateur a cause de cours mais j'effectuerais cette manip ce week end !
    4 Octobre 2012 21:16:20

    Bonsoir
    pas de soucis :) 

    mais surtout, n'oublie pas car c'est par là que ton infection est arrivée.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS