Sujet de LadyHunter

[Apollo]

Je cherche le désinstallateur GData car mon lien n'est plus valable.

 

Mais si tu lances le pack sur l'icône de ComboFix en mode sans échec, ça doit marcher.

 

En MSE, aucun résident n'est actif, même si CF le dit...

 

@++

[Apollo]

Vois par ici: GDATA - AVCleaner 2009 - Forum - EurNet pour GData (remover).

 

Sinon pour désactiver les protections résidentes: Assiste.Forums • Afficher le sujet - Désactiver le module résident de l'antivirus.

 

++

[LadyHunter]

Je cherche aussi : FAQ: Supprimer totalement son ancien antivirus (Clubic.com)

Il est indique AVK Cleaner pour les restes de l'antivirus, est-ce bon ?

 

Ah voila : http://www.gdata.fr/support/downloads/tools.html C'est celui-la, merci pour ton lien.

Modifié le 20 février 2011 par LadyHunter

[LadyHunter]

Euh, c'est etrange, malgre le nettoyage que j'ai fait avec le dernier lien que j'ai poste, ComboFix le detecte encore !?...

[Apollo]

Il faut souvent redémarrer la machine après le passage d'un remover.

 

Tu trouveras d'autres désinstallateurs ici: Apollo Et Compagnie Désinstallateurs et nettoyeurs de produits sécurité.

 

Fais la manip pour la console avec combofix en mode sans échec et si avertissement quand-même, passe outre.

 

Pour faire des analyses en mode sans echec faire comme suit: Comment démarrer Windows en mode sans échec : Astuces pour Dépanner Windows XP

 

@++

[LadyHunter]

J'ai deja fait la manip mais en mode normal, voici le rapport :

 

ComboFix 11-02-19.02 - AnneGel 20/02/2011 19:10:56.3.2 - x86

Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.2038.1338 [GMT 1:00]

Lancé depuis: c:\docs and sets\AnneGel\Bureau\ComboFix.exe

Commutateurs utilisés :: c:\docs and sets\AnneGel\Bureau\WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe

AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}

AV: G Data AntiVirus 2011 *Enabled/Outdated* {71310606-6F3B-49F2-9A81-8315AA75FBB3}

FW: Outpost Firewall *Enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}

* Un nouveau point de restauration a été créé

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\programmes\Internet Explorer\dmlconf.dat

c:\programmes\Internet Explorer\IEXPLOREmgr.exe

.

---- Exécution préalable -------

.

c:\programmes\Internet Explorer\dmlconf.dat

 

.

((((((((((((((((((((((((((((( Fichiers créés du 2011-01-20 au 2011-02-20 ))))))))))))))))))))))))))))))))))))

.

 

2011-02-20 18:09 . 2011-02-20 18:15 99840 ----a-w- c:\programmes\Internet Explorer\iexploremgrmgr.exe

2011-02-19 19:47 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\71140782.sys

2011-02-19 19:47 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\7114078.sys

2011-02-19 19:47 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\71140781.sys

2011-02-19 19:34 . 2011-02-20 18:15 -------- d-----w- c:\programmes\jwxuxaga

2011-02-18 14:15 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\88026492.sys

2011-02-18 14:15 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\8802649.sys

2011-02-18 14:15 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\88026491.sys

2011-02-16 14:37 . 2011-02-16 14:53 -------- d-----w- c:\docs and sets\All Users\Application Data\Alwil Software

2011-02-15 17:23 . 2011-02-15 17:23 38600 ----a-w- c:\windows\system32\drivers\HookCentre.sys

2011-02-15 17:22 . 2011-02-20 18:00 -------- d-----w- c:\docs and sets\All Users\Application Data\G DATA

2011-02-15 17:22 . 2011-02-20 18:00 -------- d-----w- c:\programmes\Fichiers communs\G Data

2011-02-15 16:40 . 2011-02-15 16:40 -------- d-----w- c:\docs and sets\AnneGel\Local Settings\Application Data\Downloaded Installations

2011-02-14 14:21 . 2011-02-14 14:21 -------- d-----w- c:\docs and sets\AnneGel\DoctorWeb

2011-02-13 01:52 . 2011-02-13 01:52 -------- d-----w- c:\docs and sets\AnneGel\Application Data\Avira

2011-02-13 01:47 . 2011-02-17 13:43 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys

2011-02-13 01:47 . 2011-02-15 23:23 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-02-13 01:47 . 2010-06-17 14:28 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys

2011-02-13 01:47 . 2010-06-17 14:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys

2011-02-13 01:47 . 2011-02-13 01:47 -------- d-----w- c:\programmes\Avira

2011-02-12 20:13 . 2011-02-12 20:18 -------- d-----w- c:\docs and sets\All Users\Application Data\moosoft

2011-02-12 16:20 . 2011-02-12 16:20 -------- d-----w- c:\docs and sets\AnneGel\Application Data\thecleaner

2011-02-11 22:01 . 2011-02-14 19:47 -------- d-----w- c:\docs and sets\AnneGel\Application Data\QuickScan

2011-02-11 17:35 . 2011-02-11 17:35 -------- d--h--w- c:\windows\PIF

2011-01-31 15:43 . 2011-01-31 15:43 -------- d-----w- c:\docs and sets\AnneGel\Application Data\gtk-2.0

2011-01-31 15:43 . 2011-01-31 15:43 -------- d-----w- c:\docs and sets\AnneGel\.thumbnails

2011-01-31 13:18 . 2011-01-31 15:51 -------- d-----w- c:\docs and sets\AnneGel\.gimp-2.6

2011-01-29 03:43 . 2011-01-29 03:43 1409 ----a-w- c:\windows\QTFont.for

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-02-14 18:21 . 2009-04-16 11:57 2672 -csha-w- c:\docs and sets\All Users\Application Data\KGyGaAvL.sys

2010-12-20 17:09 . 2009-03-07 23:40 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-12-20 17:08 . 2009-03-07 23:41 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys

.

 

------- Sigcheck -------

 

[-] 2004-08-18 . 27A5959C94EE173A063CA06BD14F021A . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys

 

[-] 2004-08-23 . 998F3F568F6074A35AB08CD3395A9DC2 . 1036288 . . [6.00.2900.2180] . . c:\windows\explorer.exe

 

[-] 2008-04-23 . 2FA055D9A0AB73CC91912646FDF9C5EB . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll

 

[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . c:\windows\system32\dllcache\iexplore.exe

[7] 2004-08-04 . 833E2B3F0E2484C0F2B804AE871B4381 . 93184 . . [6.00.2900.2180] . . c:\windows\ie7\iexplore.exe

.

((((((((((((((((((((((((((((( SnapShot@2011-02-20_17.07.49 )))))))))))))))))))))))))))))))))))))))))

.

- 2001-08-24 16:00 . 2010-11-11 11:38 82156 c:\windows\system32\perfc00C.dat

+ 2001-08-24 16:00 . 2011-02-20 17:12 82156 c:\windows\system32\perfc00C.dat

- 2001-08-24 16:00 . 2010-11-11 11:38 68856 c:\windows\system32\perfc009.dat

+ 2001-08-24 16:00 . 2011-02-20 17:12 68856 c:\windows\system32\perfc009.dat

+ 2001-08-24 16:00 . 2011-02-20 17:12 503822 c:\windows\system32\perfh00C.dat

- 2001-08-24 16:00 . 2010-11-11 11:38 503822 c:\windows\system32\perfh00C.dat

+ 2001-08-24 16:00 . 2011-02-20 17:12 435374 c:\windows\system32\perfh009.dat

- 2001-08-24 16:00 . 2010-11-11 11:38 435374 c:\windows\system32\perfh009.dat

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartupFaster"="d:\progs\Startup Faster\startuploader.exe" [2009-10-25 1455376]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"nltide_3"="advpack.dll" [2007-08-13 123904]

 

c:\docs and sets\AnneGel\Menu D‚marrer\Programmes\D‚marrage\

rdphiapq.exe [2011-2-20 99840]

 

c:\docs and sets\AnneGel\Menu D‚marrer\Programmes\D‚marrage\StartupFaster

setup_9.0.0.722_19.02.2011_20-12.lnk - d:\virus removal tool\setup_9.0.0.722_19.02.2011_20-12\startup.exe [2011-2-19 72208]

StartupFaster.ini [2011-2-20 353]

 

c:\docs and sets\All Users\Menu D‚marrer\Programmes\D‚marrage\StartupFaster

Bluetooth Manager.lnk - c:\programmes\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [N/A]

StartupFaster.ini [2011-2-20 296]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"SynchronousMachineGroupPolicy"= 0 (0x0)

"SynchronousUserGroupPolicy"= 0 (0x0)

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoSMConfigurePrograms"= 1 (0x1)

"NoSMMyDocs"= 1 (0x1)

"NoSMMyPictures"= 1 (0x1)

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"ForceClassicControlPanel"= 1 (0x1)

"NoSMHelp"= 1 (0x1)

"NoSMConfigurePrograms"= 1 (0x1)

"StartMenuLogoff"= 1 (0x1)

"NoSMMyDocs"= 1 (0x1)

"NoSMMyPictures"= 1 (0x1)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="c:\windows\system32\userinit.exe,,c:\programmes\jwxuxaga\rdphiapq.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Outpost\wl_hook.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]

2006-07-20 23:15 1848218 ----a-w- d:\progs\Acronis True Image\TimounterMonitor.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\agentantidote.exe]

2010-06-29 18:22 806080 ------w- d:\progs\Antidote\Programmes32\agentantidote.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]

2010-11-05 22:54 283160 -c--a-w- c:\programmes\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickFinder Scheduler]

2009-06-22 23:29 83232 -c--a-w- d:\progs\Word Perfect\WordPerfect Office X4\Programs\QFSCHD140.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-02-19 21:54 201051 -c----w- d:\progs\Le Visuel\qttask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2010-02-18 09:43 248040 -c--a-w- c:\programmes\Fichiers communs\Java\Java Update\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]

2006-07-20 23:12 1106531 ----a-w- d:\progs\Acronis True Image\TrueImageMonitor.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ultralingua 7 Hotkey]

2009-11-04 12:07 1483264 ----a-w- d:\progs\Ultralingua\ULHotkey.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"AcrSch2Svc"=2 (0x2)

"AVKWCtl"=2 (0x2)

"AVKService"=2 (0x2)

"AVKProxy"=2 (0x2)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:2\\Vmware\\vmware-authd.exe"=

"d:\\Progs\\Vlc\\vlc.exe"=

"d:\\Progs\\Emule\\emule.exe"=

"d:\\Progs\\Opera\\opera.exe"=

"d:\\Progs\\µTorrent\\µTorrent.exe"=

"c:\\Programmes\\NetMeeting\\conf.exe"=

 

R0 71140782;71140782 Boot Guard Driver;c:\windows\system32\drivers\71140782.sys [19/02/2011 20:47 37392]

R0 88026492;88026492 Boot Guard Driver;c:\windows\system32\drivers\88026492.sys [18/02/2011 15:15 37392]

R0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys --> c:\windows\system32\drivers\GDBehave.sys [?]

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [08/03/2009 12:37 717296]

R1 71140781;71140781;c:\windows\system32\drivers\71140781.sys [19/02/2011 20:47 128016]

R1 88026491;88026491;c:\windows\system32\drivers\88026491.sys [18/02/2011 15:15 128016]

R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [11/11/2010 12:50 704384]

R1 setup_9.0.0.722_17.02.2011_18-13drv;setup_9.0.0.722_17.02.2011_18-13drv;c:\windows\system32\drivers\8802649.sys [18/02/2011 15:15 315408]

R1 setup_9.0.0.722_19.02.2011_20-12drv;setup_9.0.0.722_19.02.2011_20-12drv;c:\windows\system32\drivers\7114078.sys [19/02/2011 20:47 315408]

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\programmes\Avira\AntiVir Desktop\sched.exe [13/02/2011 02:47 135336]

R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [26/03/2009 22:05 54960]

R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [11/11/2010 12:49 31128]

R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [11/11/2010 12:50 257432]

R3 FUJ02E1;%FUJ02E1.DeviceDesc%;c:\windows\system32\drivers\FUJ02E1.sys [07/03/2009 23:31 5632]

R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [07/03/2009 23:31 4864]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [08/03/2009 00:41 20952]

R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [26/01/2010 23:31 17792]

S1 GDMnIcpt;GDMnIcpt;\??\c:\windows\system32\drivers\MiniIcpt.sys --> c:\windows\system32\drivers\MiniIcpt.sys [?]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\programmes\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [04/11/2010 18:19 13336]

S2 MBAMService;MBAMService;c:\programmes\Malwarebytes\mbamservice.exe [08/03/2009 00:41 363344]

S2 OS Selector;Acronis OS Selector activator;d:\progs\Acronis Disk Director\OSS\reinstall_svc.exe [25/05/2010 18:53 2139400]

S2 vnccom;vnccom;c:\windows\system32\drivers\vnccom.SYS [13/03/2009 14:03 6016]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [07/03/2009 23:20 1684736]

S3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [15/02/2011 18:23 38600]

S3 I97DRIVER;I97DRIVER;\??\d:\progs\Fix-It\dgs.sys --> d:\progs\Fix-It\dgs.sys [?]

S3 PORTMON;PORTMON;\??\d:\progs\Sysinternals Suite\PORTMSYS.SYS --> d:\progs\Sysinternals Suite\PORTMSYS.SYS [?]

S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [26/11/2009 00:06 34384]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\progs\Tune Up Utilities\TuneUpUtilitiesDriver32.sys [24/02/2010 14:41 10064]

S4 AVKService;G Data Scheduler;c:\programmes\GData\AVK\AVKService.exe --> c:\programmes\GData\AVK\AVKService.exe [?]

S4 AVKWCtl;G Data Gardien;c:\programmes\GData\AVK\AVKWCtl.exe --> c:\programmes\GData\AVK\AVKWCtl.exe [?]

S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\progs\Tune Up Utilities\TuneUpUtilitiesService32.exe [30/09/2010 16:15 1051968]

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

.

Contenu du dossier 'Tâches planifiées'

 

2011-02-15 c:\windows\Tasks\SyncBack Synchro Bureau 2.job

- d:\progs\Syncback\SyncBack.exe [2009-05-26 10:00]

 

2011-02-09 c:\windows\Tasks\SyncBack Synchro Bureau.job

- d:\progs\Syncback\SyncBack.exe [2009-05-26 10:00]

 

2011-01-31 c:\windows\Tasks\SyncBack Synchro config.job

- d:\progs\Syncback\SyncBack.exe [2009-05-26 10:00]

 

2011-01-31 c:\windows\Tasks\SyncBack Synchro docs.job

- d:\progs\Syncback\SyncBack.exe [2009-05-26 10:00]

.

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.google.fr/

IE: Add to &Evernote - d:\progs\Evernote\enbar.dll/2000

IE: Ouvrir dans WordPerfect - d:\progs\Word Perfect\WordPerfect Office X4\Programs\WPLauncher.hta

FF - ProfilePath - c:\docs and sets\AnneGel\Application Data\Mozilla\Firefox\Profiles\5jf06vqf.default\

FF - prefs.js: browser.startup.homepage - www.google.fr

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\progs\Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Quick Starter: jqs@sun.com - c:\programmes\Java\lib\deploy\jqs\ff

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-02-20 19:15

Windows 5.1.2600 Service Pack 2 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

 

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

 

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

Heure de fin: 2011-02-20 19:16:54

ComboFix-quarantined-files.txt 2011-02-20 18:16

ComboFix2.txt 2011-02-20 17:10

 

Avant-CF: 877 580 288 octets libres

Après-CF: 943 312 896 octets libres

 

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

 

- - End Of File - - B004B141C428C8FAA5600B8FE6551B69

[Apollo]

Comment va le pc?

 

Télécharge TDSSKiller de Kaspersky sur ton bureau.

 

Ou: http://support.kaspersky.com/fr/downloads/utils/tdsskiller.zip ; décompresse le zip.

 

Double-clique sur TDSSKiller.exe

L'écran de TDSSKiller s'affiche:

 

 

Cliquer sur Start scan pour lancer l'analyse.

 

Lorsque l'outil a terminé son travail d'inspection, si des nuisibles ("Malicious objects") ont été trouvés,

vérifier que l'option Cure est sélectionnée, puis cliquer sur le bouton Continue puis sur le bouton Reboot now.

 

Envoyer en réponse:

*- Le rapport de TDSSKiller (contenu du fichier SystemDrive \TDSSKiller.Version_Date_Heure_log.txt)

[systemDrive représente la partition sur laquelle est installé le système, généralement C:] .

 

[LadyHunter]

Aucun changement. Le fichier s'auto-genere toujours comme il est indique dans le rapport : "Userinit"="c:\windows\system32\userinit.exe,,c:\programmes\jwxuxaga\rdphiapq.exe"

 

Je m'occupe de ta derniere instruction.

[LadyHunter]

Le rapport :

 

2011/02/20 19:37:48.0062 2324 TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20

2011/02/20 19:37:48.0234 2324 ================================================================================

2011/02/20 19:37:48.0234 2324 SystemInfo:

2011/02/20 19:37:48.0234 2324

2011/02/20 19:37:48.0234 2324 OS Version: 5.1.2600 ServicePack: 2.0

2011/02/20 19:37:48.0234 2324 Product type: Workstation

2011/02/20 19:37:48.0234 2324 ComputerName: GANTZ

2011/02/20 19:37:48.0234 2324 UserName: AnneGel

2011/02/20 19:37:48.0234 2324 Windows directory: C:\WINDOWS

2011/02/20 19:37:48.0234 2324 System windows directory: C:\WINDOWS

2011/02/20 19:37:48.0234 2324 Processor architecture: Intel x86

2011/02/20 19:37:48.0234 2324 Number of processors: 2

2011/02/20 19:37:48.0234 2324 Page size: 0x1000

2011/02/20 19:37:48.0234 2324 Boot type: Normal boot

2011/02/20 19:37:48.0234 2324 ================================================================================

2011/02/20 19:37:49.0156 2324 Initialize success

2011/02/20 19:38:09.0921 3436 ================================================================================

2011/02/20 19:38:09.0921 3436 Scan started

2011/02/20 19:38:09.0921 3436 Mode: Manual;

2011/02/20 19:38:09.0921 3436 ================================================================================

2011/02/20 19:38:10.0562 3436 71140781 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\WINDOWS\system32\DRIVERS\71140781.sys

2011/02/20 19:38:10.0640 3436 71140782 (a305fad3719c5db0c13d1c2bfd08a04d) C:\WINDOWS\system32\DRIVERS\71140782.sys

2011/02/20 19:38:10.0687 3436 88026491 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\WINDOWS\system32\DRIVERS\88026491.sys

2011/02/20 19:38:10.0734 3436 88026492 (a305fad3719c5db0c13d1c2bfd08a04d) C:\WINDOWS\system32\DRIVERS\88026492.sys

2011/02/20 19:38:10.0812 3436 ACPI (0bd94fbfc14ea3606cd6ca4c0255baa3) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/02/20 19:38:10.0890 3436 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

2011/02/20 19:38:10.0953 3436 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys

2011/02/20 19:38:11.0046 3436 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys

2011/02/20 19:38:11.0109 3436 afw (f85e257cae6133fcda85332fa52b455e) C:\WINDOWS\system32\DRIVERS\afw.sys

2011/02/20 19:38:11.0171 3436 afwcore (90b57bf63271cd3df6bb264f91e0be35) C:\WINDOWS\system32\drivers\afwcore.sys

2011/02/20 19:38:11.0281 3436 AgereSoftModem (d31d1a92479bd8c0d050a6ffbdd410d9) C:\WINDOWS\system32\DRIVERS\AGRSM.sys

2011/02/20 19:38:11.0484 3436 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys

2011/02/20 19:38:11.0609 3436 AR5211 (9108f38c07f4953ea4ee89243e787cad) C:\WINDOWS\system32\DRIVERS\ar5211.sys

2011/02/20 19:38:11.0687 3436 AR5416 (864160f5f4fbdd97b6a686854bfebd86) C:\WINDOWS\system32\DRIVERS\athw.sys

2011/02/20 19:38:11.0781 3436 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

2011/02/20 19:38:11.0890 3436 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/02/20 19:38:11.0953 3436 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/02/20 19:38:12.0000 3436 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/02/20 19:38:12.0046 3436 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/02/20 19:38:12.0234 3436 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programmes\Avira\AntiVir Desktop\avgio.sys

2011/02/20 19:38:12.0343 3436 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

2011/02/20 19:38:12.0390 3436 avipbb (da39805e2bad99d37fce9477dd94e7f2) C:\WINDOWS\system32\DRIVERS\avipbb.sys

2011/02/20 19:38:12.0453 3436 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/02/20 19:38:12.0562 3436 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/02/20 19:38:12.0640 3436 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

2011/02/20 19:38:12.0718 3436 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/02/20 19:38:12.0796 3436 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/02/20 19:38:12.0859 3436 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/02/20 19:38:12.0953 3436 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

2011/02/20 19:38:13.0015 3436 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys

2011/02/20 19:38:13.0171 3436 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/02/20 19:38:13.0265 3436 dmboot (e2d3b7620310fe56685f9b15a6b404b3) C:\WINDOWS\system32\drivers\dmboot.sys

2011/02/20 19:38:13.0343 3436 dmio (c77f5c20aa70197a69aa84baa9de43c8) C:\WINDOWS\system32\drivers\dmio.sys

2011/02/20 19:38:13.0406 3436 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/02/20 19:38:13.0500 3436 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys

2011/02/20 19:38:13.0593 3436 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/02/20 19:38:13.0687 3436 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/02/20 19:38:13.0750 3436 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys

2011/02/20 19:38:13.0812 3436 Fips (8b121ff880683607ab2aef0340721718) C:\WINDOWS\system32\drivers\Fips.sys

2011/02/20 19:38:13.0859 3436 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys

2011/02/20 19:38:13.0953 3436 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

2011/02/20 19:38:14.0031 3436 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/02/20 19:38:14.0109 3436 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/02/20 19:38:14.0265 3436 FUJ02B1 (00845dcd64fe6348ddf7890c310c17b9) C:\WINDOWS\system32\DRIVERS\FUJ02B1.sys

2011/02/20 19:38:14.0312 3436 FUJ02E1 (c4942669fde5abd7bbe70027c9de1247) C:\WINDOWS\system32\Drivers\FUJ02E1.sys

2011/02/20 19:38:14.0359 3436 FUJ02E3 (ef9f310f86fd504afcdcedf8280091fb) C:\WINDOWS\system32\DRIVERS\FUJ02E3.sys

2011/02/20 19:38:14.0484 3436 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/02/20 19:38:14.0546 3436 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys

2011/02/20 19:38:14.0625 3436 hcmon (2084888f800fb1c1e514fd6da168b5b3) C:\WINDOWS\system32\drivers\hcmon.sys

2011/02/20 19:38:14.0687 3436 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

2011/02/20 19:38:14.0765 3436 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/02/20 19:38:14.0828 3436 HookCentre (d0e9faa9778d0345c9afe84ad86a5cce) C:\WINDOWS\system32\drivers\HookCentre.sys

2011/02/20 19:38:14.0921 3436 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/02/20 19:38:15.0031 3436 i8042prt (d1efcbd693b5ba21314d06368c471070) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/02/20 19:38:15.0250 3436 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

2011/02/20 19:38:15.0453 3436 iaStor (f4037a3fedb92dd97c95f320766ea5c9) C:\WINDOWS\system32\DRIVERS\iaStor.sys

2011/02/20 19:38:15.0562 3436 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/02/20 19:38:15.0859 3436 IntcAzAudAddService (2b1cddfe53715372b2677ace12fc9fe5) C:\WINDOWS\system32\drivers\RtkHDAud.sys

2011/02/20 19:38:15.0968 3436 IntelIde (1367812f8a974e0c13a4888fa5e7ede6) C:\WINDOWS\system32\DRIVERS\intelide.sys

2011/02/20 19:38:16.0031 3436 intelppm (dd5ad1e79ac26d3f8d8828ad4627f160) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2011/02/20 19:38:16.0078 3436 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

2011/02/20 19:38:16.0125 3436 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/02/20 19:38:16.0187 3436 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/02/20 19:38:16.0234 3436 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/02/20 19:38:16.0265 3436 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/02/20 19:38:16.0312 3436 irda (86c204836feec22510d434982d4221b8) C:\WINDOWS\system32\DRIVERS\irda.sys

2011/02/20 19:38:16.0375 3436 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/02/20 19:38:16.0421 3436 isapnp (54632f1a7de61dc3615d756f2a90fa72) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/02/20 19:38:16.0515 3436 Kbdclass (e798705e8dc7fab596ef6bfdf167e007) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/02/20 19:38:16.0578 3436 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys

2011/02/20 19:38:16.0671 3436 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/02/20 19:38:16.0796 3436 MBAMProtector (836e0e09ca9869be7eb39ef2cf3602c7) C:\WINDOWS\system32\drivers\mbam.sys

2011/02/20 19:38:16.0875 3436 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/02/20 19:38:16.0921 3436 Modem (5ac7e16f5b40a6da14b5f2b3ada4693e) C:\WINDOWS\system32\drivers\Modem.sys

2011/02/20 19:38:17.0031 3436 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys

2011/02/20 19:38:17.0125 3436 Mouclass (7d4f19411bd941e1d432a99e24230386) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/02/20 19:38:17.0171 3436 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/02/20 19:38:17.0218 3436 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/02/20 19:38:17.0328 3436 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/02/20 19:38:17.0390 3436 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/02/20 19:38:17.0515 3436 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys

2011/02/20 19:38:17.0578 3436 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/02/20 19:38:17.0625 3436 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/02/20 19:38:17.0687 3436 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/02/20 19:38:17.0734 3436 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/02/20 19:38:17.0781 3436 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys

2011/02/20 19:38:17.0906 3436 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys

2011/02/20 19:38:17.0953 3436 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

2011/02/20 19:38:18.0062 3436 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys

2011/02/20 19:38:18.0125 3436 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

2011/02/20 19:38:18.0187 3436 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/02/20 19:38:18.0250 3436 Ndisuio (5146c3d286e66c72328f6ce6e4d983a8) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/02/20 19:38:18.0312 3436 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/02/20 19:38:18.0375 3436 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/02/20 19:38:18.0453 3436 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/02/20 19:38:18.0500 3436 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/02/20 19:38:18.0593 3436 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys

2011/02/20 19:38:18.0640 3436 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys

2011/02/20 19:38:18.0718 3436 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/02/20 19:38:18.0796 3436 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/02/20 19:38:18.0828 3436 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/02/20 19:38:18.0890 3436 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/02/20 19:38:18.0937 3436 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

2011/02/20 19:38:19.0015 3436 Parport (318696359ac7df48d1e51974ec527dd2) C:\WINDOWS\system32\DRIVERS\parport.sys

2011/02/20 19:38:19.0062 3436 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/02/20 19:38:19.0109 3436 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/02/20 19:38:19.0171 3436 PCI (7c5da5c1ed801ad8b0309d5514f0b75e) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/02/20 19:38:19.0265 3436 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/02/20 19:38:19.0328 3436 Pcmcia (641da274e163617ea7a33506bc6da8e3) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

2011/02/20 19:38:19.0593 3436 Point32 (d0be72557de73acabbab536496d23115) C:\WINDOWS\system32\DRIVERS\point32.sys

2011/02/20 19:38:19.0750 3436 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/02/20 19:38:19.0843 3436 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys

2011/02/20 19:38:19.0890 3436 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/02/20 19:38:20.0062 3436 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/02/20 19:38:20.0140 3436 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

2011/02/20 19:38:20.0187 3436 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/02/20 19:38:20.0250 3436 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/02/20 19:38:20.0375 3436 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/02/20 19:38:20.0437 3436 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/02/20 19:38:20.0515 3436 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/02/20 19:38:20.0578 3436 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/02/20 19:38:20.0671 3436 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/02/20 19:38:20.0750 3436 redbook (2cc30b68dd62b73d444a41322cd7fc4c) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/02/20 19:38:20.0921 3436 SandBox (57ef0a92bada411c563384c08a4a25cd) C:\WINDOWS\system32\drivers\SandBox.sys

2011/02/20 19:38:21.0000 3436 SCREAMINGBDRIVER (a643d6df1b7546256b11fb5d6b5d1375) C:\WINDOWS\system32\drivers\ScreamingBAudio.sys

2011/02/20 19:38:21.0046 3436 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/02/20 19:38:21.0140 3436 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys

2011/02/20 19:38:21.0187 3436 Serial (653201755ca96ab4aaa4131daf6da356) C:\WINDOWS\system32\DRIVERS\serial.sys

2011/02/20 19:38:21.0296 3436 setup_9.0.0.722_17.02.2011_18-13drv (66ef49622baa18e4d4f1fe4bae1d51b8) C:\WINDOWS\system32\DRIVERS\8802649.sys

2011/02/20 19:38:21.0375 3436 setup_9.0.0.722_19.02.2011_20-12drv (66ef49622baa18e4d4f1fe4bae1d51b8) C:\WINDOWS\system32\DRIVERS\7114078.sys

2011/02/20 19:38:21.0453 3436 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys

2011/02/20 19:38:21.0562 3436 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys

2011/02/20 19:38:21.0625 3436 SMCIRDA (faedd4ac72c5772672cce88b3adafa56) C:\WINDOWS\system32\DRIVERS\smcirda.sys

2011/02/20 19:38:21.0703 3436 snapman (5052dbafc8f4e4507e6ad0d467dd3529) C:\WINDOWS\system32\DRIVERS\snapman.sys

2011/02/20 19:38:21.0796 3436 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys

2011/02/20 19:38:21.0875 3436 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys

2011/02/20 19:38:21.0875 3436 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b

2011/02/20 19:38:21.0921 3436 sptd - detected Locked file (1)

2011/02/20 19:38:21.0968 3436 sr (b52181023b827acda36c1b76751ebffd) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/02/20 19:38:22.0109 3436 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/02/20 19:38:22.0203 3436 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

2011/02/20 19:38:22.0296 3436 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

2011/02/20 19:38:22.0359 3436 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/02/20 19:38:22.0437 3436 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys

2011/02/20 19:38:22.0656 3436 SynTP (ae4052fc36bd4c390cee45a38ec1199a) C:\WINDOWS\system32\DRIVERS\SynTP.sys

2011/02/20 19:38:22.0734 3436 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/02/20 19:38:22.0812 3436 Tcpip (27a5959c94ee173a063ca06bd14f021a) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/02/20 19:38:22.0875 3436 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/02/20 19:38:22.0921 3436 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/02/20 19:38:22.0984 3436 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/02/20 19:38:23.0046 3436 tifsfilter (fd03a8ff9d4573246bd8e6d5371969e4) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys

2011/02/20 19:38:23.0125 3436 timounter (8061ee6fe61a27d6024da5e2d06a0418) C:\WINDOWS\system32\DRIVERS\timntr.sys

2011/02/20 19:38:23.0218 3436 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys

2011/02/20 19:38:23.0281 3436 tosporte (b2842672056ca33f0a4aab3e5cbbf181) C:\WINDOWS\system32\DRIVERS\tosporte.sys

2011/02/20 19:38:23.0343 3436 Tosrfbd (926ca0b7fd2fa62d82c33b3117936070) C:\WINDOWS\system32\Drivers\tosrfbd.sys

2011/02/20 19:38:23.0390 3436 Tosrfbnp (1ae2ba74b2a4f5a358b13fcd35258c30) C:\WINDOWS\system32\Drivers\tosrfbnp.sys

2011/02/20 19:38:23.0437 3436 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys

2011/02/20 19:38:23.0531 3436 Tosrfhid (5dbf390aab62dd0d4d43a9278614e001) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys

2011/02/20 19:38:23.0593 3436 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys

2011/02/20 19:38:23.0656 3436 TosRfSnd (ab6fd13d7efa2634fa6bdf84c7ef0696) C:\WINDOWS\system32\drivers\TosRfSnd.sys

2011/02/20 19:38:23.0718 3436 Tosrfusb (d870fd6ce9060b73289f47e88630ee0e) C:\WINDOWS\system32\Drivers\tosrfusb.sys

2011/02/20 19:38:23.0937 3436 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) D:\Progs\Tune Up Utilities\TuneUpUtilitiesDriver32.sys

2011/02/20 19:38:24.0000 3436 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys

2011/02/20 19:38:24.0109 3436 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys

2011/02/20 19:38:24.0203 3436 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys

2011/02/20 19:38:24.0281 3436 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2011/02/20 19:38:24.0328 3436 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/02/20 19:38:24.0421 3436 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/02/20 19:38:24.0515 3436 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/02/20 19:38:24.0562 3436 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2011/02/20 19:38:24.0593 3436 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys

2011/02/20 19:38:24.0718 3436 VCSVADHWSer (b2abab4ca46bad182e27763dc19c780f) C:\WINDOWS\system32\DRIVERS\vcsvad.sys

2011/02/20 19:38:24.0765 3436 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys

2011/02/20 19:38:24.0859 3436 vmci (bf327b6ae50c0d5d1cc7aa49cf56c9f3) C:\WINDOWS\system32\Drivers\vmci.sys

2011/02/20 19:38:24.0921 3436 vmkbd (47755d44592212c8e609b0bb36227a4b) C:\WINDOWS\system32\drivers\VMkbd.sys

2011/02/20 19:38:24.0953 3436 VMnetAdapter (898706a05d20b706848a440961c52436) C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys

2011/02/20 19:38:25.0031 3436 VMnetBridge (5692cbd2a25e04c62707bfc311884b65) C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys

2011/02/20 19:38:25.0078 3436 VMnetuserif (6a1b3f7d9e25929fd42712ab80aebf62) C:\WINDOWS\system32\drivers\vmnetuserif.sys

2011/02/20 19:38:25.0125 3436 VMparport (f94040d3d27b56a46d559fd78a3e4084) C:\WINDOWS\system32\Drivers\VMparport.sys

2011/02/20 19:38:25.0203 3436 vmusb (25017db6451b002158db425961a82b7b) C:\WINDOWS\system32\Drivers\vmusb.sys

2011/02/20 19:38:25.0281 3436 vmx86 (925faad003f782057f1e0eea0797900e) C:\WINDOWS\system32\Drivers\vmx86.sys

2011/02/20 19:38:25.0359 3436 vnccom (b67632451f760797bb183e1fb99f4b39) C:\WINDOWS\system32\Drivers\vnccom.SYS

2011/02/20 19:38:25.0453 3436 VolSnap (313b1a0d5db26dfe1c34a6c13b2ce0a7) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/02/20 19:38:25.0546 3436 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/02/20 19:38:25.0640 3436 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/02/20 19:38:25.0765 3436 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

2011/02/20 19:38:25.0812 3436 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

2011/02/20 19:38:25.0906 3436 yukonwxp (03382deb49f1d9d61523754c0c5a8ddd) C:\WINDOWS\system32\DRIVERS\yk51x86.sys

2011/02/20 19:38:26.0171 3436 ================================================================================

2011/02/20 19:38:26.0171 3436 Scan finished

2011/02/20 19:38:26.0171 3436 ================================================================================

2011/02/20 19:38:26.0203 3264 Detected object count: 1

2011/02/20 19:39:13.0078 3264 Locked file(sptd) - User select action: Skip

2011/02/20 19:39:18.0515 0772 ================================================================================

2011/02/20 19:39:18.0515 0772 Scan started

2011/02/20 19:39:18.0515 0772 Mode: Manual;

2011/02/20 19:39:18.0515 0772 ================================================================================

2011/02/20 19:39:19.0000 0772 71140781 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\WINDOWS\system32\DRIVERS\71140781.sys

2011/02/20 19:39:19.0031 0772 71140782 (a305fad3719c5db0c13d1c2bfd08a04d) C:\WINDOWS\system32\DRIVERS\71140782.sys

2011/02/20 19:39:19.0062 0772 88026491 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\WINDOWS\system32\DRIVERS\88026491.sys

2011/02/20 19:39:19.0093 0772 88026492 (a305fad3719c5db0c13d1c2bfd08a04d) C:\WINDOWS\system32\DRIVERS\88026492.sys

2011/02/20 19:39:19.0156 0772 ACPI (0bd94fbfc14ea3606cd6ca4c0255baa3) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/02/20 19:39:19.0187 0772 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

2011/02/20 19:39:19.0218 0772 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys

2011/02/20 19:39:19.0250 0772 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys

2011/02/20 19:39:19.0281 0772 afw (f85e257cae6133fcda85332fa52b455e) C:\WINDOWS\system32\DRIVERS\afw.sys

2011/02/20 19:39:19.0328 0772 afwcore (90b57bf63271cd3df6bb264f91e0be35) C:\WINDOWS\system32\drivers\afwcore.sys

2011/02/20 19:39:19.0406 0772 AgereSoftModem (d31d1a92479bd8c0d050a6ffbdd410d9) C:\WINDOWS\system32\DRIVERS\AGRSM.sys

2011/02/20 19:39:19.0593 0772 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys

2011/02/20 19:39:19.0703 0772 AR5211 (9108f38c07f4953ea4ee89243e787cad) C:\WINDOWS\system32\DRIVERS\ar5211.sys

2011/02/20 19:39:19.0781 0772 AR5416 (864160f5f4fbdd97b6a686854bfebd86) C:\WINDOWS\system32\DRIVERS\athw.sys

2011/02/20 19:39:19.0953 0772 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

2011/02/20 19:39:20.0062 0772 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/02/20 19:39:20.0109 0772 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/02/20 19:39:20.0171 0772 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/02/20 19:39:20.0218 0772 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/02/20 19:39:20.0421 0772 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Programmes\Avira\AntiVir Desktop\avgio.sys

2011/02/20 19:39:20.0453 0772 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys

2011/02/20 19:39:20.0484 0772 avipbb (da39805e2bad99d37fce9477dd94e7f2) C:\WINDOWS\system32\DRIVERS\avipbb.sys

2011/02/20 19:39:20.0531 0772 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/02/20 19:39:20.0671 0772 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/02/20 19:39:20.0734 0772 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

2011/02/20 19:39:20.0781 0772 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/02/20 19:39:20.0828 0772 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/02/20 19:39:20.0859 0772 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/02/20 19:39:20.0937 0772 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

2011/02/20 19:39:21.0062 0772 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys

2011/02/20 19:39:21.0187 0772 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/02/20 19:39:21.0265 0772 dmboot (e2d3b7620310fe56685f9b15a6b404b3) C:\WINDOWS\system32\drivers\dmboot.sys

2011/02/20 19:39:21.0328 0772 dmio (c77f5c20aa70197a69aa84baa9de43c8) C:\WINDOWS\system32\drivers\dmio.sys

2011/02/20 19:39:21.0359 0772 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/02/20 19:39:21.0406 0772 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys

2011/02/20 19:39:21.0468 0772 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/02/20 19:39:21.0531 0772 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/02/20 19:39:21.0562 0772 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys

2011/02/20 19:39:21.0578 0772 Fips (8b121ff880683607ab2aef0340721718) C:\WINDOWS\system32\drivers\Fips.sys

2011/02/20 19:39:21.0625 0772 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys

2011/02/20 19:39:21.0671 0772 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

2011/02/20 19:39:21.0718 0772 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/02/20 19:39:21.0750 0772 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/02/20 19:39:21.0781 0772 FUJ02B1 (00845dcd64fe6348ddf7890c310c17b9) C:\WINDOWS\system32\DRIVERS\FUJ02B1.sys

2011/02/20 19:39:21.0812 0772 FUJ02E1 (c4942669fde5abd7bbe70027c9de1247) C:\WINDOWS\system32\Drivers\FUJ02E1.sys

2011/02/20 19:39:21.0828 0772 FUJ02E3 (ef9f310f86fd504afcdcedf8280091fb) C:\WINDOWS\system32\DRIVERS\FUJ02E3.sys

2011/02/20 19:39:21.0906 0772 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/02/20 19:39:21.0953 0772 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys

2011/02/20 19:39:21.0984 0772 hcmon (2084888f800fb1c1e514fd6da168b5b3) C:\WINDOWS\system32\drivers\hcmon.sys

2011/02/20 19:39:22.0015 0772 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

2011/02/20 19:39:22.0062 0772 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/02/20 19:39:22.0078 0772 HookCentre (d0e9faa9778d0345c9afe84ad86a5cce) C:\WINDOWS\system32\drivers\HookCentre.sys

2011/02/20 19:39:22.0156 0772 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/02/20 19:39:22.0218 0772 i8042prt (d1efcbd693b5ba21314d06368c471070) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/02/20 19:39:22.0406 0772 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

2011/02/20 19:39:22.0500 0772 iaStor (f4037a3fedb92dd97c95f320766ea5c9) C:\WINDOWS\system32\DRIVERS\iaStor.sys

2011/02/20 19:39:22.0562 0772 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/02/20 19:39:22.0765 0772 IntcAzAudAddService (2b1cddfe53715372b2677ace12fc9fe5) C:\WINDOWS\system32\drivers\RtkHDAud.sys

2011/02/20 19:39:22.0843 0772 IntelIde (1367812f8a974e0c13a4888fa5e7ede6) C:\WINDOWS\system32\DRIVERS\intelide.sys

2011/02/20 19:39:22.0875 0772 intelppm (dd5ad1e79ac26d3f8d8828ad4627f160) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2011/02/20 19:39:22.0906 0772 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

2011/02/20 19:39:22.0937 0772 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/02/20 19:39:22.0968 0772 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/02/20 19:39:23.0000 0772 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/02/20 19:39:23.0031 0772 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/02/20 19:39:23.0078 0772 irda (86c204836feec22510d434982d4221b8) C:\WINDOWS\system32\DRIVERS\irda.sys

2011/02/20 19:39:23.0359 0772 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/02/20 19:39:23.0437 0772 isapnp (54632f1a7de61dc3615d756f2a90fa72) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/02/20 19:39:23.0484 0772 Kbdclass (e798705e8dc7fab596ef6bfdf167e007) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/02/20 19:39:23.0531 0772 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys

2011/02/20 19:39:23.0578 0772 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/02/20 19:39:23.0671 0772 MBAMProtector (836e0e09ca9869be7eb39ef2cf3602c7) C:\WINDOWS\system32\drivers\mbam.sys

2011/02/20 19:39:23.0718 0772 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/02/20 19:39:23.0765 0772 Modem (5ac7e16f5b40a6da14b5f2b3ada4693e) C:\WINDOWS\system32\drivers\Modem.sys

2011/02/20 19:39:23.0859 0772 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys

2011/02/20 19:39:23.0906 0772 Mouclass (7d4f19411bd941e1d432a99e24230386) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/02/20 19:39:23.0937 0772 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/02/20 19:39:23.0968 0772 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/02/20 19:39:24.0031 0772 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/02/20 19:39:24.0078 0772 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/02/20 19:39:24.0125 0772 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys

2011/02/20 19:39:24.0156 0772 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/02/20 19:39:24.0187 0772 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/02/20 19:39:24.0218 0772 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/02/20 19:39:24.0250 0772 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/02/20 19:39:24.0281 0772 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys

2011/02/20 19:39:24.0343 0772 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys

2011/02/20 19:39:24.0375 0772 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

2011/02/20 19:39:24.0406 0772 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys

2011/02/20 19:39:24.0437 0772 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

2011/02/20 19:39:24.0468 0772 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/02/20 19:39:24.0500 0772 Ndisuio (5146c3d286e66c72328f6ce6e4d983a8) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/02/20 19:39:24.0546 0772 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/02/20 19:39:24.0578 0772 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/02/20 19:39:24.0625 0772 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/02/20 19:39:24.0671 0772 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/02/20 19:39:24.0734 0772 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys

2011/02/20 19:39:24.0781 0772 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys

2011/02/20 19:39:24.0812 0772 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/02/20 19:39:24.0843 0772 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/02/20 19:39:24.0859 0772 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/02/20 19:39:24.0890 0772 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/02/20 19:39:24.0921 0772 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

2011/02/20 19:39:24.0984 0772 Parport (318696359ac7df48d1e51974ec527dd2) C:\WINDOWS\system32\DRIVERS\parport.sys

2011/02/20 19:39:25.0000 0772 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/02/20 19:39:25.0031 0772 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/02/20 19:39:25.0062 0772 PCI (7c5da5c1ed801ad8b0309d5514f0b75e) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/02/20 19:39:25.0125 0772 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/02/20 19:39:25.0171 0772 Pcmcia (641da274e163617ea7a33506bc6da8e3) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

2011/02/20 19:39:25.0296 0772 Point32 (d0be72557de73acabbab536496d23115) C:\WINDOWS\system32\DRIVERS\point32.sys

2011/02/20 19:39:25.0437 0772 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/02/20 19:39:25.0500 0772 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys

2011/02/20 19:39:25.0546 0772 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/02/20 19:39:25.0671 0772 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/02/20 19:39:25.0703 0772 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

2011/02/20 19:39:25.0718 0772 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/02/20 19:39:25.0765 0772 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/02/20 19:39:25.0796 0772 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/02/20 19:39:25.0828 0772 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/02/20 19:39:25.0859 0772 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/02/20 19:39:25.0906 0772 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/02/20 19:39:25.0968 0772 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/02/20 19:39:26.0000 0772 redbook (2cc30b68dd62b73d444a41322cd7fc4c) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/02/20 19:39:26.0109 0772 SandBox (57ef0a92bada411c563384c08a4a25cd) C:\WINDOWS\system32\drivers\SandBox.sys

2011/02/20 19:39:26.0171 0772 SCREAMINGBDRIVER (a643d6df1b7546256b11fb5d6b5d1375) C:\WINDOWS\system32\drivers\ScreamingBAudio.sys

2011/02/20 19:39:26.0218 0772 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/02/20 19:39:26.0250 0772 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys

2011/02/20 19:39:26.0296 0772 Serial (653201755ca96ab4aaa4131daf6da356) C:\WINDOWS\system32\DRIVERS\serial.sys

2011/02/20 19:39:26.0359 0772 setup_9.0.0.722_17.02.2011_18-13drv (66ef49622baa18e4d4f1fe4bae1d51b8) C:\WINDOWS\system32\DRIVERS\8802649.sys

2011/02/20 19:39:26.0390 0772 setup_9.0.0.722_19.02.2011_20-12drv (66ef49622baa18e4d4f1fe4bae1d51b8) C:\WINDOWS\system32\DRIVERS\7114078.sys

2011/02/20 19:39:26.0421 0772 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys

2011/02/20 19:39:26.0500 0772 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys

2011/02/20 19:39:26.0546 0772 SMCIRDA (faedd4ac72c5772672cce88b3adafa56) C:\WINDOWS\system32\DRIVERS\smcirda.sys

2011/02/20 19:39:26.0593 0772 snapman (5052dbafc8f4e4507e6ad0d467dd3529) C:\WINDOWS\system32\DRIVERS\snapman.sys

2011/02/20 19:39:26.0656 0772 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys

2011/02/20 19:39:26.0718 0772 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys

2011/02/20 19:39:26.0718 0772 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b

2011/02/20 19:39:26.0718 0772 sptd - detected Locked file (1)

2011/02/20 19:39:26.0750 0772 sr (b52181023b827acda36c1b76751ebffd) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/02/20 19:39:26.0796 0772 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/02/20 19:39:26.0859 0772 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys

2011/02/20 19:39:26.0906 0772 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

2011/02/20 19:39:26.0953 0772 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/02/20 19:39:26.0968 0772 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys

2011/02/20 19:39:27.0093 0772 SynTP (ae4052fc36bd4c390cee45a38ec1199a) C:\WINDOWS\system32\DRIVERS\SynTP.sys

2011/02/20 19:39:27.0125 0772 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/02/20 19:39:27.0187 0772 Tcpip (27a5959c94ee173a063ca06bd14f021a) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/02/20 19:39:27.0234 0772 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/02/20 19:39:27.0265 0772 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/02/20 19:39:27.0296 0772 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/02/20 19:39:27.0375 0772 tifsfilter (fd03a8ff9d4573246bd8e6d5371969e4) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys

2011/02/20 19:39:27.0421 0772 timounter (8061ee6fe61a27d6024da5e2d06a0418) C:\WINDOWS\system32\DRIVERS\timntr.sys

2011/02/20 19:39:27.0484 0772 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys

2011/02/20 19:39:27.0531 0772 tosporte (b2842672056ca33f0a4aab3e5cbbf181) C:\WINDOWS\system32\DRIVERS\tosporte.sys

2011/02/20 19:39:27.0562 0772 Tosrfbd (926ca0b7fd2fa62d82c33b3117936070) C:\WINDOWS\system32\Drivers\tosrfbd.sys

2011/02/20 19:39:27.0593 0772 Tosrfbnp (1ae2ba74b2a4f5a358b13fcd35258c30) C:\WINDOWS\system32\Drivers\tosrfbnp.sys

2011/02/20 19:39:27.0640 0772 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys

2011/02/20 19:39:27.0687 0772 Tosrfhid (5dbf390aab62dd0d4d43a9278614e001) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys

2011/02/20 19:39:27.0734 0772 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys

2011/02/20 19:39:27.0765 0772 TosRfSnd (ab6fd13d7efa2634fa6bdf84c7ef0696) C:\WINDOWS\system32\drivers\TosRfSnd.sys

2011/02/20 19:39:27.0796 0772 Tosrfusb (d870fd6ce9060b73289f47e88630ee0e) C:\WINDOWS\system32\Drivers\tosrfusb.sys

2011/02/20 19:39:27.0968 0772 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) D:\Progs\Tune Up Utilities\TuneUpUtilitiesDriver32.sys

2011/02/20 19:39:28.0015 0772 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys

2011/02/20 19:39:28.0109 0772 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys

2011/02/20 19:39:28.0171 0772 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys

2011/02/20 19:39:28.0218 0772 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2011/02/20 19:39:28.0265 0772 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/02/20 19:39:28.0312 0772 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/02/20 19:39:28.0375 0772 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/02/20 19:39:28.0421 0772 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2011/02/20 19:39:28.0468 0772 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys

2011/02/20 19:39:28.0515 0772 VCSVADHWSer (b2abab4ca46bad182e27763dc19c780f) C:\WINDOWS\system32\DRIVERS\vcsvad.sys

2011/02/20 19:39:28.0546 0772 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys

2011/02/20 19:39:28.0625 0772 vmci (bf327b6ae50c0d5d1cc7aa49cf56c9f3) C:\WINDOWS\system32\Drivers\vmci.sys

2011/02/20 19:39:28.0687 0772 vmkbd (47755d44592212c8e609b0bb36227a4b) C:\WINDOWS\system32\drivers\VMkbd.sys

2011/02/20 19:39:28.0718 0772 VMnetAdapter (898706a05d20b706848a440961c52436) C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys

2011/02/20 19:39:28.0750 0772 VMnetBridge (5692cbd2a25e04c62707bfc311884b65) C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys

2011/02/20 19:39:28.0781 0772 VMnetuserif (6a1b3f7d9e25929fd42712ab80aebf62) C:\WINDOWS\system32\drivers\vmnetuserif.sys

2011/02/20 19:39:28.0828 0772 VMparport (f94040d3d27b56a46d559fd78a3e4084) C:\WINDOWS\system32\Drivers\VMparport.sys

2011/02/20 19:39:28.0875 0772 vmusb (25017db6451b002158db425961a82b7b) C:\WINDOWS\system32\Drivers\vmusb.sys

2011/02/20 19:39:28.0937 0772 vmx86 (925faad003f782057f1e0eea0797900e) C:\WINDOWS\system32\Drivers\vmx86.sys

2011/02/20 19:39:28.0984 0772 vnccom (b67632451f760797bb183e1fb99f4b39) C:\WINDOWS\system32\Drivers\vnccom.SYS

2011/02/20 19:39:29.0015 0772 VolSnap (313b1a0d5db26dfe1c34a6c13b2ce0a7) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/02/20 19:39:29.0093 0772 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/02/20 19:39:29.0156 0772 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/02/20 19:39:29.0234 0772 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

2011/02/20 19:39:29.0281 0772 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

2011/02/20 19:39:29.0359 0772 yukonwxp (03382deb49f1d9d61523754c0c5a8ddd) C:\WINDOWS\system32\DRIVERS\yk51x86.sys

2011/02/20 19:39:29.0578 0772 ================================================================================

2011/02/20 19:39:29.0578 0772 Scan finished

2011/02/20 19:39:29.0578 0772 ================================================================================

2011/02/20 19:39:29.0609 1704 Detected object count: 1

2011/02/20 19:40:19.0468 1704 Locked file(sptd) - User select action: Skip

 

 

Il trouve ca :

 

© CJoint.com, 2010

[Apollo]

Normal, c'est un driver de lecteur virtuel ou logiciel de gravure: aucun problème de ce côté.

 

Ce script a été rédigé spécialement pour cet utilisateur; ne pas l'utiliser sur une autre machine: dangereux!

 

1. Ferme tous les navigateurs ouverts.

2. Désactive provisoirement l'antivirus.

 

--> connecte les supports amovibles!

 

2. Ferme/désactive tous les programmes anti-virus, anti-malware ou anti-spyware afin qu'ils n'interfèrent pas avec le travail de ComboFix.

 

3. Ouvre le Bloc-notes et fais un copier/coller du texte situé dans la boîte Code ci-dessous dans le Bloc-notes:

 

FCopy::

C:\Windows\ServicePackFiles\i386\userinit.exe | C:\Windows\system32

 

Enregistre le fichier sous le nom CFScript.txt, au même endroit que ComboFix.exe

 

 

 

Comme sur l'image ci-dessus, fais glisser CFScript puis dépose-le sur ComboFix.exe

 

Lorsque l'outil aura terminé, il t'affichera un rapport nommé C:\ComboFix.txt que tu devras m'envoyer dans ton prochain message.

 

@++