Sujet Précédent Sujet Suivant

Abnow

Fermé
davids08 - 21 mai 2012 à 11:59
 Utilisateur anonyme - 31 mai 2012 à 19:30
Bonjour,




Bonjour,
il ne m'est plus possible d'accéder à la plupart des sites web : lorsque je clique sur un lien ou que je tape une URL dans la barre d'adresse, je suis redirigé vers un site dont l'URL commence par abnow.com/.
J'ai lu des posts au sujet de ce virus abnow, mais à chaque fois, on demande à la personne infectée de copier/coller des rapports et d'agir en conséquence, je n'ai pas trouvé de solution universelle.
Voilà pourquoi je vous demande votre aide !
Merci d'avance,

13 réponses

Réponse 1 / 13
Utilisateur anonyme
21 mai 2012 à 12:02
bonjour

-Télécharge l'utilitaire TDSSKiller (de Kaspersky) sur ton Bureau.

https://support.kaspersky.com/downloads/utils/tdsskiller.zip

* Lance TDSSKiller.exe

-Sous XP double-clic sur l'icône pour lancer l'outil.
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.

* Clique sur Start scan.
* Laisse l'outil balayer ton système sans l'interrompre et sans utiliser le PC.
* Conserve l'action proposée par défaut par l'outil
- Si TDSS.tdl2 : l'option Delete sera cochée.
- Si TDSS.tdl3 ou TDSS.tdl4 : assure toi que Cure soit bien cochée.
- Si "Suspicious object" laisse l'option cochée sur Skip
- Si Rootkit.Win32.ZAccess.* est détecté règle sur cure en haut , et delete en bas

* Clique sur Continue puis sur Reboot now si le redémarrage est proposé.
* Le rapport se trouve à la racine du disque principal : C:\TDSSKiller.n° de version_date_heure_log.txt




0
davids08
21 mai 2012 à 12:13
je fais un copier/coller du rapport ici quand c'est fini?
0
Réponse 2 / 13
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
21 mai 2012 à 12:38
lu' 

je fais un copier/coller du rapport ici quand c'est fini?


Yes .
0
Réponse 3 / 13
davids08
21 mai 2012 à 12:43
12:07:51.0608 2668 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
12:07:51.0826 2668 ============================================================
12:07:51.0826 2668 Current date / time: 2012/05/21 12:07:51.0826
12:07:51.0826 2668 SystemInfo:
12:07:51.0826 2668
12:07:51.0826 2668 OS Version: 6.1.7601 ServicePack: 1.0
12:07:51.0826 2668 Product type: Workstation
12:07:51.0826 2668 ComputerName: NOUS
12:07:51.0826 2668 UserName: anna&seb
12:07:51.0826 2668 Windows directory: C:\Windows
12:07:51.0826 2668 System windows directory: C:\Windows
12:07:51.0826 2668 Running under WOW64
12:07:51.0826 2668 Processor architecture: Intel x64
12:07:51.0826 2668 Number of processors: 2
12:07:51.0826 2668 Page size: 0x1000
12:07:51.0826 2668 Boot type: Normal boot
12:07:51.0826 2668 ============================================================
12:07:53.0277 2668 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:07:53.0293 2668 ============================================================
12:07:53.0293 2668 \Device\Harddisk0\DR0:
12:07:53.0293 2668 MBR partitions:
12:07:53.0293 2668 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
12:07:53.0293 2668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x48A25AB0
12:07:53.0293 2668 ============================================================
12:07:53.0308 2668 C: <-> \Device\Harddisk0\DR0\Partition1
12:07:53.0308 2668 ============================================================
12:07:53.0308 2668 Initialize success
12:07:53.0308 2668 ============================================================
12:08:44.0415 2516 ============================================================
12:08:44.0415 2516 Scan started
12:08:44.0415 2516 Mode: Manual;
12:08:44.0415 2516 ============================================================
12:08:45.0476 2516 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:08:45.0476 2516 1394ohci - ok
12:08:45.0538 2516 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:08:45.0538 2516 ACPI - ok
12:08:45.0569 2516 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:08:45.0585 2516 AcpiPmi - ok
12:08:45.0913 2516 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:08:45.0928 2516 AdobeARMservice - ok
12:08:45.0991 2516 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
12:08:46.0006 2516 adp94xx - ok
12:08:46.0069 2516 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
12:08:46.0084 2516 adpahci - ok
12:08:46.0115 2516 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
12:08:46.0115 2516 adpu320 - ok
12:08:46.0162 2516 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:08:46.0162 2516 AeLookupSvc - ok
12:08:46.0256 2516 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:08:46.0256 2516 AFD - ok
12:08:46.0303 2516 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:08:46.0303 2516 agp440 - ok
12:08:46.0365 2516 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:08:46.0365 2516 ALG - ok
12:08:46.0381 2516 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:08:46.0381 2516 aliide - ok
12:08:46.0427 2516 AMD External Events Utility (5f7e97ea9d7d4b531f59ddb29ddf674d) C:\Windows\system32\atiesrxx.exe
12:08:46.0427 2516 AMD External Events Utility - ok
12:08:46.0459 2516 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:08:46.0459 2516 amdide - ok
12:08:46.0474 2516 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
12:08:46.0474 2516 AmdK8 - ok
12:08:47.0192 2516 amdkmdag (13f175e46250a27cfde11421223d835e) C:\Windows\system32\DRIVERS\atikmdag.sys
12:08:47.0410 2516 amdkmdag - ok
12:08:47.0566 2516 amdkmdap (fd5b761f9b63c86d8490b76bbb70cfe4) C:\Windows\system32\DRIVERS\atikmpag.sys
12:08:47.0566 2516 amdkmdap - ok
12:08:47.0613 2516 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:08:47.0613 2516 AmdPPM - ok
12:08:47.0675 2516 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:08:47.0675 2516 amdsata - ok
12:08:47.0707 2516 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
12:08:47.0722 2516 amdsbs - ok
12:08:47.0738 2516 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:08:47.0738 2516 amdxata - ok
12:08:47.0785 2516 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:08:47.0785 2516 AppID - ok
12:08:47.0816 2516 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:08:47.0816 2516 AppIDSvc - ok
12:08:47.0831 2516 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:08:47.0831 2516 Appinfo - ok
12:08:47.0956 2516 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:08:47.0956 2516 Apple Mobile Device - ok
12:08:47.0987 2516 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
12:08:47.0987 2516 arc - ok
12:08:48.0019 2516 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
12:08:48.0019 2516 arcsas - ok
12:08:48.0050 2516 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:08:48.0050 2516 AsyncMac - ok
12:08:48.0065 2516 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:08:48.0065 2516 atapi - ok
12:08:48.0315 2516 athr (cc406da84e7dd3fa3ad20340dbc66cf2) C:\Windows\system32\DRIVERS\athrx.sys
12:08:48.0346 2516 athr - ok
12:08:48.0549 2516 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
12:08:48.0549 2516 AtiHDAudioService - ok
12:08:48.0643 2516 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:08:48.0643 2516 AudioEndpointBuilder - ok
12:08:48.0658 2516 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:08:48.0674 2516 AudioSrv - ok
12:08:48.0721 2516 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:08:48.0721 2516 AxInstSV - ok
12:08:48.0783 2516 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
12:08:48.0799 2516 b06bdrv - ok
12:08:48.0845 2516 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:08:48.0845 2516 b57nd60a - ok
12:08:48.0892 2516 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:08:48.0892 2516 BDESVC - ok
12:08:48.0923 2516 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:08:48.0923 2516 Beep - ok
12:08:49.0017 2516 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
12:08:49.0033 2516 BITS - ok
12:08:49.0079 2516 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
12:08:49.0079 2516 blbdrive - ok
12:08:49.0189 2516 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:08:49.0189 2516 Bonjour Service - ok
12:08:49.0235 2516 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:08:49.0251 2516 bowser - ok
12:08:49.0282 2516 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
12:08:49.0282 2516 BrFiltLo - ok
12:08:49.0282 2516 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
12:08:49.0298 2516 BrFiltUp - ok
12:08:49.0345 2516 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:08:49.0345 2516 Browser - ok
12:08:49.0391 2516 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:08:49.0391 2516 Brserid - ok
12:08:49.0407 2516 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:08:49.0407 2516 BrSerWdm - ok
12:08:49.0423 2516 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:08:49.0423 2516 BrUsbMdm - ok
12:08:49.0438 2516 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:08:49.0438 2516 BrUsbSer - ok
12:08:49.0454 2516 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
12:08:49.0454 2516 BTHMODEM - ok
12:08:49.0501 2516 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:08:49.0501 2516 bthserv - ok
12:08:49.0547 2516 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:08:49.0547 2516 cdfs - ok
12:08:49.0594 2516 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:08:49.0594 2516 cdrom - ok
12:08:49.0625 2516 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:08:49.0625 2516 CertPropSvc - ok
12:08:49.0657 2516 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
12:08:49.0657 2516 circlass - ok
12:08:49.0703 2516 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:08:49.0703 2516 CLFS - ok
12:08:49.0781 2516 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:08:49.0797 2516 clr_optimization_v2.0.50727_32 - ok
12:08:49.0844 2516 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:08:49.0859 2516 clr_optimization_v2.0.50727_64 - ok
12:08:49.0937 2516 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:08:49.0969 2516 clr_optimization_v4.0.30319_32 - ok
12:08:50.0000 2516 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:08:50.0000 2516 clr_optimization_v4.0.30319_64 - ok
12:08:50.0031 2516 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
12:08:50.0031 2516 CmBatt - ok
12:08:50.0062 2516 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:08:50.0062 2516 cmdide - ok
12:08:50.0140 2516 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
12:08:50.0140 2516 CNG - ok
12:08:50.0187 2516 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
12:08:50.0187 2516 Compbatt - ok
12:08:50.0218 2516 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:08:50.0218 2516 CompositeBus - ok
12:08:50.0234 2516 COMSysApp - ok
12:08:50.0249 2516 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
12:08:50.0265 2516 crcdisk - ok
12:08:50.0312 2516 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
12:08:50.0312 2516 CryptSvc - ok
12:08:50.0374 2516 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:08:50.0390 2516 DcomLaunch - ok
12:08:50.0452 2516 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:08:50.0452 2516 defragsvc - ok
12:08:50.0483 2516 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:08:50.0483 2516 DfsC - ok
12:08:50.0546 2516 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:08:50.0561 2516 Dhcp - ok
12:08:50.0593 2516 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:08:50.0593 2516 discache - ok
12:08:50.0624 2516 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
12:08:50.0624 2516 Disk - ok
12:08:50.0671 2516 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:08:50.0671 2516 Dnscache - ok
12:08:50.0717 2516 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:08:50.0733 2516 dot3svc - ok
12:08:50.0764 2516 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:08:50.0764 2516 DPS - ok
12:08:50.0811 2516 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:08:50.0811 2516 drmkaud - ok
12:08:50.0951 2516 DsiWMIService (32c2cd16dc801aef9edaafea0dbd769e) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:08:50.0967 2516 DsiWMIService - ok
12:08:51.0061 2516 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:08:51.0076 2516 DXGKrnl - ok
12:08:51.0123 2516 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:08:51.0123 2516 EapHost - ok
12:08:51.0419 2516 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
12:08:51.0482 2516 ebdrv - ok
12:08:51.0622 2516 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:08:51.0622 2516 EFS - ok
12:08:51.0716 2516 EgisTec Ticket Service (03e6888da1a85acf14ac2a3c328a9e62) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
12:08:51.0731 2516 EgisTec Ticket Service - ok
12:08:51.0825 2516 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:08:51.0841 2516 ehRecvr - ok
12:08:51.0872 2516 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:08:51.0872 2516 ehSched - ok
12:08:51.0981 2516 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
12:08:51.0997 2516 elxstor - ok
12:08:52.0137 2516 ePowerSvc (ac5c64f828c0a6a1350971501ac2a0c7) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:08:52.0153 2516 ePowerSvc - ok
12:08:52.0277 2516 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:08:52.0277 2516 ErrDev - ok
12:08:52.0340 2516 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:08:52.0355 2516 EventSystem - ok
12:08:52.0387 2516 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:08:52.0402 2516 exfat - ok
12:08:52.0433 2516 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:08:52.0449 2516 fastfat - ok
12:08:52.0543 2516 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:08:52.0543 2516 Fax - ok
12:08:52.0558 2516 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
12:08:52.0558 2516 fdc - ok
12:08:52.0589 2516 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:08:52.0589 2516 fdPHost - ok
12:08:52.0605 2516 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:08:52.0605 2516 FDResPub - ok
12:08:52.0652 2516 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:08:52.0652 2516 FileInfo - ok
12:08:52.0667 2516 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:08:52.0667 2516 Filetrace - ok
12:08:52.0792 2516 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:08:52.0792 2516 FLEXnet Licensing Service - ok
12:08:52.0823 2516 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
12:08:52.0839 2516 flpydisk - ok
12:08:52.0870 2516 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:08:52.0870 2516 FltMgr - ok
12:08:52.0995 2516 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:08:53.0011 2516 FontCache - ok
12:08:53.0089 2516 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:08:53.0104 2516 FontCache3.0.0.0 - ok
12:08:53.0151 2516 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:08:53.0151 2516 FsDepends - ok
12:08:53.0198 2516 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:08:53.0198 2516 Fs_Rec - ok
12:08:53.0245 2516 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:08:53.0245 2516 fvevol - ok
12:08:53.0291 2516 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
12:08:53.0291 2516 gagp30kx - ok
12:08:53.0323 2516 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:08:53.0323 2516 GEARAspiWDM - ok
12:08:53.0401 2516 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:08:53.0416 2516 gpsvc - ok
12:08:53.0494 2516 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
12:08:53.0494 2516 GREGService - ok
12:08:53.0572 2516 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:08:53.0588 2516 gupdate - ok
12:08:53.0588 2516 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:08:53.0588 2516 gupdatem - ok
12:08:53.0619 2516 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:08:53.0619 2516 hcw85cir - ok
12:08:53.0681 2516 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:08:53.0681 2516 HdAudAddService - ok
12:08:53.0728 2516 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:08:53.0728 2516 HDAudBus - ok
12:08:53.0744 2516 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
12:08:53.0744 2516 HidBatt - ok
12:08:53.0791 2516 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
12:08:53.0791 2516 HidBth - ok
12:08:53.0822 2516 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
12:08:53.0822 2516 HidIr - ok
12:08:53.0853 2516 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
12:08:53.0853 2516 hidserv - ok
12:08:53.0915 2516 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:08:53.0931 2516 HidUsb - ok
12:08:53.0962 2516 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:08:53.0978 2516 hkmsvc - ok
12:08:54.0025 2516 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:08:54.0025 2516 HomeGroupListener - ok
12:08:54.0071 2516 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:08:54.0087 2516 HomeGroupProvider - ok
12:08:54.0118 2516 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:08:54.0118 2516 HpSAMD - ok
12:08:54.0212 2516 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:08:54.0227 2516 HTTP - ok
12:08:54.0243 2516 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:08:54.0243 2516 hwpolicy - ok
12:08:54.0274 2516 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
12:08:54.0274 2516 i8042prt - ok
12:08:54.0383 2516 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:08:54.0383 2516 iaStorV - ok
12:08:54.0477 2516 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:08:54.0493 2516 idsvc - ok
12:08:54.0555 2516 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
12:08:54.0555 2516 iirsp - ok
12:08:54.0649 2516 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:08:54.0664 2516 IKEEXT - ok
12:08:54.0929 2516 IntcAzAudAddService (f164a1d46a3848a18a44f8acb12961bd) C:\Windows\system32\drivers\RTKVHD64.sys
12:08:54.0961 2516 IntcAzAudAddService - ok
12:08:55.0085 2516 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:08:55.0085 2516 intelide - ok
12:08:55.0117 2516 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
12:08:55.0117 2516 intelppm - ok
12:08:55.0148 2516 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:08:55.0148 2516 IPBusEnum - ok
12:08:55.0163 2516 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:08:55.0163 2516 IpFilterDriver - ok
12:08:55.0195 2516 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:08:55.0195 2516 IPMIDRV - ok
12:08:55.0226 2516 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:08:55.0241 2516 IPNAT - ok
12:08:55.0397 2516 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
12:08:55.0413 2516 iPod Service - ok
12:08:55.0444 2516 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:08:55.0444 2516 IRENUM - ok
12:08:55.0491 2516 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:08:55.0491 2516 isapnp - ok
12:08:55.0522 2516 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:08:55.0522 2516 iScsiPrt - ok
12:08:55.0553 2516 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:08:55.0553 2516 kbdclass - ok
12:08:55.0569 2516 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:08:55.0569 2516 kbdhid - ok
12:08:55.0600 2516 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:08:55.0616 2516 KeyIso - ok
12:08:55.0647 2516 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
12:08:55.0647 2516 KSecDD - ok
12:08:55.0678 2516 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
12:08:55.0694 2516 KSecPkg - ok
12:08:55.0709 2516 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:08:55.0725 2516 ksthunk - ok
12:08:55.0772 2516 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:08:55.0787 2516 KtmRm - ok
12:08:55.0834 2516 L1C (173666119d217e3739205c169e2bf0e5) C:\Windows\system32\DRIVERS\L1C62x64.sys
12:08:55.0834 2516 L1C - ok
12:08:55.0897 2516 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
12:08:55.0897 2516 LanmanServer - ok
12:08:55.0943 2516 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:08:55.0943 2516 LanmanWorkstation - ok
12:08:56.0021 2516 lanusb (a9e7a3fe06d451dd5dd1d3dcb060e467) C:\Windows\system32\mfesmfk.dll
12:08:56.0021 2516 lanusb ( Backdoor.Multi.ZAccess.gen ) - infected
12:08:56.0021 2516 lanusb - detected Backdoor.Multi.ZAccess.gen (0)
12:08:56.0115 2516 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:08:56.0115 2516 Live Updater Service - ok
12:08:56.0162 2516 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:08:56.0162 2516 lltdio - ok
12:08:56.0224 2516 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:08:56.0224 2516 lltdsvc - ok
12:08:56.0240 2516 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:08:56.0255 2516 lmhosts - ok
12:08:56.0287 2516 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
12:08:56.0302 2516 LSI_FC - ok
12:08:56.0333 2516 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
12:08:56.0333 2516 LSI_SAS - ok
12:08:56.0349 2516 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
12:08:56.0365 2516 LSI_SAS2 - ok
12:08:56.0380 2516 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
12:08:56.0380 2516 LSI_SCSI - ok
12:08:56.0411 2516 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:08:56.0411 2516 luafv - ok
12:08:56.0505 2516 lxeeCATSCustConnectService (60b3548ffa9a2eaaed75e9f0704dfce0) C:\Windows\system32\spool\DRIVERS\x64\3\\lxeeserv.exe
12:08:56.0521 2516 lxeeCATSCustConnectService - ok
12:08:56.0552 2516 lxee_device - ok
12:08:56.0614 2516 McAfee SiteAdvisor Service - ok
12:08:56.0661 2516 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:08:56.0661 2516 Mcx2Svc - ok
12:08:56.0692 2516 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
12:08:56.0692 2516 megasas - ok
12:08:56.0879 2516 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
12:08:56.0942 2516 MegaSR - ok
12:08:57.0160 2516 Microsoft SharePoint Workspace Audit Service - ok
12:08:57.0191 2516 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:08:57.0191 2516 MMCSS - ok
12:08:57.0223 2516 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:08:57.0223 2516 Modem - ok
12:08:57.0254 2516 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:08:57.0254 2516 monitor - ok
12:08:57.0285 2516 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:08:57.0285 2516 mouclass - ok
12:08:57.0301 2516 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
12:08:57.0316 2516 mouhid - ok
12:08:57.0347 2516 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:08:57.0347 2516 mountmgr - ok
12:08:57.0379 2516 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:08:57.0394 2516 mpio - ok
12:08:57.0425 2516 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:08:57.0425 2516 mpsdrv - ok
12:08:57.0457 2516 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:08:57.0457 2516 MRxDAV - ok
12:08:57.0488 2516 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:08:57.0488 2516 mrxsmb - ok
12:08:57.0535 2516 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:08:57.0535 2516 mrxsmb10 - ok
12:08:57.0566 2516 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:08:57.0566 2516 mrxsmb20 - ok
12:08:57.0597 2516 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:08:57.0597 2516 msahci - ok
12:08:57.0628 2516 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:08:57.0644 2516 msdsm - ok
12:08:57.0691 2516 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:08:57.0691 2516 MSDTC - ok
12:08:57.0722 2516 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:08:57.0722 2516 Msfs - ok
12:08:57.0737 2516 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:08:57.0737 2516 mshidkmdf - ok
12:08:57.0769 2516 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:08:57.0769 2516 msisadrv - ok
12:08:57.0815 2516 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:08:57.0815 2516 MSiSCSI - ok
12:08:57.0815 2516 msiserver - ok
12:08:57.0847 2516 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:08:57.0847 2516 MSKSSRV - ok
12:08:57.0862 2516 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:08:57.0862 2516 MSPCLOCK - ok
12:08:57.0893 2516 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:08:57.0893 2516 MSPQM - ok
12:08:57.0940 2516 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:08:57.0940 2516 MsRPC - ok
12:08:57.0971 2516 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:08:57.0971 2516 mssmbios - ok
12:08:57.0987 2516 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:08:58.0003 2516 MSTEE - ok
12:08:58.0018 2516 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
12:08:58.0018 2516 MTConfig - ok
12:08:58.0049 2516 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:08:58.0049 2516 Mup - ok
12:08:58.0065 2516 mwlPSDFilter (9b1eac6faf6f37305e822f5588dc8056) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:08:58.0065 2516 mwlPSDFilter - ok
12:08:58.0081 2516 mwlPSDNServ (ad55c1524b296280ed9c6e0d730d35da) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:08:58.0081 2516 mwlPSDNServ - ok
12:08:58.0112 2516 mwlPSDVDisk (2b599e6ec8843637bdd62e7f8f3ba201) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:08:58.0112 2516 mwlPSDVDisk - ok
12:08:58.0159 2516 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:08:58.0174 2516 napagent - ok
12:08:58.0221 2516 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:08:58.0221 2516 NativeWifiP - ok
12:08:58.0361 2516 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:08:58.0377 2516 NDIS - ok
12:08:58.0408 2516 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:08:58.0408 2516 NdisCap - ok
12:08:58.0439 2516 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:08:58.0439 2516 NdisTapi - ok
12:08:58.0486 2516 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:08:58.0486 2516 Ndisuio - ok
12:08:58.0502 2516 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:08:58.0517 2516 NdisWan - ok
12:08:58.0533 2516 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:08:58.0549 2516 NDProxy - ok
12:08:58.0580 2516 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:08:58.0580 2516 NetBIOS - ok
12:08:58.0611 2516 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:08:58.0627 2516 NetBT - ok
12:08:58.0658 2516 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:08:58.0658 2516 Netlogon - ok
12:08:58.0705 2516 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:08:58.0720 2516 Netman - ok
12:08:58.0767 2516 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:08:58.0783 2516 netprofm - ok
12:08:58.0845 2516 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:08:58.0845 2516 NetTcpPortSharing - ok
12:08:58.0892 2516 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
12:08:58.0892 2516 nfrd960 - ok
12:08:58.0954 2516 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:08:58.0954 2516 NlaSvc - ok
12:08:58.0985 2516 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:08:58.0985 2516 Npfs - ok
12:08:59.0001 2516 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:08:59.0001 2516 nsi - ok
12:08:59.0017 2516 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:08:59.0017 2516 nsiproxy - ok
12:08:59.0204 2516 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:08:59.0219 2516 Ntfs - ok
12:08:59.0329 2516 NTI IScheduleSvc (d27a4546417ed7c4aea7b3420d4f1f50) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
12:08:59.0344 2516 NTI IScheduleSvc - ok
12:08:59.0453 2516 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
12:08:59.0453 2516 NTIDrvr - ok
12:08:59.0469 2516 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:08:59.0469 2516 Null - ok
12:08:59.0531 2516 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:08:59.0531 2516 nvraid - ok
12:08:59.0563 2516 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:08:59.0578 2516 nvstor - ok
12:08:59.0625 2516 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:08:59.0625 2516 nv_agp - ok
12:08:59.0641 2516 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:08:59.0641 2516 ohci1394 - ok
12:08:59.0719 2516 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:08:59.0734 2516 ose - ok
12:09:00.0202 2516 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:09:00.0358 2516 osppsvc - ok
12:09:00.0514 2516 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:09:00.0514 2516 p2pimsvc - ok
12:09:00.0561 2516 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:09:00.0577 2516 p2psvc - ok
12:09:00.0623 2516 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
12:09:00.0623 2516 Parport - ok
12:09:00.0670 2516 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:09:00.0670 2516 partmgr - ok
12:09:00.0701 2516 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:09:00.0701 2516 PcaSvc - ok
12:09:00.0733 2516 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:09:00.0733 2516 pci - ok
12:09:00.0764 2516 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:09:00.0764 2516 pciide - ok
12:09:00.0795 2516 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
12:09:00.0795 2516 pcmcia - ok
12:09:00.0826 2516 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:09:00.0826 2516 pcw - ok
12:09:00.0889 2516 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:09:00.0904 2516 PEAUTH - ok
12:09:00.0998 2516 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:09:00.0998 2516 PerfHost - ok
12:09:01.0154 2516 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:09:01.0185 2516 pla - ok
12:09:01.0263 2516 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:09:01.0279 2516 PlugPlay - ok
12:09:01.0310 2516 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:09:01.0310 2516 PNRPAutoReg - ok
12:09:01.0357 2516 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:09:01.0357 2516 PNRPsvc - ok
12:09:01.0419 2516 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:09:01.0419 2516 PolicyAgent - ok
12:09:01.0466 2516 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:09:01.0466 2516 Power - ok
12:09:01.0559 2516 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:09:01.0559 2516 PptpMiniport - ok
12:09:01.0591 2516 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
12:09:01.0591 2516 Processor - ok
12:09:01.0637 2516 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
12:09:01.0637 2516 ProfSvc - ok
12:09:01.0669 2516 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:09:01.0684 2516 ProtectedStorage - ok
12:09:01.0731 2516 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:09:01.0731 2516 Psched - ok
12:09:01.0871 2516 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
12:09:01.0903 2516 ql2300 - ok
12:09:02.0043 2516 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
12:09:02.0043 2516 ql40xx - ok
12:09:02.0090 2516 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:09:02.0090 2516 QWAVE - ok
12:09:02.0137 2516 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:09:02.0137 2516 QWAVEdrv - ok
12:09:02.0152 2516 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:09:02.0152 2516 RasAcd - ok
12:09:02.0199 2516 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:09:02.0199 2516 RasAgileVpn - ok
12:09:02.0215 2516 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:09:02.0215 2516 RasAuto - ok
12:09:02.0261 2516 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:09:02.0261 2516 Rasl2tp - ok
12:09:02.0324 2516 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:09:02.0324 2516 RasMan - ok
12:09:02.0371 2516 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:09:02.0371 2516 RasPppoe - ok
12:09:02.0386 2516 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:09:02.0386 2516 RasSstp - ok
12:09:02.0449 2516 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:09:02.0449 2516 rdbss - ok
12:09:02.0464 2516 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
12:09:02.0464 2516 rdpbus - ok
12:09:02.0495 2516 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:09:02.0495 2516 RDPCDD - ok
12:09:02.0527 2516 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:09:02.0527 2516 RDPENCDD - ok
12:09:02.0542 2516 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:09:02.0542 2516 RDPREFMP - ok
12:09:02.0589 2516 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
12:09:02.0589 2516 RDPWD - ok
12:09:02.0636 2516 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:09:02.0651 2516 rdyboost - ok
12:09:02.0698 2516 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:09:02.0698 2516 RemoteAccess - ok
12:09:02.0745 2516 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:09:02.0745 2516 RemoteRegistry - ok
12:09:02.0776 2516 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:09:02.0776 2516 RpcEptMapper - ok
12:09:02.0807 2516 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:09:02.0807 2516 RpcLocator - ok
12:09:02.0870 2516 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:09:02.0870 2516 RpcSs - ok
12:09:02.0917 2516 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:09:02.0917 2516 rspndr - ok
12:09:02.0995 2516 RSUSBSTOR (135a64530d7699ad48f29d73a658dd11) C:\Windows\System32\Drivers\RtsUStor.sys
12:09:02.0995 2516 RSUSBSTOR - ok
12:09:03.0010 2516 SaiClass (8d90d601758e53c325ebdd8b29f487c1) C:\Windows\system32\ashampoodefragservice.dll
12:09:03.0010 2516 SaiClass ( Backdoor.Multi.ZAccess.gen ) - infected
12:09:03.0010 2516 SaiClass - detected Backdoor.Multi.ZAccess.gen (0)
12:09:03.0041 2516 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:09:03.0041 2516 SamSs - ok
12:09:03.0073 2516 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:09:03.0073 2516 sbp2port - ok
12:09:03.0119 2516 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:09:03.0119 2516 SCardSvr - ok
12:09:03.0151 2516 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:09:03.0151 2516 scfilter - ok
12:09:03.0260 2516 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:09:03.0275 2516 Schedule - ok
12:09:03.0307 2516 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:09:03.0307 2516 SCPolicySvc - ok
12:09:03.0353 2516 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:09:03.0353 2516 SDRSVC - ok
12:09:03.0400 2516 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:09:03.0400 2516 secdrv - ok
12:09:03.0416 2516 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:09:03.0416 2516 seclogon - ok
12:09:03.0431 2516 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
12:09:03.0431 2516 SENS - ok
12:09:03.0463 2516 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:09:03.0478 2516 SensrSvc - ok
12:09:03.0494 2516 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
12:09:03.0494 2516 Serenum - ok
12:09:03.0525 2516 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
12:09:03.0525 2516 Serial - ok
12:09:03.0541 2516 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
12:09:03.0541 2516 sermouse - ok
12:09:03.0587 2516 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:09:03.0587 2516 SessionEnv - ok
12:09:03.0603 2516 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:09:03.0603 2516 sffdisk - ok
12:09:03.0603 2516 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:09:03.0619 2516 sffp_mmc - ok
12:09:03.0619 2516 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:09:03.0619 2516 sffp_sd - ok
12:09:03.0650 2516 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
12:09:03.0650 2516 sfloppy - ok
12:09:03.0712 2516 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:09:03.0728 2516 SharedAccess - ok
12:09:03.0790 2516 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:09:03.0806 2516 ShellHWDetection - ok
12:09:03.0837 2516 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
12:09:03.0837 2516 SiSRaid2 - ok
12:09:03.0853 2516 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
12:09:03.0853 2516 SiSRaid4 - ok
12:09:03.0899 2516 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:09:03.0899 2516 Smb - ok
12:09:03.0946 2516 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:09:03.0946 2516 SNMPTRAP - ok
12:09:03.0977 2516 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:09:03.0977 2516 spldr - ok
12:09:04.0040 2516 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:09:04.0055 2516 Spooler - ok
12:09:04.0383 2516 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:09:04.0430 2516 sppsvc - ok
12:09:04.0555 2516 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:09:04.0555 2516 sppuinotify - ok
12:09:04.0633 2516 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:09:04.0633 2516 srv - ok
12:09:04.0679 2516 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:09:04.0695 2516 srv2 - ok
12:09:04.0726 2516 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:09:04.0726 2516 srvnet - ok
12:09:04.0773 2516 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:09:04.0789 2516 SSDPSRV - ok
12:09:04.0804 2516 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:09:04.0804 2516 SstpSvc - ok
12:09:04.0835 2516 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
12:09:04.0835 2516 stexstor - ok
12:09:04.0913 2516 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:09:04.0913 2516 stisvc - ok
12:09:04.0945 2516 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:09:04.0945 2516 swenum - ok
12:09:05.0007 2516 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:09:05.0023 2516 swprv - ok
12:09:05.0163 2516 SynTP (bba2ea927ec5cc5def5f1bf2b125c0f7) C:\Windows\system32\DRIVERS\SynTP.sys
12:09:05.0179 2516 SynTP - ok
12:09:05.0428 2516 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:09:05.0459 2516 SysMain - ok
12:09:05.0584 2516 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:09:05.0600 2516 TabletInputService - ok
12:09:05.0631 2516 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:09:05.0647 2516 TapiSrv - ok
12:09:05.0662 2516 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:09:05.0678 2516 TBS - ok
12:09:05.0912 2516 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:09:05.0943 2516 Tcpip - ok
12:09:06.0239 2516 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:09:06.0255 2516 TCPIP6 - ok
12:09:06.0411 2516 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:09:06.0411 2516 tcpipreg - ok
12:09:06.0442 2516 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:09:06.0442 2516 TDPIPE - ok
12:09:06.0473 2516 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:09:06.0473 2516 TDTCP - ok
12:09:06.0505 2516 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:09:06.0505 2516 tdx - ok
12:09:06.0551 2516 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:09:06.0551 2516 TermDD - ok
12:09:06.0629 2516 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:09:06.0645 2516 TermService - ok
12:09:06.0661 2516 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:09:06.0661 2516 Themes - ok
12:09:06.0707 2516 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:09:06.0707 2516 THREADORDER - ok
12:09:06.0739 2516 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:09:06.0739 2516 TrkWks - ok
12:09:06.0801 2516 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:09:06.0817 2516 TrustedInstaller - ok
12:09:06.0848 2516 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:09:06.0848 2516 tssecsrv - ok
12:09:06.0879 2516 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:09:06.0879 2516 TsUsbFlt - ok
12:09:06.0895 2516 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
12:09:06.0895 2516 TsUsbGD - ok
12:09:06.0941 2516 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:09:06.0941 2516 tunnel - ok
12:09:06.0973 2516 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
12:09:06.0973 2516 uagp35 - ok
12:09:06.0988 2516 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
12:09:06.0988 2516 UBHelper - ok
12:09:07.0066 2516 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:09:07.0066 2516 udfs - ok
12:09:07.0097 2516 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:09:07.0113 2516 UI0Detect - ok
12:09:07.0144 2516 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:09:07.0144 2516 uliagpkx - ok
12:09:07.0175 2516 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
12:09:07.0175 2516 umbus - ok
12:09:07.0191 2516 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
12:09:07.0207 2516 UmPass - ok
12:09:07.0269 2516 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:09:07.0269 2516 upnphost - ok
12:09:07.0316 2516 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
12:09:07.0316 2516 USBAAPL64 - ok
12:09:07.0378 2516 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:09:07.0378 2516 usbccgp - ok
12:09:07.0409 2516 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:09:07.0409 2516 usbcir - ok
12:09:07.0456 2516 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
12:09:07.0456 2516 usbehci - ok
12:09:07.0503 2516 usbfilter (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys
12:09:07.0503 2516 usbfilter - ok
12:09:07.0550 2516 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:09:07.0550 2516 usbhub - ok
12:09:07.0597 2516 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
12:09:07.0597 2516 usbohci - ok
12:09:07.0643 2516 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:09:07.0643 2516 usbprint - ok
12:09:07.0721 2516 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:09:07.0721 2516 usbscan - ok
12:09:07.0768 2516 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:09:07.0784 2516 USBSTOR - ok
12:09:07.0799 2516 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:09:07.0799 2516 usbuhci - ok
12:09:07.0862 2516 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
12:09:07.0862 2516 usbvideo - ok
12:09:07.0893 2516 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:09:07.0893 2516 UxSms - ok
12:09:07.0924 2516 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:09:07.0924 2516 VaultSvc - ok
12:09:07.0955 2516 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:09:07.0955 2516 vdrvroot - ok
12:09:08.0002 2516 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:09:08.0018 2516 vds - ok
12:09:08.0049 2516 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:09:08.0049 2516 vga - ok
12:09:08.0065 2516 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:09:08.0065 2516 VgaSave - ok
12:09:08.0096 2516 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:09:08.0111 2516 vhdmp - ok
12:09:08.0127 2516 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:09:08.0127 2516 viaide - ok
12:09:08.0158 2516 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:09:08.0158 2516 volmgr - ok
12:09:08.0205 2516 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:09:08.0221 2516 volmgrx - ok
12:09:08.0252 2516 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:09:08.0267 2516 volsnap - ok
12:09:08.0314 2516 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
12:09:08.0314 2516 vsmraid - ok
12:09:08.0455 2516 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:09:08.0486 2516 VSS - ok
12:09:08.0611 2516 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:09:08.0611 2516 vwifibus - ok
12:09:08.0642 2516 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:09:08.0642 2516 vwififlt - ok
12:09:08.0720 2516 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:09:08.0735 2516 W32Time - ok
12:09:08.0767 2516 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
12:09:08.0767 2516 WacomPen - ok
12:09:08.0798 2516 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:09:08.0798 2516 WANARP - ok
12:09:08.0813 2516 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:09:08.0813 2516 Wanarpv6 - ok
12:09:08.0985 2516 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:09:09.0001 2516 WatAdminSvc - ok
12:09:09.0157 2516 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:09:09.0172 2516 wbengine - ok
12:09:09.0313 2516 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:09:09.0313 2516 WbioSrvc - ok
12:09:09.0344 2516 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:09:09.0359 2516 wcncsvc - ok
12:09:09.0375 2516 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:09:09.0391 2516 WcsPlugInService - ok
12:09:09.0437 2516 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
12:09:09.0437 2516 Wd - ok
12:09:09.0500 2516 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:09:09.0515 2516 Wdf01000 - ok
12:09:09.0562 2516 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:09:09.0562 2516 WdiServiceHost - ok
12:09:09.0578 2516 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:09:09.0578 2516 WdiSystemHost - ok
12:09:09.0609 2516 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:09:09.0609 2516 WebClient - ok
12:09:09.0640 2516 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:09:09.0656 2516 Wecsvc - ok
12:09:09.0687 2516 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:09:09.0687 2516 wercplsupport - ok
12:09:09.0718 2516 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:09:09.0734 2516 WerSvc - ok
12:09:09.0796 2516 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:09:09.0796 2516 WfpLwf - ok
12:09:09.0812 2516 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:09:09.0812 2516 WIMMount - ok
12:09:09.0890 2516 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:09:09.0890 2516 Winmgmt - ok
12:09:10.0046 2516 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:09:10.0077 2516 WinRM - ok
12:09:10.0233 2516 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:09:10.0249 2516 WinUsb - ok
12:09:10.0373 2516 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:09:10.0389 2516 Wlansvc - ok
12:09:10.0451 2516 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:09:10.0451 2516 wlcrasvc - ok
12:09:10.0670 2516 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:09:10.0701 2516 wlidsvc - ok
12:09:10.0841 2516 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:09:10.0841 2516 WmiAcpi - ok
12:09:10.0904 2516 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:09:10.0919 2516 wmiApSrv - ok
12:09:10.0966 2516 WMPNetworkSvc - ok
12:09:11.0013 2516 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:09:11.0013 2516 WPCSvc - ok
12:09:11.0278 2516 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:09:11.0294 2516 WPDBusEnum - ok
12:09:11.0325 2516 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:09:11.0325 2516 ws2ifsl - ok
12:09:11.0325 2516 WSearch - ok
12:09:11.0528 2516 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
12:09:11.0575 2516 wuauserv - ok
12:09:11.0699 2516 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:09:11.0699 2516 WudfPf - ok
12:09:11.0746 2516 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:09:11.0746 2516 WUDFRd - ok
12:09:11.0793 2516 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:09:11.0793 2516 wudfsvc - ok
12:09:11.0824 2516 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:09:11.0840 2516 WwanSvc - ok
12:09:11.0871 2516 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:09:12.0089 2516 \Device\Harddisk0\DR0 - ok
12:09:12.0105 2516 Boot (0x1200) (eed944a2482d50e671e2f312ec0aa0e9) \Device\Harddisk0\DR0\Partition
0
Réponse 4 / 13
davids08
21 mai 2012 à 13:16
je fais quoi maintenant?
0
Utilisateur anonyme
21 mai 2012 à 14:03
Postes le rapport tdsskiller car il manque une partie.
0
davids08
21 mai 2012 à 14:36
j'ai vérifié et j'ai tout sélectioné
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
Utilisateur anonyme
21 mai 2012 à 15:07
/!\ A l'attention de ceux qui passent sur ce sujet /!\
Le logiciel qui suit n'est pas à utiliser à la légère et peut faire des dégâts s'il est mal utilisé ! Ne le faites que si un helpeur du forum qui connait bien cet outil vous l'a recommandé.

/!\ Désactive tous tes logiciels de protection (Antivirus, Antispywares) /!\

* Télécharge combofix(de sUBs) sur ton Bureau.
* Double-clique sur ComboFix.exe afin de le lancer.
* Il va te demander d'installer la console de récupération : accepte. (important en cas de problème)
/!\ Ne touche ni à la souris, ni au clavier durant le scan /!\
* Lorsque la recherche sera terminée, un rapport apparaîtra.
* Héberge le rapport C:\Combofix.txt sur le site pjjoint.malekal.com ou cijoint.fr ou toofiles puis copie/colle le lien fournit dans ta prochaine réponse sur le forum
#Si combofix ne veut pas se lancer renommes le en ccm.exe et éxécutes le en mode sans échec .
Tutoriel officiel de Combofix : Tuto Combofix
0
Réponse 6 / 13
davids08
21 mai 2012 à 16:07
je n'ai pas eu de demande d'installation de la console de récup et je suis pas certain que le scan est eu lieu et je sais pas ou est le rapport
0
Utilisateur anonyme
21 mai 2012 à 16:25
le rapport est a la racine .C:\Combofix.txt
0
davids08
21 mai 2012 à 22:07
j'ai rien donc le scan n'a pas marché et
0
davids08
21 mai 2012 à 22:10
combofix ne fonctionne pas, je viens de voir le tuto et ça fonctionne pas sous XP en 64 bits
0
Réponse 7 / 13
Utilisateur anonyme
21 mai 2012 à 23:02
Dans le résumé de ton sujet il est noté windows 7 et combofix fonctionne en 32 ou 64 bits.

Relances combofix mets cette fois en mode sans echec.
0
Réponse 8 / 13
davids08
22 mai 2012 à 14:27
j'ai essayé le mode sans échec et même résultat ça ne marche pas. quand je double clic sur l'icone de combofix ça fait une sorte d'extraction et après rien, la fenetre se ferme et c'est tout
0
Réponse 9 / 13
Utilisateur anonyme
22 mai 2012 à 15:08
Bien c'est l'infection qui bloque le processus de combofix .
On va faire diversion :)

* Télécharger aswMBR.exe sur votre bureau.
* Double cliquez sur le aswMBR.exe pour l'exécuter
* Cliquez sur le bouton «Scan» pour commencer le balayage
* Cliquez sur Save log pour sauvegarder le rapport
* Enregistrez le aswASW.log sur le bureau
* Poster le rapport sur le forum.
0
Réponse 10 / 13
davids08
31 mai 2012 à 04:06
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-31 04:03:22
-----------------------------
04:03:22.096 OS Version: Windows x64 6.1.7601 Service Pack 1
04:03:22.096 Number of processors: 2 586 0x100
04:03:22.205 ComputerName: NOUS UserName:
04:03:24.966 Initialize success
04:03:40.062 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
04:03:40.062 Disk 0 Vendor: TOSHIBA_MK6459GSXP GN003J Size: 610480MB BusType: 11
04:03:40.077 Disk 0 MBR read successfully
04:03:40.093 Disk 0 MBR scan
04:03:40.093 Disk 0 Windows 7 default MBR code
04:03:40.108 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
04:03:40.124 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
04:03:40.140 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595019 MB offset 31664128
04:03:40.155 SubSystem.Windows: C:\Windows\system32\consrv.dll **SUSPICIOUS**
04:03:40.171 Disk 0 scanning C:\Windows\system32\drivers
04:03:46.411 Service scanning
04:04:14.148 Modules scanning
04:04:14.163 Disk 0 trace - called modules:
04:04:14.226 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
04:04:14.741 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003f78060]
04:04:14.741 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8003e09060]
04:04:14.756 Scan finished successfully
04:04:34.635 Disk 0 MBR has been saved successfully to "C:\Users\anna&seb\Desktop\MBR.dat"
04:04:34.650 The log file has been saved successfully to "C:\Users\anna&seb\Desktop\aswMBR.txt"
0
Réponse 11 / 13
Utilisateur anonyme
31 mai 2012 à 15:51
On va devoir passer par OTLPE (de OldTimer)
Télécharge OTLPEnet :
http://oldtimer.geekstogo.com/OTLPENet.exe

- Mets un cd vierge dans ton graveur

- Double clic sur OTLPENet.exe et a la question do you want burn the CD accepte la gravure du cd

Modifier le BIOS du PC afin que le démarrage s'effectue à partir du CD avant le disque dur. Voir: ici http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/PC/tutoriel-modifier-sequence-sujet_27442_1.htm

Faire redémarrer le PC, qui doit démarrer depuis le CD-Rom et afficher un Bureau REATOGO-X-PE

Une fois chargé clic sur le petit drapeau bleu en bas a gauche.

Clic sur all programs ===> double clic sur Regedit ===> double clic sur local registry

Positionnes toi sur HKEY_LOCAL_MACHINE (Le cadre se noircit)

Cliques sur le menu File et Load Hive

En bas positionnes Files of Type sur All files, puis navigues dans tes dossiers pour aller dans C:\Windows\System32\config

Tu dois avoir une liste de fichiers
Double-cliquez sur SYSTEM (celui sans extension à la fin).

Inscris un nom dans l'encadré blanc par exemple désinfection nanard , ce sera le nom du dossier contenant la ruche de ton Windows.

Clic sur ok.
Déroules l'arborescence de désinfection nanard avec les petites fléches pour avoir Control001 puis Control ===> Session Manager et enfin SubSystems .

Un clic sur SubSystems et a droite, tu dois avoir Windows comme valeur, double-cliques dessus.

La value date est très longue, cherches ServerDll=consrv:ConServerDllInitialization
Remplacer le premier consrv par winsrv pour avoir ServerDll=winsrv:ConServerDllInitialization
Valides toutes les fenêtres.
Éventuellement supprimes C:\Windows\system32\consrv.dll toujours depuis le CD Live
Redémarres l'ordinateur. (Sans le cd OTLPE)


Postes un nouveau rapport aswMBR
0
Réponse 12 / 13
davids08
31 mai 2012 à 18:57
est ce que je dois sauvegarder mes données avant la manip ou tout restera sur mon disque dur?
0
Réponse 13 / 13
Utilisateur anonyme
31 mai 2012 à 19:30
sauvegardes tes documents perso si tu n'est pas sur de toi.
0