Sujet Précédent Sujet Suivant

System Check.

Résolu/Fermé
Trucdu26 - 14 janv. 2012 à 16:26
 1looping - 16 janv. 2012 à 03:07
Bonjour,

Je suis infecté par le rogue system check depuis une semaine. Après avoir utilisé Roguekiller et anti-malware MBAM, quelques résultats : les fichiers en cache dans les disques durs sont de nouveaux accessibles, system check ne se lance plus au démarrage, mais Roguekiller détecte toujours une "infection MBR".

Pourriez -vous m'aider s'il vous plaît ?
Merci d'avance :)


9 réponses

Réponse 1 / 9
Utilisateur anonyme
14 janv. 2012 à 16:28
Bonjour

Télécharge TDSSKiller

*Créez un nouveau dossier sur votre bureau puis décompressez l'archive dedans
* Lancez le programme en cliquant sur TDSSKiller.exe, l'analyse se fait automatiquement, si l'infection est détectée, des éléments cachés (= hidden) seront alors affichés.


Si TDSS.tdl2 est détecté: l'option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté: assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté: assure toi que Cure est bien cochée.
Si Rootkit.Win32.ZAccess.* est détecté : règle sur "cure" en haut , et "delete" en bas
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
une fois qu'il a terminé , redémarre s'il te le demande pour finir de nettoyer

sinon , ferme TDSSKiller et le rapport s'affichera sur le bureau

Poste moi son rapport à l'issue; merci

@+
0
Réponse 2 / 9
Trucdu26
14 janv. 2012 à 16:38
Salut, merci de ton aide
J'ai téléchargé TDSSKIller.
Après le Scan il a détecté

Locked file
Service : sptd

où il est coché Skip

et

Rootkit.Boost.SST.b
Physical drive: \Device\Hardisk0\DR0

où il est coché Cure

Que fais je ?

Merci
0
Réponse 3 / 9
Utilisateur anonyme
14 janv. 2012 à 16:39
Re

Poste moi le rapport;merci.

@+
0
Réponse 4 / 9
Trucdu26
14 janv. 2012 à 16:45
TDDSkiller m'a demandé de rebooté sans donner de rapport --'
0
Utilisateur anonyme
14 janv. 2012 à 16:46
Il est là: C:\TDSSKiller_N°Version_Date_Heure.txt
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
Trucdu26
14 janv. 2012 à 16:47
Excuse, merci.

le voici

16:32:49.0228 4672 TDSS rootkit removing tool 2.7.1.0 Jan 13 2012 15:24:05
16:32:51.0230 4672 ============================================================
16:32:51.0230 4672 Current date / time: 2012/01/14 16:32:51.0230
16:32:51.0230 4672 SystemInfo:
16:32:51.0230 4672
16:32:51.0230 4672 OS Version: 6.1.7600 ServicePack: 0.0
16:32:51.0230 4672 Product type: Workstation
16:32:51.0230 4672 ComputerName: UTILISATEUR-PC
16:32:51.0230 4672 UserName: UTILISATEUR
16:32:51.0230 4672 Windows directory: C:\Windows
16:32:51.0230 4672 System windows directory: C:\Windows
16:32:51.0230 4672 Running under WOW64
16:32:51.0230 4672 Processor architecture: Intel x64
16:32:51.0230 4672 Number of processors: 2
16:32:51.0230 4672 Page size: 0x1000
16:32:51.0230 4672 Boot type: Normal boot
16:32:51.0230 4672 ============================================================
16:32:52.0372 4672 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000, SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
16:32:52.0451 4672 Initialize success
16:33:22.0731 3936 ============================================================
16:33:22.0732 3936 Scan started
16:33:22.0732 3936 Mode: Manual;
16:33:22.0732 3936 ============================================================
16:33:23.0125 3936 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
16:33:23.0127 3936 1394ohci - ok
16:33:23.0174 3936 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
16:33:23.0178 3936 ACPI - ok
16:33:23.0213 3936 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
16:33:23.0214 3936 AcpiPmi - ok
16:33:23.0285 3936 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:33:23.0291 3936 adp94xx - ok
16:33:23.0306 3936 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:33:23.0311 3936 adpahci - ok
16:33:23.0325 3936 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:33:23.0327 3936 adpu320 - ok
16:33:23.0387 3936 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
16:33:23.0393 3936 AFD - ok
16:33:23.0421 3936 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:33:23.0423 3936 agp440 - ok
16:33:23.0442 3936 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:33:23.0443 3936 aliide - ok
16:33:23.0492 3936 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:33:23.0494 3936 amdide - ok
16:33:23.0512 3936 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:33:23.0514 3936 AmdK8 - ok
16:33:23.0532 3936 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:33:23.0534 3936 AmdPPM - ok
16:33:23.0558 3936 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\drivers\amdsata.sys
16:33:23.0561 3936 amdsata - ok
16:33:23.0611 3936 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:33:23.0615 3936 amdsbs - ok
16:33:23.0633 3936 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\drivers\amdxata.sys
16:33:23.0635 3936 amdxata - ok
16:33:23.0650 3936 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:33:23.0652 3936 AppID - ok
16:33:23.0682 3936 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:33:23.0684 3936 arc - ok
16:33:23.0715 3936 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:33:23.0717 3936 arcsas - ok
16:33:23.0764 3936 aswFsBlk (5bab6d80435f9dff95a7e86c69110b32) C:\Windows\system32\DRIVERS\aswFsBlk.sys
16:33:23.0766 3936 aswFsBlk - ok
16:33:23.0780 3936 aswMonFlt (6067ec1c153f07a9e8e76b45df4d9f8d) C:\Windows\system32\DRIVERS\aswMonFlt.sys
16:33:23.0782 3936 aswMonFlt - ok
16:33:23.0794 3936 aswRdr (e4928b11d24fc5490c92ed74ecd922d0) C:\Windows\system32\drivers\aswRdr.sys
16:33:23.0795 3936 aswRdr - ok
16:33:23.0807 3936 aswSP (c6c9a87dd1ba5815082cd900ebe0bfb1) C:\Windows\system32\drivers\aswSP.sys
16:33:23.0809 3936 aswSP - ok
16:33:23.0822 3936 aswTdi (d6cd3f4c869adf746c87b7188743664f) C:\Windows\system32\drivers\aswTdi.sys
16:33:23.0824 3936 aswTdi - ok
16:33:23.0845 3936 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:33:23.0847 3936 AsyncMac - ok
16:33:23.0857 3936 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:33:23.0857 3936 atapi - ok
16:33:23.0970 3936 atikmdag (19b5c61cb09bff2bd69e063ee54b56c3) C:\Windows\system32\DRIVERS\atikmdag.sys
16:33:24.0053 3936 atikmdag - ok
16:33:24.0083 3936 atksgt (4aef9ec86818375495fb78ca58df4e18) C:\Windows\system32\DRIVERS\atksgt.sys
16:33:24.0086 3936 atksgt - ok
16:33:24.0118 3936 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:33:24.0123 3936 b06bdrv - ok
16:33:24.0167 3936 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:33:24.0170 3936 b57nd60a - ok
16:33:24.0189 3936 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:33:24.0190 3936 Beep - ok
16:33:24.0208 3936 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:33:24.0209 3936 blbdrive - ok
16:33:24.0250 3936 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
16:33:24.0251 3936 bowser - ok
16:33:24.0273 3936 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:33:24.0274 3936 BrFiltLo - ok
16:33:24.0288 3936 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:33:24.0291 3936 BrFiltUp - ok
16:33:24.0317 3936 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:33:24.0320 3936 Brserid - ok
16:33:24.0333 3936 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:33:24.0334 3936 BrSerWdm - ok
16:33:24.0351 3936 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:33:24.0352 3936 BrUsbMdm - ok
16:33:24.0368 3936 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:33:24.0369 3936 BrUsbSer - ok
16:33:24.0390 3936 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:33:24.0392 3936 BTHMODEM - ok
16:33:24.0418 3936 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:33:24.0420 3936 cdfs - ok
16:33:24.0446 3936 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\drivers\cdrom.sys
16:33:24.0447 3936 cdrom - ok
16:33:24.0463 3936 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:33:24.0464 3936 circlass - ok
16:33:24.0500 3936 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:33:24.0503 3936 CLFS - ok
16:33:24.0548 3936 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:33:24.0549 3936 CmBatt - ok
16:33:24.0583 3936 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:33:24.0583 3936 cmdide - ok
16:33:24.0610 3936 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
16:33:24.0615 3936 CNG - ok
16:33:24.0635 3936 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:33:24.0637 3936 Compbatt - ok
16:33:24.0675 3936 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
16:33:24.0676 3936 CompositeBus - ok
16:33:24.0696 3936 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:33:24.0697 3936 crcdisk - ok
16:33:24.0740 3936 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
16:33:24.0743 3936 DfsC - ok
16:33:24.0786 3936 dgderdrv (867fa8b9e9e3078f68c4089904bbf4b0) C:\Windows\system32\drivers\dgderdrv.sys
16:33:24.0788 3936 dgderdrv - ok
16:33:24.0805 3936 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:33:24.0807 3936 discache - ok
16:33:24.0818 3936 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:33:24.0819 3936 Disk - ok
16:33:24.0859 3936 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:33:24.0860 3936 drmkaud - ok
16:33:24.0892 3936 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
16:33:24.0900 3936 DXGKrnl - ok
16:33:24.0922 3936 e1yexpress (761b9edd97a021aa1922501b7a056635) C:\Windows\system32\DRIVERS\e1y62x64.sys
16:33:24.0925 3936 e1yexpress - ok
16:33:25.0010 3936 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:33:25.0069 3936 ebdrv - ok
16:33:25.0103 3936 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:33:25.0108 3936 elxstor - ok
16:33:25.0137 3936 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:33:25.0138 3936 ErrDev - ok
16:33:25.0179 3936 esgiguard - ok
16:33:25.0210 3936 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:33:25.0213 3936 exfat - ok
16:33:25.0235 3936 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:33:25.0238 3936 fastfat - ok
16:33:25.0257 3936 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:33:25.0260 3936 fdc - ok
16:33:25.0280 3936 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:33:25.0282 3936 FileInfo - ok
16:33:25.0298 3936 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:33:25.0300 3936 Filetrace - ok
16:33:25.0319 3936 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:33:25.0321 3936 flpydisk - ok
16:33:25.0345 3936 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:33:25.0347 3936 FltMgr - ok
16:33:25.0363 3936 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:33:25.0365 3936 FsDepends - ok
16:33:25.0383 3936 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:33:25.0384 3936 Fs_Rec - ok
16:33:25.0412 3936 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
16:33:25.0415 3936 fvevol - ok
16:33:25.0439 3936 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:33:25.0442 3936 gagp30kx - ok
16:33:25.0478 3936 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:33:25.0480 3936 GEARAspiWDM - ok
16:33:25.0500 3936 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:33:25.0502 3936 hcw85cir - ok
16:33:25.0551 3936 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:33:25.0555 3936 HdAudAddService - ok
16:33:25.0576 3936 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
16:33:25.0578 3936 HDAudBus - ok
16:33:25.0604 3936 HECIx64 (e91aff2610114ccaebb90d4d991bb6b2) C:\Windows\system32\DRIVERS\HECIx64.sys
16:33:25.0606 3936 HECIx64 - ok
16:33:25.0625 3936 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:33:25.0626 3936 HidBatt - ok
16:33:25.0638 3936 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:33:25.0640 3936 HidBth - ok
16:33:25.0659 3936 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:33:25.0660 3936 HidIr - ok
16:33:25.0674 3936 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\drivers\hidusb.sys
16:33:25.0676 3936 HidUsb - ok
16:33:25.0701 3936 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
16:33:25.0703 3936 HpSAMD - ok
16:33:25.0742 3936 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:33:25.0750 3936 HTTP - ok
16:33:25.0762 3936 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:33:25.0764 3936 hwpolicy - ok
16:33:25.0778 3936 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:33:25.0780 3936 i8042prt - ok
16:33:25.0806 3936 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\drivers\iaStorV.sys
16:33:25.0810 3936 iaStorV - ok
16:33:25.0866 3936 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:33:25.0868 3936 iirsp - ok
16:33:25.0939 3936 IntcAzAudAddService (58a60df2b6d0d6b09e44cac7f1d2ab6a) C:\Windows\system32\drivers\RTKVHD64.sys
16:33:25.0991 3936 IntcAzAudAddService - ok
16:33:26.0014 3936 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:33:26.0016 3936 intelide - ok
16:33:26.0041 3936 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:33:26.0041 3936 intelppm - ok
16:33:26.0064 3936 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:33:26.0066 3936 IpFilterDriver - ok
16:33:26.0087 3936 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
16:33:26.0089 3936 IPMIDRV - ok
16:33:26.0109 3936 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:33:26.0112 3936 IPNAT - ok
16:33:26.0143 3936 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:33:26.0145 3936 IRENUM - ok
16:33:26.0162 3936 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:33:26.0164 3936 isapnp - ok
16:33:26.0188 3936 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
16:33:26.0191 3936 iScsiPrt - ok
16:33:26.0206 3936 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:33:26.0207 3936 kbdclass - ok
16:33:26.0222 3936 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys
16:33:26.0229 3936 kbdhid - ok
16:33:26.0267 3936 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
16:33:26.0270 3936 KSecDD - ok
16:33:26.0312 3936 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
16:33:26.0314 3936 KSecPkg - ok
16:33:26.0324 3936 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:33:26.0326 3936 ksthunk - ok
16:33:26.0391 3936 lirsgt (b658b7076b1acaa5876524595630f183) C:\Windows\system32\DRIVERS\lirsgt.sys
16:33:26.0393 3936 lirsgt - ok
16:33:26.0418 3936 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:33:26.0420 3936 lltdio - ok
16:33:26.0450 3936 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:33:26.0452 3936 LSI_FC - ok
16:33:26.0463 3936 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:33:26.0465 3936 LSI_SAS - ok
16:33:26.0486 3936 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:33:26.0488 3936 LSI_SAS2 - ok
16:33:26.0502 3936 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:33:26.0504 3936 LSI_SCSI - ok
16:33:26.0527 3936 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:33:26.0530 3936 luafv - ok
16:33:26.0550 3936 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:33:26.0551 3936 megasas - ok
16:33:26.0568 3936 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:33:26.0572 3936 MegaSR - ok
16:33:26.0592 3936 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:33:26.0593 3936 Modem - ok
16:33:26.0616 3936 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:33:26.0616 3936 monitor - ok
16:33:26.0638 3936 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:33:26.0640 3936 mouclass - ok
16:33:26.0661 3936 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:33:26.0663 3936 mouhid - ok
16:33:26.0673 3936 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:33:26.0675 3936 mountmgr - ok
16:33:26.0707 3936 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
16:33:26.0708 3936 mpio - ok
16:33:26.0732 3936 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:33:26.0734 3936 mpsdrv - ok
16:33:26.0765 3936 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:33:26.0768 3936 MRxDAV - ok
16:33:26.0803 3936 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:33:26.0805 3936 mrxsmb - ok
16:33:26.0837 3936 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:33:26.0841 3936 mrxsmb10 - ok
16:33:26.0857 3936 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:33:26.0859 3936 mrxsmb20 - ok
16:33:26.0890 3936 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
16:33:26.0892 3936 msahci - ok
16:33:26.0918 3936 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
16:33:26.0921 3936 msdsm - ok
16:33:26.0951 3936 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:33:26.0952 3936 Msfs - ok
16:33:26.0968 3936 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:33:26.0970 3936 mshidkmdf - ok
16:33:27.0007 3936 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:33:27.0009 3936 msisadrv - ok
16:33:27.0045 3936 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:33:27.0047 3936 MSKSSRV - ok
16:33:27.0057 3936 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:33:27.0058 3936 MSPCLOCK - ok
16:33:27.0067 3936 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:33:27.0068 3936 MSPQM - ok
16:33:27.0093 3936 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:33:27.0097 3936 MsRPC - ok
16:33:27.0115 3936 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:33:27.0115 3936 mssmbios - ok
16:33:27.0150 3936 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:33:27.0152 3936 MSTEE - ok
16:33:27.0160 3936 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:33:27.0161 3936 MTConfig - ok
16:33:27.0177 3936 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:33:27.0185 3936 Mup - ok
16:33:27.0236 3936 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:33:27.0240 3936 NativeWifiP - ok
16:33:27.0278 3936 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:33:27.0288 3936 NDIS - ok
16:33:27.0321 3936 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:33:27.0322 3936 NdisCap - ok
16:33:27.0345 3936 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:33:27.0347 3936 NdisTapi - ok
16:33:27.0366 3936 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:33:27.0368 3936 Ndisuio - ok
16:33:27.0387 3936 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:33:27.0390 3936 NdisWan - ok
16:33:27.0400 3936 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:33:27.0401 3936 NDProxy - ok
16:33:27.0417 3936 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:33:27.0420 3936 NetBIOS - ok
16:33:27.0455 3936 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:33:27.0458 3936 NetBT - ok
16:33:27.0486 3936 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:33:27.0488 3936 nfrd960 - ok
16:33:27.0508 3936 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:33:27.0510 3936 Npfs - ok
16:33:27.0524 3936 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:33:27.0525 3936 nsiproxy - ok
16:33:27.0564 3936 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
16:33:27.0598 3936 Ntfs - ok
16:33:27.0618 3936 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:33:27.0619 3936 Null - ok
16:33:27.0650 3936 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\drivers\nvraid.sys
16:33:27.0653 3936 nvraid - ok
16:33:27.0678 3936 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\drivers\nvstor.sys
16:33:27.0681 3936 nvstor - ok
16:33:27.0700 3936 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:33:27.0703 3936 nv_agp - ok
16:33:27.0721 3936 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:33:27.0723 3936 ohci1394 - ok
16:33:27.0751 3936 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:33:27.0753 3936 Parport - ok
16:33:27.0768 3936 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:33:27.0769 3936 partmgr - ok
16:33:27.0813 3936 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
16:33:27.0814 3936 pci - ok
16:33:27.0830 3936 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:33:27.0831 3936 pciide - ok
16:33:27.0846 3936 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:33:27.0848 3936 pcmcia - ok
16:33:27.0878 3936 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:33:27.0880 3936 pcw - ok
16:33:27.0903 3936 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:33:27.0909 3936 PEAUTH - ok
16:33:27.0943 3936 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:33:27.0945 3936 PptpMiniport - ok
16:33:27.0959 3936 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:33:27.0961 3936 Processor - ok
16:33:27.0983 3936 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:33:27.0985 3936 Psched - ok
16:33:28.0028 3936 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:33:28.0053 3936 ql2300 - ok
16:33:28.0087 3936 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:33:28.0089 3936 ql40xx - ok
16:33:28.0109 3936 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:33:28.0111 3936 QWAVEdrv - ok
16:33:28.0130 3936 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:33:28.0131 3936 RasAcd - ok
16:33:28.0158 3936 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:33:28.0160 3936 RasAgileVpn - ok
16:33:28.0180 3936 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:33:28.0183 3936 Rasl2tp - ok
16:33:28.0207 3936 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:33:28.0209 3936 RasPppoe - ok
16:33:28.0224 3936 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:33:28.0226 3936 RasSstp - ok
16:33:28.0246 3936 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:33:28.0249 3936 rdbss - ok
16:33:28.0269 3936 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:33:28.0270 3936 rdpbus - ok
16:33:28.0289 3936 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:33:28.0290 3936 RDPCDD - ok
16:33:28.0302 3936 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:33:28.0303 3936 RDPENCDD - ok
16:33:28.0314 3936 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:33:28.0315 3936 RDPREFMP - ok
16:33:28.0337 3936 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
16:33:28.0339 3936 RDPWD - ok
16:33:28.0360 3936 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:33:28.0362 3936 rdyboost - ok
16:33:28.0384 3936 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:33:28.0386 3936 rspndr - ok
16:33:28.0433 3936 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
16:33:28.0435 3936 sbp2port - ok
16:33:28.0463 3936 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:33:28.0465 3936 scfilter - ok
16:33:28.0485 3936 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:33:28.0486 3936 secdrv - ok
16:33:28.0512 3936 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:33:28.0514 3936 Serenum - ok
16:33:28.0532 3936 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:33:28.0534 3936 Serial - ok
16:33:28.0567 3936 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:33:28.0569 3936 sermouse - ok
16:33:28.0625 3936 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:33:28.0627 3936 sffdisk - ok
16:33:28.0643 3936 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:33:28.0645 3936 sffp_mmc - ok
16:33:28.0659 3936 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
16:33:28.0661 3936 sffp_sd - ok
16:33:28.0673 3936 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:33:28.0675 3936 sfloppy - ok
16:33:28.0695 3936 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:33:28.0697 3936 SiSRaid2 - ok
16:33:28.0715 3936 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:33:28.0717 3936 SiSRaid4 - ok
16:33:28.0736 3936 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:33:28.0739 3936 Smb - ok
16:33:28.0763 3936 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:33:28.0765 3936 spldr - ok
16:33:28.0840 3936 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
16:33:28.0840 3936 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
16:33:28.0854 3936 sptd ( LockedFile.Multi.Generic ) - warning
16:33:28.0854 3936 sptd - detected LockedFile.Multi.Generic (1)
16:33:28.0903 3936 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
16:33:28.0910 3936 srv - ok
16:33:28.0925 3936 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
16:33:28.0930 3936 srv2 - ok
16:33:28.0958 3936 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
16:33:28.0960 3936 srvnet - ok
16:33:29.0016 3936 sscebus (f74634f46692c8315e7f37f698af3225) C:\Windows\system32\DRIVERS\sscebus.sys
16:33:29.0019 3936 sscebus - ok
16:33:29.0047 3936 sscemdfl (82732b391efd69b0548044be9cb37bfc) C:\Windows\system32\DRIVERS\sscemdfl.sys
16:33:29.0049 3936 sscemdfl - ok
16:33:29.0082 3936 sscemdm (43d56ace4469d90f9790e8352d87d9b5) C:\Windows\system32\DRIVERS\sscemdm.sys
16:33:29.0084 3936 sscemdm - ok
16:33:29.0106 3936 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:33:29.0108 3936 stexstor - ok
16:33:29.0131 3936 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:33:29.0133 3936 swenum - ok
16:33:29.0212 3936 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
16:33:29.0244 3936 Tcpip - ok
16:33:29.0285 3936 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
16:33:29.0292 3936 TCPIP6 - ok
16:33:29.0310 3936 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:33:29.0312 3936 tcpipreg - ok
16:33:29.0331 3936 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:33:29.0332 3936 TDPIPE - ok
16:33:29.0350 3936 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:33:29.0352 3936 TDTCP - ok
16:33:29.0379 3936 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:33:29.0381 3936 tdx - ok
16:33:29.0397 3936 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
16:33:29.0399 3936 TermDD - ok
16:33:29.0446 3936 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys
16:33:29.0448 3936 TFsExDisk - ok
16:33:29.0477 3936 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:33:29.0479 3936 tssecsrv - ok
16:33:29.0490 3936 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:33:29.0493 3936 tunnel - ok
16:33:29.0511 3936 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:33:29.0513 3936 uagp35 - ok
16:33:29.0534 3936 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:33:29.0539 3936 udfs - ok
16:33:29.0565 3936 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:33:29.0567 3936 uliagpkx - ok
16:33:29.0586 3936 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\drivers\umbus.sys
16:33:29.0588 3936 umbus - ok
16:33:29.0604 3936 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:33:29.0606 3936 UmPass - ok
16:33:29.0646 3936 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
16:33:29.0648 3936 USBAAPL64 - ok
16:33:29.0666 3936 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\drivers\usbccgp.sys
16:33:29.0668 3936 usbccgp - ok
16:33:29.0703 3936 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:33:29.0705 3936 usbcir - ok
16:33:29.0723 3936 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\drivers\usbehci.sys
16:33:29.0725 3936 usbehci - ok
16:33:29.0748 3936 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\drivers\usbhub.sys
16:33:29.0752 3936 usbhub - ok
16:33:29.0766 3936 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
16:33:29.0768 3936 usbohci - ok
16:33:29.0797 3936 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:33:29.0799 3936 usbprint - ok
16:33:29.0843 3936 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:33:29.0845 3936 usbscan - ok
16:33:29.0858 3936 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\drivers\USBSTOR.SYS
16:33:29.0860 3936 USBSTOR - ok
16:33:29.0880 3936 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
16:33:29.0882 3936 usbuhci - ok
16:33:29.0900 3936 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:33:29.0902 3936 vdrvroot - ok
16:33:29.0921 3936 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:33:29.0922 3936 vga - ok
16:33:29.0937 3936 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:33:29.0939 3936 VgaSave - ok
16:33:29.0962 3936 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
16:33:29.0965 3936 vhdmp - ok
16:33:29.0996 3936 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:33:29.0997 3936 viaide - ok
16:33:30.0023 3936 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
16:33:30.0025 3936 volmgr - ok
16:33:30.0054 3936 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:33:30.0058 3936 volmgrx - ok
16:33:30.0080 3936 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
16:33:30.0083 3936 volsnap - ok
16:33:30.0107 3936 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:33:30.0110 3936 vsmraid - ok
16:33:30.0125 3936 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
16:33:30.0126 3936 vwifibus - ok
16:33:30.0147 3936 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:33:30.0149 3936 WacomPen - ok
16:33:30.0166 3936 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:33:30.0168 3936 WANARP - ok
16:33:30.0172 3936 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:33:30.0173 3936 Wanarpv6 - ok
16:33:30.0203 3936 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:33:30.0204 3936 Wd - ok
16:33:30.0224 3936 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:33:30.0230 3936 Wdf01000 - ok
16:33:30.0254 3936 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:33:30.0256 3936 WfpLwf - ok
16:33:30.0279 3936 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:33:30.0280 3936 WIMMount - ok
16:33:30.0307 3936 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:33:30.0308 3936 WinUsb - ok
16:33:30.0332 3936 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:33:30.0333 3936 WmiAcpi - ok
16:33:30.0369 3936 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:33:30.0371 3936 ws2ifsl - ok
16:33:30.0385 3936 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:33:30.0387 3936 WudfPf - ok
16:33:30.0424 3936 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\drivers\WUDFRd.sys
16:33:30.0427 3936 WUDFRd - ok
16:33:30.0441 3936 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:33:30.0471 3936 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
16:33:30.0471 3936 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
16:33:30.0499 3936 Boot (0x1200) (2aabb6daaff8279c3359170d17ac8f05) \Device\Harddisk0\DR0\Partition0
16:33:30.0500 3936 \Device\Harddisk0\DR0\Partition0 - ok
16:33:30.0504 3936 Boot (0x1200) (fc89736004418cfacc555a4356f78f34) \Device\Harddisk0\DR0\Partition1
16:33:30.0505 3936 \Device\Harddisk0\DR0\Partition1 - ok
16:33:30.0524 3936 Boot (0x1200) (19c59e77514b9677e6d0d16d27489272) \Device\Harddisk0\DR0\Partition2
16:33:30.0525 3936 \Device\Harddisk0\DR0\Partition2 - ok
16:33:30.0525 3936 ============================================================
16:33:30.0525 3936 Scan finished
16:33:30.0525 3936 ============================================================
16:33:30.0532 4400 Detected object count: 2
16:33:30.0532 4400 Actual detected object count: 2
16:40:17.0905 4400 sptd ( LockedFile.Multi.Generic ) - skipped by user
16:40:17.0905 4400 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
16:40:17.0947 4400 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
16:40:17.0948 4400 \Device\Harddisk0\DR0 - ok
16:40:17.0949 4400 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
16:40:33.0346 2176 Deinitialize success
0
Réponse 6 / 9
Utilisateur anonyme
14 janv. 2012 à 16:49
Re

Lance Roguekiller option 1 et poste moi le rapport;merci.

@+
0
1looping
16 janv. 2012 à 03:07
RogueKiller V6.2.4 [12/01/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur: Administrateur [Droits d'admin]
Mode: Recherche -- Date : 16/01/2012 03:06:55

¤¤¤ Processus malicieux: 0 ¤¤¤

¤¤¤ Entrees de registre: 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 20789d5cc4340e84b322470279587eca
[BSP] 23b73718c98c21d6e44cd45ac05b0e80 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 63 | Size: 49285 Mo
1 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 96261480 | Size: 450811 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 56968c67df7c9835cfd2881608912b28
[BSP] 5db50e142e6c95cee8eb43a7c720ae5a : MaxSS MBR Code!
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 63 | Size: 49285 Mo
1 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 96261480 | Size: 450811 Mo

+++++ PhysicalDrive1: +++++
--- User ---
[MBR] 20789d5cc4340e84b322470279587eca
[BSP] 23b73718c98c21d6e44cd45ac05b0e80 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 63 | Size: 49285 Mo
1 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 96261480 | Size: 450811 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 26435079506f7c40ccb6bb836b440e14
[BSP] 47aec20aa34c0843c113dbdebfc73a05 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 19 | Size: 59837 Mo
1 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 116869760 | Size: 104856 Mo

Termine : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
0
Réponse 7 / 9
Trucdu26
14 janv. 2012 à 16:51
Re


RogueKiller V6.2.4 [12/01/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html
Blog: http://tigzyrk.blogspot.com

Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version
Demarrage : Mode normal
Utilisateur: UTILISATEUR [Droits d'admin]
Mode: Recherche -- Date : 14/01/2012 16:50:26

¤¤¤ Processus malicieux: 0 ¤¤¤

¤¤¤ Entrees de registre: 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: +++++
--- User ---
[MBR] e10ab454d5058440cbe137c381160324
[BSP] a8d33cdc2ba26202f8709554b9cbfdcb : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 2048 | Size: 104 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 206848 | Size: 209609 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 409600000 | Size: 790487 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Termine : << RKreport[29].txt >>
RKreport[15].txt ; RKreport[16].txt ; RKreport[17].txt ; RKreport[18].txt ; RKreport[19].txt ;
RKreport[1].txt ; RKreport[20].txt ; RKreport[21].txt ; RKreport[22].txt ; RKreport[23].txt ;
RKreport[24].txt ; RKreport[25].txt ; RKreport[26].txt ; RKreport[27].txt ; RKreport[28].txt ;
RKreport[29].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[7].txt
0
Réponse 8 / 9
Utilisateur anonyme
Modifié par Guillaume5188 le 14/01/2012 à 16:54
Re

Problème résolu?

1) Télécharge DelFix de Xplode

* Lance le.
* A l'invite, [Suppression]
* Un rapport va s'ouvrir à la fin, colle le dans la réponse

Ensuite pour le désinstaller ; tu relances et tu passes à l'option [Désinstallation]


2)Pour vérifier les mises à jour logiciels à appliquer sur ton PC
https://www.flexera.com/products/operations/software-vulnerability-management.html
Divers liens te seront proposés pour les logiciels non à jour.


3)C - Ccleaner :

https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/

.enregistres le sur le bureau
.double-cliques sur le fichier pour lancer l'installation
.sur la fenêtre de l'installation langage bien choisir français et OK
.cliques sur <gras>suivant
.lis la licence et j'accepte
.cliques sur suivant
.la tu ne gardes de coché que mettre un raccourci sur le bureau et puis contrôler automatiquement les mises à jour de Ccleaner
.cliques sur installer
.cliques sur fermer
.double-cliques sur l'icône de Ccleaner pour l'ouvrir
.une fois ouvert tu cliques sur option et puis avancé
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures
.cliques sur nettoyeur
.cliques sur windows et dans la colonne avancé
. coches la première case vieilles données du perfetch ce qui te donnes la case vielles données du perfetch
.cliques sur analyse une fois l'analyse terminé
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vérifies en appuyant de nouveau sur analyse pour être sur qu'il n'y est plus rien
.clique maintenant sur registre et puis sur rechercher les erreurs
.laisse tout coché et clique sur réparer les erreurs sélectionnées
.il te demande de sauvegarder OUI
.tu lui donnes un nom pour pouvoir la retrouver et enregistre
.clique sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
.il supprime et une fois fermé tu vérifies en relançant rechercher les erreurs
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
.tu peux fermer Ccleaner.

Tuto : https://jesses.pagesperso-orange.fr/Docs/Logiciels/CCleaner.htm


4)Purge la restauration sur Seven
Comment faire :

http://www.forum-seven.com/forum/

Cela supprime toutes traces des diverses infections ;et permettra une éventuelle restauration sans infections


@+
---------Contributeur Sécurité---------
On a tous été un jour débutant dans quelque chose.
Mais le savoir est la récompense de l'assiduité.
0
Réponse 9 / 9
Trucdu26
14 janv. 2012 à 17:00
Oui très bien Merci beaucoup :) Vraiment merci
0

Discussions similaires

comment faire si on a un mail delivery system
angeldu5954 -
angeldu5954 -

5 réponses
PXE-E61 : media test failure, check cable
laurent -
Amal -

116 réponses
Plug ASUS : que signifie "check system power error" ?
Shimrhod -
Crido -

48 réponses
Check signal cable ?
lud59 -
Eric -

10 réponses
Problème d'écran : "Check video cable"
_WayzFX -
gugu01 -

19 réponses