mrtatou
-
Compteur de contenus
139 -
Inscription
-
Dernière visite
-
Jours gagnés
1
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par mrtatou
-
Ok, bon j'en suis à la réinstalle de MBAM, déjà quand je le telecharge depuis le pc infecté il me dit que le fichier est corrompu... Du coup je le telecharge depuis mon autre pc et lance le scan complet apres MAJ. Et encore une fois le pc plante apres 15minutes de scan... Du coup je relance le tout en mode sans echec
-
Bon ba ca semble bon : Fix Navipromo version 4.0.9 commencé le 27/10/2010 13:36:05,04 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\navilog1 Mise à jour le 17.09.2010 à 16h00 par IL-MAFIOSO Microsoft® Windows Vista Édition Familiale Premium ( v6.0.6002 ) Service Pack 2 X86-based PC ( Multiprocessor Free : AMD Turion 64 X2 Mobile Technology TL-60 ) BIOS : PhoenixBIOS 4.0 Release 6.1 USER : Mano ( Not Administrator ! ) BOOT : Normal boot C:\ (Local Disk) - NTFS - Total:141 Go (Free:64 Go) D:\ (Local Disk) - NTFS - Total:149 Go (Free:38 Go) E:\ (Local Disk) - NTFS - Total:7 Go (Free:1 Go) F:\ (CD or DVD) G:\ (USB) - FAT32 - Total:3816 Mo (Free:3 Go) Q:\ (Local Disk) Recherche executée en mode normal Aucune Infection Navipromo/Egdaccess trouvée *** Scan terminé 27/10/2010 13:36:38,21 *** Je peux lancer windows update maintenant ou il y a d'autre chose à faire?
-
ah désolé. Voici le log: ======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 25/10/10 à 11:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 12:42:08 le 27/10/2010, Mode normal Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86) Mano@PC-DE-MANO (Hewlett-Packard HP Pavilion dv9500 Notebook PC) ============== ACTION(S) ============== Fichier supprimé: C:\Windows\system32\wbem\Performance\WmiApRpl_new.ini Dossier supprimé: C:\Users\Mano\Documents\Imesh Dossier supprimé: C:\Program Files\Search Guard Plus Dossier supprimé: C:\Program Files\SGPSA Dossier supprimé: C:\Users\Mano\AppData\LocalLow\ShoppingReport Dossier supprimé: C:\Users\Mano\AppData\Roaming\EoRezo Dossier supprimé: C:\Program Files\iMesh Applications Fichier supprimé: C:\Users\Mano\AppData\Local\fkdoiat.bat (!) -- Fichiers temporaires supprimés. Clé supprimée: HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{474597C5-AB09-49d6-A4D5-2E8D7341384E} Clé supprimée: HKLM\Software\Classes\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} Clé supprimée: HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Clé supprimée: HKLM\Software\Classes\iMeshIEHelper.UrlHelper Clé supprimée: HKLM\Software\Classes\iMeshIEHelper.UrlHelper.1 Clé supprimée: HKLM\Software\InstallPedia Clé supprimée: HKCU\Software\iMesh Clé supprimée: HKCU\Software\AppDataLow\Software\Seekmo Clé supprimée: HKCU\Software\AppDataLow\Software\ShoppingReport Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Guard Plus ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [impossible d'obtenir la version] ** -- C:\Users\Mano\AppData\Roaming\Mozilla\FireFox\Profiles\w0d0tbuk.default\Prefs.js -- browser.download.dir, C:\\Users\\Mano\\Downloads browser.search.defaultenginename, Google browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= browser.search.selectedEngine, Google browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://custom-search-fr.com/ browser.startup.homepage, hxxp://www.custom-search-fr.com/ ======================================== ** Internet Explorer Version [8.0.6001.18928] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 17 Fichier(s) C:\Program Files\Ad-Remover\Backup: 16 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 27/10/2010 (0 Octet(s)) Fin à: 12:44:25, 27/10/2010 ============== E.O.F ==============
-
Bon finalement il a du aller jusqu'au bout, enfin je ne sais pas car je ne regardai pas, mais il a fini pas arriver sous windows. Voici le log: 2010/10/27 12:21:02.0571 TDSS rootkit removing tool 2.4.5.1 Oct 26 2010 11:28:49 2010/10/27 12:21:02.0571 ================================================================================ 2010/10/27 12:21:02.0571 SystemInfo: 2010/10/27 12:21:02.0571 2010/10/27 12:21:02.0571 OS Version: 6.0.6002 ServicePack: 2.0 2010/10/27 12:21:02.0571 Product type: Workstation 2010/10/27 12:21:02.0571 ComputerName: PC-DE-MANO 2010/10/27 12:21:02.0571 UserName: Mano 2010/10/27 12:21:02.0571 Windows directory: C:\Windows 2010/10/27 12:21:02.0571 System windows directory: C:\Windows 2010/10/27 12:21:02.0571 Processor architecture: Intel x86 2010/10/27 12:21:02.0571 Number of processors: 2 2010/10/27 12:21:02.0571 Page size: 0x1000 2010/10/27 12:21:02.0571 Boot type: Safe boot 2010/10/27 12:21:02.0571 ================================================================================ 2010/10/27 12:21:03.0226 Initialize success 2010/10/27 12:21:26.0033 ================================================================================ 2010/10/27 12:21:26.0033 Scan started 2010/10/27 12:21:26.0033 Mode: Manual; 2010/10/27 12:21:26.0033 ================================================================================ 2010/10/27 12:21:28.0358 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2010/10/27 12:21:28.0451 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 2010/10/27 12:21:28.0560 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 2010/10/27 12:21:28.0638 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 2010/10/27 12:21:28.0716 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 2010/10/27 12:21:28.0841 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2010/10/27 12:21:28.0904 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 2010/10/27 12:21:28.0982 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2010/10/27 12:21:29.0044 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 2010/10/27 12:21:29.0075 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 2010/10/27 12:21:29.0138 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 2010/10/27 12:21:29.0216 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 2010/10/27 12:21:29.0262 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys 2010/10/27 12:21:29.0512 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 2010/10/27 12:21:29.0590 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 2010/10/27 12:21:29.0684 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\Windows\system32\drivers\aswFsBlk.sys 2010/10/27 12:21:29.0793 aswMonFlt (bd9119468c32b7ecd1e0544d3f286a73) C:\Windows\system32\drivers\aswMonFlt.sys 2010/10/27 12:21:29.0840 aswRdr (69823954bbd461a73d69774928c9737e) C:\Windows\system32\drivers\aswRdr.sys 2010/10/27 12:21:29.0886 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\Windows\system32\drivers\aswSP.sys 2010/10/27 12:21:29.0918 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\Windows\system32\drivers\aswTdi.sys 2010/10/27 12:21:30.0027 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2010/10/27 12:21:30.0074 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2010/10/27 12:21:30.0183 avgntflt (1eb7d72a82f94f7e9496d363fce00b68) C:\Windows\system32\DRIVERS\avgntflt.sys 2010/10/27 12:21:30.0214 avipbb (f8c56231ed5ecf7d1b46b0330880ccef) C:\Windows\system32\DRIVERS\avipbb.sys 2010/10/27 12:21:30.0308 BCM43XV (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys 2010/10/27 12:21:30.0370 BCM43XX (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys 2010/10/27 12:21:30.0464 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2010/10/27 12:21:30.0620 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2010/10/27 12:21:30.0698 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2010/10/27 12:21:30.0744 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2010/10/27 12:21:30.0838 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2010/10/27 12:21:30.0869 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2010/10/27 12:21:30.0932 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2010/10/27 12:21:30.0994 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2010/10/27 12:21:31.0072 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2010/10/27 12:21:31.0166 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2010/10/27 12:21:31.0244 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2010/10/27 12:21:31.0290 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 2010/10/27 12:21:31.0368 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2010/10/27 12:21:31.0478 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2010/10/27 12:21:31.0587 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 2010/10/27 12:21:31.0680 CnxtHdAudService (b6e7991e3d6146c04c85cd31af22a381) C:\Windows\system32\drivers\CHDRT32.sys 2010/10/27 12:21:31.0774 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2010/10/27 12:21:31.0805 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 2010/10/27 12:21:31.0852 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 2010/10/27 12:21:32.0055 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2010/10/27 12:21:32.0195 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2010/10/27 12:21:32.0304 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2010/10/27 12:21:32.0382 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys 2010/10/27 12:21:32.0492 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys 2010/10/27 12:21:32.0570 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 2010/10/27 12:21:32.0632 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\Windows\system32\DRIVERS\eabfiltr.sys 2010/10/27 12:21:32.0804 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2010/10/27 12:21:32.0928 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 2010/10/27 12:21:33.0100 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2010/10/27 12:21:33.0162 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2010/10/27 12:21:33.0256 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 2010/10/27 12:21:33.0365 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2010/10/27 12:21:33.0412 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2010/10/27 12:21:33.0474 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 2010/10/27 12:21:33.0568 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2010/10/27 12:21:33.0677 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2010/10/27 12:21:33.0740 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 2010/10/27 12:21:33.0802 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2010/10/27 12:21:33.0989 HBtnKey (de15777902a5d9121857d155873a1d1b) C:\Windows\system32\DRIVERS\cpqbttn.sys 2010/10/27 12:21:34.0098 HdAudAddService (a08f4808fb19a40792a6056848187afe) C:\Windows\system32\drivers\CHDART.sys 2010/10/27 12:21:34.0208 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2010/10/27 12:21:34.0286 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2010/10/27 12:21:34.0332 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2010/10/27 12:21:34.0457 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2010/10/27 12:21:34.0504 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 2010/10/27 12:21:34.0629 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 2010/10/27 12:21:34.0738 HSF_DPV (1882827f41dee51c70e24c567c35bfb5) C:\Windows\system32\DRIVERS\HSX_DPV.sys 2010/10/27 12:21:34.0894 HSXHWAZL (a44ddf3ba83e4664bf4de9220097578c) C:\Windows\system32\DRIVERS\HSXHWAZL.sys 2010/10/27 12:21:34.0972 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2010/10/27 12:21:35.0050 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 2010/10/27 12:21:35.0128 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2010/10/27 12:21:35.0237 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys 2010/10/27 12:21:35.0346 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 2010/10/27 12:21:35.0424 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2010/10/27 12:21:35.0549 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys 2010/10/27 12:21:35.0596 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys 2010/10/27 12:21:35.0674 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2010/10/27 12:21:35.0799 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 2010/10/27 12:21:35.0846 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2010/10/27 12:21:35.0924 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2010/10/27 12:21:35.0970 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 2010/10/27 12:21:36.0048 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2010/10/27 12:21:36.0080 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2010/10/27 12:21:36.0126 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2010/10/27 12:21:36.0204 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2010/10/27 12:21:36.0329 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2010/10/27 12:21:36.0407 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2010/10/27 12:21:36.0516 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2010/10/27 12:21:36.0610 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 2010/10/27 12:21:36.0641 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 2010/10/27 12:21:36.0719 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 2010/10/27 12:21:36.0782 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2010/10/27 12:21:36.0906 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys 2010/10/27 12:21:36.0984 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 2010/10/27 12:21:37.0062 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2010/10/27 12:21:37.0140 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2010/10/27 12:21:37.0172 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2010/10/27 12:21:37.0234 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2010/10/27 12:21:37.0281 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2010/10/27 12:21:37.0390 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 2010/10/27 12:21:37.0484 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2010/10/27 12:21:37.0530 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2010/10/27 12:21:37.0593 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2010/10/27 12:21:37.0702 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 2010/10/27 12:21:37.0749 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2010/10/27 12:21:37.0842 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2010/10/27 12:21:37.0936 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 2010/10/27 12:21:37.0983 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 2010/10/27 12:21:38.0092 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2010/10/27 12:21:38.0170 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2010/10/27 12:21:38.0232 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2010/10/27 12:21:38.0342 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2010/10/27 12:21:38.0373 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2010/10/27 12:21:38.0466 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2010/10/27 12:21:38.0560 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2010/10/27 12:21:38.0591 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2010/10/27 12:21:38.0654 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2010/10/27 12:21:38.0794 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2010/10/27 12:21:38.0934 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2010/10/27 12:21:39.0028 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2010/10/27 12:21:39.0075 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2010/10/27 12:21:39.0168 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2010/10/27 12:21:39.0231 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2010/10/27 12:21:39.0324 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2010/10/27 12:21:39.0402 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2010/10/27 12:21:39.0527 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2010/10/27 12:21:39.0605 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2010/10/27 12:21:39.0652 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2010/10/27 12:21:39.0761 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2010/10/27 12:21:39.0839 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2010/10/27 12:21:39.0902 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2010/10/27 12:21:40.0011 NVENETFD (a1108084b0d2fc43dcc401735770e2a3) C:\Windows\system32\DRIVERS\nvmfdx32.sys 2010/10/27 12:21:40.0292 nvlddmkm (b36c3b866b0d47e2e2856ec8fd746e39) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2010/10/27 12:21:40.0541 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 2010/10/27 12:21:40.0588 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys 2010/10/27 12:21:40.0650 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 2010/10/27 12:21:40.0744 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 2010/10/27 12:21:40.0931 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2010/10/27 12:21:41.0040 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2010/10/27 12:21:41.0103 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2010/10/27 12:21:41.0165 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2010/10/27 12:21:41.0290 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2010/10/27 12:21:41.0337 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 2010/10/27 12:21:41.0399 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2010/10/27 12:21:41.0477 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2010/10/27 12:21:41.0664 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2010/10/27 12:21:41.0727 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 2010/10/27 12:21:41.0820 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2010/10/27 12:21:41.0867 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys 2010/10/27 12:21:42.0008 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 2010/10/27 12:21:42.0101 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2010/10/27 12:21:42.0179 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2010/10/27 12:21:42.0242 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2010/10/27 12:21:42.0288 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2010/10/27 12:21:42.0366 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2010/10/27 12:21:42.0429 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2010/10/27 12:21:42.0507 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2010/10/27 12:21:42.0554 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2010/10/27 12:21:42.0632 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 2010/10/27 12:21:42.0647 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2010/10/27 12:21:42.0741 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2010/10/27 12:21:42.0834 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys 2010/10/27 12:21:42.0850 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys 2010/10/27 12:21:42.0897 rismxdp (c663af77e2f4eabf8eb08b388d2f1f36) C:\Windows\system32\DRIVERS\rixdptsk.sys 2010/10/27 12:21:42.0975 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2010/10/27 12:21:43.0053 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2010/10/27 12:21:43.0193 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 2010/10/27 12:21:43.0271 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2010/10/27 12:21:43.0318 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2010/10/27 12:21:43.0365 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2010/10/27 12:21:43.0412 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2010/10/27 12:21:43.0568 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 2010/10/27 12:21:43.0614 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 2010/10/27 12:21:43.0708 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 2010/10/27 12:21:43.0739 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2010/10/27 12:21:43.0848 sftfs (fcd8208f6a4717726b8ee6943fe70a02) C:\Program Files\Microsoft Application Virtualization Client\drivers\sftfslh.sys 2010/10/27 12:21:43.0942 sftplay (55aada41c4dfe59eeabee1bff1563ec5) C:\Program Files\Microsoft Application Virtualization Client\drivers\sftplaylh.sys 2010/10/27 12:21:44.0036 Sftredir (5b31ea26bfad7053224534d31501d4fc) C:\Windows\system32\DRIVERS\Sftredirlh.sys 2010/10/27 12:21:44.0114 sftvol (a933b21cd2e0a340a7056f7dbc1c096a) C:\Program Files\Microsoft Application Virtualization Client\drivers\sftvollh.sys 2010/10/27 12:21:44.0207 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 2010/10/27 12:21:44.0223 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 2010/10/27 12:21:44.0285 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 2010/10/27 12:21:44.0379 Smb (830daa32ff11f4e167241166e65310e3) C:\Windows\system32\DRIVERS\smb.sys 2010/10/27 12:21:44.0379 Smb - detected Rootkit.Win32.TDSS.tdl3 (0) 2010/10/27 12:21:44.0472 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2010/10/27 12:21:44.0535 srv (0debafcc0e3591fca34f077cab62f7f7) C:\Windows\system32\DRIVERS\srv.sys 2010/10/27 12:21:44.0597 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys 2010/10/27 12:21:44.0660 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys 2010/10/27 12:21:44.0722 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2010/10/27 12:21:44.0831 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2010/10/27 12:21:44.0878 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2010/10/27 12:21:44.0925 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2010/10/27 12:21:44.0956 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2010/10/27 12:21:45.0065 Tcpip (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\drivers\tcpip.sys 2010/10/27 12:21:45.0128 Tcpip6 (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\DRIVERS\tcpip.sys 2010/10/27 12:21:45.0190 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2010/10/27 12:21:45.0252 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2010/10/27 12:21:45.0299 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2010/10/27 12:21:45.0362 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2010/10/27 12:21:45.0424 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2010/10/27 12:21:45.0642 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2010/10/27 12:21:45.0720 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2010/10/27 12:21:45.0798 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2010/10/27 12:21:45.0830 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 2010/10/27 12:21:45.0923 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2010/10/27 12:21:46.0001 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 2010/10/27 12:21:46.0048 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 2010/10/27 12:21:46.0126 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2010/10/27 12:21:46.0188 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2010/10/27 12:21:46.0266 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2010/10/27 12:21:46.0376 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys 2010/10/27 12:21:46.0454 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 2010/10/27 12:21:46.0532 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2010/10/27 12:21:46.0578 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2010/10/27 12:21:46.0625 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2010/10/27 12:21:46.0688 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2010/10/27 12:21:46.0781 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys 2010/10/27 12:21:46.0859 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2010/10/27 12:21:46.0937 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2010/10/27 12:21:46.0968 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2010/10/27 12:21:47.0046 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys 2010/10/27 12:21:47.0156 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2010/10/27 12:21:47.0265 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 2010/10/27 12:21:47.0327 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2010/10/27 12:21:47.0374 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 2010/10/27 12:21:47.0421 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 2010/10/27 12:21:47.0483 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 2010/10/27 12:21:47.0546 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2010/10/27 12:21:47.0624 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2010/10/27 12:21:47.0702 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2010/10/27 12:21:47.0780 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 2010/10/27 12:21:47.0842 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2010/10/27 12:21:47.0889 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/10/27 12:21:47.0920 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/10/27 12:21:48.0029 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2010/10/27 12:21:48.0092 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2010/10/27 12:21:48.0248 winachsf (e096ffb754f1e45ae1bddac1275ae2c5) C:\Windows\system32\DRIVERS\HSX_CNXT.sys 2010/10/27 12:21:48.0450 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2010/10/27 12:21:48.0575 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2010/10/27 12:21:48.0638 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2010/10/27 12:21:48.0747 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2010/10/27 12:21:48.0809 XAudio (19e7c173b6242ad7521e537ae54768bf) C:\Windows\system32\DRIVERS\xaudio.sys 2010/10/27 12:21:48.0934 ywrvw (e6d35f3aa51a65eb35c1f2340154a25e) C:\Windows\system32\drivers\aunvqw.sys 2010/10/27 12:21:49.0215 ================================================================================ 2010/10/27 12:21:49.0215 Scan finished 2010/10/27 12:21:49.0215 ================================================================================ 2010/10/27 12:21:49.0230 Detected object count: 1 2010/10/27 12:22:45.0874 Smb (830daa32ff11f4e167241166e65310e3) C:\Windows\system32\DRIVERS\smb.sys 2010/10/27 12:22:54.0719 Backup copy found, using it.. 2010/10/27 12:22:54.0719 C:\Windows\system32\DRIVERS\smb.sys - will be cured after reboot 2010/10/27 12:22:54.0719 Rootkit.Win32.TDSS.tdl3(Smb) - User select action: Cure 2010/10/27 12:23:00.0039 Deinitialize success
-
Donc, ad-remover a fini son scan et me propose de rebooter le pc, j'accepte. Maintenant le pc a redemarrer mais reste bloqué avant d'arriver sous windows sur "configuration des mises a jour 1 sur 3" mais reste bloqué à 0% ! C'est surement windows update. Dois je attendre ou je reboot ?
-
ok, donc le pc a bien redemarrer. J'ai lancer Ad-Remover en tant qu'admin et j'attends la fin du scan. PAr contre c'est quoi l'UAC? Pour info je suis sous vista
-
Je l'ai lancé en Mode sans echec car en mode "normal" le pc est tres lent! (pour info : à la fin du scan il me parle de rootkit ) Voici le Log: 2010/10/27 12:21:02.0571 TDSS rootkit removing tool 2.4.5.1 Oct 26 2010 11:28:49 2010/10/27 12:21:02.0571 ================================================================================ 2010/10/27 12:21:02.0571 SystemInfo: 2010/10/27 12:21:02.0571 2010/10/27 12:21:02.0571 OS Version: 6.0.6002 ServicePack: 2.0 2010/10/27 12:21:02.0571 Product type: Workstation 2010/10/27 12:21:02.0571 ComputerName: PC-DE-MANO 2010/10/27 12:21:02.0571 UserName: Mano 2010/10/27 12:21:02.0571 Windows directory: C:\Windows 2010/10/27 12:21:02.0571 System windows directory: C:\Windows 2010/10/27 12:21:02.0571 Processor architecture: Intel x86 2010/10/27 12:21:02.0571 Number of processors: 2 2010/10/27 12:21:02.0571 Page size: 0x1000 2010/10/27 12:21:02.0571 Boot type: Safe boot 2010/10/27 12:21:02.0571 ================================================================================ 2010/10/27 12:21:03.0226 Initialize success 2010/10/27 12:21:26.0033 ================================================================================ 2010/10/27 12:21:26.0033 Scan started 2010/10/27 12:21:26.0033 Mode: Manual; 2010/10/27 12:21:26.0033 ================================================================================ 2010/10/27 12:21:28.0358 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2010/10/27 12:21:28.0451 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 2010/10/27 12:21:28.0560 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 2010/10/27 12:21:28.0638 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 2010/10/27 12:21:28.0716 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 2010/10/27 12:21:28.0841 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2010/10/27 12:21:28.0904 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 2010/10/27 12:21:28.0982 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2010/10/27 12:21:29.0044 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 2010/10/27 12:21:29.0075 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 2010/10/27 12:21:29.0138 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 2010/10/27 12:21:29.0216 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 2010/10/27 12:21:29.0262 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys 2010/10/27 12:21:29.0512 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 2010/10/27 12:21:29.0590 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 2010/10/27 12:21:29.0684 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\Windows\system32\drivers\aswFsBlk.sys 2010/10/27 12:21:29.0793 aswMonFlt (bd9119468c32b7ecd1e0544d3f286a73) C:\Windows\system32\drivers\aswMonFlt.sys 2010/10/27 12:21:29.0840 aswRdr (69823954bbd461a73d69774928c9737e) C:\Windows\system32\drivers\aswRdr.sys 2010/10/27 12:21:29.0886 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\Windows\system32\drivers\aswSP.sys 2010/10/27 12:21:29.0918 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\Windows\system32\drivers\aswTdi.sys 2010/10/27 12:21:30.0027 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2010/10/27 12:21:30.0074 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2010/10/27 12:21:30.0183 avgntflt (1eb7d72a82f94f7e9496d363fce00b68) C:\Windows\system32\DRIVERS\avgntflt.sys 2010/10/27 12:21:30.0214 avipbb (f8c56231ed5ecf7d1b46b0330880ccef) C:\Windows\system32\DRIVERS\avipbb.sys 2010/10/27 12:21:30.0308 BCM43XV (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys 2010/10/27 12:21:30.0370 BCM43XX (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys 2010/10/27 12:21:30.0464 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2010/10/27 12:21:30.0620 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2010/10/27 12:21:30.0698 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2010/10/27 12:21:30.0744 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2010/10/27 12:21:30.0838 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2010/10/27 12:21:30.0869 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2010/10/27 12:21:30.0932 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2010/10/27 12:21:30.0994 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2010/10/27 12:21:31.0072 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2010/10/27 12:21:31.0166 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2010/10/27 12:21:31.0244 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2010/10/27 12:21:31.0290 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 2010/10/27 12:21:31.0368 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2010/10/27 12:21:31.0478 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2010/10/27 12:21:31.0587 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 2010/10/27 12:21:31.0680 CnxtHdAudService (b6e7991e3d6146c04c85cd31af22a381) C:\Windows\system32\drivers\CHDRT32.sys 2010/10/27 12:21:31.0774 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2010/10/27 12:21:31.0805 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 2010/10/27 12:21:31.0852 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 2010/10/27 12:21:32.0055 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2010/10/27 12:21:32.0195 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2010/10/27 12:21:32.0304 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2010/10/27 12:21:32.0382 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys 2010/10/27 12:21:32.0492 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys 2010/10/27 12:21:32.0570 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 2010/10/27 12:21:32.0632 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\Windows\system32\DRIVERS\eabfiltr.sys 2010/10/27 12:21:32.0804 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2010/10/27 12:21:32.0928 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 2010/10/27 12:21:33.0100 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2010/10/27 12:21:33.0162 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2010/10/27 12:21:33.0256 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 2010/10/27 12:21:33.0365 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2010/10/27 12:21:33.0412 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2010/10/27 12:21:33.0474 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 2010/10/27 12:21:33.0568 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2010/10/27 12:21:33.0677 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2010/10/27 12:21:33.0740 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 2010/10/27 12:21:33.0802 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2010/10/27 12:21:33.0989 HBtnKey (de15777902a5d9121857d155873a1d1b) C:\Windows\system32\DRIVERS\cpqbttn.sys 2010/10/27 12:21:34.0098 HdAudAddService (a08f4808fb19a40792a6056848187afe) C:\Windows\system32\drivers\CHDART.sys 2010/10/27 12:21:34.0208 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2010/10/27 12:21:34.0286 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2010/10/27 12:21:34.0332 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2010/10/27 12:21:34.0457 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2010/10/27 12:21:34.0504 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 2010/10/27 12:21:34.0629 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 2010/10/27 12:21:34.0738 HSF_DPV (1882827f41dee51c70e24c567c35bfb5) C:\Windows\system32\DRIVERS\HSX_DPV.sys 2010/10/27 12:21:34.0894 HSXHWAZL (a44ddf3ba83e4664bf4de9220097578c) C:\Windows\system32\DRIVERS\HSXHWAZL.sys 2010/10/27 12:21:34.0972 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2010/10/27 12:21:35.0050 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 2010/10/27 12:21:35.0128 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2010/10/27 12:21:35.0237 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys 2010/10/27 12:21:35.0346 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 2010/10/27 12:21:35.0424 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2010/10/27 12:21:35.0549 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys 2010/10/27 12:21:35.0596 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys 2010/10/27 12:21:35.0674 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2010/10/27 12:21:35.0799 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 2010/10/27 12:21:35.0846 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2010/10/27 12:21:35.0924 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2010/10/27 12:21:35.0970 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 2010/10/27 12:21:36.0048 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2010/10/27 12:21:36.0080 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2010/10/27 12:21:36.0126 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2010/10/27 12:21:36.0204 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2010/10/27 12:21:36.0329 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2010/10/27 12:21:36.0407 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2010/10/27 12:21:36.0516 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2010/10/27 12:21:36.0610 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 2010/10/27 12:21:36.0641 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 2010/10/27 12:21:36.0719 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 2010/10/27 12:21:36.0782 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2010/10/27 12:21:36.0906 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys 2010/10/27 12:21:36.0984 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 2010/10/27 12:21:37.0062 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2010/10/27 12:21:37.0140 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2010/10/27 12:21:37.0172 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2010/10/27 12:21:37.0234 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2010/10/27 12:21:37.0281 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2010/10/27 12:21:37.0390 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 2010/10/27 12:21:37.0484 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2010/10/27 12:21:37.0530 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2010/10/27 12:21:37.0593 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2010/10/27 12:21:37.0702 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 2010/10/27 12:21:37.0749 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2010/10/27 12:21:37.0842 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2010/10/27 12:21:37.0936 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 2010/10/27 12:21:37.0983 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 2010/10/27 12:21:38.0092 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2010/10/27 12:21:38.0170 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2010/10/27 12:21:38.0232 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2010/10/27 12:21:38.0342 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2010/10/27 12:21:38.0373 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2010/10/27 12:21:38.0466 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2010/10/27 12:21:38.0560 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2010/10/27 12:21:38.0591 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2010/10/27 12:21:38.0654 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2010/10/27 12:21:38.0794 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2010/10/27 12:21:38.0934 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2010/10/27 12:21:39.0028 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2010/10/27 12:21:39.0075 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2010/10/27 12:21:39.0168 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2010/10/27 12:21:39.0231 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2010/10/27 12:21:39.0324 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2010/10/27 12:21:39.0402 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2010/10/27 12:21:39.0527 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2010/10/27 12:21:39.0605 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2010/10/27 12:21:39.0652 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2010/10/27 12:21:39.0761 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2010/10/27 12:21:39.0839 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2010/10/27 12:21:39.0902 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2010/10/27 12:21:40.0011 NVENETFD (a1108084b0d2fc43dcc401735770e2a3) C:\Windows\system32\DRIVERS\nvmfdx32.sys 2010/10/27 12:21:40.0292 nvlddmkm (b36c3b866b0d47e2e2856ec8fd746e39) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2010/10/27 12:21:40.0541 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 2010/10/27 12:21:40.0588 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys 2010/10/27 12:21:40.0650 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 2010/10/27 12:21:40.0744 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 2010/10/27 12:21:40.0931 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2010/10/27 12:21:41.0040 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2010/10/27 12:21:41.0103 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2010/10/27 12:21:41.0165 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2010/10/27 12:21:41.0290 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2010/10/27 12:21:41.0337 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 2010/10/27 12:21:41.0399 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2010/10/27 12:21:41.0477 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2010/10/27 12:21:41.0664 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2010/10/27 12:21:41.0727 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 2010/10/27 12:21:41.0820 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2010/10/27 12:21:41.0867 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys 2010/10/27 12:21:42.0008 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 2010/10/27 12:21:42.0101 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2010/10/27 12:21:42.0179 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2010/10/27 12:21:42.0242 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2010/10/27 12:21:42.0288 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2010/10/27 12:21:42.0366 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2010/10/27 12:21:42.0429 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2010/10/27 12:21:42.0507 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2010/10/27 12:21:42.0554 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2010/10/27 12:21:42.0632 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 2010/10/27 12:21:42.0647 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2010/10/27 12:21:42.0741 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2010/10/27 12:21:42.0834 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys 2010/10/27 12:21:42.0850 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys 2010/10/27 12:21:42.0897 rismxdp (c663af77e2f4eabf8eb08b388d2f1f36) C:\Windows\system32\DRIVERS\rixdptsk.sys 2010/10/27 12:21:42.0975 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2010/10/27 12:21:43.0053 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2010/10/27 12:21:43.0193 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 2010/10/27 12:21:43.0271 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2010/10/27 12:21:43.0318 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2010/10/27 12:21:43.0365 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2010/10/27 12:21:43.0412 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2010/10/27 12:21:43.0568 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 2010/10/27 12:21:43.0614 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 2010/10/27 12:21:43.0708 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 2010/10/27 12:21:43.0739 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2010/10/27 12:21:43.0848 sftfs (fcd8208f6a4717726b8ee6943fe70a02) C:\Program Files\Microsoft Application Virtualization Client\drivers\sftfslh.sys 2010/10/27 12:21:43.0942 sftplay (55aada41c4dfe59eeabee1bff1563ec5) C:\Program Files\Microsoft Application Virtualization Client\drivers\sftplaylh.sys 2010/10/27 12:21:44.0036 Sftredir (5b31ea26bfad7053224534d31501d4fc) C:\Windows\system32\DRIVERS\Sftredirlh.sys 2010/10/27 12:21:44.0114 sftvol (a933b21cd2e0a340a7056f7dbc1c096a) C:\Program Files\Microsoft Application Virtualization Client\drivers\sftvollh.sys 2010/10/27 12:21:44.0207 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 2010/10/27 12:21:44.0223 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 2010/10/27 12:21:44.0285 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 2010/10/27 12:21:44.0379 Smb (830daa32ff11f4e167241166e65310e3) C:\Windows\system32\DRIVERS\smb.sys 2010/10/27 12:21:44.0379 Smb - detected Rootkit.Win32.TDSS.tdl3 (0) 2010/10/27 12:21:44.0472 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2010/10/27 12:21:44.0535 srv (0debafcc0e3591fca34f077cab62f7f7) C:\Windows\system32\DRIVERS\srv.sys 2010/10/27 12:21:44.0597 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys 2010/10/27 12:21:44.0660 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys 2010/10/27 12:21:44.0722 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2010/10/27 12:21:44.0831 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2010/10/27 12:21:44.0878 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2010/10/27 12:21:44.0925 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2010/10/27 12:21:44.0956 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2010/10/27 12:21:45.0065 Tcpip (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\drivers\tcpip.sys 2010/10/27 12:21:45.0128 Tcpip6 (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\DRIVERS\tcpip.sys 2010/10/27 12:21:45.0190 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2010/10/27 12:21:45.0252 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2010/10/27 12:21:45.0299 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2010/10/27 12:21:45.0362 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2010/10/27 12:21:45.0424 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2010/10/27 12:21:45.0642 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2010/10/27 12:21:45.0720 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2010/10/27 12:21:45.0798 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2010/10/27 12:21:45.0830 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 2010/10/27 12:21:45.0923 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2010/10/27 12:21:46.0001 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 2010/10/27 12:21:46.0048 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 2010/10/27 12:21:46.0126 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2010/10/27 12:21:46.0188 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2010/10/27 12:21:46.0266 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2010/10/27 12:21:46.0376 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys 2010/10/27 12:21:46.0454 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 2010/10/27 12:21:46.0532 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2010/10/27 12:21:46.0578 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2010/10/27 12:21:46.0625 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2010/10/27 12:21:46.0688 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2010/10/27 12:21:46.0781 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys 2010/10/27 12:21:46.0859 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2010/10/27 12:21:46.0937 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2010/10/27 12:21:46.0968 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2010/10/27 12:21:47.0046 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys 2010/10/27 12:21:47.0156 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2010/10/27 12:21:47.0265 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 2010/10/27 12:21:47.0327 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2010/10/27 12:21:47.0374 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 2010/10/27 12:21:47.0421 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 2010/10/27 12:21:47.0483 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 2010/10/27 12:21:47.0546 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2010/10/27 12:21:47.0624 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2010/10/27 12:21:47.0702 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2010/10/27 12:21:47.0780 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 2010/10/27 12:21:47.0842 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2010/10/27 12:21:47.0889 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/10/27 12:21:47.0920 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/10/27 12:21:48.0029 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2010/10/27 12:21:48.0092 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2010/10/27 12:21:48.0248 winachsf (e096ffb754f1e45ae1bddac1275ae2c5) C:\Windows\system32\DRIVERS\HSX_CNXT.sys 2010/10/27 12:21:48.0450 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2010/10/27 12:21:48.0575 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2010/10/27 12:21:48.0638 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2010/10/27 12:21:48.0747 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2010/10/27 12:21:48.0809 XAudio (19e7c173b6242ad7521e537ae54768bf) C:\Windows\system32\DRIVERS\xaudio.sys 2010/10/27 12:21:48.0934 ywrvw (e6d35f3aa51a65eb35c1f2340154a25e) C:\Windows\system32\drivers\aunvqw.sys 2010/10/27 12:21:49.0215 ================================================================================ 2010/10/27 12:21:49.0215 Scan finished 2010/10/27 12:21:49.0215 ================================================================================ 2010/10/27 12:21:49.0230 Detected object count: 1 2010/10/27 12:22:45.0874 Smb (830daa32ff11f4e167241166e65310e3) C:\Windows\system32\DRIVERS\smb.sys 2010/10/27 12:22:54.0719 Backup copy found, using it.. 2010/10/27 12:22:54.0719 C:\Windows\system32\DRIVERS\smb.sys - will be cured after reboot 2010/10/27 12:22:54.0719 Rootkit.Win32.TDSS.tdl3(Smb) - User select action: Cure 2010/10/27 12:23:00.0039 Deinitialize success
-
ok merci à toi, je fais ca de suite. Ca va si je le lance en Mode sans echec?
-
oui je vois bien les rapports sous MBAM mais impossible de les ouvrir. Ma seule idée, faire un capture écran des fichiers en quarantaine.
-
MBAM me dit à la fin des scans : "Le fichier spécifié est introuvable" ! Quand je veux ouvrir mon rapport, car il semble en créé quand meme, et bien c'est la meme chose: je double clic sur les fichiers txt et : "Le fichier spécifié est introuvable". Sachant que j'ai lancé hier soir un scan rapide qui m'a detecté une dizaine d'infection, ce matin je fais un scan complet: plus rien. J'aimerai au moins pouvoir poster le log du scan d'hier pour que vous mes conseillez sur ce que je dois faire des virus. Merci
-
Bon merci pour votre aide,j'ai lancé et executer TFC hier soir, impec. Apres cela j'ai lancé MBAM mais l'ordi a planté apres 17 minutes d'execution... du coup je l'ai relancé ce matin en mode sans echec, en esperant qu'il arrive au bout. Sinon je me suis apercu d'un truc: si je tap "windows update" sur google ou dans la barre d'adresse ou simplement dans une reponse sur ce forum depuis l'ordi infecté et bien la connexion plante: "internet explorer ne peut afficher la page", heureusement j'ai un autre pc pour poster ce message sinon c'est pas possible. J'ai essayé d'arreter le pare feu windows pour voir s'il liberai windows update, mais rien n'y fait et cette histoire du fait que dès que je tape sur le net "windowsupdate" ca fasse arreter la connexion me semble tres bizarre. J'attends le log de MBAB et le posterai dès que possible.
-
J'ai laissé tourné antivir toute l'apres midi, et ce soir je m'apercois qu'il y a dans le gestionnaire des taches une dizaine de Msfeedssync.exe qui tourne. Si vous avez des idées
-
Voila, j'ai recuperé le pc d'un ami qui rame, c'est à dire qu'apres 5 minutes sous windows le cpu est utilisé à 100% sur le gestionnaire, pourtant aucun processus ne semble occuper autant de ressources. J'ai fais un hijackthis, donc si vous avez des idées pour m'aider, car je pense que cela vient d'un virus. Je precise également qu'il n'est pas possible de faire une maj Windows, windowsupdate plante systématiquement. Le log hijack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:46:05, on 26/10/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\IObitBar\toolbar\1.bin\i0brmon.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wuauclt.exe C:\Windows\Explorer.exe C:\Users\Mano\Desktop\tatou\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Notebook | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Pucuy.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file) O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - (no file) O2 - BHO: Toolbar BHO - {EFA17361-CDC0-4927-9AFC-BAAD1F96B2AE} - C:\Program Files\IObitBar\toolbar\1.bin\i0bar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [iObitBar Browser Plugin Loader] C:\PROGRA~1\IObitBar\toolbar\1.bin\i0brmon.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\RunServices: [FTRTSVC] C:\Windows\System32\FTRTSVC.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [download] "C:\Windows\system32\config\systemprofile\AppData\Roaming\download2\svcnost.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [download] "C:\Windows\system32\config\systemprofile\AppData\Roaming\download2\svcnost.exe" (User 'Default user') O13 - Gopher Prefix: O15 - Trusted Zone: *.canalplay.com O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate1c9cce8494224b5) (gupdate1c9cce8494224b5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IObit Toolbar Service (IObitBarService) - IObit - C:\PROGRA~1\IObitBar\toolbar\1.bin\i0barsvc.exe O23 - Service: service de mise a jour pour IP networker (IP netservices) - Unknown owner - C:\Program Files\InstallPedia\service.exe O23 - Service: Service de liPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: Service CANALPLAY - Canal+ Distribution - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8583 bytes