Sujet Précédent Sujet Suivant

Trojan Bamital.ev : comment le supprimer ?

Flogues -  
Tigzy Messages postés 7983 Statut Contributeur sécurité -
Bonjour,

Mon antivirus Nod 32 à détecté une infection par le trojan Bamital.ev sur plusieurs fichiers Windows (explorer.exe, wininit.exe, et d'autres).

Par réflexe j'ai cliqué sur le bouton supprimer du message de Nod32.
Il m'a été demandé de redémarrer le pc après cela.
Maintenant mon pc démarre mais je n'ai plus de bureau ni de barre des taches.
Quand je tente de lancer explorer.exe via le gestionnaire de tâches, j'ai un message d'erreur :
"Windows ne parvient pas à accéder au périphérique, au chemin d'accès ou au fichier spécifié.
Vous ne disposez peut-être pas des autorisations appropriées pour avoir accès à l'élément."

J'ai vérifié avec le navigateur Firefox en navigant dans les dossiers de mon ordi, explorer.exe est bien présent... mais impossible de le lancer.

J'ai vu sur d'autres posts qu'il faut utiliser ZHPDiag.
Je l'ai installé et voici mon rapport : http://www.cijoint.fr/cjlink.php?file=cj201011/cijz3iQMy1.txt

J'espère avoir fourni toutes les informations nécessaires pour que mon problème soit réglable...

Merci d'avance pour votre aide !

Florent

A voir également:

5 réponses

Réponse 1 / 5
Tigzy Messages postés 7983 Statut Contributeur sécurité 582
 
Salut

Télécharger et enregistrer sur le bureau
Combofix

=Desactiver l'antivirus
=Double-clic sur Combofix
= Presser 1 si demandé
= Attendre la fermeture de l'outil ( 5 -10 mn ou plus si infection importante)
=Copier/coller le rapport dans la réponse
Un rapport dans C:\Combofix.txt à mettre dans la réponse
Réactiver l'antivirus
0
Réponse 2 / 5
Flogues
 
Salut, et merci pour ta réponse rapide !

Voila le contenu du rapport qui était ouvert à l'écran a la fin :
Bizarement il dit que mon antivirus était encore actif alors que j'ai tout mis en "désactivé" dans Nod32...

ComboFix 10-11-22.05 - OnBoard 23/11/2010 15:24:41.1.2 - x86
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1033.18.3070.2155 [GMT 1:00]
Lancé depuis: i:\téléchargements\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Pare-feu personnel d'ESET *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 3.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
* Un nouveau point de restauration a été créé
* Un antivirus résident est actif

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\OnBoard\AppData\Roaming\Adobe\plugs
c:\users\OnBoard\AppData\Roaming\Adobe\plugs\KB3198738.exe
c:\users\OnBoard\AppData\Roaming\Bitrix Security
c:\users\OnBoard\AppData\Roaming\Bitrix Security\ffcd
c:\users\OnBoard\AppData\Roaming\Bitrix Security\kezpay
c:\users\OnBoard\AppData\Roaming\Bitrix Security\mcx.txt
c:\users\OnBoard\AppData\Roaming\Bitrix Security\mxd1.txt
c:\users\OnBoard\AppData\Roaming\Bitrix Security\plk.txt
c:\users\OnBoard\AppData\Roaming\Bitrix Security\qnf.txt
c:\users\OnBoard\AppData\Roaming\Bitrix Security\tuduewai.dll
c:\users\OnBoard\AppData\Roaming\Bitrix Security\tuduewai_shrd
c:\users\OnBoard\AppData\Roaming\completescan
c:\users\OnBoard\AppData\Roaming\hotfix.exe
c:\users\OnBoard\AppData\Roaming\install
c:\users\OnBoard\AppData\Roaming\scgdfgasfbh.bat
c:\users\Public\Documents\Server\admin.txt
c:\windows\system32\lsprst7.dll
c:\windows\system32\ssprs.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-10-23 au 2010-11-23 ))))))))))))))))))))))))))))))))))))
.

2010-11-23 14:31 . 2010-11-23 14:31 -------- d-----w- c:\users\OnBoard\AppData\Local\temp
2010-11-23 14:31 . 2010-11-23 14:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-23 13:33 . 2010-11-23 13:39 -------- d-----w- c:\program files\ZHPDiag
2010-11-16 08:48 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2E0603CC-7FDA-4EA8-8BAA-FE40573322CB}\mpengine.dll
2010-11-13 13:39 . 2010-11-23 12:25 -------- d-----w- c:\users\OnBoard\AppData\Roaming\Canon
2010-11-13 13:37 . 2001-09-05 04:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2010-11-13 13:37 . 2001-09-05 04:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2010-11-13 13:37 . 2001-09-05 04:14 176128 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2010-11-13 13:37 . 2001-09-05 04:13 32768 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2010-11-13 13:36 . 2002-07-24 22:07 614532 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2010-11-13 13:34 . 2010-11-13 13:37 -------- d-----w- c:\program files\Canon
2010-11-13 13:11 . 2002-05-24 02:04 389180 ----a-w- c:\windows\system32\UCS32P.DLL
2010-11-13 13:11 . 2010-11-13 13:11 -------- d-----w- C:\CanoScan
2010-11-13 13:11 . 2003-09-24 10:20 753664 ----a-w- c:\windows\system32\CNQA3201.DLL
2010-11-13 13:11 . 2003-09-08 12:03 266240 ----a-w- c:\windows\system32\CNQL3201.DLL
2010-11-13 13:11 . 2002-11-15 09:15 40960 ----a-w- c:\windows\system32\CNQU82.DLL
2010-11-11 23:46 . 2010-11-11 23:46 -------- d-----w- c:\windows\system32\Wat
2010-11-11 15:49 . 2010-08-04 06:18 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-11-11 15:49 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll
2010-11-11 15:49 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax
2010-11-11 15:49 . 2010-08-04 06:15 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2010-11-11 15:49 . 2010-09-01 02:34 2327552 ----a-w- c:\windows\system32\win32k.sys
2010-11-11 15:49 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-11-11 15:48 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2010-11-11 15:08 . 2009-08-19 22:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2010-11-11 15:06 . 2010-09-22 17:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-09 21:14 . 2010-11-09 21:14 -------- d-----w- c:\users\OnBoard\AppData\Roaming\WildBit Viewer
2010-11-09 21:14 . 2010-11-09 21:14 -------- d-----w- c:\users\OnBoard\AppData\Local\WildBit Viewer
2010-11-09 21:14 . 2010-11-09 21:14 -------- d-----w- c:\programdata\WildBit Viewer
2010-11-09 21:12 . 2010-11-09 21:12 -------- d-----w- c:\program files\WildBit Viewer
2010-10-26 20:02 . 2010-10-26 20:02 -------- d-----w- c:\program files\Common Files\Skype

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-11 23:47 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll
2010-11-11 23:47 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll
2010-11-11 23:47 . 2009-07-13 23:24 811520 ----a-w- c:\windows\system32\user32.dll
2010-10-19 09:41 . 2009-10-15 16:34 222080 ------w- c:\windows\system32\MpSigStub.exe
.

------- Sigcheck -------

[-] 2010-11-11 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll

[7] 2009-10-31 . C76153C7ECA00FA852BB0C193378F917 . 2614272 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[-] 2009-10-31 05:45 . !HASH: COULD NOT OPEN FILE !!!!! . 2614272 . . [------] . . c:\windows\explorer.exe
[7] 2009-10-31 . 2626FC9755BE22F805D3CFA0CE3EE727 . 2614272 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[7] 2009-08-03 . 9FF6C4C91A3711C0A3B18F87B08B518D . 2613248 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[7] 2009-08-03 . B95EEB0F4E5EFBF1038A35B3351CF047 . 2613248 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[7] 2009-07-14 . 15BC38A7492BEFE831966ADB477CF76F . 2613248 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

[-] 2009-07-14 01:14 . !HASH: COULD NOT OPEN FILE !!!!! . 96256 . . [------] . . c:\windows\System32\wininit.exe
[7] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{d1a1c8f1-e3d9-48df-802f-20201061ef61}"= "c:\program files\Messenger_Plus_Live_Belgium\tbMess.dll" [2010-02-22 2353176]

[HKEY_CLASSES_ROOT\clsid\{d1a1c8f1-e3d9-48df-802f-20201061ef61}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d1a1c8f1-e3d9-48df-802f-20201061ef61}]
2010-02-22 10:05 2353176 ----a-w- c:\program files\Messenger_Plus_Live_Belgium\tbMess.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{d1a1c8f1-e3d9-48df-802f-20201061ef61}"= "c:\program files\Messenger_Plus_Live_Belgium\tbMess.dll" [2010-02-22 2353176]

[HKEY_CLASSES_ROOT\clsid\{d1a1c8f1-e3d9-48df-802f-20201061ef61}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D1A1C8F1-E3D9-48DF-802F-20201061EF61}"= "c:\program files\Messenger_Plus_Live_Belgium\tbMess.dll" [2010-02-22 2353176]

[HKEY_CLASSES_ROOT\clsid\{d1a1c8f1-e3d9-48df-802f-20201061ef61}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Thunderbird"="c:\program files\Mozilla Thunderbird\thunderbird -turbo" [X]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"FMCore.exe"="c:\program files\Extensis\Suitcase Fusion 2\FMCore.exe" [2009-08-13 8385536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-10-07 1461080]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-30 92704]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-01-30 96800]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-12-29 10:40 687560 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GBMLite8AgentLaCie]
2008-09-18 06:05 189056 ----a-w- c:\program files\LaCie\Genie Backup Assistant\GBMAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEM13Mon.exe]
2008-01-07 15:00 36864 ----a-w- c:\windows\OEM13Mon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
2006-09-19 07:07 827392 ----a-w- c:\windows\vsnpstd3.exe

R0 KScsiPrt;KernSafe Miniport;c:\windows\system32\DRIVERS\KScsiPrt.sys [2009-06-23 71680]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-10-15 133104]
R3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R3 netr73;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr73.sys [2009-06-17 552960]
R3 UsbSagCom;Mobile Device Full USB Driver;c:\windows\system32\DRIVERS\UsbSagCom.sys [2007-06-29 51712]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-11 1343400]
R4 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-11-07 288112]
R4 IPClampService;IPCLAMP by cebas Computer GmbH;c:\progra~1\cebas\ip-clamp\ipclamp.exe [2007-11-20 45700]
R4 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]
R4 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2007-09-07 1373480]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-10-15 721904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-10-07 472280]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2008-07-29 51288]
S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2008-06-12 43608]
S3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver;c:\windows\system32\DRIVERS\OEM13Vfx.sys [2007-03-05 7424]
S3 OEM13Vid;Creative Camera OEM013 Driver;c:\windows\system32\DRIVERS\OEM13Vid.sys [2008-05-28 235840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-20 189440]
S3 scsiscan;SCSI Scanner Driver;c:\windows\system32\DRIVERS\scsiscan.sys [2009-07-14 14848]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - SBP2PORT

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contenu du dossier 'Tâches planifiées'

2010-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-15 18:39]

2010-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-15 18:39]
.
.
------- Examen supplémentaire -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
FF - ProfilePath - c:\users\OnBoard\AppData\Roaming\Mozilla\Firefox\Profiles\4bgyddtt.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: c:\users\OnBoard\AppData\Roaming\Mozilla\Firefox\Profiles\4bgyddtt.default\extensions\{d1a1c8f1-e3d9-48df-802f-20201061ef61}\components\FFExternalAlert.dll
FF - component: c:\users\OnBoard\AppData\Roaming\Mozilla\Firefox\Profiles\4bgyddtt.default\extensions\{d1a1c8f1-e3d9-48df-802f-20201061ef61}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPDFusionWebFirefox.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nptidfusionplugin.dll
FF - plugin: c:\program files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll
FF - plugin: c:\program files\Total Immersion\DFusionWeb\nptidfusionplugin.dll

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -

SafeBoot-SolutoService
AddRemove-Quake III Arena - d:\jeux\Q3 arena\QIII.isu

.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:e5,ea,9d,25,60,57,71,62,43,39,5c,4e,23,a8,52,5a,bd,7a,fa,77,82,
7b,fe,42,84,6f,db,7e,ad,4b,96,fd,d8,3c,7b,cc,71,97,54,00,f9,23,43,f1,20,d7,\

[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:e5,ea,9d,25,60,57,71,62,43,39,5c,4e,23,a8,52,5a,bd,7a,fa,77,82,
7b,fe,42,84,6f,db,7e,ad,4b,96,fd,d8,3c,7b,cc,71,97,54,00,f9,23,43,f1,20,d7,\

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(4048)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Heure de fin: 2010-11-23 15:33:11
ComboFix-quarantined-files.txt 2010-11-23 14:33

Avant-CF: 23 050 743 808 octets libres
Après-CF: 24 032 124 928 octets libres

- - End Of File - - EC94DAC0CD744A3CB9BCAC41D51A252D

Merci !

Flogues
0
Réponse 3 / 5
Tigzy Messages postés 7983 Statut Contributeur sécurité 582
 
ça sent pas bon...

Télécharger et dézipper sur le bureau TDSSKiller

= Lancer TDSSKiller en faisant un double clique
= Une fois le scan fini, un rapport s'ouvre
= Copier coller le contenu dans la prochaine réponse
= Le rapport se trouve également dans C:\TDSSKiller.XXXXXX_log.txt.( X correspondant a la version, la date et l'heure )
0
Réponse 4 / 5
Flogues
 
OK voici le résultat :

Le scan s'est déroulé et m'a signalé qu'un fichier était suspicieux avec ces informations :

Service name : sptd
Service type : Kernel driver (0x1)
Service start : Boot (0x0)
File: C:\Windows\system32\Drivers\sptd.sys
MD5: d15da1ba189770d93eea2d7e18f95af9

Avec un choix entre:
- Skip
- Copy to quarantine
- Delete

Je laisse en skip et je clique sur Continue

Là la fenêtre me dit :
System scan completed
Duration : 00:00:09
Infection : not found

Avec un bouton close en bas.

Ensuite je peux consulter le rapport, et le voici :

2010/11/23 15:54:53.0211 TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12
2010/11/23 15:54:53.0211 ================================================================================
2010/11/23 15:54:53.0211 SystemInfo:
2010/11/23 15:54:53.0211
2010/11/23 15:54:53.0211 OS Version: 6.1.7600 ServicePack: 0.0
2010/11/23 15:54:53.0211 Product type: Workstation
2010/11/23 15:54:53.0211 ComputerName: ATTENTION-VIRUS
2010/11/23 15:54:53.0211 UserName: OnBoard
2010/11/23 15:54:53.0211 Windows directory: C:\Windows
2010/11/23 15:54:53.0211 System windows directory: C:\Windows
2010/11/23 15:54:53.0211 Processor architecture: Intel x86
2010/11/23 15:54:53.0211 Number of processors: 2
2010/11/23 15:54:53.0211 Page size: 0x1000
2010/11/23 15:54:53.0211 Boot type: Normal boot
2010/11/23 15:54:53.0211 ================================================================================
2010/11/23 15:54:54.0755 Initialize success
2010/11/23 15:55:01.0182 ================================================================================
2010/11/23 15:55:01.0182 Scan started
2010/11/23 15:55:01.0182 Mode: Manual;
2010/11/23 15:55:01.0182 ================================================================================
2010/11/23 15:55:02.0196 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/11/23 15:55:02.0227 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2010/11/23 15:55:02.0290 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/11/23 15:55:02.0368 adfs (73685e15ef8b0bd9c30f1af413f13d49) C:\Windows\system32\drivers\adfs.sys
2010/11/23 15:55:02.0461 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/11/23 15:55:02.0493 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2010/11/23 15:55:02.0524 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2010/11/23 15:55:02.0586 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2010/11/23 15:55:02.0617 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2010/11/23 15:55:02.0649 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2010/11/23 15:55:02.0695 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2010/11/23 15:55:02.0711 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2010/11/23 15:55:02.0742 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2010/11/23 15:55:02.0773 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2010/11/23 15:55:02.0789 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2010/11/23 15:55:02.0836 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2010/11/23 15:55:02.0883 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/11/23 15:55:02.0914 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2010/11/23 15:55:02.0945 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2010/11/23 15:55:03.0007 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2010/11/23 15:55:03.0039 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2010/11/23 15:55:03.0070 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/11/23 15:55:03.0101 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2010/11/23 15:55:03.0163 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2010/11/23 15:55:03.0210 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2010/11/23 15:55:03.0304 BCM43XX (f9ce9b5e049efc66b8e6c73c18ee8438) C:\Windows\system32\DRIVERS\bcmwl6.sys
2010/11/23 15:55:03.0335 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2010/11/23 15:55:03.0366 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/11/23 15:55:03.0429 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2010/11/23 15:55:03.0444 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/11/23 15:55:03.0475 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/11/23 15:55:03.0538 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2010/11/23 15:55:03.0569 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/11/23 15:55:03.0585 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/11/23 15:55:03.0600 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/11/23 15:55:03.0631 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/11/23 15:55:03.0756 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2010/11/23 15:55:03.0819 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2010/11/23 15:55:03.0850 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2010/11/23 15:55:03.0897 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2010/11/23 15:55:03.0959 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/11/23 15:55:03.0975 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2010/11/23 15:55:04.0006 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2010/11/23 15:55:04.0053 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2010/11/23 15:55:04.0084 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/11/23 15:55:04.0115 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/11/23 15:55:04.0177 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2010/11/23 15:55:04.0224 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2010/11/23 15:55:04.0255 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2010/11/23 15:55:04.0287 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2010/11/23 15:55:04.0333 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2010/11/23 15:55:04.0396 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
2010/11/23 15:55:04.0458 eamon (a777d095402b31b0aafe7f19c89fb3a1) C:\Windows\system32\DRIVERS\eamon.sys
2010/11/23 15:55:04.0536 easdrv (e6dffb60bdbd91749eab4d45bc8926a9) C:\Windows\system32\DRIVERS\easdrv.sys
2010/11/23 15:55:04.0630 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2010/11/23 15:55:04.0739 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2010/11/23 15:55:04.0770 epfw (a0da5645ead0656dcd589f7819dd8082) C:\Windows\system32\DRIVERS\epfw.sys
2010/11/23 15:55:04.0833 Epfwndis (9bfd0c86e3522d1522ec77f862de555c) C:\Windows\system32\DRIVERS\Epfwndis.sys
2010/11/23 15:55:04.0879 epfwtdi (0bded81831115973f7ddd7b532e4ced2) C:\Windows\system32\DRIVERS\epfwtdi.sys
2010/11/23 15:55:04.0911 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2010/11/23 15:55:04.0957 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2010/11/23 15:55:05.0004 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2010/11/23 15:55:05.0035 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2010/11/23 15:55:05.0067 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2010/11/23 15:55:05.0082 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2010/11/23 15:55:05.0129 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/11/23 15:55:05.0145 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2010/11/23 15:55:05.0207 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2010/11/23 15:55:05.0238 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2010/11/23 15:55:05.0347 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2010/11/23 15:55:05.0488 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/11/23 15:55:05.0706 Hardlock (c1cc0c9742b881c42f1cc628e6f9ebd1) C:\Windows\system32\drivers\hardlock.sys
2010/11/23 15:55:05.0737 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2010/11/23 15:55:05.0784 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2010/11/23 15:55:05.0831 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/11/23 15:55:05.0847 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/11/23 15:55:05.0878 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2010/11/23 15:55:05.0909 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2010/11/23 15:55:05.0940 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2010/11/23 15:55:06.0003 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/11/23 15:55:06.0065 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2010/11/23 15:55:06.0081 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2010/11/23 15:55:06.0127 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/11/23 15:55:06.0159 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/11/23 15:55:06.0190 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2010/11/23 15:55:06.0237 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2010/11/23 15:55:06.0268 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2010/11/23 15:55:06.0315 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/11/23 15:55:06.0361 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/11/23 15:55:06.0393 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2010/11/23 15:55:06.0424 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2010/11/23 15:55:06.0471 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2010/11/23 15:55:06.0502 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/11/23 15:55:06.0611 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/11/23 15:55:06.0658 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/11/23 15:55:06.0720 KScsiPrt (20ea2bd1b69f68bb181f54c62f5160e3) C:\Windows\system32\DRIVERS\KScsiPrt.sys
2010/11/23 15:55:06.0751 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2010/11/23 15:55:06.0798 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2010/11/23 15:55:06.0845 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/11/23 15:55:06.0892 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/11/23 15:55:06.0923 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/11/23 15:55:06.0954 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/11/23 15:55:06.0985 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/11/23 15:55:07.0017 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2010/11/23 15:55:07.0048 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2010/11/23 15:55:07.0079 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/11/23 15:55:07.0173 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2010/11/23 15:55:07.0204 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2010/11/23 15:55:07.0219 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2010/11/23 15:55:07.0266 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2010/11/23 15:55:07.0297 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2010/11/23 15:55:07.0329 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2010/11/23 15:55:07.0360 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2010/11/23 15:55:07.0391 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2010/11/23 15:55:07.0438 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/11/23 15:55:07.0469 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/11/23 15:55:07.0516 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/11/23 15:55:07.0547 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2010/11/23 15:55:07.0609 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2010/11/23 15:55:07.0672 MSDV (114b67c324d64c8195fd3bf93b4df02a) C:\Windows\system32\DRIVERS\msdv.sys
2010/11/23 15:55:07.0703 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2010/11/23 15:55:07.0734 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2010/11/23 15:55:07.0750 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/11/23 15:55:07.0812 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2010/11/23 15:55:07.0843 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/11/23 15:55:07.0875 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2010/11/23 15:55:07.0906 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2010/11/23 15:55:07.0937 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/11/23 15:55:07.0968 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2010/11/23 15:55:07.0984 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/11/23 15:55:07.0999 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2010/11/23 15:55:08.0046 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2010/11/23 15:55:08.0093 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2010/11/23 15:55:08.0140 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/11/23 15:55:08.0187 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/11/23 15:55:08.0218 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/11/23 15:55:08.0233 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/11/23 15:55:08.0265 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2010/11/23 15:55:08.0296 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2010/11/23 15:55:08.0327 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2010/11/23 15:55:08.0436 netr73 (d961bf5709d40e42e79eb22baa801b51) C:\Windows\system32\DRIVERS\netr73.sys
2010/11/23 15:55:08.0483 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/11/23 15:55:08.0545 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2010/11/23 15:55:08.0561 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2010/11/23 15:55:08.0639 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2010/11/23 15:55:08.0670 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2010/11/23 15:55:08.0857 nvlddmkm (05200c3a9b1370aa2d8c99f1a464168b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/11/23 15:55:08.0998 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/11/23 15:55:09.0045 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2010/11/23 15:55:09.0091 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/11/23 15:55:09.0154 O2MDRDR (305e0ec480ebc7a24d4b691da76e008c) C:\Windows\system32\DRIVERS\o2media.sys
2010/11/23 15:55:09.0169 O2SDRDR (6e590c91f97ae5e3408453c8ae9a3000) C:\Windows\system32\DRIVERS\o2sd.sys
2010/11/23 15:55:09.0232 OEM13Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM13Vfx.sys
2010/11/23 15:55:09.0263 OEM13Vid (12539b57ed05de7552403a12b3e0161c) C:\Windows\system32\DRIVERS\OEM13Vid.sys
2010/11/23 15:55:09.0294 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/11/23 15:55:09.0372 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2010/11/23 15:55:09.0403 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2010/11/23 15:55:09.0419 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2010/11/23 15:55:09.0450 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2010/11/23 15:55:09.0497 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2010/11/23 15:55:09.0528 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/11/23 15:55:09.0544 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2010/11/23 15:55:09.0591 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2010/11/23 15:55:09.0684 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2010/11/23 15:55:09.0715 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2010/11/23 15:55:09.0762 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2010/11/23 15:55:09.0809 PxHelp20 (d970470f8f39470bdae94d313a1ccdce) C:\Windows\system32\Drivers\PxHelp20.sys
2010/11/23 15:55:09.0856 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2010/11/23 15:55:09.0903 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/11/23 15:55:09.0934 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2010/11/23 15:55:09.0981 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2010/11/23 15:55:10.0043 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/11/23 15:55:10.0059 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/11/23 15:55:10.0105 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/11/23 15:55:10.0137 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2010/11/23 15:55:10.0168 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2010/11/23 15:55:10.0183 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/11/23 15:55:10.0215 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/11/23 15:55:10.0246 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2010/11/23 15:55:10.0293 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2010/11/23 15:55:10.0308 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2010/11/23 15:55:10.0339 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2010/11/23 15:55:10.0371 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2010/11/23 15:55:10.0433 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2010/11/23 15:55:10.0480 RTL8167 (05c2613f661584190c752f6184d1c8ef) C:\Windows\system32\DRIVERS\Rt86win7.sys
2010/11/23 15:55:10.0527 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2010/11/23 15:55:10.0573 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/11/23 15:55:10.0667 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2010/11/23 15:55:10.0729 scsiscan (5aaf9869cc6279fd747412be7457abdc) C:\Windows\system32\DRIVERS\scsiscan.sys
2010/11/23 15:55:10.0792 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
2010/11/23 15:55:10.0839 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/11/23 15:55:10.0885 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2010/11/23 15:55:10.0917 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2010/11/23 15:55:10.0948 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2010/11/23 15:55:10.0979 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/11/23 15:55:11.0010 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/11/23 15:55:11.0041 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/11/23 15:55:11.0073 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/11/23 15:55:11.0135 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2010/11/23 15:55:11.0182 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/11/23 15:55:11.0213 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/11/23 15:55:11.0244 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2010/11/23 15:55:11.0525 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\Windows\system32\DRIVERS\snpstd3.sys
2010/11/23 15:55:11.0665 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2010/11/23 15:55:11.0743 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys
2010/11/23 15:55:11.0743 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
2010/11/23 15:55:11.0743 sptd - detected Locked file (1)
2010/11/23 15:55:11.0821 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
2010/11/23 15:55:11.0868 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
2010/11/23 15:55:11.0931 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
2010/11/23 15:55:11.0977 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2010/11/23 15:55:12.0009 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2010/11/23 15:55:12.0040 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2010/11/23 15:55:12.0071 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2010/11/23 15:55:12.0133 SynTP (964524a9edcce945e82419abe9db94ee) C:\Windows\system32\DRIVERS\SynTP.sys
2010/11/23 15:55:12.0227 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2010/11/23 15:55:12.0274 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2010/11/23 15:55:12.0305 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2010/11/23 15:55:12.0336 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2010/11/23 15:55:12.0352 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2010/11/23 15:55:12.0383 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2010/11/23 15:55:12.0414 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2010/11/23 15:55:12.0461 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/11/23 15:55:12.0508 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2010/11/23 15:55:12.0523 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2010/11/23 15:55:12.0555 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2010/11/23 15:55:12.0617 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/11/23 15:55:12.0664 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2010/11/23 15:55:12.0695 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2010/11/23 15:55:12.0726 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/11/23 15:55:12.0757 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2010/11/23 15:55:12.0773 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2010/11/23 15:55:12.0820 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2010/11/23 15:55:12.0851 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2010/11/23 15:55:12.0882 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2010/11/23 15:55:12.0929 UsbSagCom (83610e5275ecf5337912d19e49210a5a) C:\Windows\system32\DRIVERS\UsbSagCom.sys
2010/11/23 15:55:12.0976 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2010/11/23 15:55:13.0007 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/11/23 15:55:13.0023 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/11/23 15:55:13.0069 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys
2010/11/23 15:55:13.0132 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
2010/11/23 15:55:13.0179 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2010/11/23 15:55:13.0210 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/11/23 15:55:13.0225 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2010/11/23 15:55:13.0257 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2010/11/23 15:55:13.0303 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2010/11/23 15:55:13.0335 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2010/11/23 15:55:13.0366 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2010/11/23 15:55:13.0397 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
2010/11/23 15:55:13.0428 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
2010/11/23 15:55:13.0444 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2010/11/23 15:55:13.0475 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2010/11/23 15:55:13.0506 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2010/11/23 15:55:13.0569 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2010/11/23 15:55:13.0584 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2010/11/23 15:55:13.0631 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2010/11/23 15:55:13.0693 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\Windows\system32\DRIVERS\wacommousefilter.sys
2010/11/23 15:55:13.0725 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2010/11/23 15:55:13.0740 wacomvhid (73e6f16a1f187d71fb26af308551e54a) C:\Windows\system32\DRIVERS\wacomvhid.sys
2010/11/23 15:55:13.0771 WacomVKHid (889459833432b161cb99cfdf84a1a9bb) C:\Windows\system32\DRIVERS\WacomVKHid.sys
2010/11/23 15:55:13.0818 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/23 15:55:13.0818 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/23 15:55:13.0896 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2010/11/23 15:55:13.0927 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2010/11/23 15:55:13.0990 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2010/11/23 15:55:14.0021 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2010/11/23 15:55:14.0115 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUSB.sys
2010/11/23 15:55:14.0161 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/11/23 15:55:14.0193 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/11/23 15:55:14.0239 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2010/11/23 15:55:14.0271 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/11/23 15:55:14.0411 ================================================================================
2010/11/23 15:55:14.0411 Scan finished
2010/11/23 15:55:14.0411 ================================================================================
2010/11/23 15:55:14.0427 Detected object count: 1
2010/11/23 15:55:44.0332 Locked file(sptd) - User select action: Skip
2010/11/23 15:57:30.0880 ================================================================================
2010/11/23 15:57:30.0880 Scan started
2010/11/23 15:57:30.0880 Mode: Manual;
2010/11/23 15:57:30.0880 ================================================================================
2010/11/23 15:57:31.0395 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/11/23 15:57:31.0426 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2010/11/23 15:57:31.0457 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/11/23 15:57:31.0504 adfs (73685e15ef8b0bd9c30f1af413f13d49) C:\Windows\system32\drivers\adfs.sys
2010/11/23 15:57:31.0551 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/11/23 15:57:31.0582 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2010/11/23 15:57:31.0613 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2010/11/23 15:57:31.0644 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2010/11/23 15:57:31.0676 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2010/11/23 15:57:31.0707 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2010/11/23 15:57:31.0738 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2010/11/23 15:57:31.0754 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2010/11/23 15:57:31.0785 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2010/11/23 15:57:31.0800 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2010/11/23 15:57:31.0832 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2010/11/23 15:57:31.0863 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2010/11/23 15:57:31.0878 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/11/23 15:57:31.0894 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2010/11/23 15:57:31.0925 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2010/11/23 15:57:31.0972 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2010/11/23 15:57:31.0988 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2010/11/23 15:57:32.0019 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/11/23 15:57:32.0050 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2010/11/23 15:57:32.0097 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2010/11/23 15:57:32.0128 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2010/11/23 15:57:32.0206 BCM43XX (f9ce9b5e049efc66b8e6c73c18ee8438) C:\Windows\system32\DRIVERS\bcmwl6.sys
2010/11/23 15:57:32.0237 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2010/11/23 15:57:32.0268 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/11/23 15:57:32.0300 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2010/11/23 15:57:32.0331 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/11/23 15:57:32.0346 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/11/23 15:57:32.0393 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2010/11/23 15:57:32.0409 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/11/23 15:57:32.0440 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/11/23 15:57:32.0456 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/11/23 15:57:32.0487 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/11/23 15:57:32.0596 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2010/11/23 15:57:32.0612 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2010/11/23 15:57:32.0643 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2010/11/23 15:57:32.0674 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2010/11/23 15:57:32.0690 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/11/23 15:57:32.0705 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2010/11/23 15:57:32.0736 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2010/11/23 15:57:32.0768 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2010/11/23 15:57:32.0799 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/11/23 15:57:32.0830 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/11/23 15:57:32.0861 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2010/11/23 15:57:32.0908 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2010/11/23 15:57:32.0939 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2010/11/23 15:57:32.0955 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2010/11/23 15:57:33.0002 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2010/11/23 15:57:33.0064 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
2010/11/23 15:57:33.0111 eamon (a777d095402b31b0aafe7f19c89fb3a1) C:\Windows\system32\DRIVERS\eamon.sys
2010/11/23 15:57:33.0158 easdrv (e6dffb60bdbd91749eab4d45bc8926a9) C:\Windows\system32\DRIVERS\easdrv.sys
2010/11/23 15:57:33.0236 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2010/11/23 15:57:33.0298 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2010/11/23 15:57:33.0345 epfw (a0da5645ead0656dcd589f7819dd8082) C:\Windows\system32\DRIVERS\epfw.sys
2010/11/23 15:57:33.0376 Epfwndis (9bfd0c86e3522d1522ec77f862de555c) C:\Windows\system32\DRIVERS\Epfwndis.sys
2010/11/23 15:57:33.0407 epfwtdi (0bded81831115973f7ddd7b532e4ced2) C:\Windows\system32\DRIVERS\epfwtdi.sys
2010/11/23 15:57:33.0438 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2010/11/23 15:57:33.0470 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2010/11/23 15:57:33.0501 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2010/11/23 15:57:33.0532 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2010/11/23 15:57:33.0563 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2010/11/23 15:57:33.0579 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2010/11/23 15:57:33.0610 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/11/23 15:57:33.0641 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2010/11/23 15:57:33.0672 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2010/11/23 15:57:33.0704 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2010/11/23 15:57:33.0766 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2010/11/23 15:57:33.0797 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/11/23 15:57:33.0860 Hardlock (c1cc0c9742b881c42f1cc628e6f9ebd1) C:\Windows\system32\drivers\hardlock.sys
2010/11/23 15:57:33.0891 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2010/11/23 15:57:33.0922 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2010/11/23 15:57:33.0953 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/11/23 15:57:33.0969 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/11/23 15:57:34.0000 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2010/11/23 15:57:34.0031 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2010/11/23 15:57:34.0047 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2010/11/23 15:57:34.0078 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/11/23 15:57:34.0109 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2010/11/23 15:57:34.0140 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2010/11/23 15:57:34.0172 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/11/23 15:57:34.0203 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/11/23 15:57:34.0234 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2010/11/23 15:57:34.0250 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2010/11/23 15:57:34.0281 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2010/11/23 15:57:34.0312 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/11/23 15:57:34.0343 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/11/23 15:57:34.0359 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2010/11/23 15:57:34.0390 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2010/11/23 15:57:34.0421 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2010/11/23 15:57:34.0452 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/11/23 15:57:34.0468 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/11/23 15:57:34.0484 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/11/23 15:57:34.0530 KScsiPrt (20ea2bd1b69f68bb181f54c62f5160e3) C:\Windows\system32\DRIVERS\KScsiPrt.sys
2010/11/23 15:57:34.0562 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2010/11/23 15:57:34.0593 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2010/11/23 15:57:34.0640 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/11/23 15:57:34.0671 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/11/23 15:57:34.0702 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/11/23 15:57:34.0733 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/11/23 15:57:34.0764 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/11/23 15:57:34.0796 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2010/11/23 15:57:34.0811 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2010/11/23 15:57:34.0842 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/11/23 15:57:34.0889 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2010/11/23 15:57:34.0905 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2010/11/23 15:57:34.0936 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2010/11/23 15:57:34.0952 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2010/11/23 15:57:34.0983 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2010/11/23 15:57:35.0014 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2010/11/23 15:57:35.0045 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2010/11/23 15:57:35.0076 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2010/11/23 15:57:35.0123 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/11/23 15:57:35.0154 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/11/23 15:57:35.0201 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/11/23 15:57:35.0217 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2010/11/23 15:57:35.0248 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2010/11/23 15:57:35.0295 MSDV (114b67c324d64c8195fd3bf93b4df02a) C:\Windows\system32\DRIVERS\msdv.sys
2010/11/23 15:57:35.0326 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2010/11/23 15:57:35.0357 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2010/11/23 15:57:35.0388 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/11/23 15:57:35.0420 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2010/11/23 15:57:35.0435 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/11/23 15:57:35.0466 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2010/11/23 15:57:35.0482 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2010/11/23 15:57:35.0544 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/11/23 15:57:35.0576 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2010/11/23 15:57:35.0591 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/11/23 15:57:35.0622 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2010/11/23 15:57:35.0654 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2010/11/23 15:57:35.0700 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2010/11/23 15:57:35.0732 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/11/23 15:57:35.0763 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/11/23 15:57:35.0778 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/11/23 15:57:35.0825 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/11/23 15:57:35.0856 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2010/11/23 15:57:35.0888 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2010/11/23 15:57:35.0919 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2010/11/23 15:57:36.0012 netr73 (d961bf5709d40e42e79eb22baa801b51) C:\Windows\system32\DRIVERS\netr73.sys
2010/11/23 15:57:36.0044 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/11/23 15:57:36.0075 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2010/11/23 15:57:36.0106 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2010/11/23 15:57:36.0168 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2010/11/23 15:57:36.0184 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2010/11/23 15:57:36.0371 nvlddmkm (05200c3a9b1370aa2d8c99f1a464168b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/11/23 15:57:36.0496 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/11/23 15:57:36.0527 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2010/11/23 15:57:36.0558 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/11/23 15:57:36.0621 O2MDRDR (305e0ec480ebc7a24d4b691da76e008c) C:\Windows\system32\DRIVERS\o2media.sys
2010/11/23 15:57:36.0636 O2SDRDR (6e590c91f97ae5e3408453c8ae9a3000) C:\Windows\system32\DRIVERS\o2sd.sys
2010/11/23 15:57:36.0683 OEM13Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM13Vfx.sys
2010/11/23 15:57:36.0714 OEM13Vid (12539b57ed05de7552403a12b3e0161c) C:\Windows\system32\DRIVERS\OEM13Vid.sys
2010/11/23 15:57:36.0730 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/11/23 15:57:36.0777 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2010/11/23 15:57:36.0808 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2010/11/23 15:57:36.0824 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2010/11/23 15:57:36.0855 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2010/11/23 15:57:36.0886 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2010/11/23 15:57:36.0902 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/11/23 15:57:36.0933 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2010/11/23 15:57:36.0980 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2010/11/23 15:57:37.0042 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2010/11/23 15:57:37.0073 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2010/11/23 15:57:37.0104 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2010/11/23 15:57:37.0136 PxHelp20 (d970470f8f39470bdae94d313a1ccdce) C:\Windows\system32\Drivers\PxHelp20.sys
2010/11/23 15:57:37.0198 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2010/11/23 15:57:37.0229 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/11/23 15:57:37.0260 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2010/11/23 15:57:37.0292 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2010/11/23 15:57:37.0338 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/11/23 15:57:37.0354 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/11/23 15:57:37.0385 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/11/23 15:57:37.0401 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2010/11/23 15:57:37.0432 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2010/11/23 15:57:37.0463 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/11/23 15:57:37.0494 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/11/23 15:57:37.0526 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2010/11/23 15:57:37.0557 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2010/11/23 15:57:37.0572 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2010/11/23 15:57:37.0604 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2010/11/23 15:57:37.0635 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2010/11/23 15:57:37.0682 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2010/11/23 15:57:37.0728 RTL8167 (05c2613f661584190c752f6184d1c8ef) C:\Windows\system32\DRIVERS\Rt86win7.sys
2010/11/23 15:57:37.0760 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2010/11/23 15:57:37.0791 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/11/23 15:57:37.0822 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2010/11/23 15:57:37.0869 scsiscan (5aaf9869cc6279fd747412be7457abdc) C:\Windows\system32\DRIVERS\scsiscan.sys
2010/11/23 15:57:37.0916 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
2010/11/23 15:57:37.0947 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/11/23 15:57:37.0978 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2010/11/23 15:57:38.0009 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2010/11/23 15:57:38.0040 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2010/11/23 15:57:38.0087 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/11/23 15:57:38.0118 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/11/23 15:57:38.0150 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/11/23 15:57:38.0181 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/11/23 15:57:38.0212 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2010/11/23 15:57:38.0228 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/11/23 15:57:38.0259 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/11/23 15:57:38.0290 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2010/11/23 15:57:38.0555 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\Windows\system32\DRIVERS\snpstd3.sys
2010/11/23 15:57:38.0711 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2010/11/23 15:57:38.0774 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys
2010/11/23 15:57:38.0774 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
2010/11/23 15:57:38.0789 sptd - detected Locked file (1)
2010/11/23 15:57:38.0836 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
2010/11/23 15:57:38.0883 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
2010/11/23 15:57:38.0930 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
2010/11/23 15:57:38.0961 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2010/11/23 15:57:38.0992 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2010/11/23 15:57:39.0023 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2010/11/23 15:57:39.0054 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2010/11/23 15:57:39.0101 SynTP (964524a9edcce945e82419abe9db94ee) C:\Windows\system32\DRIVERS\SynTP.sys
2010/11/23 15:57:39.0164 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2010/11/23 15:57:39.0210 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2010/11/23 15:57:39.0242 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2010/11/23 15:57:39.0257 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2010/11/23 15:57:39.0288 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2010/11/23 15:57:39.0320 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2010/11/23 15:57:39.0351 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2010/11/23 15:57:39.0398 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/11/23 15:57:39.0413 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2010/11/23 15:57:39.0444 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2010/11/23 15:57:39.0476 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2010/11/23 15:57:39.0522 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/11/23 15:57:39.0538 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2010/11/23 15:57:39.0554 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2010/11/23 15:57:39.0600 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/11/23 15:57:39.0616 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2010/11/23 15:57:39.0647 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2010/11/23 15:57:39.0678 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2010/11/23 15:57:39.0710 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2010/11/23 15:57:39.0741 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2010/11/23 15:57:39.0772 UsbSagCom (83610e5275ecf5337912d19e49210a5a) C:\Windows\system32\DRIVERS\UsbSagCom.sys
2010/11/23 15:57:39.0819 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2010/11/23 15:57:39.0834 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/11/23 15:57:39.0866 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/11/23 15:57:39.0897 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys
2010/11/23 15:57:39.0944 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
2010/11/23 15:57:39.0975 vdrvroot (a059c4c3edb09e07d21a8e5c0
0
Tigzy Messages postés 7983 Statut Contributeur sécurité 582
 
sptd = daemon tools, c'est rien

refait un Combofix.
0
Flogues
 
Bon eh bien ça s'aggrave !

Je ne touchais à rien sur l'ordi quant tout à coup il ya eu un écran bleu avec écris "page fault in non paged area".
L'ordi à redémarré tout seul donc et maintenant quand je lance windows 7 j'ai un écran noir avec la souris pendant quelques secondes puis de nouveau un écran bleu avec cette fois-ci comme info techniques :
*** STOP: 0x000000F4 (0x00000003, 0xC662F030, 0xC662F19X, 0xE302DDD0)

Et quand je démarre en mode sans échec j'ai aussi un écran bleu (j'ai pas eu le temps de lire la référence)
Euh....
Ducoup je suis perdu là... je fais quoi ??

Déja un grand merci pour ton aide... mais là jsuis coincé...

(j'écris depuis mon autre PC)
0
Tigzy Messages postés 7983 Statut Contributeur sécurité 582
 
suite à Combofix?
0
Flogues
 
non combofix n'était pas lancé, mais TDSSKiller était encore ouvert à l'écran.

Maintenant je ne peux plus démarrer windows 7...

Euh qu'est-ce que je vais faire ?
0
Tigzy Messages postés 7983 Statut Contributeur sécurité 582
 
C'est bizarre puisque TDSSKiller a rien fait...
Tu as essayé de démarrer plusieurs fois?

Je pense que c'est le premier Combofix qui a viré certains trucs.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
Flogues
 
Bon eh bien j'ai fais une récupération system avec le disque d'installation de windows 7 et j'ai maintenant denouveau mon bureau et tout qui démarre bien...

Mais je ne sais pas si j'ai encore le virus...

Nod32 est à jour, mais n'a pas l'air de s'alarmer quant à au virus...

Je vais faire un scan complet... et je te tiens au courant.

Merci en tout cas pour l'aide !

Flo
0
Tigzy Messages postés 7983 Statut Contributeur sécurité 582
 
A la limite fait un rapport ZHPdiag, c'est sans danger, je vais comparer les MD5 des fichiers sensibles. Ou envoi sur virus total les fichiers explorer.exe et wininit.exe et dit moi si ils sont marqués comme TR/Patched
0

Discussions similaires

Menace détectée TrojanSMS-PA sur Google Huawei/Android
Outmost -
bazfile -

6 réponses
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
qu'est ce qu'un "trojan agent/gen" ? svp
Saber03 -
jacques.gache -

33 réponses
Comment enlever mon virus trojan:win32/si...
bryanoulet -
juju666 -

58 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses