Comment eradiquer ABNOW
enidron78
Messages postés
189
Statut
Membre
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Je pense que c'est un virus connu dont l'action est de rediriger nos recherches faites sur internet et mon antivirus bitdefender bloquer regulierement des trojans ( variant graftor et trojan sireref ).
J'ai essayer Ccclean, Mon antivirus, malware, un logiciel de kaspersky tdsskiller, spybot mais il m'est impossible de l'éradiquer.
En ce moment j'utilise USTART ça à l'air de pas poser problème !!!
HELP PLEASE !!!
Je pense que c'est un virus connu dont l'action est de rediriger nos recherches faites sur internet et mon antivirus bitdefender bloquer regulierement des trojans ( variant graftor et trojan sireref ).
J'ai essayer Ccclean, Mon antivirus, malware, un logiciel de kaspersky tdsskiller, spybot mais il m'est impossible de l'éradiquer.
En ce moment j'utilise USTART ça à l'air de pas poser problème !!!
HELP PLEASE !!!
13 réponses
slt
colles nous la rapport de tdsskiller
puis télécharge malwarebyte antimalware, mets le à jour et colle un rapport d'analyse avec
a plus
colles nous la rapport de tdsskiller
puis télécharge malwarebyte antimalware, mets le à jour et colle un rapport d'analyse avec
a plus
Ok je te transmet ça de suite :
Rapport de Tdsskiller
15:48:42.0897 10040 TDSS rootkit removing tool 2.7.17.0 Feb 29 2012 14:02:24
15:48:43.0004 10040 ============================================================
15:48:43.0004 10040 Current date / time: 2012/03/01 15:48:43.0004
15:48:43.0004 10040 SystemInfo:
15:48:43.0004 10040
15:48:43.0004 10040 OS Version: 6.0.6002 ServicePack: 2.0
15:48:43.0004 10040 Product type: Workstation
15:48:43.0004 10040 ComputerName: PC-MAISON
15:48:43.0004 10040 UserName: Vincent
15:48:43.0004 10040 Windows directory: C:\Windows
15:48:43.0004 10040 System windows directory: C:\Windows
15:48:43.0005 10040 Running under WOW64
15:48:43.0005 10040 Processor architecture: Intel x64
15:48:43.0005 10040 Number of processors: 2
15:48:43.0005 10040 Page size: 0x1000
15:48:43.0005 10040 Boot type: Normal boot
15:48:43.0005 10040 ============================================================
15:48:43.0460 10040 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:48:43.0477 10040 \Device\Harddisk0\DR0:
15:48:43.0477 10040 MBR used
15:48:43.0477 10040 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x72B17923
15:48:43.0477 10040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x72B17962, BlocksNum 0x1BEE05F
15:48:43.0574 10040 Initialize success
15:48:43.0574 10040 ============================================================
15:48:45.0235 8288 ============================================================
15:48:45.0235 8288 Scan started
15:48:45.0235 8288 Mode: Manual;
15:48:45.0235 8288 ============================================================
15:48:45.0739 8288 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
15:48:45.0743 8288 ACPI - ok
15:48:45.0854 8288 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
15:48:45.0858 8288 adp94xx - ok
15:48:45.0944 8288 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
15:48:45.0948 8288 adpahci - ok
15:48:45.0980 8288 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
15:48:45.0981 8288 adpu160m - ok
15:48:46.0022 8288 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
15:48:46.0024 8288 adpu320 - ok
15:48:46.0196 8288 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
15:48:46.0200 8288 AFD - ok
15:48:46.0295 8288 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
15:48:46.0297 8288 agp440 - ok
15:48:46.0405 8288 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
15:48:46.0406 8288 aic78xx - ok
15:48:46.0487 8288 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
15:48:46.0488 8288 aliide - ok
15:48:46.0540 8288 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
15:48:46.0541 8288 amdide - ok
15:48:46.0647 8288 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\DRIVERS\amdk8.sys
15:48:46.0650 8288 AmdK8 - ok
15:48:46.0821 8288 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
15:48:46.0824 8288 arc - ok
15:48:46.0931 8288 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
15:48:46.0934 8288 arcsas - ok
15:48:47.0063 8288 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
15:48:47.0064 8288 AsyncMac - ok
15:48:47.0108 8288 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
15:48:47.0109 8288 atapi - ok
15:48:47.0210 8288 BDFM (f050e487a787239c182c279ca97e8cf4) C:\Windows\system32\DRIVERS\bdfm.sys
15:48:47.0212 8288 BDFM - ok
15:48:47.0297 8288 bdfsfltr (abd97bfb299713a51fe36aaab71f73a2) C:\Windows\system32\DRIVERS\bdfsfltr.sys
15:48:47.0300 8288 bdfsfltr - ok
15:48:47.0357 8288 bdftdif (345977a92fb5cd788332ef048381b5f6) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys
15:48:47.0358 8288 bdftdif - ok
15:48:47.0488 8288 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
15:48:47.0489 8288 blbdrive - ok
15:48:47.0687 8288 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
15:48:47.0688 8288 bowser - ok
15:48:47.0752 8288 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
15:48:47.0753 8288 BrFiltLo - ok
15:48:47.0770 8288 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
15:48:47.0771 8288 BrFiltUp - ok
15:48:47.0839 8288 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
15:48:47.0840 8288 Brserid - ok
15:48:47.0858 8288 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
15:48:47.0859 8288 BrSerWdm - ok
15:48:47.0880 8288 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
15:48:47.0880 8288 BrUsbMdm - ok
15:48:47.0891 8288 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
15:48:47.0892 8288 BrUsbSer - ok
15:48:47.0916 8288 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
15:48:47.0917 8288 BTHMODEM - ok
15:48:47.0976 8288 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
15:48:47.0978 8288 cdfs - ok
15:48:48.0040 8288 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
15:48:48.0041 8288 cdrom - ok
15:48:48.0100 8288 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
15:48:48.0101 8288 circlass - ok
15:48:48.0172 8288 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
15:48:48.0176 8288 CLFS - ok
15:48:48.0280 8288 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
15:48:48.0281 8288 cmdide - ok
15:48:48.0307 8288 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
15:48:48.0308 8288 Compbatt - ok
15:48:48.0322 8288 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
15:48:48.0323 8288 crcdisk - ok
15:48:48.0448 8288 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
15:48:48.0450 8288 DfsC - ok
15:48:48.0513 8288 dgderdrv - ok
15:48:48.0579 8288 dg_ssudbus (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys
15:48:48.0580 8288 dg_ssudbus - ok
15:48:48.0673 8288 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
15:48:48.0674 8288 disk - ok
15:48:48.0800 8288 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
15:48:48.0801 8288 drmkaud - ok
15:48:48.0910 8288 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:48:48.0913 8288 dtsoftbus01 - ok
15:48:49.0017 8288 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
15:48:49.0025 8288 DXGKrnl - ok
15:48:49.0057 8288 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
15:48:49.0060 8288 E1G60 - ok
15:48:49.0151 8288 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
15:48:49.0155 8288 Ecache - ok
15:48:49.0212 8288 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
15:48:49.0220 8288 elxstor - ok
15:48:49.0325 8288 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
15:48:49.0326 8288 epmntdrv - ok
15:48:49.0348 8288 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
15:48:49.0349 8288 ErrDev - ok
15:48:49.0378 8288 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys
15:48:49.0379 8288 EuGdiDrv - ok
15:48:49.0456 8288 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
15:48:49.0459 8288 exfat - ok
15:48:49.0533 8288 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
15:48:49.0535 8288 fastfat - ok
15:48:49.0559 8288 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
15:48:49.0560 8288 fdc - ok
15:48:49.0602 8288 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
15:48:49.0603 8288 FileInfo - ok
15:48:49.0896 8288 FileMonitor (7a0e303a18b04771a9dfa64932b5aee0) C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys
15:48:49.0897 8288 FileMonitor - ok
15:48:49.0913 8288 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
15:48:49.0914 8288 Filetrace - ok
15:48:49.0933 8288 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:48:49.0934 8288 flpydisk - ok
15:48:50.0002 8288 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
15:48:50.0005 8288 FltMgr - ok
15:48:50.0100 8288 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
15:48:50.0101 8288 fssfltr - ok
15:48:50.0178 8288 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
15:48:50.0179 8288 Fs_Rec - ok
15:48:50.0252 8288 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
15:48:50.0253 8288 gagp30kx - ok
15:48:50.0357 8288 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:48:50.0358 8288 GEARAspiWDM - ok
15:48:50.0512 8288 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
15:48:50.0515 8288 HdAudAddService - ok
15:48:50.0587 8288 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:48:50.0597 8288 HDAudBus - ok
15:48:50.0633 8288 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
15:48:50.0636 8288 HidBth - ok
15:48:50.0666 8288 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
15:48:50.0667 8288 HidIr - ok
15:48:50.0756 8288 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
15:48:50.0757 8288 HidUsb - ok
15:48:50.0834 8288 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
15:48:50.0835 8288 HpCISSs - ok
15:48:50.0915 8288 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
15:48:50.0921 8288 HTTP - ok
15:48:50.0941 8288 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
15:48:50.0943 8288 i2omp - ok
15:48:51.0014 8288 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
15:48:51.0016 8288 i8042prt - ok
15:48:51.0044 8288 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
15:48:51.0047 8288 iaStorV - ok
15:48:51.0141 8288 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
15:48:51.0142 8288 iirsp - ok
15:48:51.0294 8288 IntcAzAudAddService (46cb3abe8150e7b181e86d4906de17e8) C:\Windows\system32\drivers\RTKVHD64.sys
15:48:51.0306 8288 IntcAzAudAddService - ok
15:48:51.0325 8288 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
15:48:51.0327 8288 intelide - ok
15:48:51.0350 8288 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
15:48:51.0352 8288 intelppm - ok
15:48:51.0449 8288 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:48:51.0452 8288 IpFilterDriver - ok
15:48:51.0467 8288 IpInIp - ok
15:48:51.0511 8288 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
15:48:51.0514 8288 IPMIDRV - ok
15:48:51.0558 8288 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
15:48:51.0560 8288 IPNAT - ok
15:48:51.0584 8288 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
15:48:51.0585 8288 IRENUM - ok
15:48:51.0653 8288 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
15:48:51.0654 8288 isapnp - ok
15:48:51.0723 8288 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
15:48:51.0725 8288 iScsiPrt - ok
15:48:51.0751 8288 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
15:48:51.0752 8288 iteatapi - ok
15:48:51.0810 8288 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
15:48:51.0811 8288 iteraid - ok
15:48:51.0834 8288 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
15:48:51.0835 8288 kbdclass - ok
15:48:51.0868 8288 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
15:48:51.0869 8288 kbdhid - ok
15:48:51.0953 8288 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
15:48:51.0958 8288 KSecDD - ok
15:48:51.0973 8288 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
15:48:51.0974 8288 ksthunk - ok
15:48:52.0074 8288 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
15:48:52.0076 8288 lltdio - ok
15:48:52.0119 8288 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
15:48:52.0121 8288 LSI_FC - ok
15:48:52.0169 8288 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
15:48:52.0171 8288 LSI_SAS - ok
15:48:52.0220 8288 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
15:48:52.0222 8288 LSI_SCSI - ok
15:48:52.0302 8288 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
15:48:52.0304 8288 luafv - ok
15:48:52.0398 8288 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
15:48:52.0399 8288 megasas - ok
15:48:52.0456 8288 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
15:48:52.0462 8288 MegaSR - ok
15:48:52.0505 8288 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
15:48:52.0507 8288 Modem - ok
15:48:52.0589 8288 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
15:48:52.0590 8288 monitor - ok
15:48:52.0608 8288 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
15:48:52.0609 8288 mouclass - ok
15:48:52.0619 8288 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
15:48:52.0620 8288 mouhid - ok
15:48:52.0655 8288 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
15:48:52.0656 8288 MountMgr - ok
15:48:52.0721 8288 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
15:48:52.0723 8288 mpio - ok
15:48:52.0765 8288 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
15:48:52.0767 8288 mpsdrv - ok
15:48:52.0810 8288 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
15:48:52.0811 8288 Mraid35x - ok
15:48:52.0870 8288 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
15:48:52.0872 8288 MRxDAV - ok
15:48:52.0954 8288 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:48:52.0958 8288 mrxsmb - ok
15:48:53.0034 8288 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:48:53.0040 8288 mrxsmb10 - ok
15:48:53.0057 8288 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:48:53.0060 8288 mrxsmb20 - ok
15:48:53.0114 8288 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
15:48:53.0116 8288 msahci - ok
15:48:53.0182 8288 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
15:48:53.0186 8288 msdsm - ok
15:48:53.0253 8288 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
15:48:53.0256 8288 Msfs - ok
15:48:53.0316 8288 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
15:48:53.0318 8288 msisadrv - ok
15:48:53.0434 8288 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
15:48:53.0437 8288 MSKSSRV - ok
15:48:53.0529 8288 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
15:48:53.0531 8288 MSPCLOCK - ok
15:48:53.0613 8288 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
15:48:53.0614 8288 MSPQM - ok
15:48:53.0677 8288 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
15:48:53.0681 8288 MsRPC - ok
15:48:53.0734 8288 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
15:48:53.0735 8288 mssmbios - ok
15:48:53.0751 8288 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
15:48:53.0752 8288 MSTEE - ok
15:48:53.0816 8288 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
15:48:53.0817 8288 Mup - ok
15:48:53.0913 8288 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
15:48:53.0915 8288 NativeWifiP - ok
15:48:54.0026 8288 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
15:48:54.0038 8288 NDIS - ok
15:48:54.0116 8288 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
15:48:54.0118 8288 NdisTapi - ok
15:48:54.0138 8288 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
15:48:54.0139 8288 Ndisuio - ok
15:48:54.0265 8288 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
15:48:54.0269 8288 NdisWan - ok
15:48:54.0330 8288 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
15:48:54.0331 8288 NDProxy - ok
15:48:54.0378 8288 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
15:48:54.0381 8288 NetBIOS - ok
15:48:54.0476 8288 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
15:48:54.0479 8288 netbt - ok
15:48:54.0596 8288 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
15:48:54.0598 8288 nfrd960 - ok
15:48:54.0643 8288 nmwcdnsucx64 - ok
15:48:54.0659 8288 nmwcdnsux64 - ok
15:48:54.0726 8288 NPF (3ceee0be85d24d911b9c02714817774c) C:\Windows\system32\drivers\npf.sys
15:48:54.0727 8288 NPF - ok
15:48:54.0793 8288 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
15:48:54.0794 8288 Npfs - ok
15:48:54.0824 8288 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
15:48:54.0825 8288 nsiproxy - ok
15:48:54.0921 8288 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
15:48:54.0934 8288 Ntfs - ok
15:48:54.0947 8288 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
15:48:54.0949 8288 Null - ok
15:48:55.0051 8288 NVENETFD (13ec5b8a4b82b6deb739fc577b4217a7) C:\Windows\system32\DRIVERS\nvmfdx64.sys
15:48:55.0063 8288 NVENETFD - ok
15:48:55.0146 8288 NVHDA (17a7e888e330c7dfe59c97be44ddcf16) C:\Windows\system32\drivers\nvhda64v.sys
15:48:55.0148 8288 NVHDA - ok
15:48:55.0482 8288 nvlddmkm (ac8cbe9a0663e88f6429ee5530d5e32b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:48:55.0569 8288 nvlddmkm - ok
15:48:55.0592 8288 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
15:48:55.0594 8288 nvraid - ok
15:48:55.0626 8288 nvrd64 (a4b9af8d1793f67ce894bf051342110f) C:\Windows\system32\drivers\nvrd64.sys
15:48:55.0628 8288 nvrd64 - ok
15:48:55.0660 8288 nvsmu (16d36074b84da72d160233c8d132dc89) C:\Windows\system32\drivers\nvsmu.sys
15:48:55.0661 8288 nvsmu - ok
15:48:55.0680 8288 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
15:48:55.0681 8288 nvstor - ok
15:48:55.0735 8288 nvstor64 (7919ee9458b6d84517bc5a598d795931) C:\Windows\system32\drivers\nvstor64.sys
15:48:55.0737 8288 nvstor64 - ok
15:48:55.0793 8288 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
15:48:55.0795 8288 nv_agp - ok
15:48:55.0814 8288 NwlnkFlt - ok
15:48:55.0922 8288 NwlnkFwd - ok
15:48:56.0059 8288 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
15:48:56.0061 8288 ohci1394 - ok
15:48:56.0209 8288 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
15:48:56.0211 8288 Parport - ok
15:48:56.0296 8288 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
15:48:56.0298 8288 partmgr - ok
15:48:56.0473 8288 pccsmcfd (81b5e63131090879ad6ef9f32109b88d) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
15:48:56.0474 8288 pccsmcfd - ok
15:48:56.0569 8288 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
15:48:56.0571 8288 pci - ok
15:48:56.0652 8288 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
15:48:56.0653 8288 pciide - ok
15:48:56.0818 8288 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
15:48:56.0820 8288 pcmcia - ok
15:48:56.0880 8288 PdiPorts (117eb9a45636991a3d88eabc12111f3f) C:\Windows\system32\DRIVERS\PdiPorts.sys
15:48:56.0881 8288 PdiPorts - ok
15:48:56.0916 8288 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
15:48:56.0922 8288 PEAUTH - ok
15:48:57.0024 8288 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
15:48:57.0026 8288 PptpMiniport - ok
15:48:57.0051 8288 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
15:48:57.0052 8288 Processor - ok
15:48:57.0135 8288 Ps2 (1d0a3f565397d08707f3d75b88586645) C:\Windows\system32\DRIVERS\PS2.sys
15:48:57.0136 8288 Ps2 - ok
15:48:57.0207 8288 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
15:48:57.0209 8288 PSched - ok
15:48:57.0280 8288 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
15:48:57.0289 8288 ql2300 - ok
15:48:57.0336 8288 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
15:48:57.0338 8288 ql40xx - ok
15:48:57.0359 8288 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
15:48:57.0361 8288 QWAVEdrv - ok
15:48:57.0389 8288 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
15:48:57.0390 8288 RasAcd - ok
15:48:57.0414 8288 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:48:57.0416 8288 Rasl2tp - ok
15:48:57.0476 8288 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
15:48:57.0477 8288 RasPppoe - ok
15:48:57.0565 8288 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
15:48:57.0566 8288 RasSstp - ok
15:48:57.0641 8288 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
15:48:57.0645 8288 rdbss - ok
15:48:57.0660 8288 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:48:57.0662 8288 RDPCDD - ok
15:48:57.0697 8288 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
15:48:57.0701 8288 rdpdr - ok
15:48:57.0711 8288 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
15:48:57.0712 8288 RDPENCDD - ok
15:48:57.0750 8288 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
15:48:57.0752 8288 RDPWD - ok
15:48:58.0002 8288 RegFilter (6ee53f8964eb1216d044696d088ce4ac) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\wlh_amd64\regfilter.sys
15:48:58.0004 8288 RegFilter - ok
15:48:58.0117 8288 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
15:48:58.0121 8288 rspndr - ok
15:48:58.0260 8288 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
15:48:58.0263 8288 sbp2port - ok
15:48:58.0369 8288 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:48:58.0370 8288 secdrv - ok
15:48:58.0398 8288 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
15:48:58.0399 8288 Serenum - ok
15:48:58.0421 8288 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
15:48:58.0423 8288 Serial - ok
15:48:58.0440 8288 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
15:48:58.0442 8288 sermouse - ok
15:48:58.0494 8288 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
15:48:58.0495 8288 sffdisk - ok
15:48:58.0522 8288 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
15:48:58.0524 8288 sffp_mmc - ok
15:48:58.0557 8288 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
15:48:58.0558 8288 sffp_sd - ok
15:48:58.0581 8288 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
15:48:58.0583 8288 sfloppy - ok
15:48:58.0659 8288 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
15:48:58.0660 8288 SiSRaid2 - ok
15:48:58.0687 8288 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
15:48:58.0689 8288 SiSRaid4 - ok
15:48:58.0783 8288 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
15:48:58.0787 8288 Smb - ok
15:48:58.0900 8288 speedfan - ok
15:48:58.0951 8288 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
15:48:58.0952 8288 spldr - ok
15:48:59.0053 8288 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
15:48:59.0058 8288 srv - ok
15:48:59.0125 8288 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
15:48:59.0127 8288 srv2 - ok
15:48:59.0196 8288 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
15:48:59.0198 8288 srvnet - ok
15:48:59.0335 8288 ssudmdm (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys
15:48:59.0338 8288 ssudmdm - ok
15:48:59.0443 8288 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
15:48:59.0444 8288 swenum - ok
15:48:59.0513 8288 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
15:48:59.0515 8288 Symc8xx - ok
15:48:59.0572 8288 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
15:48:59.0573 8288 Sym_hi - ok
15:48:59.0599 8288 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
15:48:59.0601 8288 Sym_u3 - ok
15:48:59.0711 8288 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
15:48:59.0722 8288 Tcpip - ok
15:48:59.0768 8288 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
15:48:59.0780 8288 Tcpip6 - ok
15:48:59.0815 8288 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
15:48:59.0816 8288 tcpipreg - ok
15:48:59.0845 8288 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
15:48:59.0846 8288 TDPIPE - ok
15:48:59.0870 8288 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
15:48:59.0872 8288 TDTCP - ok
15:48:59.0936 8288 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
15:48:59.0937 8288 tdx - ok
15:49:00.0000 8288 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
15:49:00.0001 8288 TermDD - ok
15:49:00.0065 8288 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:49:00.0066 8288 tssecsrv - ok
15:49:00.0116 8288 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
15:49:00.0117 8288 tunmp - ok
15:49:00.0174 8288 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
15:49:00.0176 8288 tunnel - ok
15:49:00.0195 8288 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
15:49:00.0196 8288 uagp35 - ok
15:49:00.0262 8288 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
15:49:00.0265 8288 udfs - ok
15:49:00.0333 8288 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
15:49:00.0334 8288 uliagpkx - ok
15:49:00.0368 8288 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
15:49:00.0371 8288 uliahci - ok
15:49:00.0409 8288 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
15:49:00.0411 8288 UlSata - ok
15:49:00.0458 8288 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
15:49:00.0460 8288 ulsata2 - ok
15:49:00.0501 8288 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
15:49:00.0502 8288 umbus - ok
15:49:00.0546 8288 upperdev - ok
15:49:00.0844 8288 UrlFilter (e979f5edc6253664e8332dbb33051b06) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\wlh_amd64\UrlFilter.sys
15:49:00.0845 8288 UrlFilter - ok
15:49:00.0907 8288 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:49:00.0908 8288 USBAAPL64 - ok
15:49:00.0980 8288 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
15:49:00.0982 8288 usbccgp - ok
15:49:01.0009 8288 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
15:49:01.0011 8288 usbcir - ok
15:49:01.0054 8288 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
15:49:01.0055 8288 usbehci - ok
15:49:01.0124 8288 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
15:49:01.0128 8288 usbhub - ok
15:49:01.0194 8288 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
15:49:01.0195 8288 usbohci - ok
15:49:01.0214 8288 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
15:49:01.0215 8288 usbprint - ok
15:49:01.0239 8288 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:49:01.0242 8288 USBSTOR - ok
15:49:01.0297 8288 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
15:49:01.0300 8288 usbuhci - ok
15:49:01.0367 8288 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
15:49:01.0370 8288 vga - ok
15:49:01.0408 8288 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
15:49:01.0411 8288 VgaSave - ok
15:49:01.0438 8288 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
15:49:01.0440 8288 viaide - ok
15:49:01.0508 8288 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
15:49:01.0510 8288 volmgr - ok
15:49:01.0575 8288 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
15:49:01.0580 8288 volmgrx - ok
15:49:01.0647 8288 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
15:49:01.0651 8288 volsnap - ok
15:49:01.0717 8288 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
15:49:01.0719 8288 vsmraid - ok
15:49:01.0849 8288 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
15:49:01.0850 8288 WacomPen - ok
15:49:01.0914 8288 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
15:49:01.0916 8288 Wanarp - ok
15:49:01.0926 8288 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
15:49:01.0927 8288 Wanarpv6 - ok
15:49:01.0962 8288 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
15:49:01.0963 8288 Wd - ok
15:49:02.0051 8288 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
15:49:02.0058 8288 Wdf01000 - ok
15:49:02.0166 8288 WinUSB (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys
15:49:02.0167 8288 WinUSB - ok
15:49:02.0223 8288 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
15:49:02.0224 8288 WmiAcpi - ok
15:49:02.0336 8288 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
15:49:02.0337 8288 WpdUsb - ok
15:49:02.0395 8288 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
15:49:02.0396 8288 ws2ifsl - ok
15:49:02.0500 8288 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:49:02.0503 8288 WUDFRd - ok
15:49:02.0584 8288 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
15:49:02.0586 8288 xusb21 - ok
15:49:02.0649 8288 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
15:49:02.0834 8288 \Device\Harddisk0\DR0 - ok
15:49:02.0840 8288 Boot (0x1200) (d83be859f0fd851b173d4a02d3529a5e) \Device\Harddisk0\DR0\Partition0
15:49:02.0842 8288 \Device\Harddisk0\DR0\Partition0 - ok
15:49:02.0848 8288 Boot (0x1200) (474efc8f52af479445903170891037eb) \Device\Harddisk0\DR0\Partition1
15:49:02.0849 8288 \Device\Harddisk0\DR0\Partition1 - ok
15:49:02.0852 8288 ============================================================
15:49:02.0852 8288 Scan finished
15:49:02.0852 8288 ============================================================
15:49:02.0872 10164 Detected object count: 0
15:49:02.0872 10164 Actual detected object count: 0
Rapport de Malwarebyte
Malwarebytes Anti-Malware (Essai) 1.60.1.1000
www.malwarebytes.org
Version de la base de données: v2012.03.01.02
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Vincent :: PC-MAISON [administrateur]
Protection: Désactivé
01/03/2012 15:50:42
mbam-log-2012-03-01 (16-11-41).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 195569
Temps écoulé: 9 minute(s), 40 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 2
C:\Users\Vincent\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Aucune action effectuée.
C:\Windows\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Aucune action effectuée.
(fin)
Merci d'avance jlpjlp
Rapport de Tdsskiller
15:48:42.0897 10040 TDSS rootkit removing tool 2.7.17.0 Feb 29 2012 14:02:24
15:48:43.0004 10040 ============================================================
15:48:43.0004 10040 Current date / time: 2012/03/01 15:48:43.0004
15:48:43.0004 10040 SystemInfo:
15:48:43.0004 10040
15:48:43.0004 10040 OS Version: 6.0.6002 ServicePack: 2.0
15:48:43.0004 10040 Product type: Workstation
15:48:43.0004 10040 ComputerName: PC-MAISON
15:48:43.0004 10040 UserName: Vincent
15:48:43.0004 10040 Windows directory: C:\Windows
15:48:43.0004 10040 System windows directory: C:\Windows
15:48:43.0005 10040 Running under WOW64
15:48:43.0005 10040 Processor architecture: Intel x64
15:48:43.0005 10040 Number of processors: 2
15:48:43.0005 10040 Page size: 0x1000
15:48:43.0005 10040 Boot type: Normal boot
15:48:43.0005 10040 ============================================================
15:48:43.0460 10040 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:48:43.0477 10040 \Device\Harddisk0\DR0:
15:48:43.0477 10040 MBR used
15:48:43.0477 10040 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x72B17923
15:48:43.0477 10040 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x72B17962, BlocksNum 0x1BEE05F
15:48:43.0574 10040 Initialize success
15:48:43.0574 10040 ============================================================
15:48:45.0235 8288 ============================================================
15:48:45.0235 8288 Scan started
15:48:45.0235 8288 Mode: Manual;
15:48:45.0235 8288 ============================================================
15:48:45.0739 8288 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
15:48:45.0743 8288 ACPI - ok
15:48:45.0854 8288 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
15:48:45.0858 8288 adp94xx - ok
15:48:45.0944 8288 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
15:48:45.0948 8288 adpahci - ok
15:48:45.0980 8288 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
15:48:45.0981 8288 adpu160m - ok
15:48:46.0022 8288 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
15:48:46.0024 8288 adpu320 - ok
15:48:46.0196 8288 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
15:48:46.0200 8288 AFD - ok
15:48:46.0295 8288 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
15:48:46.0297 8288 agp440 - ok
15:48:46.0405 8288 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
15:48:46.0406 8288 aic78xx - ok
15:48:46.0487 8288 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
15:48:46.0488 8288 aliide - ok
15:48:46.0540 8288 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
15:48:46.0541 8288 amdide - ok
15:48:46.0647 8288 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\DRIVERS\amdk8.sys
15:48:46.0650 8288 AmdK8 - ok
15:48:46.0821 8288 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
15:48:46.0824 8288 arc - ok
15:48:46.0931 8288 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
15:48:46.0934 8288 arcsas - ok
15:48:47.0063 8288 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
15:48:47.0064 8288 AsyncMac - ok
15:48:47.0108 8288 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
15:48:47.0109 8288 atapi - ok
15:48:47.0210 8288 BDFM (f050e487a787239c182c279ca97e8cf4) C:\Windows\system32\DRIVERS\bdfm.sys
15:48:47.0212 8288 BDFM - ok
15:48:47.0297 8288 bdfsfltr (abd97bfb299713a51fe36aaab71f73a2) C:\Windows\system32\DRIVERS\bdfsfltr.sys
15:48:47.0300 8288 bdfsfltr - ok
15:48:47.0357 8288 bdftdif (345977a92fb5cd788332ef048381b5f6) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys
15:48:47.0358 8288 bdftdif - ok
15:48:47.0488 8288 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
15:48:47.0489 8288 blbdrive - ok
15:48:47.0687 8288 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
15:48:47.0688 8288 bowser - ok
15:48:47.0752 8288 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
15:48:47.0753 8288 BrFiltLo - ok
15:48:47.0770 8288 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
15:48:47.0771 8288 BrFiltUp - ok
15:48:47.0839 8288 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
15:48:47.0840 8288 Brserid - ok
15:48:47.0858 8288 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
15:48:47.0859 8288 BrSerWdm - ok
15:48:47.0880 8288 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
15:48:47.0880 8288 BrUsbMdm - ok
15:48:47.0891 8288 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
15:48:47.0892 8288 BrUsbSer - ok
15:48:47.0916 8288 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
15:48:47.0917 8288 BTHMODEM - ok
15:48:47.0976 8288 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
15:48:47.0978 8288 cdfs - ok
15:48:48.0040 8288 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
15:48:48.0041 8288 cdrom - ok
15:48:48.0100 8288 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
15:48:48.0101 8288 circlass - ok
15:48:48.0172 8288 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
15:48:48.0176 8288 CLFS - ok
15:48:48.0280 8288 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
15:48:48.0281 8288 cmdide - ok
15:48:48.0307 8288 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
15:48:48.0308 8288 Compbatt - ok
15:48:48.0322 8288 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
15:48:48.0323 8288 crcdisk - ok
15:48:48.0448 8288 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
15:48:48.0450 8288 DfsC - ok
15:48:48.0513 8288 dgderdrv - ok
15:48:48.0579 8288 dg_ssudbus (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys
15:48:48.0580 8288 dg_ssudbus - ok
15:48:48.0673 8288 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
15:48:48.0674 8288 disk - ok
15:48:48.0800 8288 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
15:48:48.0801 8288 drmkaud - ok
15:48:48.0910 8288 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:48:48.0913 8288 dtsoftbus01 - ok
15:48:49.0017 8288 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
15:48:49.0025 8288 DXGKrnl - ok
15:48:49.0057 8288 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
15:48:49.0060 8288 E1G60 - ok
15:48:49.0151 8288 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
15:48:49.0155 8288 Ecache - ok
15:48:49.0212 8288 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
15:48:49.0220 8288 elxstor - ok
15:48:49.0325 8288 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
15:48:49.0326 8288 epmntdrv - ok
15:48:49.0348 8288 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
15:48:49.0349 8288 ErrDev - ok
15:48:49.0378 8288 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys
15:48:49.0379 8288 EuGdiDrv - ok
15:48:49.0456 8288 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
15:48:49.0459 8288 exfat - ok
15:48:49.0533 8288 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
15:48:49.0535 8288 fastfat - ok
15:48:49.0559 8288 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
15:48:49.0560 8288 fdc - ok
15:48:49.0602 8288 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
15:48:49.0603 8288 FileInfo - ok
15:48:49.0896 8288 FileMonitor (7a0e303a18b04771a9dfa64932b5aee0) C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys
15:48:49.0897 8288 FileMonitor - ok
15:48:49.0913 8288 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
15:48:49.0914 8288 Filetrace - ok
15:48:49.0933 8288 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:48:49.0934 8288 flpydisk - ok
15:48:50.0002 8288 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
15:48:50.0005 8288 FltMgr - ok
15:48:50.0100 8288 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
15:48:50.0101 8288 fssfltr - ok
15:48:50.0178 8288 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
15:48:50.0179 8288 Fs_Rec - ok
15:48:50.0252 8288 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
15:48:50.0253 8288 gagp30kx - ok
15:48:50.0357 8288 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:48:50.0358 8288 GEARAspiWDM - ok
15:48:50.0512 8288 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
15:48:50.0515 8288 HdAudAddService - ok
15:48:50.0587 8288 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:48:50.0597 8288 HDAudBus - ok
15:48:50.0633 8288 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
15:48:50.0636 8288 HidBth - ok
15:48:50.0666 8288 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
15:48:50.0667 8288 HidIr - ok
15:48:50.0756 8288 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
15:48:50.0757 8288 HidUsb - ok
15:48:50.0834 8288 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
15:48:50.0835 8288 HpCISSs - ok
15:48:50.0915 8288 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
15:48:50.0921 8288 HTTP - ok
15:48:50.0941 8288 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
15:48:50.0943 8288 i2omp - ok
15:48:51.0014 8288 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
15:48:51.0016 8288 i8042prt - ok
15:48:51.0044 8288 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
15:48:51.0047 8288 iaStorV - ok
15:48:51.0141 8288 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
15:48:51.0142 8288 iirsp - ok
15:48:51.0294 8288 IntcAzAudAddService (46cb3abe8150e7b181e86d4906de17e8) C:\Windows\system32\drivers\RTKVHD64.sys
15:48:51.0306 8288 IntcAzAudAddService - ok
15:48:51.0325 8288 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
15:48:51.0327 8288 intelide - ok
15:48:51.0350 8288 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
15:48:51.0352 8288 intelppm - ok
15:48:51.0449 8288 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:48:51.0452 8288 IpFilterDriver - ok
15:48:51.0467 8288 IpInIp - ok
15:48:51.0511 8288 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
15:48:51.0514 8288 IPMIDRV - ok
15:48:51.0558 8288 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
15:48:51.0560 8288 IPNAT - ok
15:48:51.0584 8288 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
15:48:51.0585 8288 IRENUM - ok
15:48:51.0653 8288 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
15:48:51.0654 8288 isapnp - ok
15:48:51.0723 8288 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
15:48:51.0725 8288 iScsiPrt - ok
15:48:51.0751 8288 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
15:48:51.0752 8288 iteatapi - ok
15:48:51.0810 8288 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
15:48:51.0811 8288 iteraid - ok
15:48:51.0834 8288 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
15:48:51.0835 8288 kbdclass - ok
15:48:51.0868 8288 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
15:48:51.0869 8288 kbdhid - ok
15:48:51.0953 8288 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
15:48:51.0958 8288 KSecDD - ok
15:48:51.0973 8288 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
15:48:51.0974 8288 ksthunk - ok
15:48:52.0074 8288 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
15:48:52.0076 8288 lltdio - ok
15:48:52.0119 8288 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
15:48:52.0121 8288 LSI_FC - ok
15:48:52.0169 8288 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
15:48:52.0171 8288 LSI_SAS - ok
15:48:52.0220 8288 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
15:48:52.0222 8288 LSI_SCSI - ok
15:48:52.0302 8288 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
15:48:52.0304 8288 luafv - ok
15:48:52.0398 8288 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
15:48:52.0399 8288 megasas - ok
15:48:52.0456 8288 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
15:48:52.0462 8288 MegaSR - ok
15:48:52.0505 8288 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
15:48:52.0507 8288 Modem - ok
15:48:52.0589 8288 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
15:48:52.0590 8288 monitor - ok
15:48:52.0608 8288 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
15:48:52.0609 8288 mouclass - ok
15:48:52.0619 8288 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
15:48:52.0620 8288 mouhid - ok
15:48:52.0655 8288 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
15:48:52.0656 8288 MountMgr - ok
15:48:52.0721 8288 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
15:48:52.0723 8288 mpio - ok
15:48:52.0765 8288 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
15:48:52.0767 8288 mpsdrv - ok
15:48:52.0810 8288 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
15:48:52.0811 8288 Mraid35x - ok
15:48:52.0870 8288 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
15:48:52.0872 8288 MRxDAV - ok
15:48:52.0954 8288 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:48:52.0958 8288 mrxsmb - ok
15:48:53.0034 8288 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:48:53.0040 8288 mrxsmb10 - ok
15:48:53.0057 8288 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:48:53.0060 8288 mrxsmb20 - ok
15:48:53.0114 8288 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
15:48:53.0116 8288 msahci - ok
15:48:53.0182 8288 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
15:48:53.0186 8288 msdsm - ok
15:48:53.0253 8288 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
15:48:53.0256 8288 Msfs - ok
15:48:53.0316 8288 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
15:48:53.0318 8288 msisadrv - ok
15:48:53.0434 8288 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
15:48:53.0437 8288 MSKSSRV - ok
15:48:53.0529 8288 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
15:48:53.0531 8288 MSPCLOCK - ok
15:48:53.0613 8288 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
15:48:53.0614 8288 MSPQM - ok
15:48:53.0677 8288 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
15:48:53.0681 8288 MsRPC - ok
15:48:53.0734 8288 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
15:48:53.0735 8288 mssmbios - ok
15:48:53.0751 8288 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
15:48:53.0752 8288 MSTEE - ok
15:48:53.0816 8288 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
15:48:53.0817 8288 Mup - ok
15:48:53.0913 8288 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
15:48:53.0915 8288 NativeWifiP - ok
15:48:54.0026 8288 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
15:48:54.0038 8288 NDIS - ok
15:48:54.0116 8288 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
15:48:54.0118 8288 NdisTapi - ok
15:48:54.0138 8288 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
15:48:54.0139 8288 Ndisuio - ok
15:48:54.0265 8288 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
15:48:54.0269 8288 NdisWan - ok
15:48:54.0330 8288 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
15:48:54.0331 8288 NDProxy - ok
15:48:54.0378 8288 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
15:48:54.0381 8288 NetBIOS - ok
15:48:54.0476 8288 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
15:48:54.0479 8288 netbt - ok
15:48:54.0596 8288 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
15:48:54.0598 8288 nfrd960 - ok
15:48:54.0643 8288 nmwcdnsucx64 - ok
15:48:54.0659 8288 nmwcdnsux64 - ok
15:48:54.0726 8288 NPF (3ceee0be85d24d911b9c02714817774c) C:\Windows\system32\drivers\npf.sys
15:48:54.0727 8288 NPF - ok
15:48:54.0793 8288 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
15:48:54.0794 8288 Npfs - ok
15:48:54.0824 8288 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
15:48:54.0825 8288 nsiproxy - ok
15:48:54.0921 8288 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
15:48:54.0934 8288 Ntfs - ok
15:48:54.0947 8288 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
15:48:54.0949 8288 Null - ok
15:48:55.0051 8288 NVENETFD (13ec5b8a4b82b6deb739fc577b4217a7) C:\Windows\system32\DRIVERS\nvmfdx64.sys
15:48:55.0063 8288 NVENETFD - ok
15:48:55.0146 8288 NVHDA (17a7e888e330c7dfe59c97be44ddcf16) C:\Windows\system32\drivers\nvhda64v.sys
15:48:55.0148 8288 NVHDA - ok
15:48:55.0482 8288 nvlddmkm (ac8cbe9a0663e88f6429ee5530d5e32b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:48:55.0569 8288 nvlddmkm - ok
15:48:55.0592 8288 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
15:48:55.0594 8288 nvraid - ok
15:48:55.0626 8288 nvrd64 (a4b9af8d1793f67ce894bf051342110f) C:\Windows\system32\drivers\nvrd64.sys
15:48:55.0628 8288 nvrd64 - ok
15:48:55.0660 8288 nvsmu (16d36074b84da72d160233c8d132dc89) C:\Windows\system32\drivers\nvsmu.sys
15:48:55.0661 8288 nvsmu - ok
15:48:55.0680 8288 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
15:48:55.0681 8288 nvstor - ok
15:48:55.0735 8288 nvstor64 (7919ee9458b6d84517bc5a598d795931) C:\Windows\system32\drivers\nvstor64.sys
15:48:55.0737 8288 nvstor64 - ok
15:48:55.0793 8288 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
15:48:55.0795 8288 nv_agp - ok
15:48:55.0814 8288 NwlnkFlt - ok
15:48:55.0922 8288 NwlnkFwd - ok
15:48:56.0059 8288 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
15:48:56.0061 8288 ohci1394 - ok
15:48:56.0209 8288 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
15:48:56.0211 8288 Parport - ok
15:48:56.0296 8288 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
15:48:56.0298 8288 partmgr - ok
15:48:56.0473 8288 pccsmcfd (81b5e63131090879ad6ef9f32109b88d) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
15:48:56.0474 8288 pccsmcfd - ok
15:48:56.0569 8288 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
15:48:56.0571 8288 pci - ok
15:48:56.0652 8288 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
15:48:56.0653 8288 pciide - ok
15:48:56.0818 8288 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
15:48:56.0820 8288 pcmcia - ok
15:48:56.0880 8288 PdiPorts (117eb9a45636991a3d88eabc12111f3f) C:\Windows\system32\DRIVERS\PdiPorts.sys
15:48:56.0881 8288 PdiPorts - ok
15:48:56.0916 8288 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
15:48:56.0922 8288 PEAUTH - ok
15:48:57.0024 8288 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
15:48:57.0026 8288 PptpMiniport - ok
15:48:57.0051 8288 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
15:48:57.0052 8288 Processor - ok
15:48:57.0135 8288 Ps2 (1d0a3f565397d08707f3d75b88586645) C:\Windows\system32\DRIVERS\PS2.sys
15:48:57.0136 8288 Ps2 - ok
15:48:57.0207 8288 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
15:48:57.0209 8288 PSched - ok
15:48:57.0280 8288 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
15:48:57.0289 8288 ql2300 - ok
15:48:57.0336 8288 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
15:48:57.0338 8288 ql40xx - ok
15:48:57.0359 8288 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
15:48:57.0361 8288 QWAVEdrv - ok
15:48:57.0389 8288 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
15:48:57.0390 8288 RasAcd - ok
15:48:57.0414 8288 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:48:57.0416 8288 Rasl2tp - ok
15:48:57.0476 8288 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
15:48:57.0477 8288 RasPppoe - ok
15:48:57.0565 8288 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
15:48:57.0566 8288 RasSstp - ok
15:48:57.0641 8288 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
15:48:57.0645 8288 rdbss - ok
15:48:57.0660 8288 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:48:57.0662 8288 RDPCDD - ok
15:48:57.0697 8288 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
15:48:57.0701 8288 rdpdr - ok
15:48:57.0711 8288 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
15:48:57.0712 8288 RDPENCDD - ok
15:48:57.0750 8288 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
15:48:57.0752 8288 RDPWD - ok
15:48:58.0002 8288 RegFilter (6ee53f8964eb1216d044696d088ce4ac) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\wlh_amd64\regfilter.sys
15:48:58.0004 8288 RegFilter - ok
15:48:58.0117 8288 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
15:48:58.0121 8288 rspndr - ok
15:48:58.0260 8288 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
15:48:58.0263 8288 sbp2port - ok
15:48:58.0369 8288 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:48:58.0370 8288 secdrv - ok
15:48:58.0398 8288 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
15:48:58.0399 8288 Serenum - ok
15:48:58.0421 8288 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
15:48:58.0423 8288 Serial - ok
15:48:58.0440 8288 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
15:48:58.0442 8288 sermouse - ok
15:48:58.0494 8288 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
15:48:58.0495 8288 sffdisk - ok
15:48:58.0522 8288 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
15:48:58.0524 8288 sffp_mmc - ok
15:48:58.0557 8288 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
15:48:58.0558 8288 sffp_sd - ok
15:48:58.0581 8288 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
15:48:58.0583 8288 sfloppy - ok
15:48:58.0659 8288 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
15:48:58.0660 8288 SiSRaid2 - ok
15:48:58.0687 8288 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
15:48:58.0689 8288 SiSRaid4 - ok
15:48:58.0783 8288 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
15:48:58.0787 8288 Smb - ok
15:48:58.0900 8288 speedfan - ok
15:48:58.0951 8288 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
15:48:58.0952 8288 spldr - ok
15:48:59.0053 8288 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
15:48:59.0058 8288 srv - ok
15:48:59.0125 8288 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
15:48:59.0127 8288 srv2 - ok
15:48:59.0196 8288 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
15:48:59.0198 8288 srvnet - ok
15:48:59.0335 8288 ssudmdm (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys
15:48:59.0338 8288 ssudmdm - ok
15:48:59.0443 8288 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
15:48:59.0444 8288 swenum - ok
15:48:59.0513 8288 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
15:48:59.0515 8288 Symc8xx - ok
15:48:59.0572 8288 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
15:48:59.0573 8288 Sym_hi - ok
15:48:59.0599 8288 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
15:48:59.0601 8288 Sym_u3 - ok
15:48:59.0711 8288 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
15:48:59.0722 8288 Tcpip - ok
15:48:59.0768 8288 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
15:48:59.0780 8288 Tcpip6 - ok
15:48:59.0815 8288 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
15:48:59.0816 8288 tcpipreg - ok
15:48:59.0845 8288 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
15:48:59.0846 8288 TDPIPE - ok
15:48:59.0870 8288 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
15:48:59.0872 8288 TDTCP - ok
15:48:59.0936 8288 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
15:48:59.0937 8288 tdx - ok
15:49:00.0000 8288 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
15:49:00.0001 8288 TermDD - ok
15:49:00.0065 8288 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:49:00.0066 8288 tssecsrv - ok
15:49:00.0116 8288 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
15:49:00.0117 8288 tunmp - ok
15:49:00.0174 8288 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
15:49:00.0176 8288 tunnel - ok
15:49:00.0195 8288 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
15:49:00.0196 8288 uagp35 - ok
15:49:00.0262 8288 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
15:49:00.0265 8288 udfs - ok
15:49:00.0333 8288 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
15:49:00.0334 8288 uliagpkx - ok
15:49:00.0368 8288 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
15:49:00.0371 8288 uliahci - ok
15:49:00.0409 8288 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
15:49:00.0411 8288 UlSata - ok
15:49:00.0458 8288 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
15:49:00.0460 8288 ulsata2 - ok
15:49:00.0501 8288 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
15:49:00.0502 8288 umbus - ok
15:49:00.0546 8288 upperdev - ok
15:49:00.0844 8288 UrlFilter (e979f5edc6253664e8332dbb33051b06) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\wlh_amd64\UrlFilter.sys
15:49:00.0845 8288 UrlFilter - ok
15:49:00.0907 8288 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:49:00.0908 8288 USBAAPL64 - ok
15:49:00.0980 8288 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
15:49:00.0982 8288 usbccgp - ok
15:49:01.0009 8288 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
15:49:01.0011 8288 usbcir - ok
15:49:01.0054 8288 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
15:49:01.0055 8288 usbehci - ok
15:49:01.0124 8288 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
15:49:01.0128 8288 usbhub - ok
15:49:01.0194 8288 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
15:49:01.0195 8288 usbohci - ok
15:49:01.0214 8288 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
15:49:01.0215 8288 usbprint - ok
15:49:01.0239 8288 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:49:01.0242 8288 USBSTOR - ok
15:49:01.0297 8288 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
15:49:01.0300 8288 usbuhci - ok
15:49:01.0367 8288 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
15:49:01.0370 8288 vga - ok
15:49:01.0408 8288 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
15:49:01.0411 8288 VgaSave - ok
15:49:01.0438 8288 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
15:49:01.0440 8288 viaide - ok
15:49:01.0508 8288 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
15:49:01.0510 8288 volmgr - ok
15:49:01.0575 8288 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
15:49:01.0580 8288 volmgrx - ok
15:49:01.0647 8288 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
15:49:01.0651 8288 volsnap - ok
15:49:01.0717 8288 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
15:49:01.0719 8288 vsmraid - ok
15:49:01.0849 8288 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
15:49:01.0850 8288 WacomPen - ok
15:49:01.0914 8288 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
15:49:01.0916 8288 Wanarp - ok
15:49:01.0926 8288 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
15:49:01.0927 8288 Wanarpv6 - ok
15:49:01.0962 8288 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
15:49:01.0963 8288 Wd - ok
15:49:02.0051 8288 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
15:49:02.0058 8288 Wdf01000 - ok
15:49:02.0166 8288 WinUSB (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys
15:49:02.0167 8288 WinUSB - ok
15:49:02.0223 8288 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
15:49:02.0224 8288 WmiAcpi - ok
15:49:02.0336 8288 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
15:49:02.0337 8288 WpdUsb - ok
15:49:02.0395 8288 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
15:49:02.0396 8288 ws2ifsl - ok
15:49:02.0500 8288 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:49:02.0503 8288 WUDFRd - ok
15:49:02.0584 8288 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
15:49:02.0586 8288 xusb21 - ok
15:49:02.0649 8288 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
15:49:02.0834 8288 \Device\Harddisk0\DR0 - ok
15:49:02.0840 8288 Boot (0x1200) (d83be859f0fd851b173d4a02d3529a5e) \Device\Harddisk0\DR0\Partition0
15:49:02.0842 8288 \Device\Harddisk0\DR0\Partition0 - ok
15:49:02.0848 8288 Boot (0x1200) (474efc8f52af479445903170891037eb) \Device\Harddisk0\DR0\Partition1
15:49:02.0849 8288 \Device\Harddisk0\DR0\Partition1 - ok
15:49:02.0852 8288 ============================================================
15:49:02.0852 8288 Scan finished
15:49:02.0852 8288 ============================================================
15:49:02.0872 10164 Detected object count: 0
15:49:02.0872 10164 Actual detected object count: 0
Rapport de Malwarebyte
Malwarebytes Anti-Malware (Essai) 1.60.1.1000
www.malwarebytes.org
Version de la base de données: v2012.03.01.02
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Vincent :: PC-MAISON [administrateur]
Protection: Désactivé
01/03/2012 15:50:42
mbam-log-2012-03-01 (16-11-41).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 195569
Temps écoulé: 9 minute(s), 40 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 2
C:\Users\Vincent\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Aucune action effectuée.
C:\Windows\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Aucune action effectuée.
(fin)
Merci d'avance jlpjlp
ok supprime ce qui a été trouvé par malwarebyte
puis
colle un rapport
avec ce logiciel
http://anywhere.webrootcloudav.com/antizeroaccess.exe
puis
colle un rapport
avec ce logiciel
http://anywhere.webrootcloudav.com/antizeroaccess.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Désolé d'être long mais je travaille en même temps par tel. et Malwarebite m'a dit de redemarrer et mon pc est assez long de ce côté là !
Par contre avec antizeroaccess J'ai un message d'erreur me disant que l'outil ne fonctionne qu'avec du 32 bits.
Par contre avec antizeroaccess J'ai un message d'erreur me disant que l'outil ne fonctionne qu'avec du 32 bits.
Oui toujours des redirections !!!
Bitdefender scan je t'envoie des que c ok mais l'ayant déjà fait je doute que ça est une incidence mais bon ???
Bitdefender scan je t'envoie des que c ok mais l'ayant déjà fait je doute que ça est une incidence mais bon ???
Voilà le rapport :
RogueKiller V7.2.1 [29/02/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Demarrage : Mode normal
Utilisateur: Vincent [Droits d'admin]
Mode: Recherche -- Date: 01/03/2012 18:02:49
¤¤¤ Processus malicieux: 2 ¤¤¤
[SUSP PATH] ibsvc.exe -- C:\ProgramData\IBUpdaterService\ibsvc.exe -> KILLED [TermProc]
[SUSP PATH] msnotif.exe -- C:\Users\Vincent\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 6 ¤¤¤
[SUSP PATH] Outil de notification de cadeaux MSN.lnk : C:\Users\Vincent\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (127.0.0.1:9666) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NON CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: WDC WD10 EACS-65D6B0 SCSI Disk Device +++++
--- User ---
[MBR] 1093774d118030418c799d119fe1f0d5
[BSP] cbe1a3892920c024e3e7b9efc684338e : HP tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 939567 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1924233570 | Size: 14300 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Termine : << RKreport[1].txt >>
RKreport[1].txt
RogueKiller V7.2.1 [29/02/2012] par Tigzy
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html
Blog: http://tigzyrk.blogspot.com
Systeme d'exploitation: Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Demarrage : Mode normal
Utilisateur: Vincent [Droits d'admin]
Mode: Recherche -- Date: 01/03/2012 18:02:49
¤¤¤ Processus malicieux: 2 ¤¤¤
[SUSP PATH] ibsvc.exe -- C:\ProgramData\IBUpdaterService\ibsvc.exe -> KILLED [TermProc]
[SUSP PATH] msnotif.exe -- C:\Users\Vincent\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe -> KILLED [TermProc]
¤¤¤ Entrees de registre: 6 ¤¤¤
[SUSP PATH] Outil de notification de cadeaux MSN.lnk : C:\Users\Vincent\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (127.0.0.1:9666) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤
¤¤¤ Driver: [NON CHARGE] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ Fichier HOSTS: ¤¤¤
127.0.0.1 localhost
::1 localhost
¤¤¤ MBR Verif: ¤¤¤
+++++ PhysicalDrive0: WDC WD10 EACS-65D6B0 SCSI Disk Device +++++
--- User ---
[MBR] 1093774d118030418c799d119fe1f0d5
[BSP] cbe1a3892920c024e3e7b9efc684338e : HP tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 939567 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1924233570 | Size: 14300 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Termine : << RKreport[1].txt >>
RKreport[1].txt
Voilà ce que j'ai eu egalement de bitdefender :
BitDefender - Fichier journal
Produit : BitDefender Antivirus 2010
Version : BitDefender Antivirus Scanner
Tâche d'analyse : Analyse approfondie
Date du journal : 01/03/2012 17:26:29
Chemin du journal : C:\ProgramData\BitDefender\Desktop\Profiles\Logs\deep_scan\1330619189_3_01.xml
Chemins d'analyse :
Chemin 0000: C:\
Chemin 0001: D:\
Options d'analyse :
Détecter les virus : Oui
Détecter les adwares : Oui
Détecter les spywares : Oui
Détecter les applications : Oui
Détecter les dialers : Oui
Détecter les rootkits : Oui
Recherche de keyloggers : Oui
Options d'analyse antivirus :
Analyse des clés de registre : Oui
Analyser les cookies : Oui
Analyser les secteurs de boot : Oui
Analyser les processus mémoire : Oui
Analyser les archives : Oui
Analyser les packers lors de leur exécution : Oui
Analyser les e-mails : Non
Analyser tous les fichiers : Oui
Analyse heuristique : Oui
Extensions analysées : non configuré
Extensions exclues : non configuré
Traitement de la cible :
Première action par défaut pour les objets infectés : Désinfecter
Seconde action par défaut pour les objets infectés : Aucune
Première action par défaut pour les objets suspects : Aucune
Seconde action par défaut pour les objets suspects : Aucune
Action par défaut pour les objets camouflés : Aucune
Première action par défaut pour les objets cryptés infectés : Désinfecter
Seconde action par défaut pour les objets cryptés infectés : Aucune
Première action par défaut pour les objets cryptés suspects : Aucune
Seconde action par défaut pour les objets cryptés suspects : Aucune
Action par défaut pour les objets protégés par mot de passe : Enregistrer seulement
Résumé de l'analyse
Signatures de virus : 7031155
Plugins archives : 49
Plugins e-mail : 7
Plugins d'analyse : 15
Plugins système : 5
Plugins de décompression : 10
De base
Éléments analysés : 222761
Éléments infectés : 7
Éléments suspects : 0 (aucun élément suspect n'a été détecté)
Éléments cachés : 0 (aucun élément caché n'a été détecté au cours de cette analyse)
Éléments résolus : 7
Éléments non résolus : 0 (aucun problème n'est demeuré non résolu)
Avancé
Temps d'analyse : 00:48:49
Fichiers par seconde : 76
Éléments ignorés : 8331
Éléments avec mot de passe : 0
Éléments ultra-compressés : 0
Virus individuels trouvés : 1
Dossiers analysés : 8077
Secteurs de boot analysés : 4
Archives analysées : 1352
Erreurs I/O : 8
Processus analysés : 68
Processus infectés : 5
Clés de registre analysées : 4994
Clés de registre infectées : 2
Cookies analysés : 2
Cookies infectés : 0
Problèmes résolusChemin d'accès à l'objet Nom de la menace État final
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\SNTIE\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\UPS.DLL Trojan.Sirefef.BR Supprimé
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET003\SERVICES\SNTIE\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\UPS.DLL Trojan.Sirefef.BR Supprimé
<System>=>c:\windows\system32\ups.dll [1104] (memory dump) Trojan.Sirefef.BR Supprimé
<System>=>c:\windows\system32\ups.dll [1104] (disk) Trojan.Sirefef.BR Supprimé
<System>=>c:\windows\system32\ups.dll [1104] (full dump) Trojan.Sirefef.BR Supprimé
<System>=>c:\windows\system32\kmddsp.tsp [1104] (memory dump) Trojan.Sirefef.BR Supprimé
<System>=>c:\windows\system32\kmddsp.tsp [1104] (full dump) Trojan.Sirefef.BR Supprimé
BitDefender - Fichier journal
Produit : BitDefender Antivirus 2010
Version : BitDefender Antivirus Scanner
Tâche d'analyse : Analyse approfondie
Date du journal : 01/03/2012 17:26:29
Chemin du journal : C:\ProgramData\BitDefender\Desktop\Profiles\Logs\deep_scan\1330619189_3_01.xml
Chemins d'analyse :
Chemin 0000: C:\
Chemin 0001: D:\
Options d'analyse :
Détecter les virus : Oui
Détecter les adwares : Oui
Détecter les spywares : Oui
Détecter les applications : Oui
Détecter les dialers : Oui
Détecter les rootkits : Oui
Recherche de keyloggers : Oui
Options d'analyse antivirus :
Analyse des clés de registre : Oui
Analyser les cookies : Oui
Analyser les secteurs de boot : Oui
Analyser les processus mémoire : Oui
Analyser les archives : Oui
Analyser les packers lors de leur exécution : Oui
Analyser les e-mails : Non
Analyser tous les fichiers : Oui
Analyse heuristique : Oui
Extensions analysées : non configuré
Extensions exclues : non configuré
Traitement de la cible :
Première action par défaut pour les objets infectés : Désinfecter
Seconde action par défaut pour les objets infectés : Aucune
Première action par défaut pour les objets suspects : Aucune
Seconde action par défaut pour les objets suspects : Aucune
Action par défaut pour les objets camouflés : Aucune
Première action par défaut pour les objets cryptés infectés : Désinfecter
Seconde action par défaut pour les objets cryptés infectés : Aucune
Première action par défaut pour les objets cryptés suspects : Aucune
Seconde action par défaut pour les objets cryptés suspects : Aucune
Action par défaut pour les objets protégés par mot de passe : Enregistrer seulement
Résumé de l'analyse
Signatures de virus : 7031155
Plugins archives : 49
Plugins e-mail : 7
Plugins d'analyse : 15
Plugins système : 5
Plugins de décompression : 10
De base
Éléments analysés : 222761
Éléments infectés : 7
Éléments suspects : 0 (aucun élément suspect n'a été détecté)
Éléments cachés : 0 (aucun élément caché n'a été détecté au cours de cette analyse)
Éléments résolus : 7
Éléments non résolus : 0 (aucun problème n'est demeuré non résolu)
Avancé
Temps d'analyse : 00:48:49
Fichiers par seconde : 76
Éléments ignorés : 8331
Éléments avec mot de passe : 0
Éléments ultra-compressés : 0
Virus individuels trouvés : 1
Dossiers analysés : 8077
Secteurs de boot analysés : 4
Archives analysées : 1352
Erreurs I/O : 8
Processus analysés : 68
Processus infectés : 5
Clés de registre analysées : 4994
Clés de registre infectées : 2
Cookies analysés : 2
Cookies infectés : 0
Problèmes résolusChemin d'accès à l'objet Nom de la menace État final
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\SNTIE\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\UPS.DLL Trojan.Sirefef.BR Supprimé
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET003\SERVICES\SNTIE\PARAMETERS\ServiceDll=>C:\WINDOWS\SYSTEM32\UPS.DLL Trojan.Sirefef.BR Supprimé
<System>=>c:\windows\system32\ups.dll [1104] (memory dump) Trojan.Sirefef.BR Supprimé
<System>=>c:\windows\system32\ups.dll [1104] (disk) Trojan.Sirefef.BR Supprimé
<System>=>c:\windows\system32\ups.dll [1104] (full dump) Trojan.Sirefef.BR Supprimé
<System>=>c:\windows\system32\kmddsp.tsp [1104] (memory dump) Trojan.Sirefef.BR Supprimé
<System>=>c:\windows\system32\kmddsp.tsp [1104] (full dump) Trojan.Sirefef.BR Supprimé
sauvegardes tes données par précaution
puis
colles un rapport avec combofix
Télécharge ComboFix (de sUBs) sur ton Bureau.
https://download.bleepingcomputer.com/sUBs/ComboFix.exe/!\Désactive temporairement toute protection résidente /!\ (Antivirus, Antispywares...)
Double clique sur ComboFix.exe. (Sous Vista et Seven, il faut cliquer droit sur Combofix.exe et choisir "Exécuter en tant qu'administrateur").
Accepte la licence en cliquant sur "Oui".
Le programme va vous demander si vous souhaitez installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je vous conseille donc très fortement de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
Lorsque l'opération sera terminée, un rapport apparaîtra. Postez ce rapport dans votre prochaine réponse sur le forum.
Le rapport se trouve ici : %SystemDrive%ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C: en général)
Aide :Comment utiliser combofix.
puis
colles un rapport avec combofix
Télécharge ComboFix (de sUBs) sur ton Bureau.
https://download.bleepingcomputer.com/sUBs/ComboFix.exe/!\Désactive temporairement toute protection résidente /!\ (Antivirus, Antispywares...)
Double clique sur ComboFix.exe. (Sous Vista et Seven, il faut cliquer droit sur Combofix.exe et choisir "Exécuter en tant qu'administrateur").
Accepte la licence en cliquant sur "Oui".
Le programme va vous demander si vous souhaitez installer la Console de Récupération. C'est une précaution, au cas où l'ordinateur tomberait en panne. Je vous conseille donc très fortement de l'installer, ça ne coûte rien, et ça pourrait potentiellement servir !
Lorsque l'opération sera terminée, un rapport apparaîtra. Postez ce rapport dans votre prochaine réponse sur le forum.
Le rapport se trouve ici : %SystemDrive%ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C: en général)
Aide :Comment utiliser combofix.
