A voir également:
- Pub à la place des liens : Trojan
- Bloqueur de pub youtube - Guide
- Netflix standard avec pub - Guide
- Youtube sans pub - Guide
- YT Siphon : une extension pour contourner la pub sur YouTube - Guide
- Place des celibataires avis - Forum Vos droits sur internet
7 réponses
Dratik
Messages postés
128
Date d'inscription
vendredi 23 juillet 2010
Statut
Membre
Dernière intervention
9 décembre 2013
6
23 juil. 2011 à 15:22
23 juil. 2011 à 15:22
Essaye spybot c'est le même principe.
Je viens d'essayer. Au moment du scan, le logiciel c'est planté, quand je tente de l'ouvrir par le .exe sur le bureau, message d'erreur : Windows ne parvient pas à accéder au périphérique ... Exactement comme les deux précédant.
Dratik
Messages postés
128
Date d'inscription
vendredi 23 juillet 2010
Statut
Membre
Dernière intervention
9 décembre 2013
6
23 juil. 2011 à 17:13
23 juil. 2011 à 17:13
Alors essaye Combofix. J'avais un virus qui voulait pas partir l'autre jour, (qui est parti avec malwarebytes ) j'ai chercher sur internet; et sur des forums ils parlaient de Combofix. C'est très puissant d'après ce que j'ai compris, donc essaye de suivre un tutoriel pour l'utiliser.
Tutoriel : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Tutoriel : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
Utilisateur anonyme
23 juil. 2011 à 17:46
23 juil. 2011 à 17:46
Bonjour flo
Tu dois avoir le rootkit Access qui est une vraie m****, et qui kill les logiciels
de sécurité
Télécharge TDSSKiller (de Kaspersky) sur ton bureau
https://support.kaspersky.com/downloads/utils/tdsskiller.exe
Double clique sur TDSSKiller pour le lancer (avec Vista/Seven, clic droit
dessus, et sur exécuter en tant qu'administrateur
Clique sur Start scan, et laisse l'outil travailler
Si des fichiers infectés sont trouvés, une nouvelle fenêtre va s'ouvrir
Si TDSS. tdl2 est détecté, l'option delete sera cochée par défaut
Si TDSS.tdl3 est détecté, vérifie que Cure est bien cochée
Si TDSS.tdl4 (\HardDisk0\MBR) est détecté, vérifie que Cure
est bien cochée
Si Suspicious file est indiqué, laisse l'option cochée sur Skip
Clique sur Continue, puis sur Reboot now pour
redémarrer le PC
Poste le rapport qui est sauvegardé dans C:\TDSSKiller_Quarantine\
JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS
heure de passage).
Si driver suspect détecté, faire Cure
Tu dois avoir le rootkit Access qui est une vraie m****, et qui kill les logiciels
de sécurité
Télécharge TDSSKiller (de Kaspersky) sur ton bureau
https://support.kaspersky.com/downloads/utils/tdsskiller.exe
Double clique sur TDSSKiller pour le lancer (avec Vista/Seven, clic droit
dessus, et sur exécuter en tant qu'administrateur
Clique sur Start scan, et laisse l'outil travailler
Si des fichiers infectés sont trouvés, une nouvelle fenêtre va s'ouvrir
Si TDSS. tdl2 est détecté, l'option delete sera cochée par défaut
Si TDSS.tdl3 est détecté, vérifie que Cure est bien cochée
Si TDSS.tdl4 (\HardDisk0\MBR) est détecté, vérifie que Cure
est bien cochée
Si Suspicious file est indiqué, laisse l'option cochée sur Skip
Clique sur Continue, puis sur Reboot now pour
redémarrer le PC
Poste le rapport qui est sauvegardé dans C:\TDSSKiller_Quarantine\
JJ.MM.AA_HH.MM.SS. (JJ.MM.AA date du passage de l'outil, HH.MM.SS
heure de passage).
Si driver suspect détecté, faire Cure
J'ai fait ComboFix et il semble que je n'ai plus du publicité mais J'ai eu un message d'erreur comme quoi Bonjour Service n'a pas fonctionné. De plus, j'ai DartyBox security, il est activé normalement mais a une croix rouge indiquant un dysfonctionnement.
@Jawaryinti : Est-il utile de faire ça maintenant alors que j'ai fais 20 min environ de ComboFix ?
Je poste le rapport de ComboFix :
ComboFix 11-07-23.01 - Marie Claude 23/07/2011 17:56:50.1.4 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3071.1903 [GMT 2:00]
Lancé depuis: c:\users\Marie Claude\Downloads\ComboFix.exe
AV: Emsisoft Anti-Malware *Enabled/Updated* {0ADC9F7D-20C1-240F-01E2-43466EBA893A}
AV: Pack Sécurité 9.12 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Pack Sécurité 9.12 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Emsisoft Anti-Malware *Enabled/Updated* {B1BD7E99-06FB-2B81-3B52-7834153DC387}
SP: Pack Sécurité 9.12 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\CleanUp
c:\program files\CleanUp\Cleanup.cnt
c:\program files\CleanUp\Cleanup.exe
c:\program files\CleanUp\Cleanup.hlp
c:\program files\CleanUp\License.txt
c:\program files\CleanUp\Readme.txt
c:\program files\CleanUp\Uninst.isu
c:\program files\QUAD Utilities
c:\program files\QUAD Utilities\QUAD RegistryCleaner\program.log
c:\program files\QUAD Utilities\QUAD RegistryCleaner\QUAD Registry Cleaner.exe
c:\program files\QUAD Utilities\QUAD RegistryCleaner\Styles\Vista.cjstyles
c:\programdata\Amazon.ico
c:\programdata\Microsoft\Windows\Start Menu\Programs\CleanUp
c:\programdata\Microsoft\Windows\Start Menu\Programs\CleanUp\CleanUp.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\CleanUp\FullDisk Help.lnk
c:\users\Marie Claude\AppData\Local\XPIARKDU.0XE
c:\users\Marie Claude\AppData\Roaming\OfferBox
c:\users\Marie Claude\AppData\Roaming\OfferBox\config.xml
c:\users\Marie Claude\GoToAssistDownloadHelper.exe
c:\windows\$NtUninstallKB42738$
c:\windows\$NtUninstallKB42738$\1925387898
c:\windows\$NtUninstallKB42738$\480462254\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}
c:\windows\$NtUninstallKB42738$\480462254\click.tlb
c:\windows\$NtUninstallKB42738$\480462254\L\qnbwvoto
c:\windows\$NtUninstallKB42738$\480462254\loader.tlb
c:\windows\$NtUninstallKB42738$\480462254\U\@00000001
c:\windows\$NtUninstallKB42738$\480462254\U\@000000c0
c:\windows\$NtUninstallKB42738$\480462254\U\@000000cb
c:\windows\$NtUninstallKB42738$\480462254\U\@000000cf
c:\windows\$NtUninstallKB42738$\480462254\U\@80000000
c:\windows\$NtUninstallKB42738$\480462254\U\@800000c0
c:\windows\$NtUninstallKB42738$\480462254\U\@800000cb
c:\windows\$NtUninstallKB42738$\480462254\U\@800000cf
c:\windows\system32\c_84610.nls
c:\windows\system32\drivers\1197101954.sys
c:\windows\system32\Ijl11.dll
c:\windows\system32\jusched.exe
.
Une copie infectée de c:\windows\system32\drivers\cdrom.sys a été trouvée et désinfectée
Copie restaurée à partir de - The cat found it :)
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_1197101954
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-06-23 au 2011-07-23 ))))))))))))))))))))))))))))))))))))
.
.
2011-07-23 16:07 . 2011-07-23 16:10 -------- d-----w- c:\users\Marie Claude\AppData\Local\temp
2011-07-23 13:23 . 2011-07-23 13:32 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-07-23 13:23 . 2011-07-23 13:32 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-07-23 12:01 . 2011-07-23 12:01 -------- d-----w- c:\program files\CleanUp!
2011-07-23 11:57 . 1997-12-17 16:33 304128 ----a-w- c:\windows\IsUninst.exe
2011-07-16 13:21 . 2011-07-16 13:21 -------- d-----w- c:\programdata\ALM
2011-07-16 13:06 . 2008-04-07 03:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-07-16 12:59 . 2011-07-16 12:59 -------- d-----w- c:\program files\Adobe Media Player
2011-07-14 17:20 . 2011-07-14 17:20 -------- d-----w- c:\program files\EXPRESS_Player Now Radio
2011-07-14 14:17 . 2011-07-14 17:20 -------- d-----w- c:\users\Marie Claude\AppData\Local\WDSetup
2011-07-13 05:24 . 2011-06-02 12:59 2042368 ----a-w- c:\windows\system32\win32k.sys
2011-07-13 05:24 . 2011-04-20 14:47 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 05:24 . 2011-04-20 14:44 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-11 12:39 . 2011-07-11 12:39 -------- d-----w- c:\program files\uTorrent
2011-07-11 12:38 . 2011-07-17 17:10 -------- d-----w- c:\users\Marie Claude\AppData\Roaming\uTorrent
2011-07-11 12:38 . 2011-07-11 12:38 -------- d-----w- c:\users\Marie Claude\AppData\Local\uTorrent
2011-06-29 04:57 . 2011-04-29 14:54 276992 ----a-w- c:\windows\system32\schannel.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-13 03:39 . 2011-07-22 05:50 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2664F2EC-3B78-4500-B6D3-69A0C2375AC2}\mpengine.dll
2011-06-03 19:55 . 2007-12-08 00:08 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-05-28 06:08 . 2011-06-15 06:06 916480 ----a-w- c:\windows\system32\wininet.dll
2011-05-28 06:04 . 2011-06-15 06:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-28 06:04 . 2011-06-15 06:06 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-28 06:04 . 2011-06-15 06:06 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-05-28 06:04 . 2011-06-15 06:06 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-28 05:10 . 2011-06-15 06:06 385024 ----a-w- c:\windows\system32\html.iec
2011-05-28 04:33 . 2011-06-15 06:06 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-28 04:31 . 2011-06-15 06:06 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-24 17:14 . 2009-10-03 16:59 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-02 15:58 . 2011-06-15 06:06 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 12:49 . 2011-06-15 06:07 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 12:49 . 2011-06-15 06:07 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-29 12:49 . 2011-06-15 06:06 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-29 12:49 . 2011-06-15 06:06 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-29 12:49 . 2011-06-15 06:06 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2011-07-08 07:37 . 2011-07-21 16:39 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\SideBar.exe" [2008-01-19 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-01-10 92704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-01-10 8530464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-01-10 88608]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-01-22 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"F-Secure Manager"="c:\program files\DartyBox Securite\Common\FSM32.EXE" [2009-11-18 201128]
"F-Secure TNB"="c:\program files\DartyBox Securite\FSGUI\TNBUtil.exe" [2009-11-18 1655208]
"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2011-06-03 273544]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^Marie Claude^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk]
path=c:\users\Marie Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk
backup=c:\windows\pss\Notification de cadeaux MSN.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-22 05:05 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 20:16 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-01-15 09:26 4874240 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]
2009-06-05 11:38 468408 ----a-w- c:\windows\System32\Adobe\Shockwave 11\SwHelper_1150600.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-01-19 07:33 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca5b98b6d6fc05;Service Google Update (gupdate1ca5b98b6d6fc05);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 133104]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 133104]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files\DartyBox Securite\Anti-Virus\Win2K\FSfilter.sys [2009-11-18 41640]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\DartyBox Securite\Anti-Virus\Win2K\FSrec.sys [2009-11-18 27048]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2011-01-07 42664]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-11 691696]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\DartyBox Securite\HIPS\drivers\fshs.sys [2009-11-18 69928]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-11-18 37544]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-18 72904]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\DartyBox Securite\Anti-Virus\minifilter\fsvista.sys [2009-11-18 14248]
S2 MSSQL$RADIONOMY536765;SQL Server (RADIONOMY536765);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\DartyBox Securite\Anti-Virus\minifilter\fsgk.sys [2011-06-10 148648]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\DartyBox Securite\ORSP Client\fsorsp.exe [2011-05-23 61088]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
.
.
Contenu du dossier 'Tâches planifiées'
.
2011-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 08:44]
.
2011-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 08:44]
.
2011-07-22 c:\windows\Tasks\User_Feed_Synchronization-{7A5A493B-2EEE-45F0-9B29-91757BDC4A7F}.job
- c:\windows\system32\msfeedssync.exe [2011-06-15 04:32]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
LSP: c:\program files\DartyBox Securite\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 192.168.1.254 0.0.0.0
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\Marie Claude\AppData\Roaming\Mozilla\Firefox\Profiles\tee6hl3j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://google.fr/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?mkt=fr-FR&form=MIAWB1&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Notify-GoToAssist - c:\program files\Citrix\GoToAssist\516\G2AWinLogon.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-23 18:12
Windows 6.0.6001 Service Pack 1 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\DartyBox Securite\Common\FSMA32.EXE
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\DartyBox Securite\Common\FSHDLL32.EXE
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
.
**************************************************************************
.
Heure de fin: 2011-07-23 18:16:50 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-07-23 16:16
.
Avant-CF: 231 932 870 656 octets libres
Après-CF: 231 673 413 632 octets libres
.
- - End Of File - - A92BE3BDDA836E155C7EFE6A4F47333B
@Jawaryinti : Est-il utile de faire ça maintenant alors que j'ai fais 20 min environ de ComboFix ?
Je poste le rapport de ComboFix :
ComboFix 11-07-23.01 - Marie Claude 23/07/2011 17:56:50.1.4 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3071.1903 [GMT 2:00]
Lancé depuis: c:\users\Marie Claude\Downloads\ComboFix.exe
AV: Emsisoft Anti-Malware *Enabled/Updated* {0ADC9F7D-20C1-240F-01E2-43466EBA893A}
AV: Pack Sécurité 9.12 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Pack Sécurité 9.12 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Emsisoft Anti-Malware *Enabled/Updated* {B1BD7E99-06FB-2B81-3B52-7834153DC387}
SP: Pack Sécurité 9.12 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\CleanUp
c:\program files\CleanUp\Cleanup.cnt
c:\program files\CleanUp\Cleanup.exe
c:\program files\CleanUp\Cleanup.hlp
c:\program files\CleanUp\License.txt
c:\program files\CleanUp\Readme.txt
c:\program files\CleanUp\Uninst.isu
c:\program files\QUAD Utilities
c:\program files\QUAD Utilities\QUAD RegistryCleaner\program.log
c:\program files\QUAD Utilities\QUAD RegistryCleaner\QUAD Registry Cleaner.exe
c:\program files\QUAD Utilities\QUAD RegistryCleaner\Styles\Vista.cjstyles
c:\programdata\Amazon.ico
c:\programdata\Microsoft\Windows\Start Menu\Programs\CleanUp
c:\programdata\Microsoft\Windows\Start Menu\Programs\CleanUp\CleanUp.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\CleanUp\FullDisk Help.lnk
c:\users\Marie Claude\AppData\Local\XPIARKDU.0XE
c:\users\Marie Claude\AppData\Roaming\OfferBox
c:\users\Marie Claude\AppData\Roaming\OfferBox\config.xml
c:\users\Marie Claude\GoToAssistDownloadHelper.exe
c:\windows\$NtUninstallKB42738$
c:\windows\$NtUninstallKB42738$\1925387898
c:\windows\$NtUninstallKB42738$\480462254\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}
c:\windows\$NtUninstallKB42738$\480462254\click.tlb
c:\windows\$NtUninstallKB42738$\480462254\L\qnbwvoto
c:\windows\$NtUninstallKB42738$\480462254\loader.tlb
c:\windows\$NtUninstallKB42738$\480462254\U\@00000001
c:\windows\$NtUninstallKB42738$\480462254\U\@000000c0
c:\windows\$NtUninstallKB42738$\480462254\U\@000000cb
c:\windows\$NtUninstallKB42738$\480462254\U\@000000cf
c:\windows\$NtUninstallKB42738$\480462254\U\@80000000
c:\windows\$NtUninstallKB42738$\480462254\U\@800000c0
c:\windows\$NtUninstallKB42738$\480462254\U\@800000cb
c:\windows\$NtUninstallKB42738$\480462254\U\@800000cf
c:\windows\system32\c_84610.nls
c:\windows\system32\drivers\1197101954.sys
c:\windows\system32\Ijl11.dll
c:\windows\system32\jusched.exe
.
Une copie infectée de c:\windows\system32\drivers\cdrom.sys a été trouvée et désinfectée
Copie restaurée à partir de - The cat found it :)
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_1197101954
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-06-23 au 2011-07-23 ))))))))))))))))))))))))))))))))))))
.
.
2011-07-23 16:07 . 2011-07-23 16:10 -------- d-----w- c:\users\Marie Claude\AppData\Local\temp
2011-07-23 13:23 . 2011-07-23 13:32 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-07-23 13:23 . 2011-07-23 13:32 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-07-23 12:01 . 2011-07-23 12:01 -------- d-----w- c:\program files\CleanUp!
2011-07-23 11:57 . 1997-12-17 16:33 304128 ----a-w- c:\windows\IsUninst.exe
2011-07-16 13:21 . 2011-07-16 13:21 -------- d-----w- c:\programdata\ALM
2011-07-16 13:06 . 2008-04-07 03:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-07-16 12:59 . 2011-07-16 12:59 -------- d-----w- c:\program files\Adobe Media Player
2011-07-14 17:20 . 2011-07-14 17:20 -------- d-----w- c:\program files\EXPRESS_Player Now Radio
2011-07-14 14:17 . 2011-07-14 17:20 -------- d-----w- c:\users\Marie Claude\AppData\Local\WDSetup
2011-07-13 05:24 . 2011-06-02 12:59 2042368 ----a-w- c:\windows\system32\win32k.sys
2011-07-13 05:24 . 2011-04-20 14:47 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 05:24 . 2011-04-20 14:44 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-11 12:39 . 2011-07-11 12:39 -------- d-----w- c:\program files\uTorrent
2011-07-11 12:38 . 2011-07-17 17:10 -------- d-----w- c:\users\Marie Claude\AppData\Roaming\uTorrent
2011-07-11 12:38 . 2011-07-11 12:38 -------- d-----w- c:\users\Marie Claude\AppData\Local\uTorrent
2011-06-29 04:57 . 2011-04-29 14:54 276992 ----a-w- c:\windows\system32\schannel.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-13 03:39 . 2011-07-22 05:50 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2664F2EC-3B78-4500-B6D3-69A0C2375AC2}\mpengine.dll
2011-06-03 19:55 . 2007-12-08 00:08 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-05-28 06:08 . 2011-06-15 06:06 916480 ----a-w- c:\windows\system32\wininet.dll
2011-05-28 06:04 . 2011-06-15 06:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-28 06:04 . 2011-06-15 06:06 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-28 06:04 . 2011-06-15 06:06 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-05-28 06:04 . 2011-06-15 06:06 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-28 05:10 . 2011-06-15 06:06 385024 ----a-w- c:\windows\system32\html.iec
2011-05-28 04:33 . 2011-06-15 06:06 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-28 04:31 . 2011-06-15 06:06 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-24 17:14 . 2009-10-03 16:59 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-02 15:58 . 2011-06-15 06:06 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 12:49 . 2011-06-15 06:07 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 12:49 . 2011-06-15 06:07 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-29 12:49 . 2011-06-15 06:06 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-29 12:49 . 2011-06-15 06:06 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-29 12:49 . 2011-06-15 06:06 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2011-07-08 07:37 . 2011-07-21 16:39 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\SideBar.exe" [2008-01-19 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-01-10 92704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-01-10 8530464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-01-10 88608]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-01-22 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"F-Secure Manager"="c:\program files\DartyBox Securite\Common\FSM32.EXE" [2009-11-18 201128]
"F-Secure TNB"="c:\program files\DartyBox Securite\FSGUI\TNBUtil.exe" [2009-11-18 1655208]
"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2011-06-03 273544]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^Marie Claude^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk]
path=c:\users\Marie Claude\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk
backup=c:\windows\pss\Notification de cadeaux MSN.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-22 05:05 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 20:16 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-01-15 09:26 4874240 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]
2009-06-05 11:38 468408 ----a-w- c:\windows\System32\Adobe\Shockwave 11\SwHelper_1150600.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-01-19 07:33 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca5b98b6d6fc05;Service Google Update (gupdate1ca5b98b6d6fc05);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 133104]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 133104]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files\DartyBox Securite\Anti-Virus\Win2K\FSfilter.sys [2009-11-18 41640]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\DartyBox Securite\Anti-Virus\Win2K\FSrec.sys [2009-11-18 27048]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2011-01-07 42664]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-11 691696]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\DartyBox Securite\HIPS\drivers\fshs.sys [2009-11-18 69928]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-11-18 37544]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-18 72904]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\DartyBox Securite\Anti-Virus\minifilter\fsvista.sys [2009-11-18 14248]
S2 MSSQL$RADIONOMY536765;SQL Server (RADIONOMY536765);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\DartyBox Securite\Anti-Virus\minifilter\fsgk.sys [2011-06-10 148648]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\DartyBox Securite\ORSP Client\fsorsp.exe [2011-05-23 61088]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
.
.
Contenu du dossier 'Tâches planifiées'
.
2011-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 08:44]
.
2011-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-02 08:44]
.
2011-07-22 c:\windows\Tasks\User_Feed_Synchronization-{7A5A493B-2EEE-45F0-9B29-91757BDC4A7F}.job
- c:\windows\system32\msfeedssync.exe [2011-06-15 04:32]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Ajouter la cible du lien à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Ajouter à un fichier PDF existant - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convertir au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Convertir la cible du lien au format Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
LSP: c:\program files\DartyBox Securite\FSPS\program\FSLSP.DLL
TCP: DhcpNameServer = 192.168.1.254 0.0.0.0
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\Marie Claude\AppData\Roaming\Mozilla\Firefox\Profiles\tee6hl3j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://google.fr/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?mkt=fr-FR&form=MIAWB1&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Notify-GoToAssist - c:\program files\Citrix\GoToAssist\516\G2AWinLogon.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-23 18:12
Windows 6.0.6001 Service Pack 1 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\DartyBox Securite\Common\FSMA32.EXE
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\DartyBox Securite\Common\FSHDLL32.EXE
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
.
**************************************************************************
.
Heure de fin: 2011-07-23 18:16:50 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-07-23 16:16
.
Avant-CF: 231 932 870 656 octets libres
Après-CF: 231 673 413 632 octets libres
.
- - End Of File - - A92BE3BDDA836E155C7EFE6A4F47333B
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
23 juil. 2011 à 18:34
23 juil. 2011 à 18:34
c:\windows\system32\c_84610.nls
c:\windows\system32\drivers\1197101954.sys
c:\windows\system32\Ijl11.dll
c:\windows\system32\jusched.exe
.
Une copie infectée de c:\windows\system32\drivers\cdrom.sys a été trouvée et désinfectée
Copie restaurée à partir de - The cat found it :)
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_1197101954
.
Fait moi TDSS Killer, car ComboFix a trouvé une belle m****
c:\windows\system32\drivers\1197101954.sys
c:\windows\system32\Ijl11.dll
c:\windows\system32\jusched.exe
.
Une copie infectée de c:\windows\system32\drivers\cdrom.sys a été trouvée et désinfectée
Copie restaurée à partir de - The cat found it :)
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_1197101954
.
Fait moi TDSS Killer, car ComboFix a trouvé une belle m****
J'ai fais TDSS Killer :
Je suis tombé sur un Suspicious Object, j'ai fait Skip et Continue et une fenêtre s'affiche : http://image-heberg.fr/files/1311441700315360.jpg
J'ai fait close mais...il n'y a pas reboot now
Par ailleurs : lors du scan, j'ai laissé ouvert mozilla Ffx
Le rapport :
2011/07/23 19:10:09.0513 5188 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/23 19:10:09.0954 5188 ================================================================================
2011/07/23 19:10:09.0954 5188 SystemInfo:
2011/07/23 19:10:09.0954 5188
2011/07/23 19:10:09.0954 5188 OS Version: 6.0.6001 ServicePack: 1.0
2011/07/23 19:10:09.0954 5188 Product type: Workstation
2011/07/23 19:10:09.0954 5188 ComputerName: PC-DE-MARIECLAU
2011/07/23 19:10:09.0954 5188 UserName: Marie Claude
2011/07/23 19:10:09.0954 5188 Windows directory: C:\Windows
2011/07/23 19:10:09.0954 5188 System windows directory: C:\Windows
2011/07/23 19:10:09.0954 5188 Processor architecture: Intel x86
2011/07/23 19:10:09.0954 5188 Number of processors: 4
2011/07/23 19:10:09.0954 5188 Page size: 0x1000
2011/07/23 19:10:09.0954 5188 Boot type: Normal boot
2011/07/23 19:10:09.0954 5188 ================================================================================
2011/07/23 19:10:10.0344 5188 Initialize success
2011/07/23 19:10:17.0226 3716 ================================================================================
2011/07/23 19:10:17.0226 3716 Scan started
2011/07/23 19:10:17.0226 3716 Mode: Manual;
2011/07/23 19:10:17.0226 3716 ================================================================================
2011/07/23 19:10:19.0725 3716 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/07/23 19:10:19.0973 3716 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
2011/07/23 19:10:21.0611 3716 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/07/23 19:10:21.0902 3716 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/07/23 19:10:23.0592 3716 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/07/23 19:10:28.0804 3716 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/07/23 19:10:33.0720 3716 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
2011/07/23 19:10:34.0061 3716 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/07/23 19:10:34.0281 3716 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/07/23 19:10:34.0663 3716 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/07/23 19:10:34.0781 3716 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/07/23 19:10:34.0856 3716 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/07/23 19:10:34.0955 3716 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/07/23 19:10:35.0021 3716 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/07/23 19:10:35.0070 3716 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/07/23 19:10:35.0170 3716 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/07/23 19:10:38.0121 3716 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/23 19:10:38.0341 3716 atapi (4f4fcb8b6ea06784fb6d475b7ec7300f) C:\Windows\system32\drivers\atapi.sys
2011/07/23 19:10:38.0648 3716 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/07/23 19:10:42.0524 3716 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/23 19:10:46.0020 3716 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/07/23 19:10:48.0951 3716 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/07/23 19:10:50.0553 3716 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/07/23 19:10:52.0394 3716 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/07/23 19:10:52.0644 3716 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/07/23 19:10:53.0656 3716 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/07/23 19:10:53.0894 3716 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/07/23 19:10:55.0528 3716 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/23 19:10:55.0856 3716 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/23 19:10:59.0249 3716 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/07/23 19:11:00.0356 3716 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/07/23 19:11:03.0816 3716 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/07/23 19:11:05.0572 3716 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/07/23 19:11:05.0828 3716 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/07/23 19:11:08.0559 3716 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/07/23 19:11:08.0857 3716 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
2011/07/23 19:11:11.0648 3716 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/07/23 19:11:11.0954 3716 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/07/23 19:11:13.0781 3716 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/23 19:11:14.0169 3716 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/07/23 19:11:14.0387 3716 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/07/23 19:11:18.0643 3716 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/07/23 19:11:22.0374 3716 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/07/23 19:11:22.0561 3716 F-Secure Filter (c42b0105e09b1ece2dd75141cf64afd6) C:\Program Files\DartyBox Securite\Anti-Virus\Win2K\FSfilter.sys
2011/07/23 19:11:22.0732 3716 F-Secure Gatekeeper (b944feed1e1720da72f82695b0afb078) C:\Program Files\DartyBox Securite\Anti-Virus\minifilter\fsgk.sys
2011/07/23 19:11:23.0519 3716 F-Secure HIPS (dc0720248dc4d1f303df94ccc3adff96) C:\Program Files\DartyBox Securite\HIPS\drivers\fshs.sys
2011/07/23 19:11:23.0696 3716 F-Secure Recognizer (17b22d1bb6770d8a86573387345c1738) C:\Program Files\DartyBox Securite\Anti-Virus\Win2K\FSrec.sys
2011/07/23 19:11:23.0921 3716 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/07/23 19:11:27.0768 3716 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/23 19:11:28.0082 3716 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/07/23 19:11:28.0700 3716 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/07/23 19:11:34.0219 3716 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/23 19:11:36.0551 3716 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/07/23 19:11:41.0892 3716 fsbts (0e3e5d0486c4e2128b9f0e1c2fd410c4) C:\Windows\system32\Drivers\fsbts.sys
2011/07/23 19:11:46.0300 3716 FSES (5817ba84856b720702b17ba0841ac266) C:\Windows\system32\drivers\fses.sys
2011/07/23 19:11:48.0855 3716 FSFW (4873e90a180e1585f9b6c6d52aebf52c) C:\Windows\system32\drivers\fsdfw.sys
2011/07/23 19:11:48.0984 3716 fsvista (d8b300c1c744460dae837db72bc2ccbd) C:\Program Files\DartyBox Securite\Anti-Virus\minifilter\fsvista.sys
2011/07/23 19:11:49.0174 3716 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/23 19:11:50.0154 3716 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/07/23 19:11:51.0228 3716 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/07/23 19:11:55.0280 3716 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/23 19:11:58.0318 3716 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/07/23 19:11:59.0257 3716 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/07/23 19:11:59.0450 3716 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/07/23 19:12:00.0535 3716 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/07/23 19:12:03.0239 3716 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/07/23 19:12:07.0420 3716 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/07/23 19:12:07.0823 3716 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/23 19:12:08.0870 3716 iaStor (25c3d5f66a74a7bddeca56085f040d2e) C:\Windows\system32\drivers\iastor.sys
2011/07/23 19:12:10.0904 3716 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/07/23 19:12:14.0303 3716 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/07/23 19:12:19.0828 3716 IntcAzAudAddService (edc37b918e583a5a813c53d4f5588255) C:\Windows\system32\drivers\RTKVHDA.sys
2011/07/23 19:12:22.0502 3716 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/07/23 19:12:25.0529 3716 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/23 19:12:28.0252 3716 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/23 19:12:31.0337 3716 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/07/23 19:12:33.0088 3716 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/07/23 19:12:33.0942 3716 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/07/23 19:12:36.0454 3716 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/07/23 19:12:37.0989 3716 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/23 19:12:38.0182 3716 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/07/23 19:12:39.0117 3716 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/07/23 19:12:41.0664 3716 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/23 19:12:41.0816 3716 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/07/23 19:12:45.0878 3716 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/23 19:12:48.0553 3716 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/23 19:12:48.0750 3716 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/07/23 19:12:51.0460 3716 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/07/23 19:12:51.0790 3716 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/07/23 19:12:51.0969 3716 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/07/23 19:12:54.0803 3716 LVcKap (fb548ff809634bfa866312b37d8a18ae) C:\Windows\system32\DRIVERS\LVcKap.sys
2011/07/23 19:12:55.0288 3716 LVMVDrv (fe3fb994f8702d9e37648927819b74b8) C:\Windows\system32\DRIVERS\LVMVDrv.sys
2011/07/23 19:12:55.0486 3716 LVPr2Mon (c7ea51f1ab10b0b2b443f4d5589fc1a5) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
2011/07/23 19:12:58.0556 3716 LVUSBSta (caef4c05ba2c1acad4ebcaa4261cd55d) C:\Windows\system32\drivers\LVUSBSta.sys
2011/07/23 19:13:01.0684 3716 ManyCam (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys
2011/07/23 19:13:02.0808 3716 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/07/23 19:13:03.0898 3716 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/07/23 19:13:04.0133 3716 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/23 19:13:05.0689 3716 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/23 19:13:08.0142 3716 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys
2011/07/23 19:13:08.0337 3716 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/07/23 19:13:08.0570 3716 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/07/23 19:13:13.0104 3716 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/23 19:13:14.0226 3716 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/07/23 19:13:15.0889 3716 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/07/23 19:13:16.0721 3716 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/23 19:13:20.0392 3716 mrxsmb10 (cf6e972f8e0d0f2970360a17572b366b) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/23 19:13:21.0212 3716 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/23 19:13:23.0661 3716 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/07/23 19:13:27.0031 3716 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/07/23 19:13:27.0166 3716 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/07/23 19:13:27.0315 3716 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/07/23 19:13:28.0966 3716 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/23 19:13:31.0485 3716 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/23 19:13:32.0323 3716 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/07/23 19:13:34.0311 3716 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/07/23 19:13:35.0177 3716 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/23 19:13:35.0336 3716 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/07/23 19:13:36.0203 3716 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/07/23 19:13:36.0387 3716 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/23 19:13:36.0558 3716 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/07/23 19:13:38.0237 3716 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/23 19:13:39.0809 3716 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/23 19:13:43.0553 3716 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/23 19:13:46.0048 3716 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/07/23 19:13:46.0213 3716 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/23 19:13:47.0047 3716 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/23 19:13:47.0223 3716 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/07/23 19:13:47.0401 3716 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/07/23 19:13:47.0546 3716 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/23 19:13:48.0156 3716 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/07/23 19:13:48.0371 3716 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/07/23 19:13:49.0976 3716 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/07/23 19:13:50.0362 3716 nvlddmkm (351265910a8ef5fc6cc4535a00054049) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/23 19:13:52.0962 3716 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/07/23 19:13:53.0201 3716 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/07/23 19:13:56.0294 3716 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/07/23 19:14:04.0257 3716 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/23 19:14:04.0544 3716 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/07/23 19:14:06.0299 3716 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/07/23 19:14:06.0535 3716 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/07/23 19:14:06.0639 3716 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/07/23 19:14:06.0739 3716 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/07/23 19:14:08.0798 3716 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/07/23 19:14:09.0294 3716 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/07/23 19:14:11.0719 3716 pepifilter (c5d5ea6a29523e0f6016741e9851c6db) C:\Windows\system32\DRIVERS\lv302af.sys
2011/07/23 19:14:14.0185 3716 PID_PEPI (3f96dcd4ac98c8e0d3c03c24fd49a2fe) C:\Windows\system32\DRIVERS\LV302V32.SYS
2011/07/23 19:14:18.0002 3716 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/23 19:14:18.0148 3716 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/07/23 19:14:22.0658 3716 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys
2011/07/23 19:14:24.0410 3716 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/23 19:14:26.0923 3716 PxHelp20 (d970470f8f39470bdae94d313a1ccdce) C:\Windows\system32\Drivers\PxHelp20.sys
2011/07/23 19:14:27.0258 3716 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/07/23 19:14:29.0900 3716 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/07/23 19:14:30.0885 3716 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/23 19:14:31.0040 3716 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/23 19:14:33.0763 3716 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/23 19:14:36.0266 3716 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/23 19:14:37.0931 3716 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/23 19:14:38.0184 3716 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/23 19:14:39.0983 3716 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/23 19:14:42.0392 3716 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/07/23 19:14:43.0270 3716 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/23 19:14:43.0670 3716 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/07/23 19:14:45.0254 3716 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/23 19:14:47.0867 3716 RTL8169 (3d2b6520699d1dcd5a13f9e7cad62199) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/07/23 19:14:51.0939 3716 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/07/23 19:14:55.0854 3716 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/23 19:14:56.0748 3716 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/07/23 19:14:57.0201 3716 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/07/23 19:14:57.0475 3716 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/07/23 19:15:00.0191 3716 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
2011/07/23 19:15:03.0684 3716 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/23 19:15:03.0909 3716 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/23 19:15:04.0851 3716 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/07/23 19:15:07.0319 3716 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/07/23 19:15:08.0353 3716 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/07/23 19:15:10.0300 3716 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/07/23 19:15:10.0652 3716 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/07/23 19:15:11.0059 3716 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/07/23 19:15:15.0349 3716 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/07/23 19:15:15.0350 3716 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/07/23 19:15:15.0356 3716 sptd - detected LockedFile.Multi.Generic (1)
2011/07/23 19:15:17.0158 3716 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/07/23 19:15:17.0430 3716 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/23 19:15:19.0797 3716 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/23 19:15:20.0158 3716 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2011/07/23 19:15:20.0338 3716 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/23 19:15:22.0369 3716 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/07/23 19:15:26.0392 3716 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/07/23 19:15:28.0830 3716 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/07/23 19:15:32.0787 3716 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/07/23 19:15:34.0936 3716 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/23 19:15:39.0624 3716 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/23 19:15:40.0684 3716 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/07/23 19:15:41.0837 3716 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/07/23 19:15:45.0391 3716 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/23 19:15:48.0786 3716 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/23 19:15:49.0132 3716 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/23 19:15:52.0553 3716 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/07/23 19:15:53.0483 3716 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/23 19:15:58.0294 3716 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/07/23 19:16:04.0038 3716 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/23 19:16:05.0984 3716 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/23 19:16:06.0386 3716 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/07/23 19:16:09.0889 3716 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/07/23 19:16:13.0805 3716 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/07/23 19:16:16.0105 3716 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/23 19:16:19.0442 3716 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
2011/07/23 19:16:22.0549 3716 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/23 19:16:22.0854 3716 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/07/23 19:16:25.0298 3716 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/23 19:16:25.0524 3716 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/23 19:16:27.0930 3716 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/07/23 19:16:28.0092 3716 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/23 19:16:29.0718 3716 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/23 19:16:32.0066 3716 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/23 19:16:34.0533 3716 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/23 19:16:38.0262 3716 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/23 19:16:41.0567 3716 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/07/23 19:16:41.0802 3716 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/07/23 19:16:45.0539 3716 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/07/23 19:16:48.0747 3716 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/07/23 19:16:49.0007 3716 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/07/23 19:16:50.0705 3716 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/07/23 19:16:54.0593 3716 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/07/23 19:16:56.0237 3716 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/07/23 19:16:56.0414 3716 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/07/23 19:17:00.0522 3716 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/23 19:17:00.0704 3716 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/23 19:17:01.0131 3716 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/07/23 19:17:04.0757 3716 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/23 19:17:05.0610 3716 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/23 19:17:06.0987 3716 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/23 19:17:07.0363 3716 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/23 19:17:07.0529 3716 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
2011/07/23 19:17:08.0027 3716 Boot (0x1200) (f179ffcd81e3057923057e99baef2477) \Device\Harddisk0\DR0\Partition0
2011/07/23 19:17:08.0094 3716 Boot (0x1200) (ec2a68e73bbc2176ee832d0c626d15fb) \Device\Harddisk0\DR0\Partition1
2011/07/23 19:17:08.0099 3716 ================================================================================
2011/07/23 19:17:08.0099 3716 Scan finished
2011/07/23 19:17:08.0099 3716 ================================================================================
2011/07/23 19:17:08.0111 2692 Detected object count: 1
2011/07/23 19:17:08.0111 2692 Actual detected object count: 1
2011/07/23 19:18:28.0507 2692 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/07/23 19:18:47.0989 5660 ================================================================================
2011/07/23 19:18:47.0989 5660 Scan started
2011/07/23 19:18:47.0989 5660 Mode: Manual;
2011/07/23 19:18:47.0989 5660 ================================================================================
2011/07/23 19:18:48.0326 5660 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/07/23 19:18:48.0517 5660 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
2011/07/23 19:18:48.0619 5660 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/07/23 19:18:48.0686 5660 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/07/23 19:18:48.0783 5660 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/07/23 19:18:48.0842 5660 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/07/23 19:18:48.0904 5660 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
2011/07/23 19:18:49.0055 5660 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/07/23 19:18:49.0125 5660 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/07/23 19:18:49.0183 5660 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/07/23 19:18:49.0243 5660 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/07/23 19:18:49.0285 5660 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/07/23 19:18:49.0375 5660 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/07/23 19:18:49.0442 5660 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/07/23 19:18:49.0483 5660 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/07/23 19:18:49.0541 5660 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/07/23 19:18:49.0604 5660 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/23 19:18:49.0658 5660 atapi (4f4fcb8b6ea06784fb6d475b7ec7300f) C:\Windows\system32\drivers\atapi.sys
2011/07/23 19:18:49.0716 5660 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/07/23 19:18:49.0817 5660 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/23 19:18:49.0844 5660 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/07/23 19:18:49.0871 5660 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/07/23 19:18:49.0922 5660 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/07/23 19:18:49.0970 5660 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/07/23 19:18:49.0996 5660 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/07/23 19:18:50.0096 5660 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/07/23 19:18:50.0150 5660 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/07/23 19:18:50.0623 5660 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/23 19:18:50.0760 5660 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/23 19:18:50.0859 5660 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/07/23 19:18:50.0987 5660 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/07/23 19:18:51.0111 5660 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/07/23 19:18:51.0149 5660 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/07/23 19:18:51.0206 5660 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/07/23 19:18:51.0274 5660 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/07/23 19:18:51.0355 5660 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
2011/07/23 19:18:51.0433 5660 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/07/23 19:18:51.0524 5660 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/07/23 19:18:51.0575 5660 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/23 19:18:51.0606 5660 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/07/23 19:18:51.0650 5660 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/07/23 19:18:51.0815 5660 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/07/23 19:18:51.0903 5660 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/07/23 19:18:52.0098 5660 F-Secure Filter (c42b0105e09b1ece2dd75141cf64afd6) C:\Program Files\DartyBox Securite\Anti-Virus\Win2K\FSfilter.sys
2011/07/23 19:18:52.0311 5660 F-Secure Gatekeeper (b944feed1e1720da72f82695b0afb078) C:\Program Files\DartyBox Securite\Anti-Virus\minifilter\fsgk.sys
2011/07/23 19:18:52.0484 5660 F-Secure HIPS (dc0720248dc4d1f303df94ccc3adff96) C:\Program Files\DartyBox Securite\HIPS\drivers\fshs.sys
2011/07/23 19:18:52.0544 5660 F-Secure Recognizer (17b22d1bb6770d8a86573387345c1738) C:\Program Files\DartyBox Securite\Anti-Virus\Win2K\FSrec.sys
2011/07/23 19:18:52.0613 5660 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/07/23 19:18:52.0799 5660 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/23 19:18:52.0873 5660 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/07/23 19:18:52.0994 5660 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/07/23 19:18:53.0077 5660 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/23 19:18:53.0418 5660 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/07/23 19:18:53.0524 5660 fsbts (0e3e5d0486c4e2128b9f0e1c2fd410c4) C:\Windows\system32\Drivers\fsbts.sys
2011/07/23 19:18:54.0479 5660 FSES (5817ba84856b720702b17ba0841ac266) C:\Windows\system32\drivers\fses.sys
2011/07/23 19:18:54.0511 5660 FSFW (4873e90a180e1585f9b6c6d52aebf52c) C:\Windows\system32\drivers\fsdfw.sys
2011/07/23 19:18:54.0856 5660 fsvista (d8b300c1c744460dae837db72bc2ccbd) C:\Program Files\DartyBox Securite\Anti-Virus\minifilter\fsvista.sys
2011/07/23 19:18:54.0870 5660 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/23 19:18:54.0914 5660 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/07/23 19:18:55.0076 5660 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/07/23 19:18:55.0145 5660 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/23 19:18:55.0352 5660 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/07/23 19:18:55.0395 5660 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/07/23 19:18:55.0472 5660 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/07/23 19:18:55.0545 5660 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/07/23 19:18:55.0618 5660 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/07/23 19:18:55.0709 5660 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/07/23 19:18:55.0746 5660 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/23 19:18:55.0897 5660 iaStor (25c3d5f66a74a7bddeca56085f040d2e) C:\Windows\system32\drivers\iastor.sys
2011/07/23 19:18:55.0957 5660 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/07/23 19:18:56.0061 5660 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/07/23 19:18:56.0176 5660 IntcAzAudAddService (edc37b918e583a5a813c53d4f5588255) C:\Windows\system32\drivers\RTKVHDA.sys
2011/07/23 19:18:56.0278 5660 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/07/23 19:18:56.0326 5660 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/23 19:18:56.0459 5660 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/23 19:18:56.0558 5660 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/07/23 19:18:56.0807 5660 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/07/23 19:18:56.0988 5660 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/07/23 19:18:57.0061 5660 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/07/23 19:18:57.0136 5660 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/23 19:18:57.0179 5660 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/07/23 19:18:57.0326 5660 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/07/23 19:18:57.0409 5660 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/23 19:18:57.0543 5660 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/07/23 19:18:57.0750 5660 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/23 19:18:57.0858 5660 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/23 19:18:57.0930 5660 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/07/23 19:18:58.0002 5660 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/07/23 19:18:58.0041 5660 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/07/23 19:18:58.0096 5660 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/07/23 19:18:58.0241 5660 LVcKap (fb548ff809634bfa866312b37d8a18ae) C:\Windows\system32\DRIVERS\LVcKap.sys
2011/07/23 19:18:58.0470 5660 LVMVDrv (fe3fb994f8702d9e37648927819b74b8) C:\Windows\system32\DRIVERS\LVMVDrv.sys
2011/07/23 19:18:58.0518 5660 LVPr2Mon (c7ea51f1ab10b0b2b443f4d5589fc1a5) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
2011/07/23 19:18:58.0626 5660 LVUSBSta (caef4c05ba2c1acad4ebcaa4261cd55d) C:\Windows\system32\drivers\LVUSBSta.sys
2011/07/23 19:18:58.0717 5660 ManyCam (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys
2011/07/23 19:18:58.0804 5660 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/07/23 19:18:58.0864 5660 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/07/23 19:18:58.0942 5660 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/23 19:18:58.0980 5660 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/23 19:18:59.0043 5660 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys
2011/07/23 19:18:59.0320 5660 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/07/23 19:18:59.0396 5660 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/07/23 19:18:59.0474 5660 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/23 19:18:59.0584 5660 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/07/23 19:18:59.0761 5660 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/07/23 19:18:59.0814 5660 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/23 19:19:00.0206 5660 mrxsmb10 (cf6e972f8e0d0f2970360a17572b366b) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/23 19:19:00.0263 5660 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/23 19:19:00.0314 5660 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/07/23 19:19:00.0357 5660 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/07/23 19:19:00.0616 5660 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/07/23 19:19:00.0765 5660 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/07/23 19:19:00.0898 5660 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/23 19:19:00.0977 5660 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/23 19:19:01.0085 5660 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/07/23 19:19:01.0165 5660 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/07/23 19:19:01.0242 5660 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/23 19:19:01.0318 5660 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/07/23 19:19:01.0380 5660 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/07/23 19:19:01.0539 5660 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/23 19:19:01.0626 5660 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/07/23 19:19:01.0697 5660 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/23 19:19:01.0825 5660 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/23 19:19:01.0984 5660 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/23 19:19:02.0048 5660 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/07/23 19:19:02.0138 5660 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/23 19:19:02.0259 5660 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/23 19:19:02.0402 5660 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/07/23 19:19:02.0455 5660 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/07/23 19:19:02.0674 5660 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/23 19:19:02.0816 5660 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/07/23 19:19:02.0877 5660 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/07/23 19:19:02.0947 5660 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/07/23 19:19:03.0249 5660 nvlddmkm (351265910a8ef5fc6cc4535a00054049) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/23 19:19:03.0344 5660 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/07/23 19:19:03.0542 5660 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/07/23 19:19:03.0614 5660 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/07/23 19:19:03.0711 5660 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/23 19:19:03.0849 5660 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/07/23 19:19:03.0927 5660 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/07/23 19:19:03.0972 5660 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/07/23 19:19:04.0076 5660 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/07/23 19:19:04.0118 5660 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/07/23 19:19:04.0177 5660 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/07/23 19:19:04.0234 5660 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/07/23 19:19:04.0319 5660 pepifilter (c5d5ea6a29523e0f6016741e9851c6db) C:\Windows\system32\DRIVERS\lv302af.sys
2011/07/23 19:19:04.0445 5660 PID_PEPI (3f96dcd4ac98c8e0d3c03c24fd49a2fe) C:\Windows\system32\DRIVERS\LV302V32.SYS
2011/07/23 19:19:04.0552 5660 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/23 19:19:04.0624 5660 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/07/23 19:19:04.0736 5660 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys
2011/07/23 19:19:04.0795 5660 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/23 19:19:04.0885 5660 PxHelp20 (d970470f8f39470bdae94d313a1ccdce) C:\Windows\system32\Drivers\PxHelp20.sys
2011/07/23 19:19:05.0038 5660 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/07/23 19:19:05.0108 5660 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/07/23 19:19:05.0163 5660 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/23 19:19:05.0219 5660 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/23 19:19:05.0327 5660 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/23 19:19:05.0347 5660 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/23 19:19:05.0430 5660 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/23 19:19:05.0500 5660 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/23 19:19:05.0598 5660 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/23 19:19:05.0659 5660 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/07/23 19:19:05.0676 5660 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/23 19:19:05.0800 5660 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/07/23 19:19:05.0866 5660 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/23 19:19:05.0972 5660 RTL8169 (3d2b6520699d1dcd5a13f9e7cad62199) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/07/23 19:19:06.0036 5660 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/07/23 19:19:06.0143 5660 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/23 19:19:06.0281 5660 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/07/23 19:19:06.0353 5660 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/07/23 19:19:06.0502 5660 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/07/23 19:19:06.0564 5660 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
2011/07/23 19:19:06.0605 5660 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/23 19:19:06.0788 5660 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/23 19:19:06.0925 5660 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/07/23 19:19:07.0004 5660 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/07/23 19:19:07.0066 5660 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/07/23 19:19:07.0121 5660 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/07/23 19:19:07.0183 5660 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/07/23 19:19:07.0872 5660 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/07/23 19:19:07.0964 5660 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/07/23 19:19:07.0964 5660 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/07/23 19:19:07.0990 5660 sptd - detected LockedFile.Multi.Generic (1)
2011/07/23 19:19:08.0079 5660 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/07/23 19:19:08.0119 5660 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/23 19:19:08.0138 5660 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/23 19:19:08.0234 5660 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2011/07/23 19:19:08.0280 5660 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/23 19:19:08.0328 5660 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/07/23 19:19:08.0402 5660 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/07/23 19:19:08.0441 5660 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/07/23 19:19:09.0328 5660 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/07/23 19:19:09.0393 5660 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/23 19:19:09.0427 5660 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/23 19:19:09.0467 5660 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/07/23 19:19:09.0483 5660 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/07/23 19:19:09.0527 5660 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/23 19:19:09.0553 5660 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/23 19:19:09.0617 5660 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/23 19:19:09.0652 5660 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/07/23 19:19:09.0669 5660 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/23 19:19:09.0701 5660 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/07/23 19:19:09.0745 5660 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/23 19:19:09.0790 5660 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/23 19:19:09.0836 5660 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/07/23 19:19:09.0878 5660 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/07/23 19:19:09.0920 5660 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/07/23 19:19:09.0953 5660 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/23 19:19:10.0030 5660 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
2011/07/23 19:19:10.0075 5660 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/23 19:19:10.0131 5660 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/07/23 19:19:10.0182 5660 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/23 19:19:10.0221 5660 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/23 19:19:10.0261 5660 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/07/23 19:19:10.0316 5660 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/23 19:19:10.0381 5660 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/23 19:19:10.0414 5660 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/23 19:19:10.0433 5660 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/23 19:19:10.0470 5660 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/23 19:19:10.0505 5660 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/07/23 19:19:10.0533 5660 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/07/23 19:19:10.0569 5660 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/07/23 19:19:10.0608 5660 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/07/23 19:19:10.0635 5660 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/07/23 19:19:10.0695 5660 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/07/23 19:19:10.0744 5660 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/07/23 19:19:10.0787 5660 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/07/23 19:19:10.0831 5660 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/07/23 19:19:10.0881 5660 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/23 19:19:10.0913 5660 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/23 19:19:10.0976 5660 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/07/23 19:19:11.0034 5660 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/23 19:19:11.0165 5660 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/23 19:19:11.0223 5660 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/23 19:19:11.0309 5660 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/23 19:19:11.0334 5660 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
2011/07/23 19:19:11.0562 5660 Boot (0x1200) (f179ffcd81e3057923057e99baef2477) \Device\Harddisk0\DR0\Partition0
2011/07/23 19:19:11.0573 5660 Boot (0x1200) (ec2a68e73bbc2176ee832d0c626d15fb) \Device\Harddisk0\DR0\Partition1
2011/07/23 19:19:11.0579 5660 ================================================================================
2011/07/23 19:19:11.0579 5660 Scan finished
2011/07/23 19:19:11.0579 5660 ================================================================================
2011/07/23 19:19:11.0588 3592 Detected object count: 1
2011/07/23 19:19:11.0589 3592 Actual detected object count: 1
2011/07/23 19:20:20.0285 3592 LockedFile.Multi.Generic(sptd) - User select action: Skip
Je suis tombé sur un Suspicious Object, j'ai fait Skip et Continue et une fenêtre s'affiche : http://image-heberg.fr/files/1311441700315360.jpg
J'ai fait close mais...il n'y a pas reboot now
Par ailleurs : lors du scan, j'ai laissé ouvert mozilla Ffx
Le rapport :
2011/07/23 19:10:09.0513 5188 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/23 19:10:09.0954 5188 ================================================================================
2011/07/23 19:10:09.0954 5188 SystemInfo:
2011/07/23 19:10:09.0954 5188
2011/07/23 19:10:09.0954 5188 OS Version: 6.0.6001 ServicePack: 1.0
2011/07/23 19:10:09.0954 5188 Product type: Workstation
2011/07/23 19:10:09.0954 5188 ComputerName: PC-DE-MARIECLAU
2011/07/23 19:10:09.0954 5188 UserName: Marie Claude
2011/07/23 19:10:09.0954 5188 Windows directory: C:\Windows
2011/07/23 19:10:09.0954 5188 System windows directory: C:\Windows
2011/07/23 19:10:09.0954 5188 Processor architecture: Intel x86
2011/07/23 19:10:09.0954 5188 Number of processors: 4
2011/07/23 19:10:09.0954 5188 Page size: 0x1000
2011/07/23 19:10:09.0954 5188 Boot type: Normal boot
2011/07/23 19:10:09.0954 5188 ================================================================================
2011/07/23 19:10:10.0344 5188 Initialize success
2011/07/23 19:10:17.0226 3716 ================================================================================
2011/07/23 19:10:17.0226 3716 Scan started
2011/07/23 19:10:17.0226 3716 Mode: Manual;
2011/07/23 19:10:17.0226 3716 ================================================================================
2011/07/23 19:10:19.0725 3716 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/07/23 19:10:19.0973 3716 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
2011/07/23 19:10:21.0611 3716 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/07/23 19:10:21.0902 3716 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/07/23 19:10:23.0592 3716 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/07/23 19:10:28.0804 3716 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/07/23 19:10:33.0720 3716 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
2011/07/23 19:10:34.0061 3716 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/07/23 19:10:34.0281 3716 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/07/23 19:10:34.0663 3716 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/07/23 19:10:34.0781 3716 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/07/23 19:10:34.0856 3716 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/07/23 19:10:34.0955 3716 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/07/23 19:10:35.0021 3716 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/07/23 19:10:35.0070 3716 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/07/23 19:10:35.0170 3716 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/07/23 19:10:38.0121 3716 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/23 19:10:38.0341 3716 atapi (4f4fcb8b6ea06784fb6d475b7ec7300f) C:\Windows\system32\drivers\atapi.sys
2011/07/23 19:10:38.0648 3716 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/07/23 19:10:42.0524 3716 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/23 19:10:46.0020 3716 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/07/23 19:10:48.0951 3716 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/07/23 19:10:50.0553 3716 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/07/23 19:10:52.0394 3716 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/07/23 19:10:52.0644 3716 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/07/23 19:10:53.0656 3716 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/07/23 19:10:53.0894 3716 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/07/23 19:10:55.0528 3716 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/23 19:10:55.0856 3716 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/23 19:10:59.0249 3716 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/07/23 19:11:00.0356 3716 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/07/23 19:11:03.0816 3716 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/07/23 19:11:05.0572 3716 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/07/23 19:11:05.0828 3716 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/07/23 19:11:08.0559 3716 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/07/23 19:11:08.0857 3716 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
2011/07/23 19:11:11.0648 3716 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/07/23 19:11:11.0954 3716 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/07/23 19:11:13.0781 3716 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/23 19:11:14.0169 3716 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/07/23 19:11:14.0387 3716 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/07/23 19:11:18.0643 3716 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/07/23 19:11:22.0374 3716 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/07/23 19:11:22.0561 3716 F-Secure Filter (c42b0105e09b1ece2dd75141cf64afd6) C:\Program Files\DartyBox Securite\Anti-Virus\Win2K\FSfilter.sys
2011/07/23 19:11:22.0732 3716 F-Secure Gatekeeper (b944feed1e1720da72f82695b0afb078) C:\Program Files\DartyBox Securite\Anti-Virus\minifilter\fsgk.sys
2011/07/23 19:11:23.0519 3716 F-Secure HIPS (dc0720248dc4d1f303df94ccc3adff96) C:\Program Files\DartyBox Securite\HIPS\drivers\fshs.sys
2011/07/23 19:11:23.0696 3716 F-Secure Recognizer (17b22d1bb6770d8a86573387345c1738) C:\Program Files\DartyBox Securite\Anti-Virus\Win2K\FSrec.sys
2011/07/23 19:11:23.0921 3716 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/07/23 19:11:27.0768 3716 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/23 19:11:28.0082 3716 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/07/23 19:11:28.0700 3716 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/07/23 19:11:34.0219 3716 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/23 19:11:36.0551 3716 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/07/23 19:11:41.0892 3716 fsbts (0e3e5d0486c4e2128b9f0e1c2fd410c4) C:\Windows\system32\Drivers\fsbts.sys
2011/07/23 19:11:46.0300 3716 FSES (5817ba84856b720702b17ba0841ac266) C:\Windows\system32\drivers\fses.sys
2011/07/23 19:11:48.0855 3716 FSFW (4873e90a180e1585f9b6c6d52aebf52c) C:\Windows\system32\drivers\fsdfw.sys
2011/07/23 19:11:48.0984 3716 fsvista (d8b300c1c744460dae837db72bc2ccbd) C:\Program Files\DartyBox Securite\Anti-Virus\minifilter\fsvista.sys
2011/07/23 19:11:49.0174 3716 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/23 19:11:50.0154 3716 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/07/23 19:11:51.0228 3716 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/07/23 19:11:55.0280 3716 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/23 19:11:58.0318 3716 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/07/23 19:11:59.0257 3716 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/07/23 19:11:59.0450 3716 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/07/23 19:12:00.0535 3716 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/07/23 19:12:03.0239 3716 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/07/23 19:12:07.0420 3716 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/07/23 19:12:07.0823 3716 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/23 19:12:08.0870 3716 iaStor (25c3d5f66a74a7bddeca56085f040d2e) C:\Windows\system32\drivers\iastor.sys
2011/07/23 19:12:10.0904 3716 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/07/23 19:12:14.0303 3716 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/07/23 19:12:19.0828 3716 IntcAzAudAddService (edc37b918e583a5a813c53d4f5588255) C:\Windows\system32\drivers\RTKVHDA.sys
2011/07/23 19:12:22.0502 3716 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/07/23 19:12:25.0529 3716 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/23 19:12:28.0252 3716 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/23 19:12:31.0337 3716 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/07/23 19:12:33.0088 3716 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/07/23 19:12:33.0942 3716 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/07/23 19:12:36.0454 3716 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/07/23 19:12:37.0989 3716 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/23 19:12:38.0182 3716 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/07/23 19:12:39.0117 3716 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/07/23 19:12:41.0664 3716 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/23 19:12:41.0816 3716 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/07/23 19:12:45.0878 3716 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/23 19:12:48.0553 3716 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/23 19:12:48.0750 3716 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/07/23 19:12:51.0460 3716 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/07/23 19:12:51.0790 3716 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/07/23 19:12:51.0969 3716 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/07/23 19:12:54.0803 3716 LVcKap (fb548ff809634bfa866312b37d8a18ae) C:\Windows\system32\DRIVERS\LVcKap.sys
2011/07/23 19:12:55.0288 3716 LVMVDrv (fe3fb994f8702d9e37648927819b74b8) C:\Windows\system32\DRIVERS\LVMVDrv.sys
2011/07/23 19:12:55.0486 3716 LVPr2Mon (c7ea51f1ab10b0b2b443f4d5589fc1a5) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
2011/07/23 19:12:58.0556 3716 LVUSBSta (caef4c05ba2c1acad4ebcaa4261cd55d) C:\Windows\system32\drivers\LVUSBSta.sys
2011/07/23 19:13:01.0684 3716 ManyCam (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys
2011/07/23 19:13:02.0808 3716 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/07/23 19:13:03.0898 3716 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/07/23 19:13:04.0133 3716 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/23 19:13:05.0689 3716 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/23 19:13:08.0142 3716 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys
2011/07/23 19:13:08.0337 3716 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/07/23 19:13:08.0570 3716 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/07/23 19:13:13.0104 3716 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/23 19:13:14.0226 3716 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/07/23 19:13:15.0889 3716 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/07/23 19:13:16.0721 3716 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/23 19:13:20.0392 3716 mrxsmb10 (cf6e972f8e0d0f2970360a17572b366b) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/23 19:13:21.0212 3716 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/23 19:13:23.0661 3716 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/07/23 19:13:27.0031 3716 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/07/23 19:13:27.0166 3716 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/07/23 19:13:27.0315 3716 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/07/23 19:13:28.0966 3716 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/23 19:13:31.0485 3716 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/23 19:13:32.0323 3716 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/07/23 19:13:34.0311 3716 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/07/23 19:13:35.0177 3716 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/23 19:13:35.0336 3716 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/07/23 19:13:36.0203 3716 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/07/23 19:13:36.0387 3716 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/23 19:13:36.0558 3716 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/07/23 19:13:38.0237 3716 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/23 19:13:39.0809 3716 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/23 19:13:43.0553 3716 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/23 19:13:46.0048 3716 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/07/23 19:13:46.0213 3716 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/23 19:13:47.0047 3716 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/23 19:13:47.0223 3716 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/07/23 19:13:47.0401 3716 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/07/23 19:13:47.0546 3716 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/23 19:13:48.0156 3716 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/07/23 19:13:48.0371 3716 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/07/23 19:13:49.0976 3716 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/07/23 19:13:50.0362 3716 nvlddmkm (351265910a8ef5fc6cc4535a00054049) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/23 19:13:52.0962 3716 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/07/23 19:13:53.0201 3716 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/07/23 19:13:56.0294 3716 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/07/23 19:14:04.0257 3716 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/23 19:14:04.0544 3716 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/07/23 19:14:06.0299 3716 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/07/23 19:14:06.0535 3716 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/07/23 19:14:06.0639 3716 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/07/23 19:14:06.0739 3716 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/07/23 19:14:08.0798 3716 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/07/23 19:14:09.0294 3716 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/07/23 19:14:11.0719 3716 pepifilter (c5d5ea6a29523e0f6016741e9851c6db) C:\Windows\system32\DRIVERS\lv302af.sys
2011/07/23 19:14:14.0185 3716 PID_PEPI (3f96dcd4ac98c8e0d3c03c24fd49a2fe) C:\Windows\system32\DRIVERS\LV302V32.SYS
2011/07/23 19:14:18.0002 3716 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/23 19:14:18.0148 3716 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/07/23 19:14:22.0658 3716 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys
2011/07/23 19:14:24.0410 3716 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/23 19:14:26.0923 3716 PxHelp20 (d970470f8f39470bdae94d313a1ccdce) C:\Windows\system32\Drivers\PxHelp20.sys
2011/07/23 19:14:27.0258 3716 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/07/23 19:14:29.0900 3716 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/07/23 19:14:30.0885 3716 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/23 19:14:31.0040 3716 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/23 19:14:33.0763 3716 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/23 19:14:36.0266 3716 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/23 19:14:37.0931 3716 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/23 19:14:38.0184 3716 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/23 19:14:39.0983 3716 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/23 19:14:42.0392 3716 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/07/23 19:14:43.0270 3716 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/23 19:14:43.0670 3716 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/07/23 19:14:45.0254 3716 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/23 19:14:47.0867 3716 RTL8169 (3d2b6520699d1dcd5a13f9e7cad62199) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/07/23 19:14:51.0939 3716 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/07/23 19:14:55.0854 3716 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/23 19:14:56.0748 3716 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/07/23 19:14:57.0201 3716 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/07/23 19:14:57.0475 3716 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/07/23 19:15:00.0191 3716 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
2011/07/23 19:15:03.0684 3716 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/23 19:15:03.0909 3716 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/23 19:15:04.0851 3716 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/07/23 19:15:07.0319 3716 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/07/23 19:15:08.0353 3716 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/07/23 19:15:10.0300 3716 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/07/23 19:15:10.0652 3716 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/07/23 19:15:11.0059 3716 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/07/23 19:15:15.0349 3716 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/07/23 19:15:15.0350 3716 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/07/23 19:15:15.0356 3716 sptd - detected LockedFile.Multi.Generic (1)
2011/07/23 19:15:17.0158 3716 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/07/23 19:15:17.0430 3716 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/23 19:15:19.0797 3716 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/23 19:15:20.0158 3716 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2011/07/23 19:15:20.0338 3716 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/23 19:15:22.0369 3716 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/07/23 19:15:26.0392 3716 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/07/23 19:15:28.0830 3716 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/07/23 19:15:32.0787 3716 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/07/23 19:15:34.0936 3716 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/23 19:15:39.0624 3716 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/23 19:15:40.0684 3716 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/07/23 19:15:41.0837 3716 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/07/23 19:15:45.0391 3716 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/23 19:15:48.0786 3716 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/23 19:15:49.0132 3716 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/23 19:15:52.0553 3716 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/07/23 19:15:53.0483 3716 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/23 19:15:58.0294 3716 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/07/23 19:16:04.0038 3716 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/23 19:16:05.0984 3716 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/23 19:16:06.0386 3716 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/07/23 19:16:09.0889 3716 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/07/23 19:16:13.0805 3716 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/07/23 19:16:16.0105 3716 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/23 19:16:19.0442 3716 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
2011/07/23 19:16:22.0549 3716 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/23 19:16:22.0854 3716 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/07/23 19:16:25.0298 3716 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/23 19:16:25.0524 3716 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/23 19:16:27.0930 3716 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/07/23 19:16:28.0092 3716 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/23 19:16:29.0718 3716 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/23 19:16:32.0066 3716 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/23 19:16:34.0533 3716 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/23 19:16:38.0262 3716 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/23 19:16:41.0567 3716 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/07/23 19:16:41.0802 3716 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/07/23 19:16:45.0539 3716 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/07/23 19:16:48.0747 3716 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/07/23 19:16:49.0007 3716 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/07/23 19:16:50.0705 3716 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/07/23 19:16:54.0593 3716 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/07/23 19:16:56.0237 3716 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/07/23 19:16:56.0414 3716 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/07/23 19:17:00.0522 3716 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/23 19:17:00.0704 3716 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/23 19:17:01.0131 3716 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/07/23 19:17:04.0757 3716 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/23 19:17:05.0610 3716 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/23 19:17:06.0987 3716 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/23 19:17:07.0363 3716 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/23 19:17:07.0529 3716 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
2011/07/23 19:17:08.0027 3716 Boot (0x1200) (f179ffcd81e3057923057e99baef2477) \Device\Harddisk0\DR0\Partition0
2011/07/23 19:17:08.0094 3716 Boot (0x1200) (ec2a68e73bbc2176ee832d0c626d15fb) \Device\Harddisk0\DR0\Partition1
2011/07/23 19:17:08.0099 3716 ================================================================================
2011/07/23 19:17:08.0099 3716 Scan finished
2011/07/23 19:17:08.0099 3716 ================================================================================
2011/07/23 19:17:08.0111 2692 Detected object count: 1
2011/07/23 19:17:08.0111 2692 Actual detected object count: 1
2011/07/23 19:18:28.0507 2692 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/07/23 19:18:47.0989 5660 ================================================================================
2011/07/23 19:18:47.0989 5660 Scan started
2011/07/23 19:18:47.0989 5660 Mode: Manual;
2011/07/23 19:18:47.0989 5660 ================================================================================
2011/07/23 19:18:48.0326 5660 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/07/23 19:18:48.0517 5660 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
2011/07/23 19:18:48.0619 5660 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/07/23 19:18:48.0686 5660 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/07/23 19:18:48.0783 5660 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/07/23 19:18:48.0842 5660 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/07/23 19:18:48.0904 5660 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
2011/07/23 19:18:49.0055 5660 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/07/23 19:18:49.0125 5660 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/07/23 19:18:49.0183 5660 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/07/23 19:18:49.0243 5660 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/07/23 19:18:49.0285 5660 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/07/23 19:18:49.0375 5660 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/07/23 19:18:49.0442 5660 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/07/23 19:18:49.0483 5660 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/07/23 19:18:49.0541 5660 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/07/23 19:18:49.0604 5660 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/23 19:18:49.0658 5660 atapi (4f4fcb8b6ea06784fb6d475b7ec7300f) C:\Windows\system32\drivers\atapi.sys
2011/07/23 19:18:49.0716 5660 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/07/23 19:18:49.0817 5660 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/23 19:18:49.0844 5660 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/07/23 19:18:49.0871 5660 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/07/23 19:18:49.0922 5660 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/07/23 19:18:49.0970 5660 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/07/23 19:18:49.0996 5660 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/07/23 19:18:50.0096 5660 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/07/23 19:18:50.0150 5660 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/07/23 19:18:50.0623 5660 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/23 19:18:50.0760 5660 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/23 19:18:50.0859 5660 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/07/23 19:18:50.0987 5660 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/07/23 19:18:51.0111 5660 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/07/23 19:18:51.0149 5660 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
2011/07/23 19:18:51.0206 5660 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/07/23 19:18:51.0274 5660 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/07/23 19:18:51.0355 5660 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
2011/07/23 19:18:51.0433 5660 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/07/23 19:18:51.0524 5660 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/07/23 19:18:51.0575 5660 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/23 19:18:51.0606 5660 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/07/23 19:18:51.0650 5660 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/07/23 19:18:51.0815 5660 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/07/23 19:18:51.0903 5660 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/07/23 19:18:52.0098 5660 F-Secure Filter (c42b0105e09b1ece2dd75141cf64afd6) C:\Program Files\DartyBox Securite\Anti-Virus\Win2K\FSfilter.sys
2011/07/23 19:18:52.0311 5660 F-Secure Gatekeeper (b944feed1e1720da72f82695b0afb078) C:\Program Files\DartyBox Securite\Anti-Virus\minifilter\fsgk.sys
2011/07/23 19:18:52.0484 5660 F-Secure HIPS (dc0720248dc4d1f303df94ccc3adff96) C:\Program Files\DartyBox Securite\HIPS\drivers\fshs.sys
2011/07/23 19:18:52.0544 5660 F-Secure Recognizer (17b22d1bb6770d8a86573387345c1738) C:\Program Files\DartyBox Securite\Anti-Virus\Win2K\FSrec.sys
2011/07/23 19:18:52.0613 5660 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/07/23 19:18:52.0799 5660 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/23 19:18:52.0873 5660 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/07/23 19:18:52.0994 5660 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/07/23 19:18:53.0077 5660 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/23 19:18:53.0418 5660 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/07/23 19:18:53.0524 5660 fsbts (0e3e5d0486c4e2128b9f0e1c2fd410c4) C:\Windows\system32\Drivers\fsbts.sys
2011/07/23 19:18:54.0479 5660 FSES (5817ba84856b720702b17ba0841ac266) C:\Windows\system32\drivers\fses.sys
2011/07/23 19:18:54.0511 5660 FSFW (4873e90a180e1585f9b6c6d52aebf52c) C:\Windows\system32\drivers\fsdfw.sys
2011/07/23 19:18:54.0856 5660 fsvista (d8b300c1c744460dae837db72bc2ccbd) C:\Program Files\DartyBox Securite\Anti-Virus\minifilter\fsvista.sys
2011/07/23 19:18:54.0870 5660 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/23 19:18:54.0914 5660 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/07/23 19:18:55.0076 5660 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/07/23 19:18:55.0145 5660 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/23 19:18:55.0352 5660 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/07/23 19:18:55.0395 5660 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/07/23 19:18:55.0472 5660 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/07/23 19:18:55.0545 5660 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/07/23 19:18:55.0618 5660 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/07/23 19:18:55.0709 5660 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/07/23 19:18:55.0746 5660 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/23 19:18:55.0897 5660 iaStor (25c3d5f66a74a7bddeca56085f040d2e) C:\Windows\system32\drivers\iastor.sys
2011/07/23 19:18:55.0957 5660 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/07/23 19:18:56.0061 5660 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/07/23 19:18:56.0176 5660 IntcAzAudAddService (edc37b918e583a5a813c53d4f5588255) C:\Windows\system32\drivers\RTKVHDA.sys
2011/07/23 19:18:56.0278 5660 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/07/23 19:18:56.0326 5660 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/23 19:18:56.0459 5660 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/23 19:18:56.0558 5660 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/07/23 19:18:56.0807 5660 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/07/23 19:18:56.0988 5660 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/07/23 19:18:57.0061 5660 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/07/23 19:18:57.0136 5660 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/23 19:18:57.0179 5660 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/07/23 19:18:57.0326 5660 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/07/23 19:18:57.0409 5660 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/23 19:18:57.0543 5660 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/07/23 19:18:57.0750 5660 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/23 19:18:57.0858 5660 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/23 19:18:57.0930 5660 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/07/23 19:18:58.0002 5660 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/07/23 19:18:58.0041 5660 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/07/23 19:18:58.0096 5660 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/07/23 19:18:58.0241 5660 LVcKap (fb548ff809634bfa866312b37d8a18ae) C:\Windows\system32\DRIVERS\LVcKap.sys
2011/07/23 19:18:58.0470 5660 LVMVDrv (fe3fb994f8702d9e37648927819b74b8) C:\Windows\system32\DRIVERS\LVMVDrv.sys
2011/07/23 19:18:58.0518 5660 LVPr2Mon (c7ea51f1ab10b0b2b443f4d5589fc1a5) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
2011/07/23 19:18:58.0626 5660 LVUSBSta (caef4c05ba2c1acad4ebcaa4261cd55d) C:\Windows\system32\drivers\LVUSBSta.sys
2011/07/23 19:18:58.0717 5660 ManyCam (c6d085c7045200143528136a43a65fde) C:\Windows\system32\DRIVERS\ManyCam.sys
2011/07/23 19:18:58.0804 5660 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/07/23 19:18:58.0864 5660 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/07/23 19:18:58.0942 5660 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/23 19:18:58.0980 5660 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/23 19:18:59.0043 5660 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys
2011/07/23 19:18:59.0320 5660 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/07/23 19:18:59.0396 5660 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/07/23 19:18:59.0474 5660 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/23 19:18:59.0584 5660 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/07/23 19:18:59.0761 5660 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/07/23 19:18:59.0814 5660 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/23 19:19:00.0206 5660 mrxsmb10 (cf6e972f8e0d0f2970360a17572b366b) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/23 19:19:00.0263 5660 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/23 19:19:00.0314 5660 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/07/23 19:19:00.0357 5660 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/07/23 19:19:00.0616 5660 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/07/23 19:19:00.0765 5660 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/07/23 19:19:00.0898 5660 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/23 19:19:00.0977 5660 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/23 19:19:01.0085 5660 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/07/23 19:19:01.0165 5660 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/07/23 19:19:01.0242 5660 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/23 19:19:01.0318 5660 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/07/23 19:19:01.0380 5660 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/07/23 19:19:01.0539 5660 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/23 19:19:01.0626 5660 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/07/23 19:19:01.0697 5660 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/23 19:19:01.0825 5660 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/23 19:19:01.0984 5660 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/23 19:19:02.0048 5660 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/07/23 19:19:02.0138 5660 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/23 19:19:02.0259 5660 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/23 19:19:02.0402 5660 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/07/23 19:19:02.0455 5660 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/07/23 19:19:02.0674 5660 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/23 19:19:02.0816 5660 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/07/23 19:19:02.0877 5660 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/07/23 19:19:02.0947 5660 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/07/23 19:19:03.0249 5660 nvlddmkm (351265910a8ef5fc6cc4535a00054049) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/23 19:19:03.0344 5660 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/07/23 19:19:03.0542 5660 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/07/23 19:19:03.0614 5660 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/07/23 19:19:03.0711 5660 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/23 19:19:03.0849 5660 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/07/23 19:19:03.0927 5660 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/07/23 19:19:03.0972 5660 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/07/23 19:19:04.0076 5660 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/07/23 19:19:04.0118 5660 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/07/23 19:19:04.0177 5660 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/07/23 19:19:04.0234 5660 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/07/23 19:19:04.0319 5660 pepifilter (c5d5ea6a29523e0f6016741e9851c6db) C:\Windows\system32\DRIVERS\lv302af.sys
2011/07/23 19:19:04.0445 5660 PID_PEPI (3f96dcd4ac98c8e0d3c03c24fd49a2fe) C:\Windows\system32\DRIVERS\LV302V32.SYS
2011/07/23 19:19:04.0552 5660 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/23 19:19:04.0624 5660 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/07/23 19:19:04.0736 5660 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys
2011/07/23 19:19:04.0795 5660 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/23 19:19:04.0885 5660 PxHelp20 (d970470f8f39470bdae94d313a1ccdce) C:\Windows\system32\Drivers\PxHelp20.sys
2011/07/23 19:19:05.0038 5660 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/07/23 19:19:05.0108 5660 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/07/23 19:19:05.0163 5660 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/23 19:19:05.0219 5660 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/23 19:19:05.0327 5660 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/23 19:19:05.0347 5660 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/23 19:19:05.0430 5660 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/23 19:19:05.0500 5660 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/23 19:19:05.0598 5660 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/23 19:19:05.0659 5660 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/07/23 19:19:05.0676 5660 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/23 19:19:05.0800 5660 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/07/23 19:19:05.0866 5660 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/23 19:19:05.0972 5660 RTL8169 (3d2b6520699d1dcd5a13f9e7cad62199) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/07/23 19:19:06.0036 5660 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/07/23 19:19:06.0143 5660 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/07/23 19:19:06.0281 5660 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/07/23 19:19:06.0353 5660 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/07/23 19:19:06.0502 5660 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/07/23 19:19:06.0564 5660 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
2011/07/23 19:19:06.0605 5660 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/23 19:19:06.0788 5660 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/23 19:19:06.0925 5660 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/07/23 19:19:07.0004 5660 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/07/23 19:19:07.0066 5660 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/07/23 19:19:07.0121 5660 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/07/23 19:19:07.0183 5660 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/07/23 19:19:07.0872 5660 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/07/23 19:19:07.0964 5660 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/07/23 19:19:07.0964 5660 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/07/23 19:19:07.0990 5660 sptd - detected LockedFile.Multi.Generic (1)
2011/07/23 19:19:08.0079 5660 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/07/23 19:19:08.0119 5660 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/23 19:19:08.0138 5660 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/23 19:19:08.0234 5660 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2011/07/23 19:19:08.0280 5660 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/23 19:19:08.0328 5660 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/07/23 19:19:08.0402 5660 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/07/23 19:19:08.0441 5660 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/07/23 19:19:09.0328 5660 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/07/23 19:19:09.0393 5660 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/23 19:19:09.0427 5660 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/23 19:19:09.0467 5660 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/07/23 19:19:09.0483 5660 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/07/23 19:19:09.0527 5660 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/23 19:19:09.0553 5660 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/23 19:19:09.0617 5660 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/23 19:19:09.0652 5660 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/07/23 19:19:09.0669 5660 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/23 19:19:09.0701 5660 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/07/23 19:19:09.0745 5660 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/23 19:19:09.0790 5660 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/23 19:19:09.0836 5660 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/07/23 19:19:09.0878 5660 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/07/23 19:19:09.0920 5660 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/07/23 19:19:09.0953 5660 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/23 19:19:10.0030 5660 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
2011/07/23 19:19:10.0075 5660 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/23 19:19:10.0131 5660 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/07/23 19:19:10.0182 5660 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/23 19:19:10.0221 5660 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/23 19:19:10.0261 5660 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/07/23 19:19:10.0316 5660 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/23 19:19:10.0381 5660 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/23 19:19:10.0414 5660 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/23 19:19:10.0433 5660 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/23 19:19:10.0470 5660 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/23 19:19:10.0505 5660 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/07/23 19:19:10.0533 5660 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/07/23 19:19:10.0569 5660 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/07/23 19:19:10.0608 5660 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/07/23 19:19:10.0635 5660 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/07/23 19:19:10.0695 5660 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/07/23 19:19:10.0744 5660 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/07/23 19:19:10.0787 5660 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/07/23 19:19:10.0831 5660 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/07/23 19:19:10.0881 5660 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/23 19:19:10.0913 5660 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/23 19:19:10.0976 5660 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/07/23 19:19:11.0034 5660 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/23 19:19:11.0165 5660 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/23 19:19:11.0223 5660 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/23 19:19:11.0309 5660 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/23 19:19:11.0334 5660 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
2011/07/23 19:19:11.0562 5660 Boot (0x1200) (f179ffcd81e3057923057e99baef2477) \Device\Harddisk0\DR0\Partition0
2011/07/23 19:19:11.0573 5660 Boot (0x1200) (ec2a68e73bbc2176ee832d0c626d15fb) \Device\Harddisk0\DR0\Partition1
2011/07/23 19:19:11.0579 5660 ================================================================================
2011/07/23 19:19:11.0579 5660 Scan finished
2011/07/23 19:19:11.0579 5660 ================================================================================
2011/07/23 19:19:11.0588 3592 Detected object count: 1
2011/07/23 19:19:11.0589 3592 Actual detected object count: 1
2011/07/23 19:20:20.0285 3592 LockedFile.Multi.Generic(sptd) - User select action: Skip
Re Bonsoir,
J'ai tenté alors de sélectionner "Delete" et non "Skip" au fichier Suspicious Object trouvé par TDSSKiller et ensuite j'ai pu cliquer sur Reboot Now.
En attente de votre réponse
Bonne soirée
J'ai tenté alors de sélectionner "Delete" et non "Skip" au fichier Suspicious Object trouvé par TDSSKiller et ensuite j'ai pu cliquer sur Reboot Now.
En attente de votre réponse
Bonne soirée
