Fenetres de pub intempestives
Fermé
Keratum
-
5 janv. 2011 à 13:54
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 - 12 janv. 2011 à 11:33
Tigzy Messages postés 7498 Date d'inscription lundi 15 février 2010 Statut Contributeur sécurité Dernière intervention 15 septembre 2021 - 12 janv. 2011 à 11:33
A voir également:
- Fenetres de pub intempestives
- Youtube sans pub - Accueil - Streaming
- Netflix avec pub avis - Accueil - Streaming
- Stop pub gratuit - Télécharger - Divers Utilitaires
- Supprimer pub - Guide
- Bloqueur de pub youtube - Accueil - Streaming
12 réponses
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
5 janv. 2011 à 14:02
5 janv. 2011 à 14:02
Salut
Commence par virer Ad-Aware.
* Ensuite Heberge le rapport ZHP ici: cijoint et colle le lien dans la réponse
Commence par virer Ad-Aware.
* Ensuite Heberge le rapport ZHP ici: cijoint et colle le lien dans la réponse
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
6 janv. 2011 à 13:23
6 janv. 2011 à 13:23
Télécharger et enregistrer sur le bureau
Combofix
=Desactiver l'antivirus
=Double-clic sur Combofix
= Presser 1 si demandé
= Attendre la fermeture de l'outil ( 5 -10 mn ou plus si infection importante)
=Copier/coller le rapport dans la réponse
Un rapport dans C:\Combofix.txt à mettre dans la réponse
Réactiver l'antivirus
Combofix
=Desactiver l'antivirus
=Double-clic sur Combofix
= Presser 1 si demandé
= Attendre la fermeture de l'outil ( 5 -10 mn ou plus si infection importante)
=Copier/coller le rapport dans la réponse
Un rapport dans C:\Combofix.txt à mettre dans la réponse
Réactiver l'antivirus
Rapport Combo fix :
A noter que pendant la génération du rapport, j'ai eu le message suivant : "PEV.cfxxe a cessé de fonctionner"
ComboFix 11-01-05.05 - Tibo 06/01/2011 13:59:20.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3884.2497 [GMT 1:00]
Lancé depuis: d:\downloads\ComboFix.exe
AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\FullRemove.exe
c:\windows\system32\service
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-12-06 au 2011-01-06 ))))))))))))))))))))))))))))))))))))
.
2011-01-05 20:49 . 2011-01-05 20:50 -------- d-----w- c:\program files\CCleaner
2011-01-05 13:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-03 23:48 . 2011-01-06 10:35 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-01-03 22:49 . 2011-01-03 22:49 -------- d-----w- c:\programdata\Malwarebytes
2011-01-03 22:49 . 2011-01-05 13:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-01-03 17:47 . 2011-01-05 13:04 -------- d-----w- c:\programdata\Lavasoft
2011-01-03 17:47 . 2011-01-03 17:47 -------- d-----w- c:\program files (x86)\Lavasoft
2011-01-03 15:24 . 2011-01-03 15:24 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2011-01-03 15:21 . 2011-01-05 19:30 -------- d-----w- c:\program files (x86)\THQ
2011-01-03 14:17 . 2007-04-26 14:57 16904 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-01-03 14:16 . 2007-03-28 18:42 29704 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-01-03 14:15 . 2011-01-03 14:22 -------- d-----w- c:\program files (x86)\ChangeWallpaper
2011-01-03 13:57 . 2011-01-03 13:57 -------- d-----w- c:\windows\PCHEALTH
2011-01-03 13:54 . 2011-01-03 13:54 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-01-03 13:54 . 2011-01-03 17:03 -------- d-----w- c:\programdata\Microsoft Help
2011-01-03 13:53 . 2011-01-03 13:53 -------- d-----r- C:\MSOCache
2011-01-03 12:52 . 2011-01-03 14:16 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2007
2011-01-03 12:51 . 2011-01-03 12:51 -------- d-----w- c:\programdata\TuneUp Software
2011-01-03 12:51 . 2011-01-03 13:39 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-01-02 19:34 . 2011-01-02 19:34 -------- d-----w- c:\programdata\VirtualizedApplications
2011-01-02 13:02 . 2011-01-03 13:39 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2010-12-29 16:50 . 2011-01-03 13:39 -------- d-----w- c:\program files\KLCP64
2010-12-29 15:12 . 2010-12-29 15:12 -------- d-----w- c:\windows\SolidWorks
2010-12-29 15:06 . 2011-01-03 13:39 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2010-12-29 15:05 . 2010-12-29 15:05 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-12-26 18:27 . 2011-01-03 13:39 -------- d-----w- c:\program files\Installer
2010-12-25 22:46 . 2010-12-25 22:46 -------- d-----w- c:\program files (x86)\Axis Communications
2010-12-25 20:20 . 2010-12-25 20:20 -------- d-----w- c:\windows\BackupIP
2010-12-25 20:20 . 2010-12-25 20:20 -------- d-----w- c:\program files (x86)\Installer
2010-12-25 20:20 . 2010-12-16 16:03 11264 ------w- c:\windows\SysWow64\Utils.dll
2010-12-25 20:20 . 2010-01-20 23:58 197632 ------w- c:\windows\SysWow64\Ionic.Zip.Reduced.dll
2010-12-21 08:22 . 2010-12-21 08:22 -------- d-----w- c:\program files (x86)\Common Files\Java
2010-12-21 08:22 . 2010-12-21 08:22 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-21 08:22 . 2010-12-21 08:22 -------- d-----w- c:\program files (x86)\Java
2010-12-20 23:20 . 2010-12-20 23:20 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2010-12-20 23:12 . 2010-12-20 23:12 -------- d-----w- c:\windows\SysWow64\Adobe
2010-12-20 09:21 . 2010-12-20 16:15 -------- d-----w- c:\program files (x86)\CABAL Online
2010-12-19 17:21 . 2010-09-14 19:30 4373784 ----a-w- c:\windows\SysWow64\GameMon.des
2010-12-19 17:21 . 2005-01-04 00:43 4682 ----a-w- c:\windows\SysWow64\npptNT2.sys
2010-12-19 17:21 . 2003-07-20 09:17 5174 ----a-w- c:\windows\SysWow64\nppt9x.vxd
2010-12-19 17:21 . 2010-12-19 17:21 -------- d-----w- c:\program files\Common Files\INCA Shared
2010-12-19 17:12 . 2007-07-19 17:14 444776 ----a-w- c:\windows\SysWow64\d3dx10_35.dll
2010-12-19 17:12 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll
2010-12-19 17:12 . 2007-07-19 17:14 1358192 ----a-w- c:\windows\SysWow64\D3DCompiler_35.dll
2010-12-19 17:12 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2010-12-19 15:23 . 2011-01-03 13:39 -------- d-----w- c:\programdata\PMB Files
2010-12-19 15:23 . 2010-12-19 15:23 -------- d-----w- c:\program files (x86)\Pando Networks
2010-12-19 15:23 . 2010-12-20 08:37 -------- d-----w- c:\program files (x86)\GamersFirst
2010-12-18 15:49 . 2010-12-18 15:49 -------- d-----w- c:\program files (x86)\Microsoft Money
2010-12-18 10:14 . 2010-12-18 10:14 -------- d-----w- c:\programdata\Logitech
2010-12-18 10:14 . 2010-12-18 10:14 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2010-12-18 10:13 . 2010-12-18 10:14 -------- d-----w- c:\programdata\Logishrd
2010-12-18 10:13 . 2010-12-18 10:13 -------- d-----w- c:\program files\Logitech
2010-12-18 10:13 . 2010-12-18 10:14 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-12-18 09:42 . 2010-12-18 09:42 -------- d-----w- c:\programdata\Messenger Plus!
2010-12-18 09:41 . 2010-12-18 09:41 -------- d-----w- c:\program files (x86)\Messenger Plus! Live
2010-12-18 00:06 . 2010-12-18 00:06 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2010-12-18 00:05 . 2010-12-18 00:05 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive
2010-12-18 00:05 . 2010-12-18 00:07 -------- d-----w- c:\program files (x86)\Windows Live
2010-12-18 00:03 . 2010-12-18 00:03 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2010-12-17 22:09 . 2010-12-17 22:09 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2010-12-17 17:23 . 2010-12-17 17:28 -------- d-----w- c:\users\Public\CyberLink
2010-12-17 15:37 . 2010-12-17 15:37 -------- d-----w- c:\program files (x86)\VideoLAN
2010-12-17 13:14 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2010-12-17 13:12 . 2010-12-17 13:12 -------- d-----w- c:\program files\Common Files\Apple
2010-12-17 13:12 . 2010-12-17 13:12 -------- d-----w- c:\program files\Bonjour
2010-12-17 13:12 . 2010-12-17 13:12 -------- d-----w- c:\program files (x86)\Bonjour
2010-12-17 13:12 . 2010-12-17 13:13 -------- d-----w- c:\program files (x86)\Common Files\Apple
2010-12-17 13:12 . 2010-12-17 13:12 -------- d-----w- c:\programdata\Apple
2010-12-17 08:18 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2010-12-17 08:18 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2010-12-17 08:18 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2010-12-17 08:17 . 2010-12-17 08:17 -------- d-----w- c:\windows\SysWow64\Wat
2010-12-16 23:06 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2010-12-16 23:06 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2010-12-16 23:06 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2010-12-16 23:06 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2010-12-16 23:06 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2010-12-16 18:23 . 2010-06-19 06:23 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
2010-12-11 17:31 . 2010-12-11 17:31 -------- d--h--w- c:\programdata\.syncID
2010-12-11 17:02 . 2010-12-18 18:22 -------- d-----w- c:\programdata\ASUS
2010-12-11 16:19 . 2010-12-17 16:11 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2010-12-11 16:18 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2010-12-11 16:17 . 2010-12-11 16:17 -------- d-----w- c:\program files (x86)\Microsoft
2010-12-11 16:15 . 2010-12-11 16:22 -------- d-----w- C:\ASUS.DAT
2010-12-11 16:14 . 2011-01-03 13:40 -------- d-----w- c:\users\Tibo
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2010-10-26 07:43 . 2010-10-26 07:43 1289528 ----a-w- c:\windows\SysWow64\ntdll.dll
2010-10-26 07:37 . 2010-10-26 07:37 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2010-10-26 07:37 . 2010-10-26 07:37 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2010-10-26 07:37 . 2010-10-26 07:37 80512 ----a-w- c:\windows\ASUS_N3_Series Uninstaller.exe
2010-10-26 07:37 . 2010-10-26 07:37 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2010-10-26 07:37 . 2010-10-26 07:37 3058304 ----a-w- c:\windows\AsScrPro.exe
2010-10-26 07:35 . 2010-10-26 07:35 427520 ----a-w- c:\windows\SysWow64\vbscript.dll
2010-10-26 07:32 . 2010-10-26 07:32 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2010-10-26 07:31 . 2010-10-26 07:31 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2010-10-26 07:31 . 2010-10-26 07:31 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2010-10-26 07:29 . 2010-10-26 07:29 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2010-10-26 07:29 . 2010-10-26 07:29 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2010-10-26 07:29 . 2010-10-26 07:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2010-10-26 07:29 . 2010-10-26 07:29 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2010-10-26 07:29 . 2010-10-26 07:29 2048 ----a-w- c:\windows\SysWow64\user.exe
2010-10-26 07:29 . 2010-10-26 07:29 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2010-10-26 07:27 . 2010-10-26 07:27 2870272 ----a-w- c:\windows\explorer.exe
2010-10-26 07:27 . 2010-10-26 07:27 2614272 ----a-w- c:\windows\SysWow64\explorer.exe
2010-10-26 07:26 . 2010-10-26 07:26 91648 ----a-w- c:\windows\SysWow64\avifil32.dll
2010-10-26 07:26 . 2010-10-26 07:26 84480 ----a-w- c:\windows\SysWow64\mciavi32.dll
2010-10-26 07:26 . 2010-10-26 07:26 50176 ----a-w- c:\windows\SysWow64\iyuv_32.dll
2010-10-26 07:26 . 2010-10-26 07:26 31744 ----a-w- c:\windows\SysWow64\msvidc32.dll
2010-10-26 07:26 . 2010-10-26 07:26 22016 ----a-w- c:\windows\SysWow64\msyuv.dll
2010-10-26 07:26 . 2010-10-26 07:26 13312 ----a-w- c:\windows\SysWow64\msrle32.dll
2010-10-26 07:26 . 2010-10-26 07:26 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2010-10-26 07:26 . 2010-10-26 07:26 12288 ----a-w- c:\windows\SysWow64\tsbyuv.dll
2010-10-26 07:22 . 2010-10-26 07:22 85504 ----a-w- c:\windows\SysWow64\secproc_ssp_isv.dll
2010-10-26 07:22 . 2010-10-26 07:22 85504 ----a-w- c:\windows\SysWow64\secproc_ssp.dll
2010-10-26 07:22 . 2010-10-26 07:22 369152 ----a-w- c:\windows\SysWow64\secproc.dll
2010-10-26 07:22 . 2010-10-26 07:22 365568 ----a-w- c:\windows\SysWow64\secproc_isv.dll
2010-10-26 07:22 . 2010-10-26 07:22 324608 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe
2010-10-26 07:22 . 2010-10-26 07:22 320512 ----a-w- c:\windows\SysWow64\RMActivate.exe
2010-10-26 07:22 . 2010-10-26 07:22 280064 ----a-w- c:\windows\SysWow64\RMActivate_ssp.exe
2010-10-26 07:22 . 2010-10-26 07:22 277504 ----a-w- c:\windows\SysWow64\RMActivate_ssp_isv.exe
2010-10-26 07:22 . 2010-10-26 07:22 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2010-10-26 07:17 . 2010-10-26 07:17 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2010-10-26 07:17 . 2010-10-26 07:17 34816 ----a-w- c:\windows\SysWow64\msasn1.dll
2010-10-26 07:15 . 2010-10-26 07:15 1320960 ----a-w- c:\windows\SysWow64\CertEnroll.dll
2010-10-26 07:09 . 2010-10-26 07:09 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2010-10-26 07:09 . 2010-10-26 07:09 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
2010-10-26 07:09 . 2010-10-26 07:09 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2010-12-19 2937528]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ChangeWallpaper"="c:\program files (x86)\ChangeWallpaper\ChangeWallpaper.exe" [2004-01-06 859648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2010-08-13 21504]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"MoneyStartUp10.0"="c:\program files (x86)\Microsoft Money\System\Activation.exe" [2001-07-25 245810]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"installer"="c:\program files (x86)\Installer\lnetworker.exe" [2010-12-14 7168]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-10-26 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-30 136176]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-05-03 44032]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\CABAL Online\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [2010-02-23 917768]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-17 1255736]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2010-09-05 24680]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-29 834544]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-06-22 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-09-06 1620584]
S2 sdmBackupIP;Backup IP Network;c:\windows\BackupIP\service.exe [2010-12-16 8192]
S2 tmpreflt;tmpreflt;c:\windows\system32\DRIVERS\tmpreflt.sys [2010-07-30 42576]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-07-21 129024]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-03-04 75816]
.
Contenu du dossier 'Tâches planifiées'
2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-30 17:56]
2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-30 17:56]
2011-01-03 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files (x86)\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 23:10]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2010-02-23 1022904]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-09-28 2121320]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://80.14.144.227/activex/AMC.cab
FF - ProfilePath - c:\users\Tibo\AppData\Roaming\Mozilla\Firefox\Profiles\cpn79qqh.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.fr
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: NewTabURL: newtaburl@sogame.cat - %profile%\extensions\newtaburl@sogame.cat
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
- - - - ORPHELINS SUPPRIMES - - - -
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - %ProgramFiles%\Elantech\ETDCtrl.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-2396430774-2284136971-336663960-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-2396430774-2284136971-336663960-1001)
@Denied: (2) (LocalSystem)
"Progid"="Microsoft Internet Mail Message WLMail"
[HKEY_USERS\S-1-5-21-2396430774-2284136971-336663960-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-2396430774-2284136971-336663960-1001)
@Denied: (2) (LocalSystem)
"Progid"="Microsoft Internet Mail VCard WLMail"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-01-06 14:08:38
ComboFix-quarantined-files.txt 2011-01-06 13:08
Avant-CF: 75 788 193 792 octets libres
Après-CF: 75 645 980 672 octets libres
- - End Of File - - 41F8665E67B1A0ADB15783B34AA41308
A noter que pendant la génération du rapport, j'ai eu le message suivant : "PEV.cfxxe a cessé de fonctionner"
ComboFix 11-01-05.05 - Tibo 06/01/2011 13:59:20.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3884.2497 [GMT 1:00]
Lancé depuis: d:\downloads\ComboFix.exe
AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\FullRemove.exe
c:\windows\system32\service
.
((((((((((((((((((((((((((((( Fichiers créés du 2010-12-06 au 2011-01-06 ))))))))))))))))))))))))))))))))))))
.
2011-01-05 20:49 . 2011-01-05 20:50 -------- d-----w- c:\program files\CCleaner
2011-01-05 13:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-03 23:48 . 2011-01-06 10:35 -------- d-----w- c:\program files (x86)\ZHPDiag
2011-01-03 22:49 . 2011-01-03 22:49 -------- d-----w- c:\programdata\Malwarebytes
2011-01-03 22:49 . 2011-01-05 13:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-01-03 17:47 . 2011-01-05 13:04 -------- d-----w- c:\programdata\Lavasoft
2011-01-03 17:47 . 2011-01-03 17:47 -------- d-----w- c:\program files (x86)\Lavasoft
2011-01-03 15:24 . 2011-01-03 15:24 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2011-01-03 15:21 . 2011-01-05 19:30 -------- d-----w- c:\program files (x86)\THQ
2011-01-03 14:17 . 2007-04-26 14:57 16904 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-01-03 14:16 . 2007-03-28 18:42 29704 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-01-03 14:15 . 2011-01-03 14:22 -------- d-----w- c:\program files (x86)\ChangeWallpaper
2011-01-03 13:57 . 2011-01-03 13:57 -------- d-----w- c:\windows\PCHEALTH
2011-01-03 13:54 . 2011-01-03 13:54 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2011-01-03 13:54 . 2011-01-03 17:03 -------- d-----w- c:\programdata\Microsoft Help
2011-01-03 13:53 . 2011-01-03 13:53 -------- d-----r- C:\MSOCache
2011-01-03 12:52 . 2011-01-03 14:16 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2007
2011-01-03 12:51 . 2011-01-03 12:51 -------- d-----w- c:\programdata\TuneUp Software
2011-01-03 12:51 . 2011-01-03 13:39 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-01-02 19:34 . 2011-01-02 19:34 -------- d-----w- c:\programdata\VirtualizedApplications
2011-01-02 13:02 . 2011-01-03 13:39 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2010-12-29 16:50 . 2011-01-03 13:39 -------- d-----w- c:\program files\KLCP64
2010-12-29 15:12 . 2010-12-29 15:12 -------- d-----w- c:\windows\SolidWorks
2010-12-29 15:06 . 2011-01-03 13:39 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2010-12-29 15:05 . 2010-12-29 15:05 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-12-26 18:27 . 2011-01-03 13:39 -------- d-----w- c:\program files\Installer
2010-12-25 22:46 . 2010-12-25 22:46 -------- d-----w- c:\program files (x86)\Axis Communications
2010-12-25 20:20 . 2010-12-25 20:20 -------- d-----w- c:\windows\BackupIP
2010-12-25 20:20 . 2010-12-25 20:20 -------- d-----w- c:\program files (x86)\Installer
2010-12-25 20:20 . 2010-12-16 16:03 11264 ------w- c:\windows\SysWow64\Utils.dll
2010-12-25 20:20 . 2010-01-20 23:58 197632 ------w- c:\windows\SysWow64\Ionic.Zip.Reduced.dll
2010-12-21 08:22 . 2010-12-21 08:22 -------- d-----w- c:\program files (x86)\Common Files\Java
2010-12-21 08:22 . 2010-12-21 08:22 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-21 08:22 . 2010-12-21 08:22 -------- d-----w- c:\program files (x86)\Java
2010-12-20 23:20 . 2010-12-20 23:20 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2010-12-20 23:12 . 2010-12-20 23:12 -------- d-----w- c:\windows\SysWow64\Adobe
2010-12-20 09:21 . 2010-12-20 16:15 -------- d-----w- c:\program files (x86)\CABAL Online
2010-12-19 17:21 . 2010-09-14 19:30 4373784 ----a-w- c:\windows\SysWow64\GameMon.des
2010-12-19 17:21 . 2005-01-04 00:43 4682 ----a-w- c:\windows\SysWow64\npptNT2.sys
2010-12-19 17:21 . 2003-07-20 09:17 5174 ----a-w- c:\windows\SysWow64\nppt9x.vxd
2010-12-19 17:21 . 2010-12-19 17:21 -------- d-----w- c:\program files\Common Files\INCA Shared
2010-12-19 17:12 . 2007-07-19 17:14 444776 ----a-w- c:\windows\SysWow64\d3dx10_35.dll
2010-12-19 17:12 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll
2010-12-19 17:12 . 2007-07-19 17:14 1358192 ----a-w- c:\windows\SysWow64\D3DCompiler_35.dll
2010-12-19 17:12 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2010-12-19 15:23 . 2011-01-03 13:39 -------- d-----w- c:\programdata\PMB Files
2010-12-19 15:23 . 2010-12-19 15:23 -------- d-----w- c:\program files (x86)\Pando Networks
2010-12-19 15:23 . 2010-12-20 08:37 -------- d-----w- c:\program files (x86)\GamersFirst
2010-12-18 15:49 . 2010-12-18 15:49 -------- d-----w- c:\program files (x86)\Microsoft Money
2010-12-18 10:14 . 2010-12-18 10:14 -------- d-----w- c:\programdata\Logitech
2010-12-18 10:14 . 2010-12-18 10:14 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2010-12-18 10:13 . 2010-12-18 10:14 -------- d-----w- c:\programdata\Logishrd
2010-12-18 10:13 . 2010-12-18 10:13 -------- d-----w- c:\program files\Logitech
2010-12-18 10:13 . 2010-12-18 10:14 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-12-18 09:42 . 2010-12-18 09:42 -------- d-----w- c:\programdata\Messenger Plus!
2010-12-18 09:41 . 2010-12-18 09:41 -------- d-----w- c:\program files (x86)\Messenger Plus! Live
2010-12-18 00:06 . 2010-12-18 00:06 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2010-12-18 00:05 . 2010-12-18 00:05 -------- d-----w- c:\program files (x86)\Windows Live SkyDrive
2010-12-18 00:05 . 2010-12-18 00:07 -------- d-----w- c:\program files (x86)\Windows Live
2010-12-18 00:03 . 2010-12-18 00:03 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2010-12-17 22:09 . 2010-12-17 22:09 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2010-12-17 17:23 . 2010-12-17 17:28 -------- d-----w- c:\users\Public\CyberLink
2010-12-17 15:37 . 2010-12-17 15:37 -------- d-----w- c:\program files (x86)\VideoLAN
2010-12-17 13:14 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2010-12-17 13:12 . 2010-12-17 13:12 -------- d-----w- c:\program files\Common Files\Apple
2010-12-17 13:12 . 2010-12-17 13:12 -------- d-----w- c:\program files\Bonjour
2010-12-17 13:12 . 2010-12-17 13:12 -------- d-----w- c:\program files (x86)\Bonjour
2010-12-17 13:12 . 2010-12-17 13:13 -------- d-----w- c:\program files (x86)\Common Files\Apple
2010-12-17 13:12 . 2010-12-17 13:12 -------- d-----w- c:\programdata\Apple
2010-12-17 08:18 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2010-12-17 08:18 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2010-12-17 08:18 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2010-12-17 08:17 . 2010-12-17 08:17 -------- d-----w- c:\windows\SysWow64\Wat
2010-12-16 23:06 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2010-12-16 23:06 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2010-12-16 23:06 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2010-12-16 23:06 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2010-12-16 23:06 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2010-12-16 18:23 . 2010-06-19 06:23 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
2010-12-11 17:31 . 2010-12-11 17:31 -------- d--h--w- c:\programdata\.syncID
2010-12-11 17:02 . 2010-12-18 18:22 -------- d-----w- c:\programdata\ASUS
2010-12-11 16:19 . 2010-12-17 16:11 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2010-12-11 16:18 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll
2010-12-11 16:17 . 2010-12-11 16:17 -------- d-----w- c:\program files (x86)\Microsoft
2010-12-11 16:15 . 2010-12-11 16:22 -------- d-----w- C:\ASUS.DAT
2010-12-11 16:14 . 2011-01-03 13:40 -------- d-----w- c:\users\Tibo
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2010-10-26 07:43 . 2010-10-26 07:43 1289528 ----a-w- c:\windows\SysWow64\ntdll.dll
2010-10-26 07:37 . 2010-10-26 07:37 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2010-10-26 07:37 . 2010-10-26 07:37 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2010-10-26 07:37 . 2010-10-26 07:37 80512 ----a-w- c:\windows\ASUS_N3_Series Uninstaller.exe
2010-10-26 07:37 . 2010-10-26 07:37 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2010-10-26 07:37 . 2010-10-26 07:37 3058304 ----a-w- c:\windows\AsScrPro.exe
2010-10-26 07:35 . 2010-10-26 07:35 427520 ----a-w- c:\windows\SysWow64\vbscript.dll
2010-10-26 07:32 . 2010-10-26 07:32 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2010-10-26 07:31 . 2010-10-26 07:31 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2010-10-26 07:31 . 2010-10-26 07:31 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2010-10-26 07:29 . 2010-10-26 07:29 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2010-10-26 07:29 . 2010-10-26 07:29 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2010-10-26 07:29 . 2010-10-26 07:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2010-10-26 07:29 . 2010-10-26 07:29 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2010-10-26 07:29 . 2010-10-26 07:29 2048 ----a-w- c:\windows\SysWow64\user.exe
2010-10-26 07:29 . 2010-10-26 07:29 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2010-10-26 07:27 . 2010-10-26 07:27 2870272 ----a-w- c:\windows\explorer.exe
2010-10-26 07:27 . 2010-10-26 07:27 2614272 ----a-w- c:\windows\SysWow64\explorer.exe
2010-10-26 07:26 . 2010-10-26 07:26 91648 ----a-w- c:\windows\SysWow64\avifil32.dll
2010-10-26 07:26 . 2010-10-26 07:26 84480 ----a-w- c:\windows\SysWow64\mciavi32.dll
2010-10-26 07:26 . 2010-10-26 07:26 50176 ----a-w- c:\windows\SysWow64\iyuv_32.dll
2010-10-26 07:26 . 2010-10-26 07:26 31744 ----a-w- c:\windows\SysWow64\msvidc32.dll
2010-10-26 07:26 . 2010-10-26 07:26 22016 ----a-w- c:\windows\SysWow64\msyuv.dll
2010-10-26 07:26 . 2010-10-26 07:26 13312 ----a-w- c:\windows\SysWow64\msrle32.dll
2010-10-26 07:26 . 2010-10-26 07:26 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2010-10-26 07:26 . 2010-10-26 07:26 12288 ----a-w- c:\windows\SysWow64\tsbyuv.dll
2010-10-26 07:22 . 2010-10-26 07:22 85504 ----a-w- c:\windows\SysWow64\secproc_ssp_isv.dll
2010-10-26 07:22 . 2010-10-26 07:22 85504 ----a-w- c:\windows\SysWow64\secproc_ssp.dll
2010-10-26 07:22 . 2010-10-26 07:22 369152 ----a-w- c:\windows\SysWow64\secproc.dll
2010-10-26 07:22 . 2010-10-26 07:22 365568 ----a-w- c:\windows\SysWow64\secproc_isv.dll
2010-10-26 07:22 . 2010-10-26 07:22 324608 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe
2010-10-26 07:22 . 2010-10-26 07:22 320512 ----a-w- c:\windows\SysWow64\RMActivate.exe
2010-10-26 07:22 . 2010-10-26 07:22 280064 ----a-w- c:\windows\SysWow64\RMActivate_ssp.exe
2010-10-26 07:22 . 2010-10-26 07:22 277504 ----a-w- c:\windows\SysWow64\RMActivate_ssp_isv.exe
2010-10-26 07:22 . 2010-10-26 07:22 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2010-10-26 07:17 . 2010-10-26 07:17 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2010-10-26 07:17 . 2010-10-26 07:17 34816 ----a-w- c:\windows\SysWow64\msasn1.dll
2010-10-26 07:15 . 2010-10-26 07:15 1320960 ----a-w- c:\windows\SysWow64\CertEnroll.dll
2010-10-26 07:09 . 2010-10-26 07:09 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2010-10-26 07:09 . 2010-10-26 07:09 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
2010-10-26 07:09 . 2010-10-26 07:09 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2010-12-19 2937528]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ChangeWallpaper"="c:\program files (x86)\ChangeWallpaper\ChangeWallpaper.exe" [2004-01-06 859648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl9"="c:\program files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-06-24 210216]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2010-08-13 21504]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"MoneyStartUp10.0"="c:\program files (x86)\Microsoft Money\System\Activation.exe" [2001-07-25 245810]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"installer"="c:\program files (x86)\Installer\lnetworker.exe" [2010-12-14 7168]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-10-26 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-30 136176]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2010-08-21 77312]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-05-03 44032]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\CABAL Online\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [2010-02-23 917768]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-09-28 51712]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-17 1255736]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2010-09-05 24680]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-29 834544]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-06-22 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-09-06 1620584]
S2 sdmBackupIP;Backup IP Network;c:\windows\BackupIP\service.exe [2010-12-16 8192]
S2 tmpreflt;tmpreflt;c:\windows\system32\DRIVERS\tmpreflt.sys [2010-07-30 42576]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-16 13832]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-16 134928]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-07-21 129024]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-03-04 75816]
.
Contenu du dossier 'Tâches planifiées'
2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-30 17:56]
2011-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-30 17:56]
2011-01-03 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files (x86)\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 23:10]
.
--------- x86-64 -----------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2010-02-23 1022904]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-09-28 2121320]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://80.14.144.227/activex/AMC.cab
FF - ProfilePath - c:\users\Tibo\AppData\Roaming\Mozilla\Firefox\Profiles\cpn79qqh.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.fr
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: NewTabURL: newtaburl@sogame.cat - %profile%\extensions\newtaburl@sogame.cat
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
- - - - ORPHELINS SUPPRIMES - - - -
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - %ProgramFiles%\Elantech\ETDCtrl.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
[HKEY_USERS\S-1-5-21-2396430774-2284136971-336663960-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-2396430774-2284136971-336663960-1001)
@Denied: (2) (LocalSystem)
"Progid"="Microsoft Internet Mail Message WLMail"
[HKEY_USERS\S-1-5-21-2396430774-2284136971-336663960-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-2396430774-2284136971-336663960-1001)
@Denied: (2) (LocalSystem)
"Progid"="Microsoft Internet Mail VCard WLMail"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2011-01-06 14:08:38
ComboFix-quarantined-files.txt 2011-01-06 13:08
Avant-CF: 75 788 193 792 octets libres
Après-CF: 75 645 980 672 octets libres
- - End Of File - - 41F8665E67B1A0ADB15783B34AA41308
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
6 janv. 2011 à 14:57
6 janv. 2011 à 14:57
ok. Le fichier est toujours là au redémarrage?
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
6 janv. 2011 à 16:43
6 janv. 2011 à 16:43
Je t'ai pas répondu pour ça, j'avais oublié.
PEV.exe est un composant de Combofix, pas de soucis.
Toujours des pubs?
PEV.exe est un composant de Combofix, pas de soucis.
Toujours des pubs?
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
Modifié par Tigzy le 7/01/2011 à 18:56
Modifié par Tigzy le 7/01/2011 à 18:56
Je suis de retour ;)
Télécharger sur le bureau
AD-Remover
= Double-Clic AD-R pour l'installer
= Double-Clic AD-Remover, raccourci qui vient de se créer sur le bureau
= Faire Nettoyer
= En fin de scan donner le rapport
Contributeur SECURITE
Pas de rapports par MP, hébergez les sur www.cijoint.fr. Pas de désinfection par MP, merci d'ouvrir un fil
Télécharger sur le bureau
AD-Remover
= Double-Clic AD-R pour l'installer
= Double-Clic AD-Remover, raccourci qui vient de se créer sur le bureau
= Faire Nettoyer
= En fin de scan donner le rapport
Contributeur SECURITE
Pas de rapports par MP, hébergez les sur www.cijoint.fr. Pas de désinfection par MP, merci d'ouvrir un fil
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
7 janv. 2011 à 18:56
7 janv. 2011 à 18:56
Arf, bouge pas j'ai pas changé mon lien
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
7 janv. 2011 à 18:57
7 janv. 2011 à 18:57
C'est modifié :)
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
7 janv. 2011 à 18:57
7 janv. 2011 à 18:57
Il fonctionne uniquement sous Windows XP/ Vista / 7, version 32 et 64 bit, bien
qu'il puisse subsister quelque bugs en 64 bit.
ça marche sous 64
qu'il puisse subsister quelque bugs en 64 bit.
ça marche sous 64
Exact et après fonctionnement, voila ce que ca me donne :
======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 03/01/11 à 14:20
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:59:54 le 07/01/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
Tibo@TIBO-PC-POTABLE (ASUSTeK Computer Inc. N53Jg)
============== ACTION(S) ==============
Service: "sdmBackupIP" Stoppé et supprimé
Dossier supprimé: C:\Program Files (x86)\Installer
Dossier supprimé: C:\Windows\BackupIP
Dossier supprimé: C:\Users\Tibo\AppData\Local\networker
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Install Pedia Limited
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|installer
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.13 (fr)] **
-- C:\Users\Tibo\AppData\Roaming\Mozilla\FireFox\Profiles\cpn79qqh.default\Prefs.js --
browser.startup.homepage, hxxp://google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.13
========================================
** Internet Explorer Version [8.0.7600.16385] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\SysWOW64\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 12 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 14 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 07/01/2011 (2366 Octet(s))
Fin à: 19:00:51, 07/01/2011
============== E.O.F ==============
Clé supprimée: HKLM\Software\Install Pedia Limited Oo, l'aurais-tu eu?
======= RAPPORT D'AD-REMOVER 2.0.0.2,D | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 03/01/11 à 14:20
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:59:54 le 07/01/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
Tibo@TIBO-PC-POTABLE (ASUSTeK Computer Inc. N53Jg)
============== ACTION(S) ==============
Service: "sdmBackupIP" Stoppé et supprimé
Dossier supprimé: C:\Program Files (x86)\Installer
Dossier supprimé: C:\Windows\BackupIP
Dossier supprimé: C:\Users\Tibo\AppData\Local\networker
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Install Pedia Limited
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|installer
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.13 (fr)] **
-- C:\Users\Tibo\AppData\Roaming\Mozilla\FireFox\Profiles\cpn79qqh.default\Prefs.js --
browser.startup.homepage, hxxp://google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.13
========================================
** Internet Explorer Version [8.0.7600.16385] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Local Page: C:\Windows\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\Windows\SysWOW64\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 12 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 14 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 07/01/2011 (2366 Octet(s))
Fin à: 19:00:51, 07/01/2011
============== E.O.F ==============
Clé supprimée: HKLM\Software\Install Pedia Limited Oo, l'aurais-tu eu?
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
6 janv. 2011 à 10:06
6 janv. 2011 à 10:06
Relance ZHPDiag et relance un scan, un fois le scan fini clique sur le bouclier vert ZHPFix.
Ensuite clique sur le H "Coller les lignes Helper"
Copie colle ces lignes dans la fenêtre
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SRI] (.Pas de propriétaire - Pas de description.) -- C:\ProgramData\FullRemove.exe [131368]
Tu cliques ensuite sur "Tous" (ou tu coches la ligne), puis sur "Nettoyer"
ZHPFix va générer un rapport, envoie le pour vérification.
Ensuite clique sur le H "Coller les lignes Helper"
Copie colle ces lignes dans la fenêtre
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SRI] (.Pas de propriétaire - Pas de description.) -- C:\ProgramData\FullRemove.exe [131368]
Tu cliques ensuite sur "Tous" (ou tu coches la ligne), puis sur "Nettoyer"
ZHPFix va générer un rapport, envoie le pour vérification.
Rapport ci-dessous :
Rapport de ZHPFix 1.12.3235 par Nicolas Coolman, Update du 03/01/2011
Fichier d'export Registre :
Run by Tibo at 06/01/2011 10:30:41
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr
========== Processus mémoire ==========
C:\ProgramData\FullRemove.exe [131368] => Fichier supprimé au reboot
========== Récapitulatif ==========
1 : Processus mémoire
End of the scan
Je viens d'aller dans le répertoire précisé, ce fichier y est toujours. Est-ce normal?
Rapport de ZHPFix 1.12.3235 par Nicolas Coolman, Update du 03/01/2011
Fichier d'export Registre :
Run by Tibo at 06/01/2011 10:30:41
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Contact : nicolascoolman@yahoo.fr
========== Processus mémoire ==========
C:\ProgramData\FullRemove.exe [131368] => Fichier supprimé au reboot
========== Récapitulatif ==========
1 : Processus mémoire
End of the scan
Je viens d'aller dans le répertoire précisé, ce fichier y est toujours. Est-ce normal?
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
6 janv. 2011 à 10:58
6 janv. 2011 à 10:58
oui il faut que tu redémarres.
redit moi si tu as toujours des pubs
redit moi si tu as toujours des pubs
Oui, je n'ai pas précisé. Le fichier était toujours présent APRÈS redémarrage...
Je viens de refaire toute la manip. Pendant l'analyse, j'ai eu une page de pub. Et Après avoir utilisé ZHPFix, et redémarré, le fichier est toujours présent...
Dans l'historique de mon navigateur, je trouve les pages "c.ads-3-host.com
hxxp://c.ads-3-host.com/ads.php?c=63" et "c.ads-4-host.com
hxxp://c.ads-4-host.com/ads.php?c=194"
Je viens de refaire toute la manip. Pendant l'analyse, j'ai eu une page de pub. Et Après avoir utilisé ZHPFix, et redémarré, le fichier est toujours présent...
Dans l'historique de mon navigateur, je trouve les pages "c.ads-3-host.com
hxxp://c.ads-3-host.com/ads.php?c=63" et "c.ads-4-host.com
hxxp://c.ads-4-host.com/ads.php?c=194"
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Comment met-on résolu?
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
7 janv. 2011 à 10:27
7 janv. 2011 à 10:27
Je l'ai fait ;)
On va finir
* Télécharge DELFix de Xplode
* Lance le.
* A l'invite, tape 2 (suppression)
* Un rapport va s'ouvrir à la fin, colle le dans la réponse
----------
Tu peux lire ce sujet sur les logiciels recommandés, et les attitudes responsables sur le web
Et celui ci, sur les logiciels gratuits à éviter
------
Tu peux garder Malwarebytes pour un scan de temps à autres
On va finir
* Télécharge DELFix de Xplode
* Lance le.
* A l'invite, tape 2 (suppression)
* Un rapport va s'ouvrir à la fin, colle le dans la réponse
----------
Tu peux lire ce sujet sur les logiciels recommandés, et les attitudes responsables sur le web
Et celui ci, sur les logiciels gratuits à éviter
------
Tu peux garder Malwarebytes pour un scan de temps à autres
J'ai crié victoire trop vite.......
Je viens d'en ravoir une... Ce me soule cette m****e
Rapport : (Au vu de ce qu'il à supprimé, je suppose que je vais devoir faire marche arrière...)
########## DelFix - Nettoyeur d'outils de désinfection ##########
#
# DelFix v6.9 - Rapport créé le 07/01/2011 à 10:32
# Mis à jour le 19/12/10 à 16h40 par Xplode
# Système d'exploitation : Windows 7 Home Premium (64 bits) [version 6.1.7600]
# Nom d'utilisateur : Tibo - TIBO-PC-POTABLE (Administrateur)
# Exécuté depuis : D:\Downloads\DelFix.exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
-> C:\Qoobox\BackEnv ... ACL modifié avec succès.
Supprimé : C:\Qoobox
Supprimé : C:\Program Files (x86)\ZHPDiag
~~~~~~ Fichier(s) ~~~~~~
Supprimé : C:\Windows\grep.exe
Supprimé : C:\Windows\PEV.exe
Supprimé : C:\Windows\NIRCMD.exe
Supprimé : C:\Windows\MBR.exe
Supprimé : C:\Windows\sed.exe
Supprimé : C:\Windows\SWREG.exe
Supprimé : C:\Windows\SWSC.exe
Supprimé : C:\Windows\SWXCACLS.exe
Supprimé : C:\Windows\zip.exe
Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk
Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk
Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk
~~~~~~ Registre ~~~~~~
Clé Supprimée : HKLM\Software\swearware
Clé Supprimée : HKLM\Software\Classes\.cfxxe
Clé Supprimée : HKLM\Software\Classes\cfxxefile
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
~~~~~~ Autre ~~~~~~
########## EOF - "C:\DelFixSuppr.txt" - [1467 octets] ##########
Je viens d'en ravoir une... Ce me soule cette m****e
Rapport : (Au vu de ce qu'il à supprimé, je suppose que je vais devoir faire marche arrière...)
########## DelFix - Nettoyeur d'outils de désinfection ##########
#
# DelFix v6.9 - Rapport créé le 07/01/2011 à 10:32
# Mis à jour le 19/12/10 à 16h40 par Xplode
# Système d'exploitation : Windows 7 Home Premium (64 bits) [version 6.1.7600]
# Nom d'utilisateur : Tibo - TIBO-PC-POTABLE (Administrateur)
# Exécuté depuis : D:\Downloads\DelFix.exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
-> C:\Qoobox\BackEnv ... ACL modifié avec succès.
Supprimé : C:\Qoobox
Supprimé : C:\Program Files (x86)\ZHPDiag
~~~~~~ Fichier(s) ~~~~~~
Supprimé : C:\Windows\grep.exe
Supprimé : C:\Windows\PEV.exe
Supprimé : C:\Windows\NIRCMD.exe
Supprimé : C:\Windows\MBR.exe
Supprimé : C:\Windows\sed.exe
Supprimé : C:\Windows\SWREG.exe
Supprimé : C:\Windows\SWSC.exe
Supprimé : C:\Windows\SWXCACLS.exe
Supprimé : C:\Windows\zip.exe
Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk
Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk
Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk
~~~~~~ Registre ~~~~~~
Clé Supprimée : HKLM\Software\swearware
Clé Supprimée : HKLM\Software\Classes\.cfxxe
Clé Supprimée : HKLM\Software\Classes\cfxxefile
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
~~~~~~ Autre ~~~~~~
########## EOF - "C:\DelFixSuppr.txt" - [1467 octets] ##########
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
Modifié par Tigzy le 7/01/2011 à 10:50
Modifié par Tigzy le 7/01/2011 à 10:50
Bon.
EDIT. voir en dessous
Contributeur SECURITE
Pas de rapports par MP, hébergez les sur www.cijoint.fr. Pas de désinfection par MP, merci d'ouvrir un fil
EDIT. voir en dessous
Contributeur SECURITE
Pas de rapports par MP, hébergez les sur www.cijoint.fr. Pas de désinfection par MP, merci d'ouvrir un fil
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
7 janv. 2011 à 10:50
7 janv. 2011 à 10:50
C'est peut être un TDL3 en fait.
Télécharger et dézipper sur le bureau TDSSKiller
= Lancer TDSSKiller en faisant un double clique
= Une fois le scan fini, un rapport s'ouvre
= Copier coller le contenu dans la prochaine réponse
= Le rapport se trouve également dans C:\TDSSKiller.XXXXXX_log.txt.( X correspondant a la version, la date et l'heure )
Télécharger et dézipper sur le bureau TDSSKiller
= Lancer TDSSKiller en faisant un double clique
= Une fois le scan fini, un rapport s'ouvre
= Copier coller le contenu dans la prochaine réponse
= Le rapport se trouve également dans C:\TDSSKiller.XXXXXX_log.txt.( X correspondant a la version, la date et l'heure )
Qu'est ce qu'un TDL3? (je ne suis pas contre savoir ce qui m'infecte ^^)
Rapport :
2011/01/07 11:10:31.0535 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
2011/01/07 11:10:31.0535 ================================================================================
2011/01/07 11:10:31.0535 SystemInfo:
2011/01/07 11:10:31.0535
2011/01/07 11:10:31.0535 OS Version: 6.1.7600 ServicePack: 0.0
2011/01/07 11:10:31.0535 Product type: Workstation
2011/01/07 11:10:31.0535 ComputerName: TIBO-PC-POTABLE
2011/01/07 11:10:31.0536 UserName: Tibo
2011/01/07 11:10:31.0536 Windows directory: C:\Windows
2011/01/07 11:10:31.0536 System windows directory: C:\Windows
2011/01/07 11:10:31.0536 Running under WOW64
2011/01/07 11:10:31.0536 Processor architecture: Intel x64
2011/01/07 11:10:31.0536 Number of processors: 4
2011/01/07 11:10:31.0536 Page size: 0x1000
2011/01/07 11:10:31.0536 Boot type: Normal boot
2011/01/07 11:10:31.0536 ================================================================================
2011/01/07 11:10:31.0536 Utility is running under WOW64
2011/01/07 11:10:32.0076 Initialize success
2011/01/07 11:10:43.0931 ================================================================================
2011/01/07 11:10:43.0931 Scan started
2011/01/07 11:10:43.0931 Mode: Manual;
2011/01/07 11:10:43.0931 ================================================================================
2011/01/07 11:10:45.0492 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/01/07 11:10:45.0621 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/01/07 11:10:45.0722 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/01/07 11:10:45.0838 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/01/07 11:10:45.0986 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/01/07 11:10:46.0120 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/01/07 11:10:46.0262 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/01/07 11:10:46.0366 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/01/07 11:10:46.0512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/01/07 11:10:46.0652 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/01/07 11:10:46.0782 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/01/07 11:10:46.0920 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/01/07 11:10:47.0057 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/01/07 11:10:47.0213 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/01/07 11:10:47.0351 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/01/07 11:10:47.0493 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
2011/01/07 11:10:47.0630 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/01/07 11:10:47.0814 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/01/07 11:10:47.0947 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/01/07 11:10:48.0083 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
2011/01/07 11:10:48.0219 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/07 11:10:48.0369 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/01/07 11:10:48.0524 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
2011/01/07 11:10:48.0739 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/01/07 11:10:48.0902 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/01/07 11:10:49.0078 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/01/07 11:10:49.0228 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/01/07 11:10:49.0390 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/07 11:10:49.0516 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/01/07 11:10:49.0623 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/01/07 11:10:49.0755 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/01/07 11:10:49.0887 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/01/07 11:10:50.0021 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/01/07 11:10:50.0129 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/01/07 11:10:50.0241 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/01/07 11:10:50.0430 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/07 11:10:50.0568 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/07 11:10:50.0716 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/01/07 11:10:50.0780 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/01/07 11:10:50.0970 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/01/07 11:10:51.0015 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/01/07 11:10:51.0071 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/01/07 11:10:51.0206 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/01/07 11:10:51.0249 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/01/07 11:10:51.0360 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/01/07 11:10:51.0505 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/01/07 11:10:51.0558 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/01/07 11:10:51.0629 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/01/07 11:10:51.0701 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/01/07 11:10:51.0906 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/07 11:10:52.0136 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/01/07 11:10:52.0440 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/01/07 11:10:52.0547 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/01/07 11:10:52.0689 ETD (38b0a3e42de9b36aa56f72a5ecb62331) C:\Windows\system32\DRIVERS\ETD.sys
2011/01/07 11:10:52.0779 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/01/07 11:10:52.0836 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/01/07 11:10:52.0927 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/07 11:10:53.0052 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/01/07 11:10:53.0083 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/01/07 11:10:53.0125 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/07 11:10:53.0235 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/01/07 11:10:53.0366 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/01/07 11:10:53.0404 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/07 11:10:53.0510 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/01/07 11:10:53.0611 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/01/07 11:10:53.0736 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/01/07 11:10:53.0834 ghaio (7d66ebde8b7f9b4e00beefeee82670d4) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
2011/01/07 11:10:53.0954 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/01/07 11:10:54.0070 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/01/07 11:10:54.0135 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/07 11:10:54.0234 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/01/07 11:10:54.0272 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/01/07 11:10:54.0312 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/01/07 11:10:54.0433 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/01/07 11:10:54.0586 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/07 11:10:54.0715 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/01/07 11:10:54.0875 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/01/07 11:10:54.0924 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/01/07 11:10:55.0001 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/07 11:10:55.0073 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
2011/01/07 11:10:55.0189 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/01/07 11:10:55.0531 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/01/07 11:10:55.0916 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/01/07 11:10:56.0047 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
2011/01/07 11:10:56.0231 IntcAzAudAddService (e02a55f45edb35641cb470a2cd56e74e) C:\Windows\system32\drivers\RTKVHD64.sys
2011/01/07 11:10:56.0496 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/01/07 11:10:56.0537 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/07 11:10:56.0570 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/07 11:10:56.0625 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/01/07 11:10:56.0668 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/01/07 11:10:56.0800 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/01/07 11:10:56.0841 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/01/07 11:10:56.0887 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/07 11:10:57.0017 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/07 11:10:57.0078 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/07 11:10:57.0117 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
2011/01/07 11:10:57.0168 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/07 11:10:57.0197 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/01/07 11:10:57.0244 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/01/07 11:10:57.0361 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys
2011/01/07 11:10:57.0516 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/01/07 11:10:57.0682 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/07 11:10:57.0832 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/01/07 11:10:57.0978 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/01/07 11:10:58.0026 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/01/07 11:10:58.0066 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/01/07 11:10:58.0105 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/01/07 11:10:58.0155 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/01/07 11:10:58.0195 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/01/07 11:10:58.0231 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/01/07 11:10:58.0294 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/01/07 11:10:58.0367 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/07 11:10:58.0390 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/07 11:10:58.0472 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/07 11:10:58.0496 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/01/07 11:10:58.0535 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/01/07 11:10:58.0578 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/07 11:10:58.0628 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/01/07 11:10:58.0669 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/07 11:10:58.0701 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/07 11:10:58.0734 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/07 11:10:58.0772 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/01/07 11:10:58.0820 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/01/07 11:10:58.0878 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/01/07 11:10:58.0913 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/01/07 11:10:58.0939 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/01/07 11:10:59.0027 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/07 11:10:59.0069 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/07 11:10:59.0101 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/01/07 11:10:59.0141 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/01/07 11:10:59.0194 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/07 11:10:59.0222 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/01/07 11:10:59.0253 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/01/07 11:10:59.0303 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
2011/01/07 11:10:59.0400 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/01/07 11:10:59.0547 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/07 11:10:59.0635 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/01/07 11:10:59.0738 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/01/07 11:10:59.0793 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/07 11:10:59.0830 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/07 11:10:59.0869 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/07 11:10:59.0910 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/01/07 11:10:59.0959 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/07 11:10:59.0992 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/07 11:11:00.0114 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/01/07 11:11:00.0233 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/01/07 11:11:00.0414 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/07 11:11:00.0473 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/01/07 11:11:00.0645 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/01/07 11:11:00.0942 nvlddmkm (0c24353933128ef8209466f5a7f73f06) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/01/07 11:11:01.0371 nvpciflt (3a8fb702a6b3cde08cce0324df922937) C:\Windows\system32\DRIVERS\nvpciflt.sys
2011/01/07 11:11:01.0498 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/01/07 11:11:01.0623 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/01/07 11:11:01.0732 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/01/07 11:11:01.0787 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/07 11:11:01.0860 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/01/07 11:11:01.0893 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/01/07 11:11:01.0925 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/01/07 11:11:01.0974 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/01/07 11:11:02.0007 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/01/07 11:11:02.0057 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/01/07 11:11:02.0100 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/01/07 11:11:02.0289 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/07 11:11:02.0344 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/01/07 11:11:02.0474 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/07 11:11:02.0521 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/01/07 11:11:02.0739 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/01/07 11:11:02.0790 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/07 11:11:02.0827 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/07 11:11:02.0890 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/01/07 11:11:03.0001 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/07 11:11:03.0149 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/07 11:11:03.0192 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/07 11:11:03.0243 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/07 11:11:03.0282 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/01/07 11:11:03.0381 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/07 11:11:03.0416 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/07 11:11:03.0436 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/01/07 11:11:03.0473 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/01/07 11:11:03.0589 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
2011/01/07 11:11:03.0771 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/07 11:11:03.0825 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/01/07 11:11:03.0873 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/01/07 11:11:03.0994 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/01/07 11:11:04.0101 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/07 11:11:04.0147 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/01/07 11:11:04.0188 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/01/07 11:11:04.0317 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/01/07 11:11:04.0348 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/01/07 11:11:04.0375 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/01/07 11:11:04.0424 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/01/07 11:11:04.0527 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
2011/01/07 11:11:04.0585 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/01/07 11:11:04.0624 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/01/07 11:11:04.0666 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/01/07 11:11:04.0817 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/01/07 11:11:05.0015 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/01/07 11:11:05.0176 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/01/07 11:11:05.0176 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/01/07 11:11:05.0190 sptd - detected Locked file (1)
2011/01/07 11:11:05.0262 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2011/01/07 11:11:05.0389 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/07 11:11:05.0514 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/07 11:11:05.0628 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/01/07 11:11:05.0739 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/07 11:11:05.0836 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/01/07 11:11:06.0127 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/07 11:11:06.0179 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/07 11:11:06.0219 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/01/07 11:11:06.0253 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/01/07 11:11:06.0299 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/07 11:11:06.0334 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/07 11:11:06.0504 tmpreflt (803ee35df92815ea5d41cee7410c8cc1) C:\Windows\system32\DRIVERS\tmpreflt.sys
2011/01/07 11:11:06.0639 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
2011/01/07 11:11:06.0798 tmxpflt (9bd32132a3470cefb3cbea5fa492bd6f) C:\Windows\system32\DRIVERS\tmxpflt.sys
2011/01/07 11:11:06.0940 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/07 11:11:07.0066 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/07 11:11:07.0125 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
2011/01/07 11:11:07.0182 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/01/07 11:11:07.0225 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/07 11:11:07.0305 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/01/07 11:11:07.0337 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/07 11:11:07.0370 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/01/07 11:11:07.0464 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
2011/01/07 11:11:07.0510 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/07 11:11:07.0614 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/01/07 11:11:07.0671 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/07 11:11:07.0810 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/07 11:11:07.0951 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/01/07 11:11:08.0002 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/07 11:11:08.0032 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/07 11:11:08.0100 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/07 11:11:08.0215 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
2011/01/07 11:11:08.0405 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/01/07 11:11:08.0466 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/07 11:11:08.0501 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/01/07 11:11:08.0534 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/01/07 11:11:08.0649 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/01/07 11:11:08.0782 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/01/07 11:11:08.0837 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/01/07 11:11:08.0862 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/01/07 11:11:08.0970 vsapint (b01ce1f5a44126892240d179a6dbd43f) C:\Windows\system32\DRIVERS\vsapint.sys
2011/01/07 11:11:09.0170 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/01/07 11:11:09.0227 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/01/07 11:11:09.0262 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/01/07 11:11:09.0311 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/01/07 11:11:09.0361 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/07 11:11:09.0389 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/07 11:11:09.0512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/01/07 11:11:09.0587 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/07 11:11:09.0720 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/01/07 11:11:09.0789 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/01/07 11:11:09.0840 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/01/07 11:11:09.0944 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/01/07 11:11:10.0039 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/07 11:11:10.0127 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/01/07 11:11:10.0240 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/07 11:11:11.0774 ================================================================================
2011/01/07 11:11:11.0774 Scan finished
2011/01/07 11:11:11.0774 ================================================================================
2011/01/07 11:11:11.0787 Detected object count: 1
2011/01/07 11:11:20.0125 Locked file(sptd) - User select action: Skip
2011/01/07 11:11:56.0791 ================================================================================
2011/01/07 11:11:56.0791 Scan started
2011/01/07 11:11:56.0791 Mode: Manual;
2011/01/07 11:11:56.0791 ================================================================================
2011/01/07 11:11:57.0059 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/01/07 11:11:57.0099 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/01/07 11:11:57.0122 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/01/07 11:11:57.0160 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/01/07 11:11:57.0197 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/01/07 11:11:57.0231 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/01/07 11:11:57.0283 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/01/07 11:11:57.0322 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/01/07 11:11:57.0357 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/01/07 11:11:57.0375 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/01/07 11:11:57.0394 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/01/07 11:11:57.0421 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/01/07 11:11:57.0447 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/01/07 11:11:57.0469 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/01/07 11:11:57.0496 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/01/07 11:11:57.0539 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
2011/01/07 11:11:57.0631 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/01/07 11:11:57.0726 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/01/07 11:11:57.0748 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/01/07 11:11:57.0817 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
2011/01/07 11:11:57.0908 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/07 11:11:57.0936 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/01/07 11:11:58.0034 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
2011/01/07 11:11:58.0105 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/01/07 11:11:58.0147 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/01/07 11:11:58.0245 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/01/07 11:11:58.0284 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/01/07 11:11:58.0324 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/07 11:11:58.0349 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/01/07 11:11:58.0368 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/01/07 11:11:58.0399 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/01/07 11:11:58.0421 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/01/07 11:11:58.0444 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/01/07 11:11:58.0462 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/01/07 11:11:58.0486 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/01/07 11:11:58.0531 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/07 11:11:58.0568 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/07 11:11:58.0661 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/01/07 11:11:58.0703 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/01/07 11:11:58.0826 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/01/07 11:11:58.0849 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/01/07 11:11:58.0917 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/01/07 11:11:58.0973 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/01/07 11:11:59.0028 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/01/07 11:11:59.0071 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/01/07 11:11:59.0128 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/01/07 11:11:59.0169 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/01/07 11:11:59.0218 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/01/07 11:11:59.0268 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/01/07 11:11:59.0429 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/07 11:11:59.0548 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/01/07 11:11:59.0674 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/01/07 11:11:59.0703 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/01/07 11:11:59.0745 ETD (38b0a3e42de9b36aa56f72a5ecb62331) C:\Windows\system32\DRIVERS\ETD.sys
2011/01/07 11:11:59.0835 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/01/07 11:11:59.0870 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/01/07 11:11:59.0905 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/07 11:11:59.0941 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/01/07 11:11:59.0956 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/01/07 11:11:59.0982 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/07 11:11:59.0999 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/01/07 11:12:00.0033 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/01/07 11:12:00.0061 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/07 11:12:00.0099 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/01/07 11:12:00.0167 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/01/07 11:12:00.0203 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/01/07 11:12:00.0268 ghaio (7d66ebde8b7f9b4e00beefeee82670d4) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
2011/01/07 11:12:00.0377 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/01/07 11:12:00.0416 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/01/07 11:12:00.0447 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/07 11:12:00.0502 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/01/07 11:12:00.0529 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/01/07 11:12:00.0591 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/01/07 11:12:00.0612 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/01/07 11:12:00.0676 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/07 11:12:00.0761 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/01/07 11:12:00.0831 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/01/07 11:12:00.0891 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/01/07 11:12:00.0913 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/07 11:12:01.0020 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
2011/01/07 11:12:01.0067 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/01/07 11:12:01.0302 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/01/07 11:12:01.0428 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/01/07 11:12:01.0470 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
2011/01/07 11:12:01.0583 IntcAzAudAddService (e02a55f45edb35641cb470a2cd56e74e) C:\Windows\system32\drivers\RTKVHD64.sys
2011/01/07 11:12:01.0630 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/01/07 11:12:01.0671 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/07 11:12:01.0704 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/07 11:12:01.0737 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/01/07 11:12:01.0769 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/01/07 11:12:01.0801 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/01/07 11:12:01.0831 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/01/07 11:12:01.0865 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/07 11:12:01.0895 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/07 11:12:01.0923 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/07 11:12:01.0967 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
2011/01/07 11:12:02.0069 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/07 11:12:02.0088 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/01/07 11:12:02.0123 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/01/07 11:12:02.0162 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys
2011/01/07 11:12:02.0228 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/01/07 11:12:02.0271 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/07 11:12:02.0343 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/01/07 11:12:02.0389 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/01/07 11:12:02.0415 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/01/07 11:12:02.0443 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/01/07 11:12:02.0471 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/01/07 11:12:02.0499 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/01/07 11:12:02.0539 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/01/07 11:12:02.0576 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/01/07 11:12:02.0604 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/01/07 11:12:02.0634 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/07 11:12:02.0657 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/07 11:12:02.0683 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/07 11:12:02.0707 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/01/07 11:12:02.0733 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/01/07 11:12:02.0756 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/07 11:12:02.0800 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/01/07 11:12:02.0825 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/07 11:12:02.0843 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/07 11:12:02.0861 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/07 11:12:02.0883 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/01/07 11:12:02.0909 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/01/07 11:12:02.0944 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/01/07 11:12:02.0968 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/01/07 11:12:02.0994 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/01/07 11:12:03.0027 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/07 11:12:03.0058 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/07 11:12:03.0090 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/01/07 11:12:03.0119 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/01/07 11:12:03.0149 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/07 11:12:03.0178 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/01/07 11:12:03.0208 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/01/07 11:12:03.0236 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
2011/01/07 11:12:03.0277 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/01/07 11:12:03.0312 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/07 11:12:03.0357 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/01/07 11:12:03.0382 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/01/07 11:12:03.0404 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/07 11:12:03.0463 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/07 11:12:03.0559 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/07 11:12:03.0654 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/01/07 11:12:03.0692 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/07 11:12:03.0725 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/07 11:12:03.0802 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/01/07 11:12:03.0833 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/01/07 11:12:03.0947 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/07 11:12:04.0074 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/01/07 11:12:04.0167 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/01/07 11:12:04.0459 nvlddmkm (0c24353933128ef8209466f5a7f73f06) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/01/07 11:12:04.0606 nvpciflt (3a8fb702a6b3cde08cce0324df922937) C:\Windows\system32\DRIVERS\nvpciflt.sys
2011/01/07 11:12:04.0686 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/01/07 11:12:04.0711 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/01/07 11:12:04.0742 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/01/07 11:12:04.0764 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/07 11:12:04.0815 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/01/07 11:12:04.0838 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/01/07 11:12:04.0858 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/01/07 11:12:04.0885 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/01/07 11:12:04.0918 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/01/07 11:12:04.0946 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/01/07 11:12:04.0977 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/01/07 11:12:05.0055 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/07 11:12:05.0077 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/01/07 11:12:05.0119 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/07 11:12:05.0165 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/01/07 11:12:05.0206 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/01/07 11:12:05.0235 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/07 11:12:05.0260 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/07 11:12:05.0302 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/01/07 11:12:05.0346 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/07 11:12:05.0371 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/07 11:12:05.0392 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/07 11:12:05.0420 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/07 11:12:05.0449 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/01/07 11:12:05.0481 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/07 11:12:05.0505 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/07 11:12:05.0524 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/01/07 11:12:05.0562 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/01/07 11:12:05.0633 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
2011/01/07 11:12:05.0693 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/07 11:12:05.0725 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/01/07 11:12:05.0762 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/01/07 11:12:05.0816 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/01/07 11:12:05.0857 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/07 11:12:05.0880 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/01/07 11:12:05.0910 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/01/07 11:12:05.0961 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/01/07 11:12:05.0977 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/01/07 11:12:06.0009 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/01/07 11:12:06.0035 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/01/07 11:12:06.0071 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
2011/01/07 11:12:06.0096 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/01/07 11:12:06.0124 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/01/07 11:12:06.0155 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/01/07 11:12:06.0250 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/01/07 11:12:06.0304 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/01/07 11:12:06.0374 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/01/07 11:12:06.0374 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/01/07 11:12:06.0383 sptd - detected Locked file (1)
2011/01/07 11:12:06.0428 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2011/01/07 11:12:06.0455 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/07 11:12:06.0525 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/07 11:12:06.0639 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/01/07 11:12:06.0717 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/07 11:12:06.0835 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/01/07 11:12:06.0902 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/07 11:12:06.0946 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/07 11:12:06.0975 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/01/07 11:12:06.0998 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/01/07 11:12:07.0021 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/07 11:12:07.0079 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/07 11:12:07.0148 tmpreflt (803ee35df92815ea5d41cee7410c8cc1) C:\Windows\system32\DRIVERS\tmpreflt.sys
2011/01/07 11:12:07.0184 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
2011/01/07 11:12:07.0253 tmxpflt (9bd32132a3470cefb3cbea5fa492bd6f) C:\Windows\system32\DRIVERS\tmxpflt.sys
2011/01/07 11:12:07.0329 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/07 11:12:07.0355 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/07 11:12:07.0414 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
2011/01/07 11:12:07.0460 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/01/07 11:12:07.0537 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/07 11:12:07.0651 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/01/07 11:12:07.0704 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/07 11:12:07.0749 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/01/07 11:12:07.0821 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
2011/01/07 11:12:07.0866 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/07 11:12:07.0893 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/01/07 11:12:07.0917 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/07 11:12:07.0936 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/07 11:12:07.0963 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/01/07 11:12:07.0981 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/07 11:12:08.0011 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/07 11:12:08.0035 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/07 11:12:08.0071 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
2011/01/07 11:12:08.0183 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/01/07 11:12:08.0211 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/07 11:12:08.0235 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/01/07 11:12:08.0257 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/01/07 11:12:08.0283 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/01/07 11:12:08.0306 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/01/07 11:12:08.0337 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/01/07 11:12:08.0357 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/01/07 11:12:08.0438 vsapint (b01ce1f5a44126892240d179a6dbd43f) C:\Windows\system32\DRIVERS\vsapint.sys
2011/01/07 11:12:08.0538 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/01/07 11:12:08.0583 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/01/07 11:12:08.0607 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/01/07 11:12:08.0646 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/01/07 11:12:08.0673 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/07 11:12:08.0685 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/07 11:12:08.0735 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/01/07 11:12:08.0777 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/07 11:12:08.0832 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/01/07 11:12:08.0879 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/01/07 11:12:08.0963 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/01/07 11:12:09.0034 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/01/07 11:12:09.0084 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/07 11:12:09.0127 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/01/07 11:12:09.0150 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/07 11:12:10.0729 ================================================================================
2011/01/07 11:12:10.0730 Scan finished
2011/01/07 11:12:10.0730 ================================================================================
2011/01/07 11:12:10.0749 Detected object cou
Rapport :
2011/01/07 11:10:31.0535 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
2011/01/07 11:10:31.0535 ================================================================================
2011/01/07 11:10:31.0535 SystemInfo:
2011/01/07 11:10:31.0535
2011/01/07 11:10:31.0535 OS Version: 6.1.7600 ServicePack: 0.0
2011/01/07 11:10:31.0535 Product type: Workstation
2011/01/07 11:10:31.0535 ComputerName: TIBO-PC-POTABLE
2011/01/07 11:10:31.0536 UserName: Tibo
2011/01/07 11:10:31.0536 Windows directory: C:\Windows
2011/01/07 11:10:31.0536 System windows directory: C:\Windows
2011/01/07 11:10:31.0536 Running under WOW64
2011/01/07 11:10:31.0536 Processor architecture: Intel x64
2011/01/07 11:10:31.0536 Number of processors: 4
2011/01/07 11:10:31.0536 Page size: 0x1000
2011/01/07 11:10:31.0536 Boot type: Normal boot
2011/01/07 11:10:31.0536 ================================================================================
2011/01/07 11:10:31.0536 Utility is running under WOW64
2011/01/07 11:10:32.0076 Initialize success
2011/01/07 11:10:43.0931 ================================================================================
2011/01/07 11:10:43.0931 Scan started
2011/01/07 11:10:43.0931 Mode: Manual;
2011/01/07 11:10:43.0931 ================================================================================
2011/01/07 11:10:45.0492 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/01/07 11:10:45.0621 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/01/07 11:10:45.0722 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/01/07 11:10:45.0838 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/01/07 11:10:45.0986 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/01/07 11:10:46.0120 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/01/07 11:10:46.0262 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/01/07 11:10:46.0366 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/01/07 11:10:46.0512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/01/07 11:10:46.0652 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/01/07 11:10:46.0782 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/01/07 11:10:46.0920 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/01/07 11:10:47.0057 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/01/07 11:10:47.0213 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/01/07 11:10:47.0351 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/01/07 11:10:47.0493 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
2011/01/07 11:10:47.0630 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/01/07 11:10:47.0814 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/01/07 11:10:47.0947 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/01/07 11:10:48.0083 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
2011/01/07 11:10:48.0219 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/07 11:10:48.0369 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/01/07 11:10:48.0524 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
2011/01/07 11:10:48.0739 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/01/07 11:10:48.0902 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/01/07 11:10:49.0078 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/01/07 11:10:49.0228 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/01/07 11:10:49.0390 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/07 11:10:49.0516 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/01/07 11:10:49.0623 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/01/07 11:10:49.0755 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/01/07 11:10:49.0887 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/01/07 11:10:50.0021 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/01/07 11:10:50.0129 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/01/07 11:10:50.0241 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/01/07 11:10:50.0430 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/07 11:10:50.0568 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/07 11:10:50.0716 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/01/07 11:10:50.0780 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/01/07 11:10:50.0970 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/01/07 11:10:51.0015 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/01/07 11:10:51.0071 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/01/07 11:10:51.0206 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/01/07 11:10:51.0249 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/01/07 11:10:51.0360 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/01/07 11:10:51.0505 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/01/07 11:10:51.0558 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/01/07 11:10:51.0629 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/01/07 11:10:51.0701 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/01/07 11:10:51.0906 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/07 11:10:52.0136 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/01/07 11:10:52.0440 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/01/07 11:10:52.0547 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/01/07 11:10:52.0689 ETD (38b0a3e42de9b36aa56f72a5ecb62331) C:\Windows\system32\DRIVERS\ETD.sys
2011/01/07 11:10:52.0779 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/01/07 11:10:52.0836 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/01/07 11:10:52.0927 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/07 11:10:53.0052 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/01/07 11:10:53.0083 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/01/07 11:10:53.0125 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/07 11:10:53.0235 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/01/07 11:10:53.0366 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/01/07 11:10:53.0404 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/07 11:10:53.0510 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/01/07 11:10:53.0611 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/01/07 11:10:53.0736 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/01/07 11:10:53.0834 ghaio (7d66ebde8b7f9b4e00beefeee82670d4) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
2011/01/07 11:10:53.0954 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/01/07 11:10:54.0070 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/01/07 11:10:54.0135 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/07 11:10:54.0234 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/01/07 11:10:54.0272 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/01/07 11:10:54.0312 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/01/07 11:10:54.0433 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/01/07 11:10:54.0586 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/07 11:10:54.0715 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/01/07 11:10:54.0875 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/01/07 11:10:54.0924 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/01/07 11:10:55.0001 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/07 11:10:55.0073 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
2011/01/07 11:10:55.0189 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/01/07 11:10:55.0531 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/01/07 11:10:55.0916 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/01/07 11:10:56.0047 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
2011/01/07 11:10:56.0231 IntcAzAudAddService (e02a55f45edb35641cb470a2cd56e74e) C:\Windows\system32\drivers\RTKVHD64.sys
2011/01/07 11:10:56.0496 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/01/07 11:10:56.0537 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/07 11:10:56.0570 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/07 11:10:56.0625 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/01/07 11:10:56.0668 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/01/07 11:10:56.0800 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/01/07 11:10:56.0841 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/01/07 11:10:56.0887 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/07 11:10:57.0017 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/07 11:10:57.0078 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/07 11:10:57.0117 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
2011/01/07 11:10:57.0168 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/07 11:10:57.0197 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/01/07 11:10:57.0244 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/01/07 11:10:57.0361 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys
2011/01/07 11:10:57.0516 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/01/07 11:10:57.0682 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/07 11:10:57.0832 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/01/07 11:10:57.0978 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/01/07 11:10:58.0026 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/01/07 11:10:58.0066 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/01/07 11:10:58.0105 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/01/07 11:10:58.0155 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/01/07 11:10:58.0195 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/01/07 11:10:58.0231 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/01/07 11:10:58.0294 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/01/07 11:10:58.0367 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/07 11:10:58.0390 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/07 11:10:58.0472 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/07 11:10:58.0496 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/01/07 11:10:58.0535 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/01/07 11:10:58.0578 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/07 11:10:58.0628 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/01/07 11:10:58.0669 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/07 11:10:58.0701 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/07 11:10:58.0734 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/07 11:10:58.0772 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/01/07 11:10:58.0820 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/01/07 11:10:58.0878 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/01/07 11:10:58.0913 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/01/07 11:10:58.0939 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/01/07 11:10:59.0027 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/07 11:10:59.0069 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/07 11:10:59.0101 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/01/07 11:10:59.0141 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/01/07 11:10:59.0194 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/07 11:10:59.0222 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/01/07 11:10:59.0253 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/01/07 11:10:59.0303 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
2011/01/07 11:10:59.0400 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/01/07 11:10:59.0547 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/07 11:10:59.0635 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/01/07 11:10:59.0738 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/01/07 11:10:59.0793 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/07 11:10:59.0830 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/07 11:10:59.0869 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/07 11:10:59.0910 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/01/07 11:10:59.0959 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/07 11:10:59.0992 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/07 11:11:00.0114 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/01/07 11:11:00.0233 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/01/07 11:11:00.0414 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/07 11:11:00.0473 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/01/07 11:11:00.0645 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/01/07 11:11:00.0942 nvlddmkm (0c24353933128ef8209466f5a7f73f06) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/01/07 11:11:01.0371 nvpciflt (3a8fb702a6b3cde08cce0324df922937) C:\Windows\system32\DRIVERS\nvpciflt.sys
2011/01/07 11:11:01.0498 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/01/07 11:11:01.0623 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/01/07 11:11:01.0732 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/01/07 11:11:01.0787 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/07 11:11:01.0860 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/01/07 11:11:01.0893 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/01/07 11:11:01.0925 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/01/07 11:11:01.0974 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/01/07 11:11:02.0007 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/01/07 11:11:02.0057 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/01/07 11:11:02.0100 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/01/07 11:11:02.0289 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/07 11:11:02.0344 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/01/07 11:11:02.0474 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/07 11:11:02.0521 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/01/07 11:11:02.0739 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/01/07 11:11:02.0790 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/07 11:11:02.0827 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/07 11:11:02.0890 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/01/07 11:11:03.0001 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/07 11:11:03.0149 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/07 11:11:03.0192 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/07 11:11:03.0243 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/07 11:11:03.0282 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/01/07 11:11:03.0381 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/07 11:11:03.0416 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/07 11:11:03.0436 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/01/07 11:11:03.0473 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/01/07 11:11:03.0589 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
2011/01/07 11:11:03.0771 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/07 11:11:03.0825 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/01/07 11:11:03.0873 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/01/07 11:11:03.0994 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/01/07 11:11:04.0101 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/07 11:11:04.0147 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/01/07 11:11:04.0188 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/01/07 11:11:04.0317 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/01/07 11:11:04.0348 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/01/07 11:11:04.0375 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/01/07 11:11:04.0424 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/01/07 11:11:04.0527 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
2011/01/07 11:11:04.0585 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/01/07 11:11:04.0624 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/01/07 11:11:04.0666 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/01/07 11:11:04.0817 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/01/07 11:11:05.0015 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/01/07 11:11:05.0176 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/01/07 11:11:05.0176 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/01/07 11:11:05.0190 sptd - detected Locked file (1)
2011/01/07 11:11:05.0262 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2011/01/07 11:11:05.0389 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/07 11:11:05.0514 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/07 11:11:05.0628 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/01/07 11:11:05.0739 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/07 11:11:05.0836 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/01/07 11:11:06.0127 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/07 11:11:06.0179 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/07 11:11:06.0219 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/01/07 11:11:06.0253 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/01/07 11:11:06.0299 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/07 11:11:06.0334 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/07 11:11:06.0504 tmpreflt (803ee35df92815ea5d41cee7410c8cc1) C:\Windows\system32\DRIVERS\tmpreflt.sys
2011/01/07 11:11:06.0639 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
2011/01/07 11:11:06.0798 tmxpflt (9bd32132a3470cefb3cbea5fa492bd6f) C:\Windows\system32\DRIVERS\tmxpflt.sys
2011/01/07 11:11:06.0940 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/07 11:11:07.0066 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/07 11:11:07.0125 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
2011/01/07 11:11:07.0182 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/01/07 11:11:07.0225 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/07 11:11:07.0305 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/01/07 11:11:07.0337 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/07 11:11:07.0370 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/01/07 11:11:07.0464 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
2011/01/07 11:11:07.0510 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/07 11:11:07.0614 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/01/07 11:11:07.0671 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/07 11:11:07.0810 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/07 11:11:07.0951 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/01/07 11:11:08.0002 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/07 11:11:08.0032 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/07 11:11:08.0100 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/07 11:11:08.0215 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
2011/01/07 11:11:08.0405 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/01/07 11:11:08.0466 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/07 11:11:08.0501 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/01/07 11:11:08.0534 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/01/07 11:11:08.0649 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/01/07 11:11:08.0782 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/01/07 11:11:08.0837 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/01/07 11:11:08.0862 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/01/07 11:11:08.0970 vsapint (b01ce1f5a44126892240d179a6dbd43f) C:\Windows\system32\DRIVERS\vsapint.sys
2011/01/07 11:11:09.0170 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/01/07 11:11:09.0227 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/01/07 11:11:09.0262 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/01/07 11:11:09.0311 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/01/07 11:11:09.0361 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/07 11:11:09.0389 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/07 11:11:09.0512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/01/07 11:11:09.0587 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/07 11:11:09.0720 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/01/07 11:11:09.0789 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/01/07 11:11:09.0840 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/01/07 11:11:09.0944 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/01/07 11:11:10.0039 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/07 11:11:10.0127 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/01/07 11:11:10.0240 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/07 11:11:11.0774 ================================================================================
2011/01/07 11:11:11.0774 Scan finished
2011/01/07 11:11:11.0774 ================================================================================
2011/01/07 11:11:11.0787 Detected object count: 1
2011/01/07 11:11:20.0125 Locked file(sptd) - User select action: Skip
2011/01/07 11:11:56.0791 ================================================================================
2011/01/07 11:11:56.0791 Scan started
2011/01/07 11:11:56.0791 Mode: Manual;
2011/01/07 11:11:56.0791 ================================================================================
2011/01/07 11:11:57.0059 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/01/07 11:11:57.0099 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/01/07 11:11:57.0122 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/01/07 11:11:57.0160 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/01/07 11:11:57.0197 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/01/07 11:11:57.0231 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/01/07 11:11:57.0283 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/01/07 11:11:57.0322 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/01/07 11:11:57.0357 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/01/07 11:11:57.0375 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/01/07 11:11:57.0394 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/01/07 11:11:57.0421 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/01/07 11:11:57.0447 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/01/07 11:11:57.0469 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/01/07 11:11:57.0496 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/01/07 11:11:57.0539 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
2011/01/07 11:11:57.0631 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/01/07 11:11:57.0726 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/01/07 11:11:57.0748 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/01/07 11:11:57.0817 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
2011/01/07 11:11:57.0908 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/07 11:11:57.0936 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/01/07 11:11:58.0034 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
2011/01/07 11:11:58.0105 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/01/07 11:11:58.0147 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/01/07 11:11:58.0245 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/01/07 11:11:58.0284 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/01/07 11:11:58.0324 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/07 11:11:58.0349 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/01/07 11:11:58.0368 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/01/07 11:11:58.0399 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/01/07 11:11:58.0421 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/01/07 11:11:58.0444 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/01/07 11:11:58.0462 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/01/07 11:11:58.0486 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/01/07 11:11:58.0531 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/07 11:11:58.0568 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/07 11:11:58.0661 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/01/07 11:11:58.0703 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/01/07 11:11:58.0826 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/01/07 11:11:58.0849 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/01/07 11:11:58.0917 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/01/07 11:11:58.0973 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/01/07 11:11:59.0028 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/01/07 11:11:59.0071 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/01/07 11:11:59.0128 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/01/07 11:11:59.0169 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/01/07 11:11:59.0218 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/01/07 11:11:59.0268 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/01/07 11:11:59.0429 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/07 11:11:59.0548 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/01/07 11:11:59.0674 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/01/07 11:11:59.0703 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/01/07 11:11:59.0745 ETD (38b0a3e42de9b36aa56f72a5ecb62331) C:\Windows\system32\DRIVERS\ETD.sys
2011/01/07 11:11:59.0835 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/01/07 11:11:59.0870 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/01/07 11:11:59.0905 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/07 11:11:59.0941 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/01/07 11:11:59.0956 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/01/07 11:11:59.0982 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/07 11:11:59.0999 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/01/07 11:12:00.0033 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/01/07 11:12:00.0061 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/07 11:12:00.0099 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/01/07 11:12:00.0167 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/01/07 11:12:00.0203 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/01/07 11:12:00.0268 ghaio (7d66ebde8b7f9b4e00beefeee82670d4) C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
2011/01/07 11:12:00.0377 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/01/07 11:12:00.0416 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/01/07 11:12:00.0447 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/07 11:12:00.0502 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/01/07 11:12:00.0529 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/01/07 11:12:00.0591 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/01/07 11:12:00.0612 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/01/07 11:12:00.0676 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/07 11:12:00.0761 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/01/07 11:12:00.0831 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/01/07 11:12:00.0891 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/01/07 11:12:00.0913 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/07 11:12:01.0020 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
2011/01/07 11:12:01.0067 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/01/07 11:12:01.0302 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/01/07 11:12:01.0428 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/01/07 11:12:01.0470 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
2011/01/07 11:12:01.0583 IntcAzAudAddService (e02a55f45edb35641cb470a2cd56e74e) C:\Windows\system32\drivers\RTKVHD64.sys
2011/01/07 11:12:01.0630 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/01/07 11:12:01.0671 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/07 11:12:01.0704 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/07 11:12:01.0737 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/01/07 11:12:01.0769 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/01/07 11:12:01.0801 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/01/07 11:12:01.0831 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/01/07 11:12:01.0865 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/07 11:12:01.0895 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/07 11:12:01.0923 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/07 11:12:01.0967 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
2011/01/07 11:12:02.0069 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/07 11:12:02.0088 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/01/07 11:12:02.0123 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/01/07 11:12:02.0162 L1C (48686c29856f46443952a831424f8d6f) C:\Windows\system32\DRIVERS\L1C62x64.sys
2011/01/07 11:12:02.0228 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/01/07 11:12:02.0271 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/07 11:12:02.0343 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/01/07 11:12:02.0389 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/01/07 11:12:02.0415 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/01/07 11:12:02.0443 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/01/07 11:12:02.0471 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/01/07 11:12:02.0499 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/01/07 11:12:02.0539 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/01/07 11:12:02.0576 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/01/07 11:12:02.0604 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/01/07 11:12:02.0634 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/07 11:12:02.0657 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/07 11:12:02.0683 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/07 11:12:02.0707 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/01/07 11:12:02.0733 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/01/07 11:12:02.0756 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/07 11:12:02.0800 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/01/07 11:12:02.0825 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/07 11:12:02.0843 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/07 11:12:02.0861 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/07 11:12:02.0883 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/01/07 11:12:02.0909 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/01/07 11:12:02.0944 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/01/07 11:12:02.0968 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/01/07 11:12:02.0994 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/01/07 11:12:03.0027 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/07 11:12:03.0058 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/07 11:12:03.0090 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/01/07 11:12:03.0119 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/01/07 11:12:03.0149 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/07 11:12:03.0178 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/01/07 11:12:03.0208 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/01/07 11:12:03.0236 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
2011/01/07 11:12:03.0277 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/01/07 11:12:03.0312 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/07 11:12:03.0357 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/01/07 11:12:03.0382 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/01/07 11:12:03.0404 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/07 11:12:03.0463 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/07 11:12:03.0559 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/07 11:12:03.0654 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/01/07 11:12:03.0692 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/07 11:12:03.0725 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/07 11:12:03.0802 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/01/07 11:12:03.0833 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/01/07 11:12:03.0947 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/07 11:12:04.0074 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/01/07 11:12:04.0167 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/01/07 11:12:04.0459 nvlddmkm (0c24353933128ef8209466f5a7f73f06) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/01/07 11:12:04.0606 nvpciflt (3a8fb702a6b3cde08cce0324df922937) C:\Windows\system32\DRIVERS\nvpciflt.sys
2011/01/07 11:12:04.0686 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/01/07 11:12:04.0711 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/01/07 11:12:04.0742 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/01/07 11:12:04.0764 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/07 11:12:04.0815 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/01/07 11:12:04.0838 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/01/07 11:12:04.0858 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/01/07 11:12:04.0885 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/01/07 11:12:04.0918 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/01/07 11:12:04.0946 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/01/07 11:12:04.0977 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/01/07 11:12:05.0055 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/07 11:12:05.0077 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/01/07 11:12:05.0119 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/07 11:12:05.0165 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/01/07 11:12:05.0206 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/01/07 11:12:05.0235 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/07 11:12:05.0260 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/07 11:12:05.0302 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/01/07 11:12:05.0346 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/07 11:12:05.0371 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/07 11:12:05.0392 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/07 11:12:05.0420 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/07 11:12:05.0449 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/01/07 11:12:05.0481 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/07 11:12:05.0505 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/07 11:12:05.0524 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/01/07 11:12:05.0562 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/01/07 11:12:05.0633 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
2011/01/07 11:12:05.0693 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/07 11:12:05.0725 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/01/07 11:12:05.0762 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/01/07 11:12:05.0816 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/01/07 11:12:05.0857 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/07 11:12:05.0880 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/01/07 11:12:05.0910 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/01/07 11:12:05.0961 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/01/07 11:12:05.0977 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/01/07 11:12:06.0009 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/01/07 11:12:06.0035 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/01/07 11:12:06.0071 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
2011/01/07 11:12:06.0096 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/01/07 11:12:06.0124 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/01/07 11:12:06.0155 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/01/07 11:12:06.0250 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/01/07 11:12:06.0304 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/01/07 11:12:06.0374 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/01/07 11:12:06.0374 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/01/07 11:12:06.0383 sptd - detected Locked file (1)
2011/01/07 11:12:06.0428 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2011/01/07 11:12:06.0455 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/07 11:12:06.0525 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/07 11:12:06.0639 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/01/07 11:12:06.0717 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/07 11:12:06.0835 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/01/07 11:12:06.0902 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/07 11:12:06.0946 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/07 11:12:06.0975 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/01/07 11:12:06.0998 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/01/07 11:12:07.0021 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/07 11:12:07.0079 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/07 11:12:07.0148 tmpreflt (803ee35df92815ea5d41cee7410c8cc1) C:\Windows\system32\DRIVERS\tmpreflt.sys
2011/01/07 11:12:07.0184 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
2011/01/07 11:12:07.0253 tmxpflt (9bd32132a3470cefb3cbea5fa492bd6f) C:\Windows\system32\DRIVERS\tmxpflt.sys
2011/01/07 11:12:07.0329 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/07 11:12:07.0355 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/07 11:12:07.0414 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
2011/01/07 11:12:07.0460 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/01/07 11:12:07.0537 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/07 11:12:07.0651 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/01/07 11:12:07.0704 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/07 11:12:07.0749 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/01/07 11:12:07.0821 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
2011/01/07 11:12:07.0866 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/07 11:12:07.0893 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/01/07 11:12:07.0917 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/07 11:12:07.0936 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/07 11:12:07.0963 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/01/07 11:12:07.0981 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/07 11:12:08.0011 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/07 11:12:08.0035 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/07 11:12:08.0071 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
2011/01/07 11:12:08.0183 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/01/07 11:12:08.0211 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/07 11:12:08.0235 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/01/07 11:12:08.0257 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/01/07 11:12:08.0283 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/01/07 11:12:08.0306 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/01/07 11:12:08.0337 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/01/07 11:12:08.0357 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/01/07 11:12:08.0438 vsapint (b01ce1f5a44126892240d179a6dbd43f) C:\Windows\system32\DRIVERS\vsapint.sys
2011/01/07 11:12:08.0538 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/01/07 11:12:08.0583 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/01/07 11:12:08.0607 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/01/07 11:12:08.0646 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/01/07 11:12:08.0673 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/07 11:12:08.0685 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/07 11:12:08.0735 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/01/07 11:12:08.0777 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/07 11:12:08.0832 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/01/07 11:12:08.0879 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/01/07 11:12:08.0963 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/01/07 11:12:09.0034 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/01/07 11:12:09.0084 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/07 11:12:09.0127 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/01/07 11:12:09.0150 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/07 11:12:10.0729 ================================================================================
2011/01/07 11:12:10.0730 Scan finished
2011/01/07 11:12:10.0730 ================================================================================
2011/01/07 11:12:10.0749 Detected object cou
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
7 janv. 2011 à 11:19
7 janv. 2011 à 11:19
Non ba c'est pas ça...
TDL3 c'est un rootkit qui infecte la MBR.
Refait un log ZHPdiag
TDL3 c'est un rootkit qui infecte la MBR.
Refait un log ZHPdiag
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
7 janv. 2011 à 11:38
7 janv. 2011 à 11:38
Non il trouve le fichier de Deamon tools.
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
7 janv. 2011 à 11:42
7 janv. 2011 à 11:42
Je vois plus le fichier dans le rapport, tu es sûr qu'il y est encore?
Téléchargez SystemLook sur le Bureau à partir d'un des liens ci-dessous.
http://jpshortstuff.247fixes.com/SystemLook.exe
ou
http://images.malwareremoval.com/jpshortstuff/SystemLook.exe
* Double-cliquer sur SystemLook.exepour le lancer.
* Clic droit|Copier sur ce qui suit , et clic droit|Coller dans la zone texte de SystemLook :
:filefind
FullRemove.exe
* Cliquer sur le bouton Look pour démarrer l'examen.
* le Bloc-notes s'ouvrira avec le résultat de l'analyse.
Copier-coller le rapport dans la prochaine réponse.
Note : Le rapport peut aussi être trouvé sur le Bureau sous le nom SystemLook.txt
Téléchargez SystemLook sur le Bureau à partir d'un des liens ci-dessous.
http://jpshortstuff.247fixes.com/SystemLook.exe
ou
http://images.malwareremoval.com/jpshortstuff/SystemLook.exe
* Double-cliquer sur SystemLook.exepour le lancer.
* Clic droit|Copier sur ce qui suit , et clic droit|Coller dans la zone texte de SystemLook :
:filefind
FullRemove.exe
* Cliquer sur le bouton Look pour démarrer l'examen.
* le Bloc-notes s'ouvrira avec le résultat de l'analyse.
Copier-coller le rapport dans la prochaine réponse.
Note : Le rapport peut aussi être trouvé sur le Bureau sous le nom SystemLook.txt
Svp, jette un coup d'oeil sur mon commentaire au dessus du tien.
Rapport :
SystemLook 04.09.10 by jpshortstuff
Log created at 11:52 on 07/01/2011 by Tibo
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== filefind ==========
Searching for "FullRemove.exe "
No files found.
-= EOF =-
Rapport ZHP restocké : http://www.cijoint.fr/cjlink.php?file=cj201101/cijscbICBH.txt
Rapport :
SystemLook 04.09.10 by jpshortstuff
Log created at 11:52 on 07/01/2011 by Tibo
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== filefind ==========
Searching for "FullRemove.exe "
No files found.
-= EOF =-
Rapport ZHP restocké : http://www.cijoint.fr/cjlink.php?file=cj201101/cijscbICBH.txt
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
7 janv. 2011 à 12:15
7 janv. 2011 à 12:15
Ouep, keygen etc... :)
Le fichier n'est plus présent visiblement, les pubs doivent venir d'ailleurs...
Mais de quoi?
Brancher les lecteurs externes (Clé USB, Disque dur, ...) susceptibles
d'avoir été infectés
Télécharger USBFix
- Lancer USBFix.exe
- Choisir Suppression
- Puis ok
- Patienter pendant la détection- Un fichier texte s'ouvre, fichier => enregistrer sous
- laisser le nom par défaut, enregistrer sur le bureau
- copier coller le contenu du fichier texte dans la fenetre de réponse
Le fichier n'est plus présent visiblement, les pubs doivent venir d'ailleurs...
Mais de quoi?
Brancher les lecteurs externes (Clé USB, Disque dur, ...) susceptibles
d'avoir été infectés
Télécharger USBFix
- Lancer USBFix.exe
- Choisir Suppression
- Puis ok
- Patienter pendant la détection- Un fichier texte s'ouvre, fichier => enregistrer sous
- laisser le nom par défaut, enregistrer sur le bureau
- copier coller le contenu du fichier texte dans la fenetre de réponse
Rapport USBFix :
############################## | UsbFix 7.037 | [Suppression]
Utilisateur: Tibo (Administrateur) # TIBO-PC-POTABLE [ASUSTeK Computer Inc. N53Jg]
Mis à jour le 03/01/2011 par El Desaparecido / C_XX
Lancé à 13:20:55 | 07/01/2011
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
CPU 2: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
Internet Explorer 8.0.7600.16385
Pare-feu Windows: Activé
RAM -> 3884 Mo
C:\ (%systemdrive%) -> Disque fixe # 116 Go (70 Go libre(s) - 60%) [OS] # NTFS
D:\ -> Disque fixe # 330 Go (123 Go libre(s) - 37%) [Mes Documents Tibo] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 112 Go (84 Go libre(s) - 75%) [IPOD (TIBO)] # FAT32
G:\ -> Disque fixe # 233 Go (42 Go libre(s) - 18%) [$NOOPER_1] # FAT32
H:\ -> Disque fixe # 466 Go (320 Go libre(s) - 69%) [WD] # NTFS
################## | Éléments infectieux |
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2396430774-2284136971-336663960-1001
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-2396430774-2284136971-336663960-1001
Supprimé! H:\$RECYCLE.BIN\S-1-5-21-2396430774-2284136971-336663960-1001
################## | Registre |
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Listing |
[07/01/2011 - 13:23:00 | SHD ] C:\$RECYCLE.BIN
[15/06/2009 - 12:11:59 | N | 54] C:\AdobeReader.log
[11/12/2010 - 17:22:58 | D ] C:\ASUS.DAT
[29/07/2009 - 07:03:34 | D ] C:\Boot
[14/07/2009 - 02:38:58 | RASH | 383562] C:\bootmgr
[29/07/2009 - 07:03:37 | N | 8192] C:\BOOTSECT.BAK
[05/01/2011 - 14:06:33 | D ] C:\Config.Msi
[07/01/2011 - 10:41:06 | N | 213] C:\curr_ver.tmp
[26/10/2010 - 08:50:00 | N | 14039] C:\devlist.txt
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[17/12/2010 - 22:26:44 | N | 95] C:\dpi.txt
[19/12/2010 - 15:29:05 | D ] C:\eSupport
[03/01/2011 - 14:39:25 | D ] C:\ExpressGateUtil
[26/10/2010 - 08:50:00 | N | 9] C:\Finish.log
[07/01/2011 - 09:29:27 | ASH | 3054878720] C:\hiberfil.sys
[26/10/2010 - 08:29:48 | D ] C:\Intel
[03/01/2011 - 14:53:45 | RD ] C:\MSOCache
[14/10/2010 - 12:50:35 | N | 2097152] C:\N53Jg.BIN
[15/10/2010 - 08:40:04 | N | 19] C:\N53JG_WIN7.20
[07/01/2011 - 09:29:29 | ASH | 4073172992] C:\pagefile.sys
[25/10/2010 - 20:04:33 | N | 233] C:\Pass.txt
[14/07/2009 - 04:20:08 | D ] C:\PerfLogs
[05/01/2011 - 21:49:59 | D ] C:\Program Files
[07/01/2011 - 11:31:00 | D ] C:\Program Files (x86)
[06/01/2011 - 14:05:02 | D ] C:\ProgramData
[11/12/2010 - 17:11:52 | D ] C:\Recovery
[15/10/2010 - 08:40:04 | N | 7] C:\RECOVERY.DAT
[26/10/2010 - 08:34:39 | N | 2428] C:\RHDSetup.log
[13/05/2006 - 17:22:24 | N | 5] C:\store.log
[26/10/2010 - 07:52:35 | N | 166] C:\SumHidd.txt
[26/10/2010 - 07:51:13 | N | 98] C:\SumOS.txt
[05/01/2011 - 20:39:02 | SHD ] C:\System Volume Information
[07/01/2011 - 13:23:00 | D ] C:\UsbFix
[07/01/2011 - 13:20:55 | A | 3229] C:\UsbFix.txt
[11/12/2010 - 17:14:24 | D ] C:\Users
[07/01/2011 - 10:32:03 | D ] C:\Windows
[07/01/2011 - 13:23:00 | SHD ] D:\$RECYCLE.BIN
[02/07/2010 - 14:44:15 | N | 41719] D:\bookmarks-2010-06-26.json
[07/09/2010 - 16:46:10 | N | 615839] D:\Conjugaison.zip
[02/01/2011 - 23:46:37 | N | 13538] D:\Contacts.xlsx
[11/12/2010 - 17:22:35 | ASH | 504] D:\desktop.ini
[04/01/2011 - 14:21:26 | D ] D:\Documents
[07/01/2011 - 13:17:15 | D ] D:\Downloads
[17/12/2010 - 17:46:12 | D ] D:\Emprunts
[28/10/2008 - 21:36:16 | N | 1373] D:\fuck.txt
[02/01/2011 - 23:47:42 | D ] D:\Images
[19/12/2010 - 15:03:09 | D ] D:\Jeux
[04/10/2008 - 19:35:25 | N | 236] D:\lol.txt
[09/07/2008 - 23:20:34 | N | 20] D:\mania.txt
[26/12/2010 - 11:40:22 | D ] D:\Music
[03/11/2009 - 21:18:45 | N | 926879] D:\regate_du_15_aout_o9.JPG
[17/12/2010 - 09:04:08 | D ] D:\Saved Games Windows
[26/10/2010 - 07:48:13 | SHD ] D:\System Volume Information
[22/12/2010 - 13:23:04 | D ] D:\TMP Applicatifs
[26/12/2010 - 09:12:54 | D ] D:\Vidéos
[08/11/2009 - 15:24:36 | N | 50] D:\vlcfree.txt
[01/01/2000 - 05:25:30 | D ] F:\iPod_Control
[01/01/2000 - 05:24:32 | N | 0] F:\.metadata_never_index
[01/01/2000 - 05:24:32 | D ] F:\Calendars
[01/01/2000 - 05:24:32 | D ] F:\Contacts
[01/01/2000 - 05:24:32 | D ] F:\Notes
[01/01/2000 - 05:24:32 | D ] F:\Recordings
[06/09/2009 - 23:59:18 | N | 4096] F:\._.Trashes
[06/09/2009 - 23:59:18 | D ] F:\.Trashes
[06/09/2009 - 23:59:18 | N | 4096] F:\._iPod_Control
[06/09/2009 - 23:59:20 | N | 49876] F:\.VolumeIcon.icns
[06/09/2009 - 23:59:20 | N | 4096] F:\._.VolumeIcon.icns
[06/09/2009 - 23:59:20 | N | 4096] F:\._?
[04/03/2010 - 17:52:24 | RSHD ] F:\Recycle
[13/12/2010 - 17:00:46 | N | 36] F:\syncguid.dat
[18/12/2010 - 17:43:24 | D ] F:\Photos
[22/12/2010 - 16:21:42 | D ] G:\Sauvegarde mails
[12/10/2009 - 23:15:00 | D ] G:\Sauvegarde money
[20/03/2010 - 15:11:24 | D ] G:\Sauvergarde iTunes
[25/12/2005 - 12:54:12 | SHD ] G:\System Volume Information
[18/08/2008 - 22:21:24 | ASH | 41472] G:\Thumbs.db
[21/02/2006 - 21:05:26 | D ] G:\Divers_Potes
[19/01/2006 - 22:23:08 | D ] G:\Vidéos
[18/10/2006 - 18:33:34 | D ] G:\Mes Documents
[27/12/2007 - 14:24:02 | SHD ] G:\$RECYCLE.BIN
[07/01/2011 - 13:23:00 | SHD ] H:\$RECYCLE.BIN
[31/12/2010 - 18:06:52 | D ] H:\Anaïs
[08/10/2010 - 12:01:08 | N | 239911] H:\NEM1.pdf
[06/01/2011 - 14:34:29 | D ] H:\POD
[23/12/2010 - 12:34:51 | SHD ] H:\System Volume Information
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_TIBO-PC-POTABLE.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.
################## | E.O.F |
############################## | UsbFix 7.037 | [Suppression]
Utilisateur: Tibo (Administrateur) # TIBO-PC-POTABLE [ASUSTeK Computer Inc. N53Jg]
Mis à jour le 03/01/2011 par El Desaparecido / C_XX
Lancé à 13:20:55 | 07/01/2011
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
CPU 2: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
Internet Explorer 8.0.7600.16385
Pare-feu Windows: Activé
RAM -> 3884 Mo
C:\ (%systemdrive%) -> Disque fixe # 116 Go (70 Go libre(s) - 60%) [OS] # NTFS
D:\ -> Disque fixe # 330 Go (123 Go libre(s) - 37%) [Mes Documents Tibo] # NTFS
E:\ -> CD-ROM
F:\ -> Disque amovible # 112 Go (84 Go libre(s) - 75%) [IPOD (TIBO)] # FAT32
G:\ -> Disque fixe # 233 Go (42 Go libre(s) - 18%) [$NOOPER_1] # FAT32
H:\ -> Disque fixe # 466 Go (320 Go libre(s) - 69%) [WD] # NTFS
################## | Éléments infectieux |
Supprimé! C:\$RECYCLE.BIN\S-1-5-21-2396430774-2284136971-336663960-1001
Supprimé! D:\$RECYCLE.BIN\S-1-5-21-2396430774-2284136971-336663960-1001
Supprimé! H:\$RECYCLE.BIN\S-1-5-21-2396430774-2284136971-336663960-1001
################## | Registre |
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Supprimé! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Listing |
[07/01/2011 - 13:23:00 | SHD ] C:\$RECYCLE.BIN
[15/06/2009 - 12:11:59 | N | 54] C:\AdobeReader.log
[11/12/2010 - 17:22:58 | D ] C:\ASUS.DAT
[29/07/2009 - 07:03:34 | D ] C:\Boot
[14/07/2009 - 02:38:58 | RASH | 383562] C:\bootmgr
[29/07/2009 - 07:03:37 | N | 8192] C:\BOOTSECT.BAK
[05/01/2011 - 14:06:33 | D ] C:\Config.Msi
[07/01/2011 - 10:41:06 | N | 213] C:\curr_ver.tmp
[26/10/2010 - 08:50:00 | N | 14039] C:\devlist.txt
[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings
[17/12/2010 - 22:26:44 | N | 95] C:\dpi.txt
[19/12/2010 - 15:29:05 | D ] C:\eSupport
[03/01/2011 - 14:39:25 | D ] C:\ExpressGateUtil
[26/10/2010 - 08:50:00 | N | 9] C:\Finish.log
[07/01/2011 - 09:29:27 | ASH | 3054878720] C:\hiberfil.sys
[26/10/2010 - 08:29:48 | D ] C:\Intel
[03/01/2011 - 14:53:45 | RD ] C:\MSOCache
[14/10/2010 - 12:50:35 | N | 2097152] C:\N53Jg.BIN
[15/10/2010 - 08:40:04 | N | 19] C:\N53JG_WIN7.20
[07/01/2011 - 09:29:29 | ASH | 4073172992] C:\pagefile.sys
[25/10/2010 - 20:04:33 | N | 233] C:\Pass.txt
[14/07/2009 - 04:20:08 | D ] C:\PerfLogs
[05/01/2011 - 21:49:59 | D ] C:\Program Files
[07/01/2011 - 11:31:00 | D ] C:\Program Files (x86)
[06/01/2011 - 14:05:02 | D ] C:\ProgramData
[11/12/2010 - 17:11:52 | D ] C:\Recovery
[15/10/2010 - 08:40:04 | N | 7] C:\RECOVERY.DAT
[26/10/2010 - 08:34:39 | N | 2428] C:\RHDSetup.log
[13/05/2006 - 17:22:24 | N | 5] C:\store.log
[26/10/2010 - 07:52:35 | N | 166] C:\SumHidd.txt
[26/10/2010 - 07:51:13 | N | 98] C:\SumOS.txt
[05/01/2011 - 20:39:02 | SHD ] C:\System Volume Information
[07/01/2011 - 13:23:00 | D ] C:\UsbFix
[07/01/2011 - 13:20:55 | A | 3229] C:\UsbFix.txt
[11/12/2010 - 17:14:24 | D ] C:\Users
[07/01/2011 - 10:32:03 | D ] C:\Windows
[07/01/2011 - 13:23:00 | SHD ] D:\$RECYCLE.BIN
[02/07/2010 - 14:44:15 | N | 41719] D:\bookmarks-2010-06-26.json
[07/09/2010 - 16:46:10 | N | 615839] D:\Conjugaison.zip
[02/01/2011 - 23:46:37 | N | 13538] D:\Contacts.xlsx
[11/12/2010 - 17:22:35 | ASH | 504] D:\desktop.ini
[04/01/2011 - 14:21:26 | D ] D:\Documents
[07/01/2011 - 13:17:15 | D ] D:\Downloads
[17/12/2010 - 17:46:12 | D ] D:\Emprunts
[28/10/2008 - 21:36:16 | N | 1373] D:\fuck.txt
[02/01/2011 - 23:47:42 | D ] D:\Images
[19/12/2010 - 15:03:09 | D ] D:\Jeux
[04/10/2008 - 19:35:25 | N | 236] D:\lol.txt
[09/07/2008 - 23:20:34 | N | 20] D:\mania.txt
[26/12/2010 - 11:40:22 | D ] D:\Music
[03/11/2009 - 21:18:45 | N | 926879] D:\regate_du_15_aout_o9.JPG
[17/12/2010 - 09:04:08 | D ] D:\Saved Games Windows
[26/10/2010 - 07:48:13 | SHD ] D:\System Volume Information
[22/12/2010 - 13:23:04 | D ] D:\TMP Applicatifs
[26/12/2010 - 09:12:54 | D ] D:\Vidéos
[08/11/2009 - 15:24:36 | N | 50] D:\vlcfree.txt
[01/01/2000 - 05:25:30 | D ] F:\iPod_Control
[01/01/2000 - 05:24:32 | N | 0] F:\.metadata_never_index
[01/01/2000 - 05:24:32 | D ] F:\Calendars
[01/01/2000 - 05:24:32 | D ] F:\Contacts
[01/01/2000 - 05:24:32 | D ] F:\Notes
[01/01/2000 - 05:24:32 | D ] F:\Recordings
[06/09/2009 - 23:59:18 | N | 4096] F:\._.Trashes
[06/09/2009 - 23:59:18 | D ] F:\.Trashes
[06/09/2009 - 23:59:18 | N | 4096] F:\._iPod_Control
[06/09/2009 - 23:59:20 | N | 49876] F:\.VolumeIcon.icns
[06/09/2009 - 23:59:20 | N | 4096] F:\._.VolumeIcon.icns
[06/09/2009 - 23:59:20 | N | 4096] F:\._?
[04/03/2010 - 17:52:24 | RSHD ] F:\Recycle
[13/12/2010 - 17:00:46 | N | 36] F:\syncguid.dat
[18/12/2010 - 17:43:24 | D ] F:\Photos
[22/12/2010 - 16:21:42 | D ] G:\Sauvegarde mails
[12/10/2009 - 23:15:00 | D ] G:\Sauvegarde money
[20/03/2010 - 15:11:24 | D ] G:\Sauvergarde iTunes
[25/12/2005 - 12:54:12 | SHD ] G:\System Volume Information
[18/08/2008 - 22:21:24 | ASH | 41472] G:\Thumbs.db
[21/02/2006 - 21:05:26 | D ] G:\Divers_Potes
[19/01/2006 - 22:23:08 | D ] G:\Vidéos
[18/10/2006 - 18:33:34 | D ] G:\Mes Documents
[27/12/2007 - 14:24:02 | SHD ] G:\$RECYCLE.BIN
[07/01/2011 - 13:23:00 | SHD ] H:\$RECYCLE.BIN
[31/12/2010 - 18:06:52 | D ] H:\Anaïs
[08/10/2010 - 12:01:08 | N | 239911] H:\NEM1.pdf
[06/01/2011 - 14:34:29 | D ] H:\POD
[23/12/2010 - 12:34:51 | SHD ] H:\System Volume Information
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
F:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_TIBO-PC-POTABLE.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.
################## | E.O.F |
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
7 janv. 2011 à 14:27
7 janv. 2011 à 14:27
Rien de spécial. Ces pubs apparaissent quand?
Windows9
Messages postés
271
Date d'inscription
jeudi 30 décembre 2010
Statut
Membre
Dernière intervention
3 avril 2013
107
7 janv. 2011 à 19:33
7 janv. 2011 à 19:33
j'ai le meme problème que KERATUM,y'as quelqu'un qui peut m'aider SVP ?!!
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
7 janv. 2011 à 19:36
7 janv. 2011 à 19:36
Tu peux ouvrir un nouveau fil?
Bon allez, je pense pouvoir crier victoire. Rien depuis deux jours. Le sujet peut donc être mis en Résolu.
Merci beaucoup pour ton aide Tigzy!
Merci beaucoup pour ton aide Tigzy!
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
10 janv. 2011 à 17:26
10 janv. 2011 à 17:26
Pas de quoi ;)
tu peux repasser un coup de Delfix si tu veux
tu peux repasser un coup de Delfix si tu veux
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
11 janv. 2011 à 13:43
11 janv. 2011 à 13:43
C'est la vaccination ;)
Tigzy
Messages postés
7498
Date d'inscription
lundi 15 février 2010
Statut
Contributeur sécurité
Dernière intervention
15 septembre 2021
582
12 janv. 2011 à 11:33
12 janv. 2011 à 11:33
Contre les infections USB.
Non faut pas les virer, ça empêche les virus de se greffer sur tes périph
Non faut pas les virer, ça empêche les virus de se greffer sur tes périph
5 janv. 2011 à 14:21
Voici le rapport :
http://www.cijoint.fr/cjlink.php?file=cj201101/cijh55I2Ju.txt
Merci de ton aide
5 janv. 2011 à 14:27
Rien de visible dans le rapport
Télécharger sur le bureau Malwarebyte's Anti-Malware
= double-clic sur mbam-setup pour lancer l'installation
= Installer simplement sans rien modifier
= Ne pas décocher "Faire la mise à jour"
= si la mise à jour a échoué, la faire après execution du logiciel => onglet "Mise à jour"
= Quand le programme lancé ==> cocher Exécuter un examen complet
= Clic Rechercher
= Eventuellement décocher les disque à ne pas analyser
= Clic Lancer l'examen
= En fin de scan ( 1h environ), si infection trouvée
==> Clic Afficher résultat
= Fermer vos applications en cours
= Vérifier si tout est coché et clic Supprimer la sélection
un rapport s'ouvre le copier et le coller dans la réponse
5 janv. 2011 à 14:32
Je l'avais déja fait il y a deux jours et il n'avait rien trouvé. Mais je vais suivre ta procédure à la lettre et je poste le rapport dès que possible.
5 janv. 2011 à 14:33
Si oui tu peux le poster?
5 janv. 2011 à 14:37
Je n'ai donc plus le rapport.... Mais dès que celui ci se termine, je le poste.