Sujet Précédent Sujet Suivant

PC bloqué security protection

Fermé
furtif60 - 6 sept. 2011 à 11:04
 Utilisateur anonyme - 14 sept. 2011 à 06:02
Bonjour,

j ai un pc portable acer sous vista.


J ai attrapé sécurity protection. J'ai essayé les manips qui sont recommandées sur ce forum mais rien a faire :quand je lance rogue killer ou malware byte ces programmes ne vont pas au bout et ensuite impossible de les relancer (sur l'icone à été rajouté un petit signe (2 tetes) et le programme me dit qu'il ne trouve pas l'emplacement)

Merci de m aider
Cordialement
A voir également:

44 réponses

Réponse 1 / 44
Utilisateur anonyme
6 sept. 2011 à 11:49
salut

desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu

Ferme toutes tes appilications en cours

telecharge et enregistre ceci sur ton bureau :

Pre_Scan

si le lien ne fonctionne pas :

http://www.archive-host.com

s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau

Avertissement: Il y aura une extinction du bureau pendant le scan --> pas de panique.

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.

si 'outil est bloqué par l'infection utilise cette version : Version .pif

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr

Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan

▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)

clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.

si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer
0
Réponse 2 / 44
furtif60
6 sept. 2011 à 13:22
bonjour

le programme prescan s arrete sur %commonAppData% crucialsoft ltd
Que faire
0
Réponse 3 / 44
Utilisateur anonyme
6 sept. 2011 à 13:26
laisse tourner
0
Réponse 4 / 44
furtif60
6 sept. 2011 à 13:47
impossible une fenetre windows s ouvre et me dit que le programme s'est arrété.
je fais ok et la je n'ai plus le bureau
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 44
Utilisateur anonyme
6 sept. 2011 à 15:19
ok j'ai compris

▶ Télécharge Reload_TDSSKiller

▶ Lance le

choisis : lancer le nettoyage

l'outil va automatiquement télécharger la derniere version puis

TDSSKiller va s'ouvrir , clique sur "Start Scan"

Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
Si Rootkit.Win32.ZAccess.* est détecté règle sur "cure" en haut , et "delete" en bas

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau

▶ Copie/Colle son contenu dans ta prochaine réponse.
0
Réponse 6 / 44
furtif60
7 sept. 2011 à 09:52
bonjour
voici le rapport

2011/09/07 09:42:39.0740 5076 TDSS rootkit removing tool 2.5.19.0 Sep 6 2011 19:23:56
2011/09/07 09:42:39.0943 5076 ================================================================================
2011/09/07 09:42:39.0943 5076 SystemInfo:
2011/09/07 09:42:39.0943 5076
2011/09/07 09:42:39.0943 5076 OS Version: 6.0.6002 ServicePack: 2.0
2011/09/07 09:42:39.0943 5076 Product type: Workstation
2011/09/07 09:42:39.0943 5076 ComputerName: PC-DE-BRETON
2011/09/07 09:42:39.0943 5076 UserName: breton
2011/09/07 09:42:39.0943 5076 Windows directory: C:\Windows
2011/09/07 09:42:39.0943 5076 System windows directory: C:\Windows
2011/09/07 09:42:39.0943 5076 Processor architecture: Intel x86
2011/09/07 09:42:39.0943 5076 Number of processors: 2
2011/09/07 09:42:39.0943 5076 Page size: 0x1000
2011/09/07 09:42:39.0943 5076 Boot type: Normal boot
2011/09/07 09:42:39.0943 5076 ================================================================================
2011/09/07 09:42:40.0972 5076 Initialize success
2011/09/07 09:42:47.0384 2488 ================================================================================
2011/09/07 09:42:47.0384 2488 Scan started
2011/09/07 09:42:47.0384 2488 Mode: Manual;
2011/09/07 09:42:47.0384 2488 ================================================================================
2011/09/07 09:42:48.0117 2488 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/09/07 09:42:48.0476 2488 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/09/07 09:42:48.0928 2488 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/09/07 09:42:49.0115 2488 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/09/07 09:42:49.0225 2488 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/09/07 09:42:49.0849 2488 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/09/07 09:42:50.0363 2488 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/09/07 09:42:50.0722 2488 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/07 09:42:51.0221 2488 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/09/07 09:42:51.0861 2488 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/09/07 09:42:52.0360 2488 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/09/07 09:42:52.0703 2488 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/09/07 09:42:53.0078 2488 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/09/07 09:42:53.0499 2488 ApfiltrService (db8ea68e5864adf61b73516788659e71) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/09/07 09:42:53.0827 2488 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/09/07 09:42:54.0248 2488 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/09/07 09:42:54.0669 2488 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/07 09:42:55.0153 2488 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/09/07 09:42:55.0589 2488 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\Windows\System32\Drivers\avgldx86.sys
2011/09/07 09:42:55.0964 2488 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\Windows\System32\Drivers\avgmfx86.sys
2011/09/07 09:42:56.0385 2488 AvgTdiX (92d8e1e8502e649b60e70074eb29c380) C:\Windows\System32\Drivers\avgtdix.sys
2011/09/07 09:42:56.0759 2488 b57nd60x (c7ea0e3e37ff1cd2bb65636448322572) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/09/07 09:42:57.0259 2488 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/07 09:42:58.0163 2488 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/07 09:42:58.0553 2488 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/07 09:42:58.0959 2488 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/07 09:42:59.0349 2488 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/07 09:42:59.0770 2488 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/07 09:43:00.0176 2488 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/07 09:43:00.0597 2488 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/07 09:43:01.0096 2488 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/07 09:43:01.0595 2488 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/07 09:43:02.0173 2488 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/07 09:43:02.0516 2488 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/07 09:43:02.0859 2488 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/09/07 09:43:03.0296 2488 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/07 09:43:03.0811 2488 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/09/07 09:43:04.0372 2488 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/07 09:43:04.0700 2488 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/09/07 09:43:05.0121 2488 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/09/07 09:43:05.0667 2488 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/09/07 09:43:06.0197 2488 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/09/07 09:43:06.0759 2488 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
2011/09/07 09:43:07.0617 2488 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
2011/09/07 09:43:08.0163 2488 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/07 09:43:08.0678 2488 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/07 09:43:09.0068 2488 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/07 09:43:09.0536 2488 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/09/07 09:43:10.0129 2488 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/09/07 09:43:10.0503 2488 enecir (29dcaeb81dde6f154aa4d36b18ecbb1f) C:\Windows\system32\DRIVERS\enecir.sys
2011/09/07 09:43:11.0330 2488 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/09/07 09:43:11.0455 2488 f6471e5 (8f2bb1827cac01aee6a16e30a1260199) C:\Windows\3849413647:4036726298.exe
2011/09/07 09:43:11.0455 2488 Suspicious file (Hidden): C:\Windows\3849413647:4036726298.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/07 09:43:11.0455 2488 f6471e5 - detected HiddenFile.Multi.Generic (1)
2011/09/07 09:43:11.0907 2488 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/09/07 09:43:12.0281 2488 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/07 09:43:12.0796 2488 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/07 09:43:13.0139 2488 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/07 09:43:13.0451 2488 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/07 09:43:13.0888 2488 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/09/07 09:43:14.0731 2488 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/09/07 09:43:15.0230 2488 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/07 09:43:15.0713 2488 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/07 09:43:16.0057 2488 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/07 09:43:16.0447 2488 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/07 09:43:17.0227 2488 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/07 09:43:17.0663 2488 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/07 09:43:18.0334 2488 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/09/07 09:43:18.0693 2488 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/09/07 09:43:19.0442 2488 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/09/07 09:43:19.0894 2488 HSF_DPV (3f53b4af98f8fd83b7f0b8b65d2d90a7) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/09/07 09:43:20.0237 2488 HSXHWAZL (194bc52fc0f53e540faf9de8a9c05255) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/09/07 09:43:20.0659 2488 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/09/07 09:43:21.0095 2488 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/09/07 09:43:21.0626 2488 i8042prt (9a750ef39082e230bda9c031d4d6c4a1) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/07 09:43:21.0626 2488 Suspicious file (Forged): C:\Windows\system32\DRIVERS\i8042prt.sys. Real md5: 9a750ef39082e230bda9c031d4d6c4a1, Fake md5: 22d56c8184586b7a1f6fa60be5f5a2bd
2011/09/07 09:43:21.0626 2488 i8042prt - detected Rootkit.Win32.ZAccess.e (0)
2011/09/07 09:43:22.0156 2488 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\DRIVERS\iaStor.sys
2011/09/07 09:43:22.0624 2488 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/09/07 09:43:23.0264 2488 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/07 09:43:23.0607 2488 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
2011/09/07 09:43:24.0668 2488 IntcAzAudAddService (90a10b39896040b3154613c11c932aeb) C:\Windows\system32\drivers\RTKVHDA.sys
2011/09/07 09:43:25.0697 2488 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/09/07 09:43:26.0165 2488 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/07 09:43:26.0540 2488 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/07 09:43:27.0772 2488 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/07 09:43:28.0178 2488 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/07 09:43:28.0474 2488 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/07 09:43:28.0661 2488 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/09/07 09:43:28.0802 2488 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/07 09:43:29.0207 2488 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/07 09:43:29.0675 2488 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/07 09:43:30.0034 2488 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/07 09:43:30.0377 2488 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/07 09:43:30.0908 2488 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/07 09:43:31.0360 2488 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/07 09:43:31.0703 2488 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/07 09:43:32.0249 2488 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/07 09:43:32.0639 2488 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/07 09:43:32.0998 2488 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/07 09:43:33.0451 2488 massfilter (f0435fe3c1ec2659d2bbf073ca0752ee) C:\Windows\system32\drivers\massfilter.sys
2011/09/07 09:43:33.0778 2488 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/09/07 09:43:34.0168 2488 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/09/07 09:43:34.0667 2488 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/07 09:43:35.0182 2488 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/07 09:43:35.0666 2488 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/07 09:43:35.0993 2488 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/07 09:43:36.0321 2488 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/07 09:43:36.0664 2488 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/09/07 09:43:36.0992 2488 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/07 09:43:37.0382 2488 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/07 09:43:37.0803 2488 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/09/07 09:43:38.0115 2488 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/07 09:43:38.0755 2488 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/07 09:43:39.0347 2488 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/07 09:43:39.0940 2488 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/09/07 09:43:40.0377 2488 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/09/07 09:43:40.0829 2488 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/07 09:43:41.0360 2488 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/07 09:43:41.0750 2488 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/07 09:43:42.0187 2488 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/07 09:43:42.0639 2488 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/07 09:43:42.0904 2488 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/09/07 09:43:43.0263 2488 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/07 09:43:43.0825 2488 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/07 09:43:44.0215 2488 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/09/07 09:43:44.0620 2488 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/07 09:43:45.0166 2488 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/09/07 09:43:45.0728 2488 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/07 09:43:46.0180 2488 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/07 09:43:46.0586 2488 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/07 09:43:46.0913 2488 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/07 09:43:47.0303 2488 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/07 09:43:47.0725 2488 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/07 09:43:48.0489 2488 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
2011/09/07 09:43:49.0955 2488 NETw4v32 (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
2011/09/07 09:43:50.0876 2488 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/07 09:43:51.0469 2488 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/09/07 09:43:51.0718 2488 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/07 09:43:52.0202 2488 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/09/07 09:43:52.0483 2488 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/09/07 09:43:52.0654 2488 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/07 09:43:52.0888 2488 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/07 09:43:55.0103 2488 nvlddmkm (ab984ef434213522fc125cbc23299369) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/09/07 09:43:56.0929 2488 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/09/07 09:43:57.0287 2488 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/09/07 09:43:57.0724 2488 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/09/07 09:43:58.0816 2488 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/07 09:43:59.0191 2488 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/07 09:43:59.0565 2488 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/09/07 09:43:59.0893 2488 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/07 09:44:00.0314 2488 PCAMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\Drivers\PCAMp50.sys
2011/09/07 09:44:00.0657 2488 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
2011/09/07 09:44:01.0063 2488 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/09/07 09:44:01.0468 2488 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\DRIVERS\pciide.sys
2011/09/07 09:44:01.0921 2488 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/07 09:44:02.0482 2488 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/07 09:44:03.0091 2488 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/07 09:44:03.0481 2488 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/09/07 09:44:04.0042 2488 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/07 09:44:04.0448 2488 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/09/07 09:44:04.0791 2488 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys
2011/09/07 09:44:05.0087 2488 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys
2011/09/07 09:44:05.0540 2488 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/09/07 09:44:06.0179 2488 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/09/07 09:44:06.0710 2488 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/07 09:44:07.0115 2488 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/07 09:44:07.0443 2488 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/07 09:44:07.0942 2488 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/07 09:44:08.0332 2488 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/07 09:44:09.0034 2488 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/07 09:44:09.0393 2488 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/07 09:44:09.0799 2488 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/07 09:44:10.0282 2488 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/09/07 09:44:10.0641 2488 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/07 09:44:11.0015 2488 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/09/07 09:44:11.0530 2488 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/09/07 09:44:11.0827 2488 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/09/07 09:44:12.0326 2488 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
2011/09/07 09:44:13.0823 2488 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys
2011/09/07 09:44:14.0307 2488 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/09/07 09:44:14.0713 2488 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
2011/09/07 09:44:15.0305 2488 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/07 09:44:15.0664 2488 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/07 09:44:16.0039 2488 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2011/09/07 09:44:16.0444 2488 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/07 09:44:16.0881 2488 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/09/07 09:44:17.0302 2488 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/09/07 09:44:17.0692 2488 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/07 09:44:18.0082 2488 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/09/07 09:44:18.0472 2488 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/07 09:44:18.0769 2488 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/09/07 09:44:19.0127 2488 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/07 09:44:19.0268 2488 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/09/07 09:44:19.0408 2488 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/09/07 09:44:19.0736 2488 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/09/07 09:44:20.0173 2488 SmartDefragDriver (cc48f88fe17bb8e5eb6fa1a8a9477006) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2011/09/07 09:44:20.0547 2488 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/09/07 09:44:21.0093 2488 SNP2UVC (ef1f141a83c61503333569d2862f3999) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/09/07 09:44:21.0920 2488 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/07 09:44:22.0325 2488 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/09/07 09:44:22.0700 2488 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/07 09:44:23.0105 2488 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/07 09:44:23.0480 2488 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/07 09:44:23.0901 2488 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/07 09:44:24.0291 2488 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/07 09:44:24.0681 2488 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/07 09:44:25.0274 2488 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
2011/09/07 09:44:25.0757 2488 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/07 09:44:26.0179 2488 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/07 09:44:26.0584 2488 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/07 09:44:26.0990 2488 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/07 09:44:27.0473 2488 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/07 09:44:27.0692 2488 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/07 09:44:28.0191 2488 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/07 09:44:28.0487 2488 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/07 09:44:28.0706 2488 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/07 09:44:28.0987 2488 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/09/07 09:44:29.0345 2488 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/07 09:44:29.0642 2488 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/07 09:44:29.0954 2488 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/09/07 09:44:30.0266 2488 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/07 09:44:30.0453 2488 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/07 09:44:30.0999 2488 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/07 09:44:31.0514 2488 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/07 09:44:31.0623 2488 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/07 09:44:31.0732 2488 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/07 09:44:31.0841 2488 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/07 09:44:32.0465 2488 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/09/07 09:44:33.0152 2488 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/07 09:44:33.0495 2488 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/07 09:44:33.0791 2488 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/07 09:44:33.0854 2488 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/07 09:44:34.0181 2488 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/07 09:44:34.0400 2488 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/07 09:44:34.0618 2488 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/09/07 09:44:34.0993 2488 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/09/07 09:44:35.0585 2488 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/09/07 09:44:36.0116 2488 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/07 09:44:36.0615 2488 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/09/07 09:44:36.0818 2488 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/09/07 09:44:37.0333 2488 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/09/07 09:44:37.0801 2488 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/07 09:44:38.0347 2488 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/07 09:44:38.0378 2488 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/07 09:44:38.0690 2488 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/09/07 09:44:39.0220 2488 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/07 09:44:39.0766 2488 winachsf (c9c63410d8cf98f621b9cc62243fb877) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/09/07 09:44:40.0234 2488 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/09/07 09:44:40.0827 2488 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/07 09:44:41.0326 2488 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/07 09:44:41.0638 2488 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/07 09:44:41.0981 2488 XAudio (2e579520e114a9ca309f13bf40ad8292) C:\Windows\system32\DRIVERS\xaudio.sys
2011/09/07 09:44:42.0449 2488 ZTEusbmdm6k (b8b466103280e45e391e876f05122607) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
2011/09/07 09:44:42.0637 2488 ZTEusbnet (911ba85906bc7602c73441502abfb565) C:\Windows\system32\DRIVERS\ZTEusbnet.sys
2011/09/07 09:44:42.0949 2488 ZTEusbnmea (69774b89725ddc4781e0eeb9809f3b20) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
2011/09/07 09:44:43.0292 2488 ZTEusbser6k (b8b466103280e45e391e876f05122607) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
2011/09/07 09:44:43.0651 2488 ZTEusbvoice (b8b466103280e45e391e876f05122607) C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
2011/09/07 09:44:43.0807 2488 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (8098180b3f6c430a4e60333bc036f936) C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
2011/09/07 09:44:43.0869 2488 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
2011/09/07 09:44:44.0743 2488 Boot (0x1200) (d158322288337b034bd7fc75abf55836) \Device\Harddisk0\DR0\Partition0
2011/09/07 09:44:44.0774 2488 Boot (0x1200) (f44a5821f772e92b411126cc5995ac9f) \Device\Harddisk0\DR0\Partition1
2011/09/07 09:44:44.0774 2488 ================================================================================
2011/09/07 09:44:44.0774 2488 Scan finished
2011/09/07 09:44:44.0774 2488 ================================================================================
2011/09/07 09:44:44.0789 5244 Detected object count: 2
2011/09/07 09:44:44.0789 5244 Actual detected object count: 2
2011/09/07 09:46:17.0984 5244 HiddenFile.Multi.Generic(f6471e5) - User select action: Skip
2011/09/07 09:46:18.0109 5244 i8042prt (9a750ef39082e230bda9c031d4d6c4a1) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/07 09:46:18.0109 5244 Suspicious file (Forged): C:\Windows\system32\DRIVERS\i8042prt.sys. Real md5: 9a750ef39082e230bda9c031d4d6c4a1, Fake md5: 22d56c8184586b7a1f6fa60be5f5a2bd
2011/09/07 09:46:22.0258 5244 Backup copy not found, trying to cure infected file..
2011/09/07 09:46:22.0258 5244 C:\Windows\system32\DRIVERS\i8042prt.sys - Cure failed (FFFFFFFF)
2011/09/07 09:46:22.0258 5244 C:\Windows\system32\DRIVERS\i8042prt.sys - processing error
2011/09/07 09:46:22.0258 5244 Rootkit.Win32.ZAccess.e(i8042prt) - User select action: Cure
2011/09/07 09:46:45.0409 3628 ================================================================================
2011/09/07 09:46:45.0409 3628 Scan started
2011/09/07 09:46:45.0409 3628 Mode: Manual;
2011/09/07 09:46:45.0409 3628 ================================================================================
2011/09/07 09:46:45.0674 3628 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/09/07 09:46:45.0799 3628 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/09/07 09:46:45.0908 3628 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/09/07 09:46:46.0017 3628 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/09/07 09:46:46.0095 3628 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/09/07 09:46:46.0173 3628 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/09/07 09:46:46.0251 3628 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/09/07 09:46:46.0345 3628 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/07 09:46:46.0391 3628 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/09/07 09:46:46.0485 3628 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/09/07 09:46:46.0563 3628 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/09/07 09:46:46.0610 3628 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/09/07 09:46:46.0703 3628 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/09/07 09:46:46.0781 3628 ApfiltrService (db8ea68e5864adf61b73516788659e71) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/09/07 09:46:46.0875 3628 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/09/07 09:46:46.0953 3628 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/09/07 09:46:47.0000 3628 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/07 09:46:47.0078 3628 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/09/07 09:46:47.0249 3628 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\Windows\System32\Drivers\avgldx86.sys
2011/09/07 09:46:47.0327 3628 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\Windows\System32\Drivers\avgmfx86.sys
2011/09/07 09:46:47.0405 3628 AvgTdiX (92d8e1e8502e649b60e70074eb29c380) C:\Windows\System32\Drivers\avgtdix.sys
2011/09/07 09:46:47.0530 3628 b57nd60x (c7ea0e3e37ff1cd2bb65636448322572) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/09/07 09:46:47.0624 3628 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/07 09:46:47.0858 3628 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/07 09:46:47.0967 3628 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/07 09:46:48.0029 3628 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/07 09:46:48.0076 3628 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/07 09:46:48.0170 3628 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/07 09:46:48.0232 3628 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/07 09:46:48.0263 3628 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/07 09:46:48.0357 3628 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/07 09:46:48.0466 3628 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/07 09:46:48.0529 3628 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/07 09:46:48.0622 3628 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/07 09:46:48.0731 3628 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/09/07 09:46:48.0825 3628 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/07 09:46:48.0919 3628 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/09/07 09:46:48.0997 3628 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/07 09:46:49.0090 3628 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/09/07 09:46:49.0168 3628 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/09/07 09:46:49.0262 3628 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/09/07 09:46:49.0355 3628 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/09/07 09:46:49.0480 3628 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
2011/09/07 09:46:49.0543 3628 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
2011/09/07 09:46:49.0667 3628 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/07 09:46:49.0808 3628 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/07 09:46:49.0933 3628 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/07 09:46:50.0011 3628 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/09/07 09:46:50.0167 3628 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/09/07 09:46:50.0260 3628 enecir (29dcaeb81dde6f154aa4d36b18ecbb1f) C:\Windows\system32\DRIVERS\enecir.sys
2011/09/07 09:46:50.0401 3628 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/09/07 09:46:50.0463 3628 f6471e5 (8f2bb1827cac01aee6a16e30a1260199) C:\Windows\3849413647:4036726298.exe
2011/09/07 09:46:50.0463 3628 Suspicious file (Hidden): C:\Windows\3849413647:4036726298.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/07 09:46:50.0463 3628 f6471e5 - detected HiddenFile.Multi.Generic (1)
2011/09/07 09:46:50.0588 3628 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/09/07 09:46:50.0713 3628 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/07 09:46:50.0806 3628 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/07 09:46:50.0900 3628 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/07 09:46:51.0025 3628 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/07 09:46:51.0118 3628 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/09/07 09:46:51.0227 3628 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/09/07 09:46:51.0321 3628 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/07 09:46:51.0399 3628 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/07 09:46:51.0508 3628 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/07 09:46:51.0633 3628 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/07 09:46:51.0742 3628 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/07 09:46:51.0820 3628 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/07 09:46:51.0867 3628 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/09/07 09:46:51.0961 3628 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/09/07 09:46:52.0070 3628 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/09/07 09:46:52.0179 3628 HSF_DPV (3f53b4af98f8fd83b7f0b8b65d2d90a7) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/09/07 09:46:52.0319 3628 HSXHWAZL (194bc52fc0f53e540faf9de8a9c05255) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/09/07 09:46:52.0413 3628 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/09/07 09:46:52.0522 3628 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/09/07 09:46:52.0600 3628 i8042prt (9a750ef39082e230bda9c031d4d6c4a1) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/07 09:46:52.0600 3628 Suspicious file (Forged): C:\Windows\system32\DRIVERS\i8042prt.sys. Real md5: 9a750ef39082e230bda9c031d4d6c4a1, Fake md5: 22d56c8184586b7a1f6fa60be5f5a2bd
2011/09/07 09:46:52.0600 3628 i8042prt - detected Rootkit.Win32.ZAccess.e (0)
2011/09/07 09:46:52.0663 3628 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\DRIVERS\iaStor.sys
2011/09/07 09:46:52.0756 3628 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/09/07 09:46:52.0850 3628 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/07 09:46:52.0959 3628 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
2011/09/07 09:46:53.0084 3628 IntcAzAudAddService (90a10b39896040b3154613c11c932aeb) C:\Windows\system32\drivers\RTKVHDA.sys
2011/09/07 09:46:53.0240 3628 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/09/07 09:46:53.0318 3628 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/07 09:46:53.0380 3628 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/07 09:46:53.0599 3628 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/07 09:46:53.0677 3628 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/07 09:46:53.0723 3628 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/07 09:46:53.0817 3628 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/09/07 09:46:53.0895 3628 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/07 09:46:53.0989 3628 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/07 09:46:54.0082 3628 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/07 09:46:54.0176 3628 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/07 09:46:54.0285 3628 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/07 09:46:54.0425 3628 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/07 09:46:54.0535 3628 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/07 09:46:54.0644 3628 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/07 09:46:54.0722 3628 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/07 09:46:54.0753 3628 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/07 09:46:54.0862 3628 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/07 09:46:54.0987 3628 massfilter (f0435fe3c1ec2659d2bbf073ca0752ee) C:\Windows\system32\drivers\massfilter.sys
2011/09/07 09:46:55.0096 3628 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/09/07 09:46:55.0174 3628 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/09/07 09:46:55.0252 3628 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/07 09:46:55.0361 3628 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/07 09:46:55.0486 3628 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/07 09:46:55.0627 3628 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/07 09:46:55.0751 3628 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/07 09:46:55.0876 3628 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/09/07 09:46:55.0954 3628 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/07 09:46:56.0048 3628 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/07 09:46:56.0110 3628 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/09/07 09:46:56.0173 3628 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/07 09:46:56.0297 3628 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/07 09:46:56.0453 3628 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/07 09:46:56.0563 3628 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/09/07 09:46:56.0641 3628 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/09/07 09:46:56.0703 3628 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/07 09:46:56.0797 3628 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/07 09:46:56.0921 3628 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/07 09:46:57.0046 3628 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/07 09:46:57.0171 3628 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/07 09:46:57.0296 3628 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/09/07 09:46:57.0436 3628 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/07 09:46:57.0514 3628 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/07 09:46:57.0608 3628 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/09/07 09:46:57.0701 3628 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/07 09:46:57.0811 3628 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/09/07 09:46:57.0935 3628 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/07 09:46:58.0060 3628 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/07 09:46:58.0201 3628 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/07 09:46:58.0325 3628 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/07 09:46:58.0466 3628 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/07 09:46:58.0591 3628 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/07 09:46:58.0809 3628 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
2011/09/07 09:46:59.0027 3628 NETw4v32 (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
2011/09/07 09:46:59.0152 3628 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/07 09:46:59.0246 3628 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/09/07 09:46:59.0339 3628 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/07 09:46:59.0511 3628 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/09/07 09:46:59.0636 3628 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/09/07 09:46:59.0729 3628 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/07 09:46:59.0761 3628 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/07 09:47:00.0057 3628 nvlddmkm (ab984ef434213522fc125cbc23299369) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/09/07 09:47:00.0244 3628 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/09/07 09:47:00.0307 3628 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/09/07 09:47:00.0338 3628 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/09/07 09:47:00.0650 3628 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/07 09:47:00.0759 3628 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/07 09:47:00.0806 3628 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/09/07 09:47:00.0884 3628 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/07 09:47:00.0977 3628 PCAMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\Drivers\PCAMp50.sys
2011/09/07 09:47:01.0009 3628 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
2011/09/07 09:47:01.0102 3628 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/09/07 09:47:01.0211 3628 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\DRIVERS\pciide.sys
2011/09/07 09:47:01.0336 3628 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/07 09:47:01.0430 3628 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/07 09:47:01.0601 3628 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/07 09:47:01.0711 3628 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/09/07 09:47:01.0820 3628 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/07 09:47:01.0898 3628 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/09/07 09:47:01.0945 3628 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys
2011/09/07 09:47:01.0991 3628 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys
2011/09/07 09:47:02.0023 3628 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/09/07 09:47:02.0147 3628 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/09/07 09:47:02.0272 3628 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/07 09:47:02.0350 3628 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/07 09:47:02.0444 3628 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/07 09:47:02.0569 3628 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/07 09:47:02.0693 3628 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/07 09:47:02.0787 3628 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/07 09:47:02.0927 3628 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/07 09:47:03.0052 3628 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/07 09:47:03.0177 3628 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/09/07 09:47:03.0239 3628 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/07 09:47:03.0349 3628 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/09/07 09:47:03.0489 3628 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/09/07 09:47:03.0551 3628 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/09/07 09:47:03.0614 3628 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
2011/09/07 09:47:03.0723 3628 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys
2011/09/07 09:47:03.0863 3628 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/09/07 09:47:03.0988 3628 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
2011/09/07 09:47:04.0144 3628 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/07 09:47:04.0253 3628 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/07 09:47:04.0347 3628 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2011/09/07 09:47:04.0425 3628 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/07 09:47:04.0519 3628 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/09/07 09:47:04.0565 3628 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/09/07 09:47:04.0659 3628 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/07 09:47:04.0831 3628 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/09/07 09:47:04.0940 3628 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/07 09:47:05.0018 3628 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/09/07 09:47:05.0049 3628 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/07 09:47:05.0158 3628 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/09/07 09:47:05.0236 3628 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/09/07 09:47:05.0330 3628 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/09/07 09:47:05.0423 3628 SmartDefragDriver (cc48f88fe17bb8e5eb6fa1a8a9477006) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2011/09/07 09:47:05.0517 3628 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/09/07 09:47:05.0689 3628 SNP2UVC (ef1f141a83c61503333569d2862f3999) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/09/07 09:47:05.0860 3628 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/07 09:47:06.0001 3628 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/09/07 09:47:06.0141 3628 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/07 09:47:06.0235 3628 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/07 09:47:06.0344 3628 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/07 09:47:06.0422 3628 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/07 09:47:06.0515 3628 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/07 09:47:06.0562 3628 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/07 09:47:06.0671 3628 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
2011/09/07 09:47:06.0827 3628 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/07 09:47:06.0983 3628 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/07 09:47:07.0108 3628 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/07 09:47:07.0233 3628 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/07 09:47:07.0358 3628 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/07 09:47:07.0498 3628 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/07 09:47:07.0654 3628 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/07 09:47:07.0779 3628 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/07 09:47:07.0919 3628 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/07 09:47:08.0029 3628 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/09/07 09:47:08.0107 3628 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/07 09:47:08.0231 3628 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/07 09:47:08.0294 3628 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/09/07 09:47:08.0325 3628 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/07 09:47:08.0356 3628 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/07 09:47:08.0387 3628 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/07 09:47:08.0512 3628 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/07 09:47:08.0621 3628 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/07 09:47:08.0684 3628 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/07 09:47:08.0746 3628 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usb
0
Réponse 7 / 44
furtif60
7 sept. 2011 à 10:07
pardon

voila la suite

2011/09/07 09:44:31.0841 2488 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/07 09:44:32.0465 2488 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/09/07 09:44:33.0152 2488 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/07 09:44:33.0495 2488 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/07 09:44:33.0791 2488 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/07 09:44:33.0854 2488 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/07 09:44:34.0181 2488 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/07 09:44:34.0400 2488 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/07 09:44:34.0618 2488 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/09/07 09:44:34.0993 2488 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/09/07 09:44:35.0585 2488 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/09/07 09:44:36.0116 2488 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/07 09:44:36.0615 2488 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/09/07 09:44:36.0818 2488 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/09/07 09:44:37.0333 2488 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/09/07 09:44:37.0801 2488 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/07 09:44:38.0347 2488 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/07 09:44:38.0378 2488 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/07 09:44:38.0690 2488 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/09/07 09:44:39.0220 2488 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/07 09:44:39.0766 2488 winachsf (c9c63410d8cf98f621b9cc62243fb877) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/09/07 09:44:40.0234 2488 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/09/07 09:44:40.0827 2488 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/07 09:44:41.0326 2488 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/07 09:44:41.0638 2488 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/07 09:44:41.0981 2488 XAudio (2e579520e114a9ca309f13bf40ad8292) C:\Windows\system32\DRIVERS\xaudio.sys
2011/09/07 09:44:42.0449 2488 ZTEusbmdm6k (b8b466103280e45e391e876f05122607) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
2011/09/07 09:44:42.0637 2488 ZTEusbnet (911ba85906bc7602c73441502abfb565) C:\Windows\system32\DRIVERS\ZTEusbnet.sys
2011/09/07 09:44:42.0949 2488 ZTEusbnmea (69774b89725ddc4781e0eeb9809f3b20) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
2011/09/07 09:44:43.0292 2488 ZTEusbser6k (b8b466103280e45e391e876f05122607) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
2011/09/07 09:44:43.0651 2488 ZTEusbvoice (b8b466103280e45e391e876f05122607) C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
2011/09/07 09:44:43.0807 2488 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (8098180b3f6c430a4e60333bc036f936) C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
2011/09/07 09:44:43.0869 2488 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
2011/09/07 09:44:44.0743 2488 Boot (0x1200) (d158322288337b034bd7fc75abf55836) \Device\Harddisk0\DR0\Partition0
2011/09/07 09:44:44.0774 2488 Boot (0x1200) (f44a5821f772e92b411126cc5995ac9f) \Device\Harddisk0\DR0\Partition1
2011/09/07 09:44:44.0774 2488 ================================================================================
2011/09/07 09:44:44.0774 2488 Scan finished
2011/09/07 09:44:44.0774 2488 ================================================================================
2011/09/07 09:44:44.0789 5244 Detected object count: 2
2011/09/07 09:44:44.0789 5244 Actual detected object count: 2
2011/09/07 09:46:17.0984 5244 HiddenFile.Multi.Generic(f6471e5) - User select action: Skip
2011/09/07 09:46:18.0109 5244 i8042prt (9a750ef39082e230bda9c031d4d6c4a1) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/07 09:46:18.0109 5244 Suspicious file (Forged): C:\Windows\system32\DRIVERS\i8042prt.sys. Real md5: 9a750ef39082e230bda9c031d4d6c4a1, Fake md5: 22d56c8184586b7a1f6fa60be5f5a2bd
2011/09/07 09:46:22.0258 5244 Backup copy not found, trying to cure infected file..
2011/09/07 09:46:22.0258 5244 C:\Windows\system32\DRIVERS\i8042prt.sys - Cure failed (FFFFFFFF)
2011/09/07 09:46:22.0258 5244 C:\Windows\system32\DRIVERS\i8042prt.sys - processing error
2011/09/07 09:46:22.0258 5244 Rootkit.Win32.ZAccess.e(i8042prt) - User select action: Cure
2011/09/07 09:46:45.0409 3628 ================================================================================
2011/09/07 09:46:45.0409 3628 Scan started
2011/09/07 09:46:45.0409 3628 Mode: Manual;
2011/09/07 09:46:45.0409 3628 ================================================================================
2011/09/07 09:46:45.0674 3628 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/09/07 09:46:45.0799 3628 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/09/07 09:46:45.0908 3628 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/09/07 09:46:46.0017 3628 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/09/07 09:46:46.0095 3628 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/09/07 09:46:46.0173 3628 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
2011/09/07 09:46:46.0251 3628 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/09/07 09:46:46.0345 3628 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/07 09:46:46.0391 3628 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/09/07 09:46:46.0485 3628 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/09/07 09:46:46.0563 3628 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/09/07 09:46:46.0610 3628 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/09/07 09:46:46.0703 3628 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/09/07 09:46:46.0781 3628 ApfiltrService (db8ea68e5864adf61b73516788659e71) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/09/07 09:46:46.0875 3628 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/09/07 09:46:46.0953 3628 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/09/07 09:46:47.0000 3628 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/07 09:46:47.0078 3628 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/09/07 09:46:47.0249 3628 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\Windows\System32\Drivers\avgldx86.sys
2011/09/07 09:46:47.0327 3628 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\Windows\System32\Drivers\avgmfx86.sys
2011/09/07 09:46:47.0405 3628 AvgTdiX (92d8e1e8502e649b60e70074eb29c380) C:\Windows\System32\Drivers\avgtdix.sys
2011/09/07 09:46:47.0530 3628 b57nd60x (c7ea0e3e37ff1cd2bb65636448322572) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/09/07 09:46:47.0624 3628 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/07 09:46:47.0858 3628 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/07 09:46:47.0967 3628 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/07 09:46:48.0029 3628 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/07 09:46:48.0076 3628 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/07 09:46:48.0170 3628 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/07 09:46:48.0232 3628 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/07 09:46:48.0263 3628 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/07 09:46:48.0357 3628 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/07 09:46:48.0466 3628 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/07 09:46:48.0529 3628 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/07 09:46:48.0622 3628 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/07 09:46:48.0731 3628 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/09/07 09:46:48.0825 3628 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/07 09:46:48.0919 3628 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/09/07 09:46:48.0997 3628 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/07 09:46:49.0090 3628 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/09/07 09:46:49.0168 3628 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/09/07 09:46:49.0262 3628 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
2011/09/07 09:46:49.0355 3628 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/09/07 09:46:49.0480 3628 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
2011/09/07 09:46:49.0543 3628 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
2011/09/07 09:46:49.0667 3628 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/07 09:46:49.0808 3628 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/07 09:46:49.0933 3628 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/07 09:46:50.0011 3628 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/09/07 09:46:50.0167 3628 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/09/07 09:46:50.0260 3628 enecir (29dcaeb81dde6f154aa4d36b18ecbb1f) C:\Windows\system32\DRIVERS\enecir.sys
2011/09/07 09:46:50.0401 3628 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/09/07 09:46:50.0463 3628 f6471e5 (8f2bb1827cac01aee6a16e30a1260199) C:\Windows\3849413647:4036726298.exe
2011/09/07 09:46:50.0463 3628 Suspicious file (Hidden): C:\Windows\3849413647:4036726298.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/07 09:46:50.0463 3628 f6471e5 - detected HiddenFile.Multi.Generic (1)
2011/09/07 09:46:50.0588 3628 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/09/07 09:46:50.0713 3628 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/07 09:46:50.0806 3628 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/07 09:46:50.0900 3628 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/07 09:46:51.0025 3628 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/07 09:46:51.0118 3628 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/09/07 09:46:51.0227 3628 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/09/07 09:46:51.0321 3628 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/07 09:46:51.0399 3628 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/07 09:46:51.0508 3628 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/07 09:46:51.0633 3628 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/07 09:46:51.0742 3628 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/07 09:46:51.0820 3628 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/07 09:46:51.0867 3628 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/09/07 09:46:51.0961 3628 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/09/07 09:46:52.0070 3628 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/09/07 09:46:52.0179 3628 HSF_DPV (3f53b4af98f8fd83b7f0b8b65d2d90a7) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/09/07 09:46:52.0319 3628 HSXHWAZL (194bc52fc0f53e540faf9de8a9c05255) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/09/07 09:46:52.0413 3628 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/09/07 09:46:52.0522 3628 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/09/07 09:46:52.0600 3628 i8042prt (9a750ef39082e230bda9c031d4d6c4a1) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/07 09:46:52.0600 3628 Suspicious file (Forged): C:\Windows\system32\DRIVERS\i8042prt.sys. Real md5: 9a750ef39082e230bda9c031d4d6c4a1, Fake md5: 22d56c8184586b7a1f6fa60be5f5a2bd
2011/09/07 09:46:52.0600 3628 i8042prt - detected Rootkit.Win32.ZAccess.e (0)
2011/09/07 09:46:52.0663 3628 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\DRIVERS\iaStor.sys
2011/09/07 09:46:52.0756 3628 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/09/07 09:46:52.0850 3628 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/07 09:46:52.0959 3628 int15 (9d64201c9e5ac8d1f088762ba00ff3ab) C:\Acer\Empowering Technology\eRecovery\int15.sys
2011/09/07 09:46:53.0084 3628 IntcAzAudAddService (90a10b39896040b3154613c11c932aeb) C:\Windows\system32\drivers\RTKVHDA.sys
2011/09/07 09:46:53.0240 3628 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/09/07 09:46:53.0318 3628 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/07 09:46:53.0380 3628 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/07 09:46:53.0599 3628 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/07 09:46:53.0677 3628 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/07 09:46:53.0723 3628 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/07 09:46:53.0817 3628 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/09/07 09:46:53.0895 3628 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/07 09:46:53.0989 3628 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/07 09:46:54.0082 3628 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/07 09:46:54.0176 3628 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/07 09:46:54.0285 3628 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/07 09:46:54.0425 3628 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/07 09:46:54.0535 3628 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/07 09:46:54.0644 3628 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/07 09:46:54.0722 3628 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/07 09:46:54.0753 3628 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/07 09:46:54.0862 3628 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/07 09:46:54.0987 3628 massfilter (f0435fe3c1ec2659d2bbf073ca0752ee) C:\Windows\system32\drivers\massfilter.sys
2011/09/07 09:46:55.0096 3628 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/09/07 09:46:55.0174 3628 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/09/07 09:46:55.0252 3628 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/07 09:46:55.0361 3628 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/07 09:46:55.0486 3628 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/07 09:46:55.0627 3628 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/07 09:46:55.0751 3628 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/07 09:46:55.0876 3628 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/09/07 09:46:55.0954 3628 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/07 09:46:56.0048 3628 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/07 09:46:56.0110 3628 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/09/07 09:46:56.0173 3628 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/07 09:46:56.0297 3628 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/07 09:46:56.0453 3628 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/07 09:46:56.0563 3628 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/09/07 09:46:56.0641 3628 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/09/07 09:46:56.0703 3628 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/07 09:46:56.0797 3628 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/07 09:46:56.0921 3628 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/07 09:46:57.0046 3628 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/07 09:46:57.0171 3628 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/07 09:46:57.0296 3628 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/09/07 09:46:57.0436 3628 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/07 09:46:57.0514 3628 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/07 09:46:57.0608 3628 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/09/07 09:46:57.0701 3628 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/07 09:46:57.0811 3628 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/09/07 09:46:57.0935 3628 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/07 09:46:58.0060 3628 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/07 09:46:58.0201 3628 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/07 09:46:58.0325 3628 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/07 09:46:58.0466 3628 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/07 09:46:58.0591 3628 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/07 09:46:58.0809 3628 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
2011/09/07 09:46:59.0027 3628 NETw4v32 (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
2011/09/07 09:46:59.0152 3628 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/07 09:46:59.0246 3628 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/09/07 09:46:59.0339 3628 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/07 09:46:59.0511 3628 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/09/07 09:46:59.0636 3628 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2011/09/07 09:46:59.0729 3628 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/07 09:46:59.0761 3628 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/07 09:47:00.0057 3628 nvlddmkm (ab984ef434213522fc125cbc23299369) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/09/07 09:47:00.0244 3628 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/09/07 09:47:00.0307 3628 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/09/07 09:47:00.0338 3628 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/09/07 09:47:00.0650 3628 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/07 09:47:00.0759 3628 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/07 09:47:00.0806 3628 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/09/07 09:47:00.0884 3628 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/07 09:47:00.0977 3628 PCAMp50 (1bf91f352d746ad7469fa71783b5fae8) C:\Windows\system32\Drivers\PCAMp50.sys
2011/09/07 09:47:01.0009 3628 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
2011/09/07 09:47:01.0102 3628 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/09/07 09:47:01.0211 3628 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\DRIVERS\pciide.sys
2011/09/07 09:47:01.0336 3628 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/07 09:47:01.0430 3628 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/07 09:47:01.0601 3628 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/07 09:47:01.0711 3628 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/09/07 09:47:01.0820 3628 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/07 09:47:01.0898 3628 PSDFilter (e801d5cc24e1cf18fa87d24d7074b876) C:\Windows\system32\DRIVERS\psdfilter.sys
2011/09/07 09:47:01.0945 3628 PSDNServ (24b5e3429f7f0e779fc2e6e36a0a5f73) C:\Windows\system32\drivers\PSDNServ.sys
2011/09/07 09:47:01.0991 3628 psdvdisk (01cbfd08c0e8a6106bb26fcda297154e) C:\Windows\system32\drivers\psdvdisk.sys
2011/09/07 09:47:02.0023 3628 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/09/07 09:47:02.0147 3628 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/09/07 09:47:02.0272 3628 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/07 09:47:02.0350 3628 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/07 09:47:02.0444 3628 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/07 09:47:02.0569 3628 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/07 09:47:02.0693 3628 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/07 09:47:02.0787 3628 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/07 09:47:02.0927 3628 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/07 09:47:03.0052 3628 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/07 09:47:03.0177 3628 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/09/07 09:47:03.0239 3628 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/07 09:47:03.0349 3628 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/09/07 09:47:03.0489 3628 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/09/07 09:47:03.0551 3628 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/09/07 09:47:03.0614 3628 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
2011/09/07 09:47:03.0723 3628 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys
2011/09/07 09:47:03.0863 3628 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/09/07 09:47:03.0988 3628 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
2011/09/07 09:47:04.0144 3628 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/07 09:47:04.0253 3628 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/07 09:47:04.0347 3628 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2011/09/07 09:47:04.0425 3628 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/07 09:47:04.0519 3628 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/09/07 09:47:04.0565 3628 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/09/07 09:47:04.0659 3628 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/07 09:47:04.0831 3628 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/09/07 09:47:04.0940 3628 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/07 09:47:05.0018 3628 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/09/07 09:47:05.0049 3628 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/07 09:47:05.0158 3628 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/09/07 09:47:05.0236 3628 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/09/07 09:47:05.0330 3628 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/09/07 09:47:05.0423 3628 SmartDefragDriver (cc48f88fe17bb8e5eb6fa1a8a9477006) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2011/09/07 09:47:05.0517 3628 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/09/07 09:47:05.0689 3628 SNP2UVC (ef1f141a83c61503333569d2862f3999) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/09/07 09:47:05.0860 3628 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/07 09:47:06.0001 3628 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
2011/09/07 09:47:06.0141 3628 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/07 09:47:06.0235 3628 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/07 09:47:06.0344 3628 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/07 09:47:06.0422 3628 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/07 09:47:06.0515 3628 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/07 09:47:06.0562 3628 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/07 09:47:06.0671 3628 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
2011/09/07 09:47:06.0827 3628 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/07 09:47:06.0983 3628 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/07 09:47:07.0108 3628 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/07 09:47:07.0233 3628 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/07 09:47:07.0358 3628 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/07 09:47:07.0498 3628 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/07 09:47:07.0654 3628 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/07 09:47:07.0779 3628 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/07 09:47:07.0919 3628 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/07 09:47:08.0029 3628 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/09/07 09:47:08.0107 3628 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/07 09:47:08.0231 3628 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/07 09:47:08.0294 3628 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/09/07 09:47:08.0325 3628 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/07 09:47:08.0356 3628 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/07 09:47:08.0387 3628 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/07 09:47:08.0512 3628 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/07 09:47:08.0621 3628 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/07 09:47:08.0684 3628 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/07 09:47:08.0746 3628 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/07 09:47:08.0855 3628 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/09/07 09:47:08.0933 3628 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/07 09:47:09.0043 3628 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/07 09:47:09.0167 3628 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/07 09:47:09.0277 3628 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/07 09:47:09.0417 3628 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/07 09:47:09.0526 3628 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/07 09:47:09.0651 3628 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/09/07 09:47:09.0776 3628 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/09/07 09:47:09.0901 3628 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/09/07 09:47:10.0010 3628 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/07 09:47:10.0103 3628 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/09/07 09:47:10.0228 3628 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/09/07 09:47:10.0322 3628 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/09/07 09:47:10.0431 3628 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/07 09:47:10.0556 3628 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/07 09:47:10.0571 3628 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/07 09:47:10.0712 3628 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/09/07 09:47:10.0852 3628 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/07 09:47:11.0039 3628 winachsf (c9c63410d8cf98f621b9cc62243fb877) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/09/07 09:47:11.0211 3628 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/09/07 09:47:11.0336 3628 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/07 09:47:11.0429 3628 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/07 09:47:11.0585 3628 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/07 09:47:11.0726 3628 XAudio (2e579520e114a9ca309f13bf40ad8292) C:\Windows\system32\DRIVERS\xaudio.sys
2011/09/07 09:47:11.0882 3628 ZTEusbmdm6k (b8b466103280e45e391e876f05122607) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
2011/09/07 09:47:12.0007 3628 ZTEusbnet (911ba85906bc7602c73441502abfb565) C:\Windows\system32\DRIVERS\ZTEusbnet.sys
2011/09/07 09:47:12.0163 3628 ZTEusbnmea (69774b89725ddc4781e0eeb9809f3b20) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
2011/09/07 09:47:12.0303 3628 ZTEusbser6k (b8b466103280e45e391e876f05122607) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
2011/09/07 09:47:12.0443 3628 ZTEusbvoice (b8b466103280e45e391e876f05122607) C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
2011/09/07 09:47:12.0553 3628 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} (8098180b3f6c430a4e60333bc036f936) C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl
2011/09/07 09:47:12.0584 3628 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0
2011/09/07 09:47:13.0426 3628 Boot (0x1200) (d158322288337b034bd7fc75abf55836) \Device\Harddisk0\DR0\Partition0
2011/09/07 09:47:13.0457 3628 Boot (0x1200) (f44a5821f772e92b411126cc5995ac9f) \Device\Harddisk0\DR0\Partition1
2011/09/07 09:47:13.0473 3628 ================================================================================
2011/09/07 09:47:13.0473 3628 Scan finished
2011/09/07 09:47:13.0473 3628 ================================================================================
2011/09/07 09:47:13.0473 4976 Detected object count: 2
2011/09/07 09:47:13.0473 4976 Actual detected object count: 2
2011/09/07 09:47:27.0107 4976 HiddenFile.Multi.Generic(f6471e5) - User select action: Skip
2011/09/07 09:47:27.0248 4976 i8042prt (9a750ef39082e230bda9c031d4d6c4a1) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/07 09:47:27.0248 4976 Suspicious file (Forged): C:\Windows\system32\DRIVERS\i8042prt.sys. Real md5: 9a750ef39082e230bda9c031d4d6c4a1, Fake md5: 22d56c8184586b7a1f6fa60be5f5a2bd
2011/09/07 09:47:27.0404 4976 Backup copy not found, trying to cure infected file..
2011/09/07 09:47:27.0404 4976 C:\Windows\system32\DRIVERS\i8042prt.sys - Cure failed (FFFFFFFF)
2011/09/07 09:47:27.0404 4976 C:\Windows\system32\DRIVERS\i8042prt.sys - processing error
2011/09/07 09:47:27.0404 4976 Rootkit.Win32.ZAccess.e(i8042prt) - User select action: Cure
2011/09/07 09:47:39.0010 5892 Deinitialize success
0
Réponse 8 / 44
Utilisateur anonyme
7 sept. 2011 à 14:58

/!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\

__________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================

▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur

Telecharge ici : Combofix

Avant d'utiliser ComboFix :

Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système.
La simple désactivation du résident n'est pas suffisante.
Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
Choisis la version adéquate (32 ou 64 bits)/!\

Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau

▶ Lance le

Une fenêtre apparait : clique sur "Disable"

▶ Fais redémarrer l'ordinateur si l'outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"

_________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."

sur combofix renommé

¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤

▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.



0
Réponse 9 / 44
furtif60
7 sept. 2011 à 15:35
quand je lance le desinstall d avg : pareil il ne va pas au bout et l icone se marque avec 2 petites tetes?
0
Réponse 10 / 44
Utilisateur anonyme
7 sept. 2011 à 15:38
Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :

C:\Windows\system32\drivers\djsvs.sys

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
0
Réponse 11 / 44
furtif60
7 sept. 2011 à 16:07
voici le lien

http://www.virustotal.com/file-scan/report.html?id=b831bf156fc49287a19fc149383d437b1034ea6f42ce9d761eb90abd0f8d96b1-1315404011
0
Réponse 12 / 44
Utilisateur anonyme
7 sept. 2011 à 17:06
tu peux utiliser le desinstalleur d'avg en mode sans echec ?
0
Réponse 13 / 44
furtif60
7 sept. 2011 à 17:31
j ai lancé en mode sans echec pareil mais j ai verifié les process il n'y a rien de avg qui tourne (pas meme watchdog).
je continue ?
merci
0
Réponse 14 / 44
Utilisateur anonyme
7 sept. 2011 à 17:40
oui
0
Réponse 15 / 44
furtif60
7 sept. 2011 à 18:30
voici le rapport

ComboFix 11-09-07.04 - breton 07/09/2011 18:03:08.1.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2045.1315 [GMT 2:00]
Lancé depuis: c:\users\breton\Contacts\Desktop\eddie.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\drv\Tuner\Yuan\Resources\_desktop.ini
C:\newdnswatch
c:\newdnswatch\config.bin
c:\program files\Kiwee Toolbar\3.3\kwtbaim.exe
c:\program files\SFR\Kit\9props .exe
c:\programdata\2UiVN04N.exe
c:\programdata\A6E9.tmp
c:\programdata\defender.exe
C:\Recycle.Bin
c:\recycle.bin\config.bin
c:\users\breton\AppData\Local\WahOO
c:\users\breton\AppData\Local\WahOO\WahOO .exe
c:\users\breton\download(1).aspx
c:\users\breton\download.aspx
c:\users\breton\iMeshV10fr.exe
c:\windows\3849413647
c:\windows\3849413647:4036726298.exe
c:\windows\Fonts\F4V1pyJ.com
c:\windows\system32\c_04731.nls
c:\windows\system32\comct332.ocx
c:\windows\system32\qnbwvoto.dll
.
[code] <pre>
c:\program files\Kiwee Toolbar\3.3\kwtbaim .exe ---^> c:\program files\Kiwee Toolbar\3.3\kwtbaim.exe
c:\program files\SFR\Kit\9props .exe ---^> c:\program files\SFR\Kit\9props.exe
</pre> /code
.
Une copie infectée de c:\windows\system32\Drivers\i8042prt.sys a été trouvée et désinfectée
Copie restaurée à partir de - The cat found it :)
c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe . . . est infecté!!
c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\acer\ALaunch\ALaunchSvc.exe . . . est infecté!!
c:\acer\ALaunch\ALaunchSvc.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\program files\Application Updater\ApplicationUpdater.exe . . . est infecté!!
c:\program files\Application Updater\ApplicationUpdater.exe . . . was deleted!! You should re-install the program it pertains to
.
Une copie infectée de c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
.
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe . . . est infecté!!
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe . . . est infecté!!
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\acer\Empowering Technology\eNet\eNet Service.exe . . . est infecté!!
c:\acer\Empowering Technology\eNet\eNet Service.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe . . . est infecté!!
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe . . . est infecté!!
c:\acer\Empowering Technology\eSettings\Service\capuserv.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe . . . est infecté!!
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\program files\Common Files\LightScribe\LSSrvc.exe . . . est infecté!!
c:\program files\Common Files\LightScribe\LSSrvc.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\acer\Mobility Center\MobilityService.exe . . . est infecté!!
c:\acer\Mobility Center\MobilityService.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\program files\Roxio\Digital Home 9\RoxioUpnpService9.exe . . . est infecté!!
c:\program files\Roxio\Digital Home 9\RoxioUpnpService9.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe . . . est infecté!!
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\program files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe . . . est infecté!!
c:\program files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe . . . was deleted!! You should re-install the program it pertains to
.
c:\acer\Empowering Technology\ePower\ePowerSvc.exe . . . est infecté!!
c:\acer\Empowering Technology\ePower\ePowerSvc.exe . . . was deleted!! You should re-install the program it pertains to
.
Une copie infectée de c:\windows\system32\DRIVERS\xaudio.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\System32\DriverStore\FileRepository\acrzun32z.inf_0464b755\XAudio.exe
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_f6471e5
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-08-07 au 2011-09-07 ))))))))))))))))))))))))))))))))))))
.
.
2011-09-07 16:17 . 2011-09-07 16:20 -------- d-----w- c:\users\breton\AppData\Local\temp
2011-09-07 16:17 . 2011-09-07 16:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-07 15:57 . 2008-01-19 05:49 54784 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-09-07 07:48 . 2011-09-07 07:48 -------- d-----w- C:\TDSSKiller
2011-09-06 11:11 . 2011-09-06 11:12 -------- d-----w- C:\Kill'em
2011-09-05 10:46 . 2011-02-15 17:16 86016 ----a-w- c:\program files\Common Files\Microsoft Shared\Windows Live\msimg32.dll
2011-09-05 10:45 . 2011-09-05 10:45 -------- d-----w- c:\program files\UnifiedToolbar
2011-09-05 10:34 . 2011-08-16 06:48 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6E028A9D-6076-4A07-8C9E-4FA7E73CBED3}\mpengine.dll
2011-09-05 10:34 . 2011-09-05 10:37 -------- d-----w- C:\ZHP
2011-09-05 10:34 . 2011-09-06 10:51 -------- d-----w- c:\program files\ZHPDiag
2011-09-04 13:22 . 2011-09-06 10:50 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-09-04 13:22 . 2011-09-06 10:50 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-08-30 18:25 . 2011-08-30 18:25 -------- d-----w- c:\users\breton\AppData\Roaming\Malwarebytes
2011-08-30 18:25 . 2011-08-30 18:25 -------- d-----w- c:\programdata\Malwarebytes
2011-08-30 18:15 . 2011-08-12 06:19 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-08-30 18:15 . 2011-08-12 06:19 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-08-30 18:15 . 2011-08-12 06:19 785368 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-08-30 18:15 . 2011-08-12 06:19 478168 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-08-30 18:15 . 2011-08-12 06:19 1846232 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-08-30 18:15 . 2011-08-12 06:19 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-08-30 18:15 . 2011-08-12 03:15 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-08-30 18:15 . 2011-08-12 03:15 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-08-30 17:50 . 2011-08-30 17:50 -------- d--h--w- c:\programdata\Common Files
2011-08-30 17:43 . 2011-08-30 17:50 -------- d-----w- c:\programdata\MFAData
2011-08-29 22:52 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-29 22:52 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 06:19 . 2011-08-30 18:15 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
[code]<pre>
c:\program files\Acer Arcade Deluxe\Play Movie\PMVService .exe
c:\program files\Adobe\Reader 8.0\Reader\Reader_sl .exe
c:\program files\Apoint2K\Apoint .exe
c:\program files\Ask.com\Updater\Updater .exe
c:\program files\AVG\AVG8\avgtray .exe
c:\program files\Common Files\Java\Java Update\jusched .exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9 .exe
c:\program files\DivX\DivX Update\DivXUpdate .exe
c:\program files\Epson Software\Event Manager\EEventManager .exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif .exe
c:\program files\Launch Manager\LManager .exe
c:\program files\QuickTime\QTTask .exe
c:\windows\PLFSetL .exe
</pre>/code
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"= "mscoree.dll" [2009-11-08 297808]
.
[HKEY_CLASSES_ROOT\clsid\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}]
[HKEY_CLASSES_ROOT\agihelper.AGUtils]
[HKEY_CLASSES_ROOT\TypeLib\{647B16D8-AD7B-4983-82D7-82A270FC9E6D}]
[HKEY_CLASSES_ROOT\agcutils.AGSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}]
2009-11-08 08:55 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C2F888D2-172D-2363-5B1F-EB51813D3E97}]
2008-01-19 05:49 820224 ----a-w- c:\windows\System32\znwmndrw.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1c99b848-84cb-4ce4-8cd8-ed5719484d9f}"= "mscoree.dll" [2009-11-08 297808]
.
[HKEY_CLASSES_ROOT\clsid\{1c99b848-84cb-4ce4-8cd8-ed5719484d9f}]
[HKEY_CLASSES_ROOT\UnifiedToolbar.UnifiedToolbar]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Enhanced Storage]
@="{C2F888D2-172D-2363-5B1F-EB51813D3E97}"
[HKEY_CLASSES_ROOT\CLSID\{C2F888D2-172D-2363-5B1F-EB51813D3E97}]
2008-01-19 05:49 820224 ----a-w- c:\windows\System32\znwmndrw.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"MsnMsgr"="~c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [N/A]
"Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props .exe" [N/A]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2011-07-11 39940]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-25 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-25 8470528]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-25 81920]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2011-07-11 39940]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2008-09-19 615696]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2011-07-11 39940]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-07-11 39940]
"KiweeHook"="c:\program files\Kiwee Toolbar\3.3\kwtbaim.exe" [2011-02-15 53248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-8-10 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bipro]
c:\windows\$XNTUninstall643$\wktly.dll [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-11 21:54 39940 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2011-07-11 21:54 39940 ----a-w- c:\program files\Epson Software\Event Manager\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
2011-06-24 16:22 534880 ----a-w- c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
c:\program files\SweetIM\Messenger\SweetIM.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
R2 AGCoreService;AG Core Services;c:\program files\AGI\core\4.2.0.10754\AGCoreService.exe [2011-09-05 20480]
R2 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [x]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [x]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [x]
R2 ServiceSFRABCD;Service SFR Gestionnaire Connexion;c:\program files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2008-10-29 7680]
R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2008-10-13 110080]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [2008-10-15 104960]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 16184]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 13560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2009-03-30 66368]
S2 mmsajscc;IPX Traffic Forwarder Monitor;c:\windows\System32\svchost.exe [2008-01-19 21504]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-06-05 179712]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
mmsajscc
.
Contenu du dossier 'Tâches planifiées'
.
2011-06-08 c:\windows\Tasks\WinMaximizer-breton-Startup.job
- c:\program files\WinMaximizer\WinMaximizer.exe [2011-06-08 14:21]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\breton\AppData\Roaming\Mozilla\Firefox\Profiles\v3g834g7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
BHO-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-07 18:21
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,18,0c,3f,f1,f3,0e,44,a1,f0,04,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,65,18,0c,3f,f1,f3,0e,44,a1,f0,04,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(2496)
c:\windows\system32\znwmndrw.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Heure de fin: 2011-09-07 18:27:40 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-09-07 16:27
.
Avant-CF: 8 974 856 192 octets libres
Après-CF: 8 796 553 216 octets libres
.
- - End Of File - - 3DCF5B6B129121D0A004DDD94EA8B21B
0
Réponse 16 / 44
Utilisateur anonyme
7 sept. 2011 à 20:05
si tu peux :

desinstalle UnifiedToolbar
desinstalle spybot

================================


__________________________________________________
=>/!\Le script qui suit a été écrit spécialement cet ordinateur/!\ <=
=>il est fort déconseillé de le transposer sur un autre ordinateur !<=
----------------------------------------------------------------------------

Toujours avec toutes les protections désactivées, fais ceci :

▶ Ouvre le bloc-notes (Menu démarrer --> programmes --> accessoires --> bloc-notes)
▶ Copie/colle dans le bloc-notes ce qui entre les lignes ci dessous (sans les lignes) :

----------------------------------------------------------
KillAll::

File::
c:\windows\System32\znwmndrw.dll

Folder::
c:\program files\UnifiedToolbar
c:\programdata\Spybot - Search & Destroy
c:\program files\Spybot - Search & Destroy
c:\windows\$XNTUninstall643$

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bipro]

RenV::
c:\program files\Acer Arcade Deluxe\Play Movie\PMVService .exe
c:\program files\Adobe\Reader 8.0\Reader\Reader_sl .exe
c:\program files\Apoint2K\Apoint .exe
c:\program files\Ask.com\Updater\Updater .exe
c:\program files\AVG\AVG8\avgtray .exe
c:\program files\Common Files\Java\Java Update\jusched .exe => Sun Microsystems Java Shared File
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9 .exe
c:\program files\DivX\DivX Update\DivXUpdate .exe
c:\program files\Epson Software\Event Manager\EEventManager .exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif .exe
c:\program files\Launch Manager\LManager .exe
c:\program files\QuickTime\QTTask .exe
c:\windows\PLFSetL .exe

Driver::
Application Updater
mmsajscc

Netsvc::
mmsajscc

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]


------------------------------------------------------------------

▶ Enregistre ce fichier sur ton Bureau (et pas ailleurs !) sous le nom CFScript.txt
▶ Quitte le Bloc Notes

▶ Fais un glisser/déposer de ce fichier CFScript sur le fichier combofix

▶ Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
▶ Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
▶ Si le fichier ne s'ouvre pas, il se trouve ici => C:\ComboFix.txt


0
Réponse 17 / 44
furtif60
7 sept. 2011 à 20:46
voici le rapport

ComboFix 11-09-07.04 - breton 07/09/2011 20:27:11.2.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2045.1112 [GMT 2:00]
Lancé depuis: c:\users\breton\Contacts\Desktop\eddie.exe
Commutateurs utilisés :: c:\users\breton\Contacts\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\System32\znwmndrw.dll"
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Spybot - Search & Destroy
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\program files\UnifiedToolbar
c:\program files\UnifiedToolbar\3.3\Firefox\chrome.manifest-dist
c:\program files\UnifiedToolbar\3.3\Firefox\chrome.manifest
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\common\logger.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\common\uuid.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\browser.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\browser.properties
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\browser.xul
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\content_ie.xml
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\agcore\cache.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\agcore\config.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\agcore\cookie.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\agcore\search.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\appconfig.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\content.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\core.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\events.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\installer.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\navigate.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\widgets\widgets.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\window.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\delight\windowregistry.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\modalDialog.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\modalDialog.xul
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\popup_window.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\popup_window.xul
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\searchprotectionprefs.js
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\content\toolbar\searchprotectionprefs.xul
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\locale\en-US\browser.dtd
c:\program files\UnifiedToolbar\3.3\Firefox\chrome\skin\toolbar\flashshell.html
c:\program files\UnifiedToolbar\3.3\Firefox\components\AGUTBConfig.js
c:\program files\UnifiedToolbar\3.3\Firefox\components\AGUTBSearch.js
c:\program files\UnifiedToolbar\3.3\Firefox\components\AGUTBSearchHistory.js
c:\program files\UnifiedToolbar\3.3\Firefox\components\AGUTBSearchProtectionEnhanced.js
c:\program files\UnifiedToolbar\3.3\Firefox\components\AGUTBWidgetConfig.js
c:\program files\UnifiedToolbar\3.3\Firefox\components\Config.xpt
c:\program files\UnifiedToolbar\3.3\Firefox\defaults\preferences\defaults.js
c:\program files\UnifiedToolbar\3.3\Firefox\install.rdf
c:\program files\UnifiedToolbar\3.3\Firefox\UnifiedToolbarKiwee.xpi
c:\program files\UnifiedToolbar\3.3\IE\agicore.dll
c:\program files\UnifiedToolbar\3.3\IE\AgiGenericToolbar.dll
c:\program files\UnifiedToolbar\3.3\IE\delight.dll
c:\program files\UnifiedToolbar\3.3\IE\dependencies.zip
c:\program files\UnifiedToolbar\3.3\IE\f_in_box.dll
c:\program files\UnifiedToolbar\3.3\IE\f_in_box__lib.dll
c:\program files\UnifiedToolbar\3.3\IE\ICSharpCode.SharpZipLib.dll
c:\program files\UnifiedToolbar\3.3\IE\Interop.SHDocVw.dll
c:\program files\UnifiedToolbar\3.3\IE\JsonExSerializer.dll
c:\program files\UnifiedToolbar\3.3\IE\log4net.dll
c:\program files\UnifiedToolbar\3.3\IE\Notifications.dll
c:\program files\UnifiedToolbar\3.3\IE\toolbar.zip
c:\program files\UnifiedToolbar\3.3\IE\UnifiedToolbar.dll
c:\program files\UnifiedToolbar\3.3\IE\Widgets.dll
c:\programdata\Spybot - Search & Destroy
c:\programdata\Spybot - Search & Destroy\Logs\Checks.110904-1615.txt
c:\programdata\Spybot - Search & Destroy\Logs\Checks.110904-1622.log
c:\programdata\Spybot - Search & Destroy\Logs\Checks.110904-1801.txt
c:\programdata\Spybot - Search & Destroy\Logs\Checks.110904-1817.log
c:\programdata\Spybot - Search & Destroy\Logs\Fixes.110904-1616.txt
c:\programdata\Spybot - Search & Destroy\Recovery\AdRotator.zip
c:\programdata\Spybot - Search & Destroy\Recovery\AdRotator1.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM1.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM10.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM100.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM101.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM102.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM103.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM104.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM105.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM106.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM107.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM108.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM109.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM11.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM110.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM111.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM112.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM113.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM114.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM115.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM116.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM117.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM118.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM119.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM12.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM120.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM121.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM122.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM123.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM124.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM125.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM13.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM14.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM15.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM16.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM17.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM18.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM19.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM2.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM20.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM21.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM22.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM23.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM24.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM25.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM26.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM27.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM28.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM29.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM3.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM30.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM31.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM32.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM33.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM34.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM35.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM36.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM37.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM38.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM39.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM4.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM40.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM41.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM42.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM43.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM44.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM45.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM46.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM47.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM48.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM49.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM5.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM50.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM51.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM52.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM53.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM54.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM55.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM56.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM57.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM58.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM59.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM6.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM60.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM61.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM62.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM63.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM64.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM65.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM66.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM67.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM68.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM69.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM7.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM70.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM71.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM72.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM73.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM74.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM75.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM76.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM77.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM78.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM79.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM8.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM80.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM81.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM82.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM83.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM84.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM85.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM86.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM87.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM88.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM89.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM9.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM90.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM91.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM92.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM93.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM94.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM95.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM96.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM97.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM98.zip
c:\programdata\Spybot - Search & Destroy\Recovery\SweetIM99.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinAgentfbx.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinAVKillsvce.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinFraudLoadedt.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinFraudLoadedt1.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinFraudLoadedt2.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinFraudLoadedt3.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinFraudLoadedt4.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinFraudLoadedt5.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinFraudLoadedt6.zip
c:\programdata\Spybot - Search & Destroy\Recovery\WinPalevo.zip
c:\windows\System32\znwmndrw.dll
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Application Updater
-------\Service_mmsajscc
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-08-07 au 2011-09-07 ))))))))))))))))))))))))))))))))))))
.
.
2011-09-07 18:33 . 2011-09-07 18:35 -------- d-----w- c:\users\breton\AppData\Local\temp
2011-09-07 15:53 . 2011-09-07 16:27 -------- d-----w- C:\eddie
2011-09-07 07:48 . 2011-09-07 07:48 -------- d-----w- C:\TDSSKiller
2011-09-06 11:11 . 2011-09-06 11:12 -------- d-----w- C:\Kill'em
2011-09-05 10:46 . 2011-02-15 17:16 86016 ----a-w- c:\program files\Common Files\Microsoft Shared\Windows Live\msimg32.dll
2011-09-05 10:34 . 2011-08-16 06:48 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6E028A9D-6076-4A07-8C9E-4FA7E73CBED3}\mpengine.dll
2011-09-05 10:34 . 2011-09-05 10:37 -------- d-----w- C:\ZHP
2011-09-05 10:34 . 2011-09-06 10:51 -------- d-----w- c:\program files\ZHPDiag
2011-08-30 18:25 . 2011-08-30 18:25 -------- d-----w- c:\users\breton\AppData\Roaming\Malwarebytes
2011-08-30 18:25 . 2011-08-30 18:25 -------- d-----w- c:\programdata\Malwarebytes
2011-08-30 18:15 . 2011-08-12 06:19 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-08-30 18:15 . 2011-08-12 06:19 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-08-30 18:15 . 2011-08-12 06:19 785368 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-08-30 18:15 . 2011-08-12 06:19 478168 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-08-30 18:15 . 2011-08-12 06:19 1846232 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-08-30 18:15 . 2011-08-12 06:19 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-08-30 18:15 . 2011-08-12 03:15 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-08-30 18:15 . 2011-08-12 03:15 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-08-30 17:50 . 2011-08-30 17:50 -------- d--h--w- c:\programdata\Common Files
2011-08-30 17:43 . 2011-08-30 17:50 -------- d-----w- c:\programdata\MFAData
2011-08-29 22:52 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-29 22:52 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 06:19 . 2011-08-30 18:15 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
[code]<pre>
c:\program files\Common Files\Java\Java Update\jusched .exe
</pre>/code
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"= "mscoree.dll" [2009-11-08 297808]
.
[HKEY_CLASSES_ROOT\clsid\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}]
[HKEY_CLASSES_ROOT\agihelper.AGUtils]
[HKEY_CLASSES_ROOT\TypeLib\{647B16D8-AD7B-4983-82D7-82A270FC9E6D}]
[HKEY_CLASSES_ROOT\agcutils.AGSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}]
2009-11-08 08:55 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53 165184 ----a-w- c:\program files\SFR\Kit\SFRNavErrorHelper.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1c99b848-84cb-4ce4-8cd8-ed5719484d9f}"= "mscoree.dll" [2009-11-08 297808]
.
[HKEY_CLASSES_ROOT\clsid\{1c99b848-84cb-4ce4-8cd8-ed5719484d9f}]
[HKEY_CLASSES_ROOT\UnifiedToolbar.UnifiedToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"MsnMsgr"="~c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [N/A]
"Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props .exe" [N/A]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 4669440]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-06-27 752136]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-25 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-25 8470528]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-25 81920]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-07-21 2048352]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2008-09-19 615696]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2008-08-26 236016]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-07-11 39940]
"KiweeHook"="c:\program files\Kiwee Toolbar\3.3\kwtbaim.exe" [2011-02-15 53248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-8-10 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2009-12-03 09:12 976320 ----a-w- c:\program files\Epson Software\Event Manager\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
c:\program files\SweetIM\Messenger\SweetIM.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
R2 AGCoreService;AG Core Services;c:\program files\AGI\core\4.2.0.10754\AGCoreService.exe [2011-09-05 20480]
R2 ALaunchService;ALaunch Service;c:\acer\ALaunch\ALaunchSvc.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2009-03-30 66368]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [x]
R2 ServiceSFRABCD;Service SFR Gestionnaire Connexion;c:\program files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2008-10-29 7680]
R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2008-10-13 110080]
R3 ZTEusbvoice;ZTE VoUSB Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys [2008-10-15 104960]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 16184]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 13560]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-06-05 179712]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
.
2011-06-08 c:\windows\Tasks\WinMaximizer-breton-Startup.job
- c:\program files\WinMaximizer\WinMaximizer.exe [2011-06-08 14:21]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
FF - ProfilePath - c:\users\breton\AppData\Roaming\Mozilla\Firefox\Profiles\v3g834g7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&q=
.
- - - - ORPHELINS SUPPRIMES - - - -
.
BHO-{C2F888D2-172D-2363-5B1F-EB51813D3E97} - c:\windows\system32\znwmndrw.dll
ShellIconOverlayIdentifiers-{C2F888D2-172D-2363-5B1F-EB51813D3E97} - c:\windows\system32\znwmndrw.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-07 20:35
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\conime.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\RtHDVCpl.exe
c:\program files\Launch Manager\LManager.exe
c:\windows\System32\rundll32.exe
c:\program files\AVG\AVG8\avgtray.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Heure de fin: 2011-09-07 20:42:15 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-09-07 18:42
ComboFix2.txt 2011-09-07 16:27
.
Avant-CF: 8 830 947 328 octets libres
Après-CF: 8 681 775 104 octets libres
.
- - End Of File - - F2F2EB5CED4965BB7755F6221766BDA4
0
Réponse 18 / 44
Utilisateur anonyme
7 sept. 2011 à 20:53
Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :

c:\program files\WinMaximizer\WinMaximizer.exe

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
0
Réponse 19 / 44
furtif60
7 sept. 2011 à 21:28
voici le lien

http://www.virustotal.com/file-scan/report.html?id=aaf20a0c942f752d25bff352b601cb7fa2d7f89d328de0124e050914956ab76e-1315422769
0
Réponse 20 / 44
Utilisateur anonyme
7 sept. 2011 à 21:34
tu peux le desinstaller ce logiciel pourri ?
0