Sujet Précédent Sujet Suivant

Virus puissant impossible à virer, help!!!

Résolu/Fermé
seriousjn Messages postés 15 Date d'inscription vendredi 16 septembre 2011 Statut Membre Dernière intervention 27 octobre 2011 - 16 sept. 2011 à 15:39
sonia34mtp Messages postés 26 Date d'inscription mercredi 14 septembre 2011 Statut Membre Dernière intervention 4 octobre 2011 - 18 sept. 2011 à 00:38
Bonjour, Depuis quelques temps, je me suis ramassé un virus extrémement désagréable qui modifie mes paramétres réseau et qui gére l'accés a certains programmes (Windows ne parvient pas à accéder au périphérique, au chemin d'accés ou au fichier spécifié, vous ne disposez peut-etre pas des autorisations appropriées pour avoir accés à l'élément).Il me bloque entre autre l'accés a certains antivirus comme Malwarebytes et ne permet pas d'effectuer les scans dans leur entiéreté.Mon pc n'était pas protégé par un firewall ni par un antivirus et il fonctionnait à merveille depuis des années jusqu'a ce qu'il se mette a me telecharger un faux antivirus.Avast a detecté un virus mais ne parvient pas a le mettre en quarantaine car celui-ci,nommé 2916211983.exe dans le processus, n'existe soi-disant pas.Lorsque j'arrive a aller sur internet et que je souhaite aller sur un site, je me retrouve continuellement sur la page d'une pub de voiture allemande.Quelqu'un aurait il eut le meme genre de probleme, et l'a t'il résolu?Je ne dispose que d'une trés petite marge de manoeuvre étant donné que chaque programme éxécuté se retrouve bloqué par la suite (par contre tout ce qui est logiciel audio ou jeu fonctionne parfaitement).

Merci d'avance pour votre aide!!!


A voir également:

12 réponses

Réponse 1 / 12
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
16 sept. 2011 à 15:42
Salut,

Infection Zaccess.

Sauvegarde tes documents et poste le rapport ici de Zaccess Remover : https://www.malekal.com/zeroaccesssirefef-remover/

~~

Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Poste le rapport ici.
1
Réponse 2 / 12
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
16 sept. 2011 à 17:33
Fais plus attention à l'avenir....

Maintiens tes logiciels à jour c'est important, utilise ce programme : /faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
Absolument à faire.

Les antivirus ne font pas tout en ce qui concerne la sécurité de ta machine (mettre à jour ses logiciels etc etc)
La meilleur protection reste de connaître les infections pour pouvoir les éviter et avoir de bonne habitude.
Donc faut se documenter.

Si tu utilises Avast! ou AVG - regle le pour détecter les LPIs - voir : https://www.malekal.com/adwares-pup-protection/

Un peu de lecture pour éviter les infections :
- connaitre et éviter les infections : https://www.malekal.com/fichiers/projetantimalwares/ProjetAntiMalware-courte.pdf
- sécuriser son PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html
- lire : http://www.commentcamarche.net/faq/27128-malwares-quels-enjeux-version-synthese

Ce qu'il ne faut pas faire :
Je télécharge n'importe quoi - je m'infecte - evite les programmes par publicités ou sur les liens commerciaux des moteurs de recherche - ce sont des arnaques ::
Les PUPs/LPIs : https://www.malekal.com/adwares-pup-protection/
Exemple de ce qu'il ne faut pas faire :
https://forums.commentcamarche.net/forum/affich-19719198-onglets-pub-intempestifs#14
https://forums.commentcamarche.net/forum/affich-18347759-le-nouveau-avast-sonne-trop-souvent#9
Je télécharge depuis n'importe où - je m'infecte : https://forums.commentcamarche.net/forum/affich-19916973-clickpotato-vlc-virus#6
Recommandations sur la sécurité : https://forums.commentcamarche.net/forum/affich-18680013-windows-7-et-antispyware#1

Fonctionnement de quelques catégories de malwares :
https://forums.commentcamarche.net/forum/affich-17725521-virus-programme-troyen
https://forums.commentcamarche.net/forum/affich-17746390-concernant-la-propagation-des-virus

Si tu as des questions sur le fonctionement des malwares.
N'hésite pas.

1
sonia34mtp Messages postés 26 Date d'inscription mercredi 14 septembre 2011 Statut Membre Dernière intervention 4 octobre 2011
18 sept. 2011 à 00:38
bonjour. j'ai moi aussi un gros pb avec mon pc. pourriez vous m'aider svp je suis désespèrée
0
Réponse 3 / 12
juju666 Messages postés 35445 Date d'inscription jeudi 18 décembre 2008 Statut Contributeur sécurité Dernière intervention 5 mai 2017 4 795
16 sept. 2011 à 15:43
Bonjour,

Fais ça : https://www.commentcamarche.net/faq/29469-utilisation-de-pre-scan

Ensuite tu colle un rapport avec tdsskiller : https://support.kaspersky.com/fr/14421

a te lire
0
Réponse 4 / 12
seriousjn Messages postés 15 Date d'inscription vendredi 16 septembre 2011 Statut Membre Dernière intervention 27 octobre 2011
16 sept. 2011 à 16:10
Voici le résultat du scan de Zacess Remover:

Webroot AntiZeroAccess 0.8 Log File
Execution time: 16/09/2011 - 15:56
Host operation System: Windows Vista X86 version 6.0.6001 Service Pack 1
15:56:25 - CheckSystem - Begin to check system...
15:56:25 - OpenRootDrive - Opening system root volume and physical drive....
15:56:25 - C Root Drive: Disk number: 0 Start sector: 0x00000800 Partition Size: 0x70AFB800 sectors.
15:56:25 - PrevX Main driver extracted in "C:\Windows\system32\drivers\ZeroAccess.sys".
15:56:25 - InstallAndStartDriver - Main driver was installed and now is running.
15:56:25 - CheckSystem - Warning! Disk class driver is INFECTED.
15:56:27 - CheckFile - Unable to read "sptd.sys" file. CreateFile last eror: 0x00000020.
15:56:27 - CheckFile - Warning! File "tdx.sys" is Infected by ZeroAccess Rootkit.
15:56:39 - DoRepair - Begin to perform system repair....
15:56:39 - DoRepair - System Disk class driver was repaired.
15:56:39 - DoRepair - Infected "tdx.sys" file was renamed.
15:56:39 - DoRepair - Infected "tdx.sys" file was successfully cleaned!
15:56:39 - FindAndDestroySelfDefenseDriver can't analyze "sptd.sys". CreateFile last error: 32
15:56:39 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.
15:56:39 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!
15:56:39 - Execution Ended!



Celui de TDSSKiller à présent (trés long,désolé si je fais une erreur de manîp)

2011/09/16 16:00:08.0084 3932 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/16 16:00:08.0121 3932 ================================================================================
2011/09/16 16:00:08.0121 3932 SystemInfo:
2011/09/16 16:00:08.0121 3932
2011/09/16 16:00:08.0121 3932 OS Version: 6.0.6001 ServicePack: 1.0
2011/09/16 16:00:08.0121 3932 Product type: Workstation
2011/09/16 16:00:08.0121 3932 ComputerName: JN1985
2011/09/16 16:00:08.0121 3932 UserName: JN
2011/09/16 16:00:08.0121 3932 Windows directory: C:\Windows
2011/09/16 16:00:08.0121 3932 System windows directory: C:\Windows
2011/09/16 16:00:08.0121 3932 Processor architecture: Intel x86
2011/09/16 16:00:08.0121 3932 Number of processors: 4
2011/09/16 16:00:08.0121 3932 Page size: 0x1000
2011/09/16 16:00:08.0121 3932 Boot type: Normal boot
2011/09/16 16:00:08.0121 3932 ================================================================================
2011/09/16 16:00:11.0315 3932 Initialize success
2011/09/16 16:00:14.0978 4032 ================================================================================
2011/09/16 16:00:14.0978 4032 Scan started
2011/09/16 16:00:14.0978 4032 Mode: Manual;
2011/09/16 16:00:14.0978 4032 ================================================================================
2011/09/16 16:00:15.0370 4032 522e22f0 (8f2bb1827cac01aee6a16e30a1260199) C:\Windows\4028771922:2916211983.exe
2011/09/16 16:00:15.0370 4032 Suspicious file (Hidden): C:\Windows\4028771922:2916211983.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/16 16:00:15.0375 4032 522e22f0 - detected HiddenFile.Multi.Generic (1)
2011/09/16 16:00:15.0484 4032 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/09/16 16:00:15.0510 4032 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/09/16 16:00:15.0529 4032 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/09/16 16:00:15.0545 4032 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/09/16 16:00:15.0561 4032 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/09/16 16:00:15.0625 4032 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/09/16 16:00:15.0641 4032 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/09/16 16:00:15.0661 4032 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/16 16:00:15.0692 4032 alcan5wn (0940030d5a5869067ccc03e3b0b8dec7) C:\Windows\system32\DRIVERS\alcan5wn.sys
2011/09/16 16:00:15.0734 4032 alcaudsl (4c9577888c53243e2991456f510488a1) C:\Windows\system32\DRIVERS\alcaudsl.sys
2011/09/16 16:00:15.0756 4032 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/09/16 16:00:15.0768 4032 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/09/16 16:00:15.0789 4032 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/09/16 16:00:15.0817 4032 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/09/16 16:00:15.0830 4032 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/09/16 16:00:15.0889 4032 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/09/16 16:00:15.0904 4032 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/09/16 16:00:15.0957 4032 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/16 16:00:15.0991 4032 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/09/16 16:00:16.0052 4032 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/09/16 16:00:16.0104 4032 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/16 16:00:16.0156 4032 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/09/16 16:00:16.0219 4032 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/16 16:00:16.0247 4032 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/16 16:00:16.0280 4032 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/16 16:00:16.0302 4032 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/16 16:00:16.0316 4032 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/16 16:00:16.0331 4032 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/16 16:00:16.0346 4032 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/16 16:00:16.0362 4032 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/16 16:00:16.0386 4032 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/16 16:00:16.0405 4032 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/16 16:00:16.0429 4032 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/16 16:00:16.0510 4032 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/09/16 16:00:16.0563 4032 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/09/16 16:00:16.0581 4032 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2011/09/16 16:00:16.0605 4032 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/09/16 16:00:16.0618 4032 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/09/16 16:00:16.0663 4032 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/09/16 16:00:16.0720 4032 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/09/16 16:00:16.0761 4032 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/16 16:00:16.0796 4032 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/16 16:00:16.0840 4032 e1express (2db565612e74e0c01780670270a6fd7f) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/09/16 16:00:16.0876 4032 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/16 16:00:16.0920 4032 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/09/16 16:00:16.0955 4032 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/09/16 16:00:17.0015 4032 epmntdrv (539ca34fbc74ec366a0d751028c32a08) C:\Windows\system32\epmntdrv.sys
2011/09/16 16:00:17.0027 4032 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/09/16 16:00:17.0064 4032 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\Windows\system32\EuGdiDrv.sys
2011/09/16 16:00:17.0117 4032 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/09/16 16:00:17.0132 4032 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/09/16 16:00:17.0151 4032 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/16 16:00:17.0232 4032 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/16 16:00:17.0248 4032 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/16 16:00:17.0267 4032 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/16 16:00:17.0295 4032 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/09/16 16:00:17.0372 4032 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
2011/09/16 16:00:17.0412 4032 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/16 16:00:17.0432 4032 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/16 16:00:17.0512 4032 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/16 16:00:17.0545 4032 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/16 16:00:17.0557 4032 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/16 16:00:17.0596 4032 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/09/16 16:00:17.0626 4032 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/16 16:00:17.0642 4032 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/09/16 16:00:17.0690 4032 HTTP (406c027c18e98a396faa1963dad5ff70) C:\Windows\system32\drivers\HTTP.sys
2011/09/16 16:00:17.0707 4032 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/09/16 16:00:17.0722 4032 i8042prt (609ced68db8d598db9e15f91422a5bb3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/16 16:00:17.0722 4032 Suspicious file (Forged): C:\Windows\system32\DRIVERS\i8042prt.sys. Real md5: 609ced68db8d598db9e15f91422a5bb3, Fake md5: 22d56c8184586b7a1f6fa60be5f5a2bd
2011/09/16 16:00:17.0730 4032 i8042prt - detected Rootkit.Win32.ZAccess.c (0)
2011/09/16 16:00:17.0761 4032 iaStor (28aae599496b4930b3f19026f2083bc4) C:\Windows\system32\DRIVERS\iaStor.sys
2011/09/16 16:00:17.0796 4032 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/09/16 16:00:17.0820 4032 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/16 16:00:17.0915 4032 IntcAzAudAddService (2e06052066ce4489cdfbfb8329ea52b1) C:\Windows\system32\drivers\RTKVHDA.sys
2011/09/16 16:00:17.0952 4032 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/09/16 16:00:17.0976 4032 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/16 16:00:17.0993 4032 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/16 16:00:18.0057 4032 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/16 16:00:18.0072 4032 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/16 16:00:18.0098 4032 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/16 16:00:18.0116 4032 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/09/16 16:00:18.0141 4032 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/16 16:00:18.0161 4032 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/16 16:00:18.0173 4032 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/16 16:00:18.0188 4032 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/16 16:00:18.0210 4032 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/16 16:00:18.0260 4032 KSecDD (5367dc846cae9639b899bfd13b97a8c9) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/16 16:00:18.0318 4032 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/09/16 16:00:18.0342 4032 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/16 16:00:18.0367 4032 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/16 16:00:18.0383 4032 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/16 16:00:18.0397 4032 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/16 16:00:18.0422 4032 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/16 16:00:18.0443 4032 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/09/16 16:00:18.0466 4032 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/09/16 16:00:18.0489 4032 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/16 16:00:18.0538 4032 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/16 16:00:18.0550 4032 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/16 16:00:18.0569 4032 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/16 16:00:18.0582 4032 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/16 16:00:18.0597 4032 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/09/16 16:00:18.0655 4032 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/16 16:00:18.0672 4032 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/16 16:00:18.0688 4032 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/09/16 16:00:18.0717 4032 mrxsmb (c4ad205530888404e2b5fc8d9319b119) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/16 16:00:18.0757 4032 mrxsmb10 (0a986b34f1678a2697574d7b1664e2dd) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/16 16:00:18.0822 4032 mrxsmb20 (3268b8c3fa92bfc086355c39b45e9cc9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/16 16:00:18.0837 4032 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/09/16 16:00:18.0852 4032 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/09/16 16:00:18.0886 4032 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/16 16:00:18.0900 4032 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/16 16:00:19.0000 4032 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/16 16:00:19.0041 4032 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/16 16:00:19.0056 4032 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/16 16:00:19.0088 4032 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/09/16 16:00:19.0118 4032 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/16 16:00:19.0132 4032 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/16 16:00:19.0153 4032 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/09/16 16:00:19.0188 4032 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/16 16:00:19.0219 4032 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/09/16 16:00:19.0244 4032 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/16 16:00:19.0278 4032 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/16 16:00:19.0291 4032 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/16 16:00:19.0305 4032 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/16 16:00:19.0353 4032 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/16 16:00:19.0382 4032 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/16 16:00:19.0446 4032 netr28u (2e812881ec96e80eae304877ed90206b) C:\Windows\system32\DRIVERS\netr28u.sys
2011/09/16 16:00:19.0480 4032 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/16 16:00:19.0501 4032 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/09/16 16:00:19.0530 4032 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/16 16:00:19.0572 4032 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/09/16 16:00:19.0617 4032 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/16 16:00:19.0629 4032 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/16 16:00:19.0708 4032 NVHDA (92cfe8964b3a6da0692331fa66630db3) C:\Windows\system32\drivers\nvhda32v.sys
2011/09/16 16:00:19.0973 4032 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/09/16 16:00:20.0036 4032 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/09/16 16:00:20.0064 4032 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/09/16 16:00:20.0080 4032 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/09/16 16:00:20.0161 4032 NxpCap (35ebe490c993f39091ce7bf89e725b0c) C:\Windows\system32\DRIVERS\NxpCap.sys
2011/09/16 16:00:20.0234 4032 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/16 16:00:20.0260 4032 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/16 16:00:20.0322 4032 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/09/16 16:00:20.0340 4032 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/16 16:00:20.0396 4032 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/09/16 16:00:20.0427 4032 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/09/16 16:00:20.0444 4032 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/09/16 16:00:20.0474 4032 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/16 16:00:20.0512 4032 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/16 16:00:20.0603 4032 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/16 16:00:20.0615 4032 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/09/16 16:00:20.0662 4032 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/16 16:00:20.0684 4032 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/09/16 16:00:20.0718 4032 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/09/16 16:00:20.0760 4032 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/16 16:00:20.0782 4032 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/16 16:00:20.0797 4032 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/16 16:00:20.0855 4032 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/16 16:00:20.0872 4032 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/16 16:00:20.0887 4032 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/16 16:00:20.0916 4032 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/16 16:00:20.0939 4032 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/16 16:00:20.0958 4032 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/09/16 16:00:20.0972 4032 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/16 16:00:20.0995 4032 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/09/16 16:00:21.0078 4032 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/16 16:00:21.0095 4032 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/16 16:00:21.0133 4032 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/16 16:00:21.0173 4032 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/16 16:00:21.0192 4032 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/09/16 16:00:21.0205 4032 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/16 16:00:21.0255 4032 sfdrv01 (b7018644e132a8dfb12ed90106e06739) C:\Windows\system32\drivers\sfdrv01.sys
2011/09/16 16:00:21.0273 4032 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/09/16 16:00:21.0289 4032 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/16 16:00:21.0308 4032 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/16 16:00:21.0330 4032 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\Windows\system32\drivers\sfhlp02.sys
2011/09/16 16:00:21.0342 4032 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/16 16:00:21.0389 4032 sfvfs02 (197cef62eb4bc043e1578529fa2b9a48) C:\Windows\system32\drivers\sfvfs02.sys
2011/09/16 16:00:21.0456 4032 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/09/16 16:00:21.0470 4032 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/09/16 16:00:21.0509 4032 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/09/16 16:00:21.0555 4032 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/09/16 16:00:21.0582 4032 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/16 16:00:21.0661 4032 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys
2011/09/16 16:00:21.0661 4032 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/09/16 16:00:21.0666 4032 sptd - detected LockedFile.Multi.Generic (1)
2011/09/16 16:00:21.0713 4032 srv (73dddbeec61e78568082916a27aadaee) C:\Windows\system32\DRIVERS\srv.sys
2011/09/16 16:00:21.0777 4032 srv2 (805fac010405ad3f82ef8df0bb035d81) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/16 16:00:21.0809 4032 srvnet (f63a0a58aafe34d7a1a0a74abccdd9c0) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/16 16:00:21.0893 4032 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\Windows\system32\DRIVERS\ss_bbus.sys
2011/09/16 16:00:21.0945 4032 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
2011/09/16 16:00:21.0986 4032 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\Windows\system32\DRIVERS\ss_bmdm.sys
2011/09/16 16:00:22.0029 4032 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/16 16:00:22.0097 4032 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/16 16:00:22.0125 4032 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/16 16:00:22.0137 4032 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/16 16:00:22.0224 4032 Tcpip (82e266bee5f0167e41c6ecfdd2a79c02) C:\Windows\system32\drivers\tcpip.sys
2011/09/16 16:00:22.0267 4032 Tcpip6 (82e266bee5f0167e41c6ecfdd2a79c02) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/16 16:00:22.0310 4032 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/16 16:00:22.0352 4032 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/16 16:00:22.0365 4032 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/16 16:00:22.0394 4032 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/16 16:00:22.0437 4032 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/16 16:00:22.0475 4032 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/16 16:00:22.0509 4032 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/16 16:00:22.0521 4032 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/16 16:00:22.0537 4032 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/09/16 16:00:22.0555 4032 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/16 16:00:22.0582 4032 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/16 16:00:22.0604 4032 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/09/16 16:00:22.0619 4032 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/16 16:00:22.0635 4032 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/16 16:00:22.0649 4032 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/16 16:00:22.0703 4032 usbaudio (f89033df77b636621cf6b090f7e1913d) C:\Windows\system32\drivers\usbaudio.sys
2011/09/16 16:00:22.0737 4032 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/16 16:00:22.0750 4032 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/16 16:00:22.0773 4032 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/16 16:00:22.0799 4032 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/16 16:00:22.0863 4032 USBMULCD (6a1806c697d148485d7af949b1eaf2fc) C:\Windows\system32\drivers\CM106.sys
2011/09/16 16:00:22.0906 4032 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/09/16 16:00:22.0939 4032 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/16 16:00:22.0964 4032 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/16 16:00:22.0993 4032 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/16 16:00:23.0022 4032 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/16 16:00:23.0049 4032 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/16 16:00:23.0065 4032 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/16 16:00:23.0092 4032 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/09/16 16:00:23.0107 4032 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/09/16 16:00:23.0122 4032 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/09/16 16:00:23.0155 4032 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/16 16:00:23.0200 4032 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/09/16 16:00:23.0229 4032 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/09/16 16:00:23.0257 4032 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/09/16 16:00:23.0295 4032 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/16 16:00:23.0332 4032 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/16 16:00:23.0342 4032 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/16 16:00:23.0365 4032 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/09/16 16:00:23.0385 4032 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/16 16:00:23.0479 4032 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/16 16:00:23.0535 4032 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/16 16:00:23.0548 4032 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/16 16:00:23.0591 4032 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/16 16:00:23.0673 4032 X10Hid (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys
2011/09/16 16:00:23.0710 4032 XUIF (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys
2011/09/16 16:00:23.0730 4032 MBR (0x1B8) (04d4350ae5fb6fc2ad3e7c26b1323c68) \Device\Harddisk0\DR0
2011/09/16 16:00:23.0738 4032 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/09/16 16:00:24.0214 4032 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk4\DR4
2011/09/16 16:00:24.0229 4032 Boot (0x1200) (9b2346f1163d18f4f7e805a579e7aef0) \Device\Harddisk0\DR0\Partition0
2011/09/16 16:00:24.0260 4032 Boot (0x1200) (999c5453191163af64bc6b94a13ccaf7) \Device\Harddisk0\DR0\Partition1
2011/09/16 16:00:24.0269 4032 Boot (0x1200) (f9c7619725c3b776ccfa592bc751db05) \Device\Harddisk4\DR4\Partition0
2011/09/16 16:00:24.0277 4032 ================================================================================
2011/09/16 16:00:24.0277 4032 Scan finished
2011/09/16 16:00:24.0277 4032 ================================================================================
2011/09/16 16:00:24.0288 4024 Detected object count: 4
2011/09/16 16:00:24.0288 4024 Actual detected object count: 4
2011/09/16 16:00:40.0439 4024 HiddenFile.Multi.Generic(522e22f0) - User select action: Skip
2011/09/16 16:00:40.0526 4024 i8042prt (609ced68db8d598db9e15f91422a5bb3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/16 16:00:40.0527 4024 Suspicious file (Forged): C:\Windows\system32\DRIVERS\i8042prt.sys. Real md5: 609ced68db8d598db9e15f91422a5bb3, Fake md5: 22d56c8184586b7a1f6fa60be5f5a2bd
2011/09/16 16:00:45.0441 4024 Backup copy not found, trying to cure infected file..
2011/09/16 16:00:45.0442 4024 Cure success, using it..
2011/09/16 16:00:45.0449 4024 C:\Windows\system32\DRIVERS\i8042prt.sys - will be cured after reboot
2011/09/16 16:00:45.0449 4024 Rootkit.Win32.ZAccess.c(i8042prt) - User select action: Cure
2011/09/16 16:00:45.0449 4024 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/09/16 16:00:45.0521 4024 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/09/16 16:00:45.0521 4024 \Device\Harddisk0\DR0 - ok
2011/09/16 16:00:45.0522 4024 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/09/16 16:00:59.0273 3916 Deinitialize success


Le virus n'apparait plus dans le processus.

Un tout grand merci.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 12
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
16 sept. 2011 à 16:15
Refais un TDSSKiller pour voir.
0
Réponse 6 / 12
seriousjn Messages postés 15 Date d'inscription vendredi 16 septembre 2011 Statut Membre Dernière intervention 27 octobre 2011
16 sept. 2011 à 16:21
Voici ce qu'il me donne:

2011/09/16 16:15:44.0693 1840 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/16 16:15:44.0767 1840 ================================================================================
2011/09/16 16:15:44.0767 1840 SystemInfo:
2011/09/16 16:15:44.0767 1840
2011/09/16 16:15:44.0767 1840 OS Version: 6.0.6001 ServicePack: 1.0
2011/09/16 16:15:44.0767 1840 Product type: Workstation
2011/09/16 16:15:44.0767 1840 ComputerName: JN1985
2011/09/16 16:15:44.0767 1840 UserName: JN
2011/09/16 16:15:44.0767 1840 Windows directory: C:\Windows
2011/09/16 16:15:44.0767 1840 System windows directory: C:\Windows
2011/09/16 16:15:44.0767 1840 Processor architecture: Intel x86
2011/09/16 16:15:44.0767 1840 Number of processors: 4
2011/09/16 16:15:44.0767 1840 Page size: 0x1000
2011/09/16 16:15:44.0767 1840 Boot type: Normal boot
2011/09/16 16:15:44.0767 1840 ================================================================================
2011/09/16 16:15:45.0843 1840 Initialize success
2011/09/16 16:15:48.0141 3248 ================================================================================
2011/09/16 16:15:48.0141 3248 Scan started
2011/09/16 16:15:48.0141 3248 Mode: Manual;
2011/09/16 16:15:48.0141 3248 ================================================================================
2011/09/16 16:15:48.0486 3248 522e22f0 (8f2bb1827cac01aee6a16e30a1260199) C:\Windows\4028771922:2916211983.exe
2011/09/16 16:15:48.0486 3248 Suspicious file (Hidden): C:\Windows\4028771922:2916211983.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/16 16:15:48.0491 3248 522e22f0 - detected HiddenFile.Multi.Generic (1)
2011/09/16 16:15:48.0600 3248 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/09/16 16:15:48.0626 3248 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/09/16 16:15:48.0649 3248 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/09/16 16:15:48.0667 3248 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/09/16 16:15:48.0684 3248 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/09/16 16:15:48.0730 3248 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/09/16 16:15:48.0756 3248 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/09/16 16:15:48.0777 3248 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/16 16:15:48.0808 3248 alcan5wn (0940030d5a5869067ccc03e3b0b8dec7) C:\Windows\system32\DRIVERS\alcan5wn.sys
2011/09/16 16:15:48.0839 3248 alcaudsl (4c9577888c53243e2991456f510488a1) C:\Windows\system32\DRIVERS\alcaudsl.sys
2011/09/16 16:15:48.0861 3248 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/09/16 16:15:48.0875 3248 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/09/16 16:15:48.0916 3248 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/09/16 16:15:48.0933 3248 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/09/16 16:15:48.0946 3248 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/09/16 16:15:49.0016 3248 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/09/16 16:15:49.0033 3248 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/09/16 16:15:49.0084 3248 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/16 16:15:49.0107 3248 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/09/16 16:15:49.0157 3248 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/09/16 16:15:49.0220 3248 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/16 16:15:49.0272 3248 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/09/16 16:15:49.0336 3248 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/16 16:15:49.0364 3248 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/16 16:15:49.0385 3248 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/16 16:15:49.0419 3248 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/16 16:15:49.0433 3248 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/16 16:15:49.0449 3248 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/16 16:15:49.0467 3248 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/16 16:15:49.0483 3248 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/16 16:15:49.0509 3248 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/16 16:15:49.0532 3248 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/16 16:15:49.0567 3248 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/16 16:15:49.0648 3248 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/09/16 16:15:49.0713 3248 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/09/16 16:15:49.0731 3248 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2011/09/16 16:15:49.0755 3248 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/09/16 16:15:49.0768 3248 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/09/16 16:15:49.0803 3248 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/09/16 16:15:49.0847 3248 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/09/16 16:15:49.0882 3248 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/16 16:15:49.0913 3248 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/16 16:15:49.0956 3248 e1express (2db565612e74e0c01780670270a6fd7f) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/09/16 16:15:49.0981 3248 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/16 16:15:50.0014 3248 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/09/16 16:15:50.0060 3248 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/09/16 16:15:50.0120 3248 epmntdrv (539ca34fbc74ec366a0d751028c32a08) C:\Windows\system32\epmntdrv.sys
2011/09/16 16:15:50.0147 3248 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/09/16 16:15:50.0180 3248 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\Windows\system32\EuGdiDrv.sys
2011/09/16 16:15:50.0222 3248 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/09/16 16:15:50.0237 3248 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/09/16 16:15:50.0256 3248 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/16 16:15:50.0326 3248 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/16 16:15:50.0342 3248 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/16 16:15:50.0361 3248 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/16 16:15:50.0389 3248 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/09/16 16:15:50.0432 3248 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
2011/09/16 16:15:50.0461 3248 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/16 16:15:50.0474 3248 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/16 16:15:50.0561 3248 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/16 16:15:50.0583 3248 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/16 16:15:50.0595 3248 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/16 16:15:50.0624 3248 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/09/16 16:15:50.0653 3248 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/16 16:15:50.0670 3248 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/09/16 16:15:50.0695 3248 HTTP (406c027c18e98a396faa1963dad5ff70) C:\Windows\system32\drivers\HTTP.sys
2011/09/16 16:15:50.0711 3248 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/09/16 16:15:50.0727 3248 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/16 16:15:50.0755 3248 iaStor (28aae599496b4930b3f19026f2083bc4) C:\Windows\system32\DRIVERS\iaStor.sys
2011/09/16 16:15:50.0779 3248 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/09/16 16:15:50.0804 3248 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/16 16:15:50.0876 3248 IntcAzAudAddService (2e06052066ce4489cdfbfb8329ea52b1) C:\Windows\system32\drivers\RTKVHDA.sys
2011/09/16 16:15:50.0902 3248 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/09/16 16:15:50.0926 3248 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/16 16:15:50.0943 3248 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/16 16:15:50.0997 3248 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/16 16:15:51.0013 3248 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/16 16:15:51.0047 3248 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/16 16:15:51.0065 3248 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/09/16 16:15:51.0091 3248 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/16 16:15:51.0110 3248 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/16 16:15:51.0123 3248 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/16 16:15:51.0139 3248 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/16 16:15:51.0159 3248 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/16 16:15:51.0209 3248 KSecDD (5367dc846cae9639b899bfd13b97a8c9) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/16 16:15:51.0267 3248 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/09/16 16:15:51.0292 3248 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/16 16:15:51.0318 3248 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/16 16:15:51.0334 3248 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/16 16:15:51.0350 3248 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/16 16:15:51.0371 3248 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/16 16:15:51.0394 3248 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/09/16 16:15:51.0426 3248 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/09/16 16:15:51.0447 3248 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/16 16:15:51.0499 3248 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/16 16:15:51.0511 3248 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/16 16:15:51.0530 3248 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/16 16:15:51.0543 3248 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/16 16:15:51.0559 3248 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/09/16 16:15:51.0616 3248 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/16 16:15:51.0633 3248 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/16 16:15:51.0654 3248 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/09/16 16:15:51.0689 3248 mrxsmb (c4ad205530888404e2b5fc8d9319b119) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/16 16:15:51.0729 3248 mrxsmb10 (0a986b34f1678a2697574d7b1664e2dd) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/16 16:15:51.0794 3248 mrxsmb20 (3268b8c3fa92bfc086355c39b45e9cc9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/16 16:15:51.0810 3248 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/09/16 16:15:51.0828 3248 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/09/16 16:15:51.0858 3248 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/16 16:15:51.0871 3248 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/16 16:15:51.0949 3248 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/16 16:15:51.0991 3248 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/16 16:15:52.0007 3248 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/16 16:15:52.0041 3248 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/09/16 16:15:52.0068 3248 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/16 16:15:52.0092 3248 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/16 16:15:52.0113 3248 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/09/16 16:15:52.0149 3248 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/16 16:15:52.0179 3248 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/09/16 16:15:52.0205 3248 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/16 16:15:52.0238 3248 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/16 16:15:52.0252 3248 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/16 16:15:52.0267 3248 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/16 16:15:52.0313 3248 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/16 16:15:52.0343 3248 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/16 16:15:52.0407 3248 netr28u (2e812881ec96e80eae304877ed90206b) C:\Windows\system32\DRIVERS\netr28u.sys
2011/09/16 16:15:52.0441 3248 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/16 16:15:52.0463 3248 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/09/16 16:15:52.0491 3248 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/16 16:15:52.0533 3248 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/09/16 16:15:52.0578 3248 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/16 16:15:52.0590 3248 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/16 16:15:52.0669 3248 NVHDA (92cfe8964b3a6da0692331fa66630db3) C:\Windows\system32\drivers\nvhda32v.sys
2011/09/16 16:15:52.0934 3248 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/09/16 16:15:52.0997 3248 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/09/16 16:15:53.0035 3248 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/09/16 16:15:53.0053 3248 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/09/16 16:15:53.0133 3248 NxpCap (35ebe490c993f39091ce7bf89e725b0c) C:\Windows\system32\DRIVERS\NxpCap.sys
2011/09/16 16:15:53.0206 3248 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/16 16:15:53.0233 3248 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/16 16:15:53.0293 3248 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/09/16 16:15:53.0311 3248 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/16 16:15:53.0368 3248 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/09/16 16:15:53.0399 3248 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/09/16 16:15:53.0427 3248 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/09/16 16:15:53.0457 3248 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/16 16:15:53.0495 3248 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/16 16:15:53.0597 3248 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/16 16:15:53.0609 3248 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/09/16 16:15:53.0656 3248 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/16 16:15:53.0678 3248 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/09/16 16:15:53.0712 3248 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/09/16 16:15:53.0754 3248 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/16 16:15:53.0776 3248 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/16 16:15:53.0791 3248 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/16 16:15:53.0860 3248 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/16 16:15:53.0878 3248 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/16 16:15:53.0895 3248 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/16 16:15:53.0921 3248 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/16 16:15:53.0944 3248 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/16 16:15:53.0963 3248 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/09/16 16:15:53.0978 3248 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/16 16:15:54.0000 3248 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/09/16 16:15:54.0083 3248 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/16 16:15:54.0101 3248 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/16 16:15:54.0138 3248 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/16 16:15:54.0178 3248 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/16 16:15:54.0197 3248 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/09/16 16:15:54.0222 3248 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/16 16:15:54.0271 3248 sfdrv01 (b7018644e132a8dfb12ed90106e06739) C:\Windows\system32\drivers\sfdrv01.sys
2011/09/16 16:15:54.0289 3248 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/09/16 16:15:54.0305 3248 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/16 16:15:54.0325 3248 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/16 16:15:54.0346 3248 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\Windows\system32\drivers\sfhlp02.sys
2011/09/16 16:15:54.0359 3248 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/16 16:15:54.0405 3248 sfvfs02 (197cef62eb4bc043e1578529fa2b9a48) C:\Windows\system32\drivers\sfvfs02.sys
2011/09/16 16:15:54.0472 3248 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/09/16 16:15:54.0486 3248 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/09/16 16:15:54.0525 3248 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/09/16 16:15:54.0560 3248 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/09/16 16:15:54.0587 3248 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/16 16:15:54.0667 3248 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys
2011/09/16 16:15:54.0667 3248 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/09/16 16:15:54.0672 3248 sptd - detected LockedFile.Multi.Generic (1)
2011/09/16 16:15:54.0718 3248 srv (73dddbeec61e78568082916a27aadaee) C:\Windows\system32\DRIVERS\srv.sys
2011/09/16 16:15:54.0783 3248 srv2 (805fac010405ad3f82ef8df0bb035d81) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/16 16:15:54.0814 3248 srvnet (f63a0a58aafe34d7a1a0a74abccdd9c0) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/16 16:15:54.0898 3248 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\Windows\system32\DRIVERS\ss_bbus.sys
2011/09/16 16:15:54.0939 3248 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
2011/09/16 16:15:54.0980 3248 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\Windows\system32\DRIVERS\ss_bmdm.sys
2011/09/16 16:15:55.0023 3248 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/16 16:15:55.0091 3248 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/16 16:15:55.0119 3248 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/16 16:15:55.0132 3248 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/16 16:15:55.0217 3248 Tcpip (82e266bee5f0167e41c6ecfdd2a79c02) C:\Windows\system32\drivers\tcpip.sys
2011/09/16 16:15:55.0261 3248 Tcpip6 (82e266bee5f0167e41c6ecfdd2a79c02) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/16 16:15:55.0315 3248 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/16 16:15:55.0357 3248 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/16 16:15:55.0370 3248 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/16 16:15:55.0399 3248 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/16 16:15:55.0443 3248 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/16 16:15:55.0483 3248 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/16 16:15:55.0514 3248 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/16 16:15:55.0527 3248 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/16 16:15:55.0543 3248 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/09/16 16:15:55.0561 3248 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/16 16:15:55.0590 3248 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/16 16:15:55.0620 3248 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/09/16 16:15:55.0636 3248 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/16 16:15:55.0653 3248 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/16 16:15:55.0669 3248 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/16 16:15:55.0719 3248 usbaudio (f89033df77b636621cf6b090f7e1913d) C:\Windows\system32\drivers\usbaudio.sys
2011/09/16 16:15:55.0754 3248 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/16 16:15:55.0768 3248 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/16 16:15:55.0789 3248 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/16 16:15:55.0816 3248 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/16 16:15:55.0891 3248 USBMULCD (6a1806c697d148485d7af949b1eaf2fc) C:\Windows\system32\drivers\CM106.sys
2011/09/16 16:15:55.0934 3248 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/09/16 16:15:55.0978 3248 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/16 16:15:56.0003 3248 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/16 16:15:56.0031 3248 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/16 16:15:56.0060 3248 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/16 16:15:56.0090 3248 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/16 16:15:56.0106 3248 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/16 16:15:56.0142 3248 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/09/16 16:15:56.0162 3248 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/09/16 16:15:56.0177 3248 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/09/16 16:15:56.0216 3248 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/16 16:15:56.0261 3248 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/09/16 16:15:56.0301 3248 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/09/16 16:15:56.0329 3248 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/09/16 16:15:56.0357 3248 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/16 16:15:56.0392 3248 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/16 16:15:56.0403 3248 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/16 16:15:56.0429 3248 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/09/16 16:15:56.0450 3248 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/16 16:15:56.0551 3248 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/16 16:15:56.0617 3248 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/16 16:15:56.0631 3248 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/16 16:15:56.0673 3248 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/16 16:15:56.0749 3248 X10Hid (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys
2011/09/16 16:15:56.0781 3248 XUIF (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys
2011/09/16 16:15:56.0813 3248 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/09/16 16:15:57.0288 3248 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk4\DR4
2011/09/16 16:15:57.0298 3248 Boot (0x1200) (9b2346f1163d18f4f7e805a579e7aef0) \Device\Harddisk0\DR0\Partition0
2011/09/16 16:15:57.0332 3248 Boot (0x1200) (999c5453191163af64bc6b94a13ccaf7) \Device\Harddisk0\DR0\Partition1
2011/09/16 16:15:57.0342 3248 Boot (0x1200) (f9c7619725c3b776ccfa592bc751db05) \Device\Harddisk4\DR4\Partition0
2011/09/16 16:15:57.0350 3248 ================================================================================
2011/09/16 16:15:57.0350 3248 Scan finished
2011/09/16 16:15:57.0350 3248 ================================================================================
2011/09/16 16:15:57.0362 3952 Detected object count: 2
2011/09/16 16:15:57.0362 3952 Actual detected object count: 2
2011/09/16 16:16:05.0762 3952 HiddenFile.Multi.Generic(522e22f0) - User select action: Skip
2011/09/16 16:16:05.0765 3952 LockedFile.Multi.Generic(sptd) - User select action: Skip

Toujours impossible d'aller sur un navigateur web, certains programmes toujours bloqué par le même message des autorisation refusées.
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
16 sept. 2011 à 16:29
2011/09/16 16:16:05.0762 3952 HiddenFile.Multi.Generic(522e22f0) - User select action: Skip

Faut pas faire skip mais delete sur celui-là.

Recommence et poste le rapport.
0
Réponse 7 / 12
seriousjn Messages postés 15 Date d'inscription vendredi 16 septembre 2011 Statut Membre Dernière intervention 27 octobre 2011
16 sept. 2011 à 16:46
Voici le dernier rapport en date:

2011/09/16 16:41:42.0452 1620 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/16 16:41:42.0523 1620 ================================================================================
2011/09/16 16:41:42.0523 1620 SystemInfo:
2011/09/16 16:41:42.0523 1620
2011/09/16 16:41:42.0523 1620 OS Version: 6.0.6001 ServicePack: 1.0
2011/09/16 16:41:42.0523 1620 Product type: Workstation
2011/09/16 16:41:42.0523 1620 ComputerName: JN1985
2011/09/16 16:41:42.0524 1620 UserName: JN
2011/09/16 16:41:42.0524 1620 Windows directory: C:\Windows
2011/09/16 16:41:42.0524 1620 System windows directory: C:\Windows
2011/09/16 16:41:42.0524 1620 Processor architecture: Intel x86
2011/09/16 16:41:42.0524 1620 Number of processors: 4
2011/09/16 16:41:42.0524 1620 Page size: 0x1000
2011/09/16 16:41:42.0524 1620 Boot type: Normal boot
2011/09/16 16:41:42.0524 1620 ================================================================================
2011/09/16 16:41:43.0126 1620 Initialize success
2011/09/16 16:41:44.0908 2408 ================================================================================
2011/09/16 16:41:44.0908 2408 Scan started
2011/09/16 16:41:44.0908 2408 Mode: Manual;
2011/09/16 16:41:44.0908 2408 ================================================================================
2011/09/16 16:41:45.0214 2408 522e22f0 (8f2bb1827cac01aee6a16e30a1260199) C:\Windows\4028771922:2916211983.exe
2011/09/16 16:41:45.0214 2408 Suspicious file (Hidden): C:\Windows\4028771922:2916211983.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/16 16:41:45.0219 2408 522e22f0 - detected HiddenFile.Multi.Generic (1)
2011/09/16 16:41:45.0317 2408 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/09/16 16:41:45.0343 2408 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/09/16 16:41:45.0361 2408 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/09/16 16:41:45.0375 2408 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/09/16 16:41:45.0392 2408 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/09/16 16:41:45.0448 2408 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/09/16 16:41:45.0461 2408 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/09/16 16:41:45.0483 2408 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/16 16:41:45.0514 2408 alcan5wn (0940030d5a5869067ccc03e3b0b8dec7) C:\Windows\system32\DRIVERS\alcan5wn.sys
2011/09/16 16:41:45.0545 2408 alcaudsl (4c9577888c53243e2991456f510488a1) C:\Windows\system32\DRIVERS\alcaudsl.sys
2011/09/16 16:41:45.0567 2408 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/09/16 16:41:45.0579 2408 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/09/16 16:41:45.0600 2408 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/09/16 16:41:45.0617 2408 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/09/16 16:41:45.0630 2408 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/09/16 16:41:45.0700 2408 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/09/16 16:41:45.0716 2408 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/09/16 16:41:45.0768 2408 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/16 16:41:45.0791 2408 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/09/16 16:41:45.0829 2408 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/09/16 16:41:45.0893 2408 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/16 16:41:45.0945 2408 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/09/16 16:41:46.0019 2408 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/16 16:41:46.0036 2408 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/16 16:41:46.0069 2408 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/16 16:41:46.0102 2408 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/16 16:41:46.0115 2408 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/16 16:41:46.0130 2408 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/16 16:41:46.0146 2408 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/16 16:41:46.0165 2408 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/16 16:41:46.0189 2408 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/16 16:41:46.0216 2408 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/16 16:41:46.0240 2408 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/16 16:41:46.0321 2408 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/09/16 16:41:46.0341 2408 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/09/16 16:41:46.0359 2408 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2011/09/16 16:41:46.0383 2408 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/09/16 16:41:46.0395 2408 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/09/16 16:41:46.0429 2408 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/09/16 16:41:46.0465 2408 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/09/16 16:41:46.0499 2408 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/16 16:41:46.0541 2408 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/16 16:41:46.0573 2408 e1express (2db565612e74e0c01780670270a6fd7f) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/09/16 16:41:46.0598 2408 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/16 16:41:46.0620 2408 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/09/16 16:41:46.0660 2408 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/09/16 16:41:46.0715 2408 epmntdrv (539ca34fbc74ec366a0d751028c32a08) C:\Windows\system32\epmntdrv.sys
2011/09/16 16:41:46.0730 2408 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/09/16 16:41:46.0764 2408 EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\Windows\system32\EuGdiDrv.sys
2011/09/16 16:41:46.0806 2408 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/09/16 16:41:46.0819 2408 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/09/16 16:41:46.0840 2408 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/16 16:41:46.0910 2408 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/16 16:41:46.0937 2408 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/16 16:41:46.0956 2408 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/16 16:41:46.0973 2408 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/09/16 16:41:47.0016 2408 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
2011/09/16 16:41:47.0045 2408 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/16 16:41:47.0057 2408 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/16 16:41:47.0147 2408 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/16 16:41:47.0167 2408 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/16 16:41:47.0179 2408 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/16 16:41:47.0207 2408 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/09/16 16:41:47.0226 2408 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/16 16:41:47.0244 2408 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/09/16 16:41:47.0268 2408 HTTP (406c027c18e98a396faa1963dad5ff70) C:\Windows\system32\drivers\HTTP.sys
2011/09/16 16:41:47.0283 2408 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/09/16 16:41:47.0299 2408 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/16 16:41:47.0350 2408 iaStor (28aae599496b4930b3f19026f2083bc4) C:\Windows\system32\DRIVERS\iaStor.sys
2011/09/16 16:41:47.0366 2408 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/09/16 16:41:47.0388 2408 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/16 16:41:47.0460 2408 IntcAzAudAddService (2e06052066ce4489cdfbfb8329ea52b1) C:\Windows\system32\drivers\RTKVHDA.sys
2011/09/16 16:41:47.0485 2408 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/09/16 16:41:47.0510 2408 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/16 16:41:47.0531 2408 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/16 16:41:47.0580 2408 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/16 16:41:47.0596 2408 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/16 16:41:47.0631 2408 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/16 16:41:47.0649 2408 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/09/16 16:41:47.0675 2408 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/16 16:41:47.0694 2408 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/16 16:41:47.0706 2408 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/16 16:41:47.0722 2408 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/16 16:41:47.0743 2408 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/16 16:41:47.0793 2408 KSecDD (5367dc846cae9639b899bfd13b97a8c9) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/16 16:41:47.0851 2408 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/09/16 16:41:47.0875 2408 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/16 16:41:47.0902 2408 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/16 16:41:47.0917 2408 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/16 16:41:47.0933 2408 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/16 16:41:47.0955 2408 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/16 16:41:47.0976 2408 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/09/16 16:41:48.0010 2408 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/09/16 16:41:48.0028 2408 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/16 16:41:48.0083 2408 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/16 16:41:48.0095 2408 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/16 16:41:48.0114 2408 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/16 16:41:48.0126 2408 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/16 16:41:48.0143 2408 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/09/16 16:41:48.0200 2408 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/16 16:41:48.0216 2408 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/16 16:41:48.0232 2408 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/09/16 16:41:48.0261 2408 mrxsmb (c4ad205530888404e2b5fc8d9319b119) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/16 16:41:48.0301 2408 mrxsmb10 (0a986b34f1678a2697574d7b1664e2dd) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/16 16:41:48.0367 2408 mrxsmb20 (3268b8c3fa92bfc086355c39b45e9cc9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/16 16:41:48.0382 2408 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/09/16 16:41:48.0397 2408 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/09/16 16:41:48.0431 2408 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/16 16:41:48.0443 2408 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/16 16:41:48.0522 2408 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/16 16:41:48.0563 2408 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/16 16:41:48.0578 2408 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/16 16:41:48.0610 2408 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/09/16 16:41:48.0640 2408 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/16 16:41:48.0665 2408 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/16 16:41:48.0686 2408 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/09/16 16:41:48.0722 2408 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/16 16:41:48.0752 2408 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/09/16 16:41:48.0778 2408 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/16 16:41:48.0811 2408 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/16 16:41:48.0824 2408 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/16 16:41:48.0840 2408 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/16 16:41:48.0886 2408 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/16 16:41:48.0916 2408 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/16 16:41:48.0980 2408 netr28u (2e812881ec96e80eae304877ed90206b) C:\Windows\system32\DRIVERS\netr28u.sys
2011/09/16 16:41:49.0003 2408 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/16 16:41:49.0024 2408 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/09/16 16:41:49.0053 2408 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/16 16:41:49.0095 2408 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/09/16 16:41:49.0117 2408 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/16 16:41:49.0129 2408 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/16 16:41:49.0208 2408 NVHDA (92cfe8964b3a6da0692331fa66630db3) C:\Windows\system32\drivers\nvhda32v.sys
2011/09/16 16:41:49.0475 2408 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/09/16 16:41:49.0539 2408 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/09/16 16:41:49.0563 2408 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/09/16 16:41:49.0580 2408 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/09/16 16:41:49.0661 2408 NxpCap (35ebe490c993f39091ce7bf89e725b0c) C:\Windows\system32\DRIVERS\NxpCap.sys
2011/09/16 16:41:49.0723 2408 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/16 16:41:49.0749 2408 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/16 16:41:49.0786 2408 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/09/16 16:41:49.0817 2408 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/16 16:41:49.0874 2408 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/09/16 16:41:49.0904 2408 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/09/16 16:41:49.0922 2408 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/09/16 16:41:49.0952 2408 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/16 16:41:49.0990 2408 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/16 16:41:50.0069 2408 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/16 16:41:50.0082 2408 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/09/16 16:41:50.0128 2408 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/16 16:41:50.0151 2408 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/09/16 16:41:50.0197 2408 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/09/16 16:41:50.0227 2408 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/16 16:41:50.0249 2408 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/16 16:41:50.0264 2408 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/16 16:41:50.0333 2408 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/16 16:41:50.0350 2408 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/16 16:41:50.0366 2408 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/16 16:41:50.0394 2408 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/16 16:41:50.0428 2408 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/16 16:41:50.0449 2408 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/09/16 16:41:50.0463 2408 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/16 16:41:50.0485 2408 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/09/16 16:41:50.0567 2408 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/16 16:41:50.0584 2408 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/16 16:41:50.0622 2408 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/16 16:41:50.0662 2408 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/16 16:41:50.0681 2408 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/09/16 16:41:50.0705 2408 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/16 16:41:50.0755 2408 sfdrv01 (b7018644e132a8dfb12ed90106e06739) C:\Windows\system32\drivers\sfdrv01.sys
2011/09/16 16:41:50.0773 2408 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/09/16 16:41:50.0789 2408 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/16 16:41:50.0808 2408 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/16 16:41:50.0830 2408 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\Windows\system32\drivers\sfhlp02.sys
2011/09/16 16:41:50.0842 2408 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/16 16:41:50.0889 2408 sfvfs02 (197cef62eb4bc043e1578529fa2b9a48) C:\Windows\system32\drivers\sfvfs02.sys
2011/09/16 16:41:50.0956 2408 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/09/16 16:41:50.0969 2408 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/09/16 16:41:51.0004 2408 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/09/16 16:41:51.0055 2408 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/09/16 16:41:51.0082 2408 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/16 16:41:51.0150 2408 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys
2011/09/16 16:41:51.0150 2408 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/09/16 16:41:51.0156 2408 sptd - detected LockedFile.Multi.Generic (1)
2011/09/16 16:41:51.0213 2408 srv (73dddbeec61e78568082916a27aadaee) C:\Windows\system32\DRIVERS\srv.sys
2011/09/16 16:41:51.0277 2408 srv2 (805fac010405ad3f82ef8df0bb035d81) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/16 16:41:51.0309 2408 srvnet (f63a0a58aafe34d7a1a0a74abccdd9c0) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/16 16:41:51.0393 2408 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\Windows\system32\DRIVERS\ss_bbus.sys
2011/09/16 16:41:51.0433 2408 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
2011/09/16 16:41:51.0475 2408 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\Windows\system32\DRIVERS\ss_bmdm.sys
2011/09/16 16:41:51.0518 2408 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/16 16:41:51.0586 2408 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/16 16:41:51.0614 2408 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/16 16:41:51.0627 2408 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/16 16:41:51.0712 2408 Tcpip (82e266bee5f0167e41c6ecfdd2a79c02) C:\Windows\system32\drivers\tcpip.sys
2011/09/16 16:41:51.0746 2408 Tcpip6 (82e266bee5f0167e41c6ecfdd2a79c02) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/16 16:41:51.0799 2408 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/16 16:41:51.0841 2408 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/16 16:41:51.0854 2408 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/16 16:41:51.0883 2408 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/16 16:41:51.0926 2408 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/16 16:41:51.0965 2408 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/16 16:41:51.0998 2408 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/16 16:41:52.0011 2408 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/16 16:41:52.0027 2408 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/09/16 16:41:52.0045 2408 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/16 16:41:52.0072 2408 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/16 16:41:52.0093 2408 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/09/16 16:41:52.0107 2408 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/16 16:41:52.0123 2408 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/16 16:41:52.0138 2408 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/16 16:41:52.0191 2408 usbaudio (f89033df77b636621cf6b090f7e1913d) C:\Windows\system32\drivers\usbaudio.sys
2011/09/16 16:41:52.0226 2408 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/16 16:41:52.0239 2408 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/16 16:41:52.0262 2408 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/16 16:41:52.0288 2408 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/16 16:41:52.0352 2408 USBMULCD (6a1806c697d148485d7af949b1eaf2fc) C:\Windows\system32\drivers\CM106.sys
2011/09/16 16:41:52.0371 2408 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/09/16 16:41:52.0417 2408 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/16 16:41:52.0442 2408 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/09/16 16:41:52.0470 2408 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/16 16:41:52.0499 2408 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/16 16:41:52.0529 2408 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/16 16:41:52.0544 2408 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/16 16:41:52.0581 2408 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/09/16 16:41:52.0596 2408 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/09/16 16:41:52.0612 2408 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/09/16 16:41:52.0644 2408 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/16 16:41:52.0690 2408 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/09/16 16:41:52.0718 2408 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/09/16 16:41:52.0735 2408 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/09/16 16:41:52.0763 2408 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/16 16:41:52.0798 2408 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/16 16:41:52.0809 2408 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/16 16:41:52.0834 2408 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/09/16 16:41:52.0855 2408 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/16 16:41:52.0947 2408 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/16 16:41:53.0012 2408 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/09/16 16:41:53.0025 2408 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/16 16:41:53.0068 2408 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/16 16:41:53.0144 2408 X10Hid (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys
2011/09/16 16:41:53.0176 2408 XUIF (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys
2011/09/16 16:41:53.0208 2408 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/09/16 16:41:53.0249 2408 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk4\DR4
2011/09/16 16:41:53.0259 2408 Boot (0x1200) (9b2346f1163d18f4f7e805a579e7aef0) \Device\Harddisk0\DR0\Partition0
2011/09/16 16:41:53.0293 2408 Boot (0x1200) (999c5453191163af64bc6b94a13ccaf7) \Device\Harddisk0\DR0\Partition1
2011/09/16 16:41:53.0302 2408 Boot (0x1200) (f9c7619725c3b776ccfa592bc751db05) \Device\Harddisk4\DR4\Partition0
2011/09/16 16:41:53.0310 2408 ================================================================================
2011/09/16 16:41:53.0311 2408 Scan finished
2011/09/16 16:41:53.0311 2408 ================================================================================
2011/09/16 16:41:53.0321 1728 Detected object count: 2
2011/09/16 16:41:53.0321 1728 Actual detected object count: 2
2011/09/16 16:42:01.0593 1728 HKLM\SYSTEM\ControlSet001\services\522e22f0 - will be deleted after reboot
2011/09/16 16:42:01.0654 1728 HKLM\SYSTEM\ControlSet002\services\522e22f0 - will be deleted after reboot
2011/09/16 16:42:01.0676 1728 HKLM\SYSTEM\ControlSet003\services\522e22f0 - will be deleted after reboot
2011/09/16 16:42:01.0727 1728 C:\Windows\4028771922:2916211983.exe - will be deleted after reboot
2011/09/16 16:42:01.0727 1728 HiddenFile.Multi.Generic(522e22f0) - User select action: Delete
2011/09/16 16:42:01.0730 1728 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted after reboot
2011/09/16 16:42:01.0731 1728 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted after reboot
2011/09/16 16:42:01.0731 1728 HKLM\SYSTEM\ControlSet003\services\sptd - will be deleted after reboot
2011/09/16 16:42:01.0733 1728 C:\Windows\system32\Drivers\sptd.sys - will be deleted after reboot
2011/09/16 16:42:01.0733 1728 LockedFile.Multi.Generic(sptd) - User select action: Delete
2011/09/16 16:42:06.0399 3108 Deinitialize success

Merci pour ta patience!!!
0
Réponse 8 / 12
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
16 sept. 2011 à 16:58
spdt c'était pas obligatoire de le virer :)

bon bha refais un TDSSKiller voir s'il détecte encore des trucs.

Ton antivirus fonctionne ?
0
Réponse 9 / 12
seriousjn Messages postés 15 Date d'inscription vendredi 16 septembre 2011 Statut Membre Dernière intervention 27 octobre 2011
16 sept. 2011 à 17:10
TDSSKiller n'a plus rien trouvé.

Ceci dit,je n'arrive démarrer aucun antivirus car les autorisations me sont toujours refusées...
0
Réponse 10 / 12
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 627
16 sept. 2011 à 17:17
parce que le malware pète les permissions sur les fichiers =>

Le malware a cassé les ACL (permissions), tente un clic droit / propriétés puis onglet sécurité.
Tu dois avoir le nom de ta session en haut.
Tu sélectionnes.
Tu clics sur refuser au niveau des modifications.
Appliquer
et après tu mets contrôle totale sur autorisé
Aplliquer encore.

Vois si ça permet de rendre l'executable opérationnel.

0
Réponse 11 / 12
seriousjn Messages postés 15 Date d'inscription vendredi 16 septembre 2011 Statut Membre Dernière intervention 27 octobre 2011
16 sept. 2011 à 17:33
Effectivement, Aprés réinstallation, Malwarebytes est a nouveau operationnel, il semble que la menace est éliminée, un tout grand merci pour ton aide, bon maintenant je vais essayer de me reconnecter a internet...
0
Réponse 12 / 12
sonia34mtp Messages postés 26 Date d'inscription mercredi 14 septembre 2011 Statut Membre Dernière intervention 4 octobre 2011
18 sept. 2011 à 00:36
bonjour. j'ai aussi un probleme avec mon pc. les programmes se bloquent et ne répondent plus. mozilla refuse de s'ouvrir. il est devenu lent. il marche que si je le met en mode sans échec. est ce que quelqu'un pourrait m'aider? svp je suis perdu. j'ai restauré le système a une date antérieure mais rien a faire. avira ne détecte rien. de web cureit ne s'ouvre même pas. je suis désespèrée.
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
comment envoyer un virus ?
willva -
BeFaX -

1 réponse
Comment savoir si j'ai attrapé un virus sur mon téléphone ?
Infolock -
bell -

66 réponses
Virus Altruistic
Mael03250 -
MisteryBean -

11 réponses
Virus détecté
Koony -
MisteryBean -

6 réponses