[Abandonné] Help Rootkit et autre backdoor

damned006 · le 20 octobre 2011

Bonsoir à tous et merci d'avance,

Je désespère. J'ai à peu près la même chose que le cas suivant d'il y a qq jours http://forum.zebulon.fr/infection-qui-bloque-antivirus-et-cree-faux-moteur-de-recherche-t188616.html

J'ai utilisé le dernier antivir, malwarebyte et aussi kasperry virus removal tool et TDSSKiller. Tout ce beau monde m'a trouvé des w32/patchload.A / des TR/gendal.201968.1 TR/Kazy.2509810 / TR spybot.zbot

Tout a été plusieurs fois éradiqué par ces outils mais en mode sans échec uniquement. A chaque nouveau boot avec le mode réseau activé un processus revient sans cesse, un long chiffre en .exe. A partir de ce moment impossible d'utiliser les outils, les analyses de mlb et antivir ne se lancent plus, l'analyse kaspery s'arrête très vite, seul TDSSKiller fonctionne. Retour en mode sans echec et là il faut réinstaller antivir et mlb pour les faire fonctionner, tant que je reste en mode ss echec ss reseau. Dans ce cas après élimination les scans n'indiquent plus rien, tout va bien jusqu'au nouveau démarrage avec le réseau ! Dur, dur, dur. Cela revient sans cesse quoique je fasse donc.. je suis simplement resté 2 jours sans mon fidèle nod32 dont la licence avait expiré, je cherchais son remplaçant ! Et j'ai mon bébé malade avec moi c'est simple. Merci pour votre aide

J'utilise Vista Ultimate 32 et bien sur j'accède à ce forum depuis un autre pc, le portable de ma femme (qui veut le récupérer forcement)

A ce que j'ai lu ici je pense que combofix pourrait venir à bout du problème mais je préfère attendre votre analyse.

Ah oui impossible d'utiliser mlb avec la maj (50j) puisque des qu'elle se fait (avec le réseau donc) on ne peut plus lancer le soft, meme en mode sans échec, il faut repartir d'une nouvelle install en mode ss échec.

~~~~~~~~~~~~~~~

et maintenant si je démarre normalement (alors qu'en mode sans échec il n'y plus aucun pb) j'ai pendant le démarrage un crash avec écran bleu. Impossible donc de démarrer normalement maintenant ! C'est une première pour moi, je n'avais pas eu d'écran bleu depuis au moins 5 ans et à ce point au démarrage jamais ! J'avoue je deviens fou.

édit. en mode ss échec donc TDSS me trouve Rootkit.win32.Zaccess.e

Modifié le 23 octobre 2011 par damned006
Fusion des messages ;o)

bernard53 · le 21 octobre 2011

Bonjour

Donne moi le résultat exact trouve par "TDSSKiller " et je te donne la procédure à suivre.

A+

damned006 · le 21 octobre 2011

Bonjour

Donne moi le résultat exact trouve par "TDSSKiller " et je te donne la procédure à suivre.

A+

Bonjour Bernard et merci par avance de ton aide, ouf. Hélas ayant, une fois de plus, éliminé (cure) le pb avec TDSS maintenant il ne détecte plus rien (mode ss echec toujours). Dois-je tenter une nouvelle fois un boot normal pour qu'il réapparaisse ? A moins qu'il y ait qq part en mémoire les rapports de TDSS ?

EDit j'ai trouvé les rapports. Le temps de les transférer entre pc, la connexion réseau est limitée désormais, plus aucun acces internet côté pc infecté.

Modifié le 21 octobre 2011 par damned006

damned006 · le 21 octobre 2011

Bonjour Bernard et merci par avance de ton aide, ouf. Hélas ayant, une fois de plus, éliminé (cure) le pb avec TDSS maintenant il ne détecte plus rien (mode ss echec toujours). Dois-je tenter une nouvelle fois un boot normal pour qu'il réapparaisse ? A moins qu'il y ait qq part en mémoire les rapports de TDSS ?

EDit j'ai trouvé les rapports. Le temps de les transférer entre pc, la connexion réseau est limitée désormais, plus aucun acces internet côté pc infecté.

voici le dernier avant "cure"21:03:03.0608 1116 TDSS rootkit removing tool 2.6.11.0 Oct 19 2011 13:50:27

21:03:03.0655 1116 ============================================================

21:03:03.0655 1116 Current date / time: 2011/10/20 21:03:03.0655

21:03:03.0655 1116 SystemInfo:

21:03:03.0655 1116

21:03:03.0655 1116 OS Version: 6.0.6001 ServicePack: 1.0

21:03:03.0655 1116 Product type: Workstation

21:03:03.0655 1116 ComputerName: DELLONE

21:03:03.0655 1116 UserName: damienb

21:03:03.0655 1116 Windows directory: C:\Windows

21:03:03.0655 1116 System windows directory: C:\Windows

21:03:03.0655 1116 Processor architecture: Intel x86

21:03:03.0655 1116 Number of processors: 2

21:03:03.0655 1116 Page size: 0x1000

21:03:03.0655 1116 Boot type: Safe boot

21:03:03.0655 1116 ============================================================

21:03:04.0934 1116 Initialize success

21:03:06.0291 1156 ============================================================

21:03:06.0291 1156 Scan started

21:03:06.0291 1156 Mode: Manual;

21:03:06.0291 1156 ============================================================

21:03:07.0368 1156 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

21:03:07.0368 1156 ACPI - ok

21:03:07.0430 1156 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

21:03:07.0446 1156 adp94xx - ok

21:03:07.0461 1156 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

21:03:07.0477 1156 adpahci - ok

21:03:07.0508 1156 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

21:03:07.0508 1156 adpu160m - ok

21:03:07.0539 1156 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

21:03:07.0539 1156 adpu320 - ok

21:03:07.0586 1156 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

21:03:07.0586 1156 agp440 - ok

21:03:07.0602 1156 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

21:03:07.0602 1156 aic78xx - ok

21:03:07.0617 1156 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys

21:03:07.0617 1156 aliide - ok

21:03:07.0648 1156 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

21:03:07.0648 1156 amdagp - ok

21:03:07.0664 1156 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys

21:03:07.0664 1156 amdide - ok

21:03:07.0695 1156 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

21:03:07.0695 1156 AmdK7 - ok

21:03:07.0711 1156 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

21:03:07.0711 1156 AmdK8 - ok

21:03:07.0773 1156 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

21:03:07.0773 1156 arc - ok

21:03:07.0789 1156 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

21:03:07.0789 1156 arcsas - ok

21:03:07.0820 1156 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

21:03:07.0820 1156 AsyncMac - ok

21:03:07.0851 1156 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

21:03:07.0851 1156 atapi - ok

21:03:07.0945 1156 atikmdag (7310e80e3347cb758d61eb6d5041fcd4) C:\Windows\system32\DRIVERS\atikmdag.sys

21:03:08.0023 1156 atikmdag - ok

21:03:08.0085 1156 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys

21:03:08.0085 1156 avgntflt - ok

21:03:08.0101 1156 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys

21:03:08.0116 1156 avipbb - ok

21:03:08.0163 1156 BCM43XV (bfdb53bb0c1c9d50ea47c939c5c1807c) C:\Windows\system32\DRIVERS\bcmwl6.sys

21:03:08.0194 1156 BCM43XV - ok

21:03:08.0210 1156 BCM43XX (bfdb53bb0c1c9d50ea47c939c5c1807c) C:\Windows\system32\DRIVERS\bcmwl6.sys

21:03:08.0210 1156 BCM43XX - ok

21:03:08.0257 1156 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

21:03:08.0413 1156 Beep - ok

21:03:08.0428 1156 blbdrive - ok

21:03:08.0475 1156 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys

21:03:08.0491 1156 bowser - ok

21:03:08.0506 1156 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

21:03:08.0506 1156 BrFiltLo - ok

21:03:08.0522 1156 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

21:03:08.0522 1156 BrFiltUp - ok

21:03:08.0553 1156 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

21:03:08.0553 1156 Brserid - ok

21:03:08.0584 1156 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

21:03:08.0584 1156 BrSerWdm - ok

21:03:08.0616 1156 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

21:03:08.0616 1156 BrUsbMdm - ok

21:03:08.0631 1156 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

21:03:08.0631 1156 BrUsbSer - ok

21:03:08.0647 1156 BthEnum (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys

21:03:08.0647 1156 BthEnum - ok

21:03:08.0678 1156 BTHMODEM (5ffa6988ff9597986ff2ada736cc90c0) C:\Windows\system32\DRIVERS\bthmodem.sys

21:03:08.0678 1156 BTHMODEM - ok

21:03:08.0725 1156 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

21:03:08.0740 1156 BthPan - ok

21:03:08.0772 1156 BTHPORT (73d53f8e90550ba81e2cf44a0873b410) C:\Windows\system32\Drivers\BTHport.sys

21:03:08.0772 1156 BTHPORT - ok

21:03:08.0803 1156 BTHUSB (32045a4bb143bbc5bab1298c4e9e309a) C:\Windows\system32\Drivers\BTHUSB.sys

21:03:08.0803 1156 BTHUSB - ok

21:03:08.0850 1156 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

21:03:08.0850 1156 cdfs - ok

21:03:08.0881 1156 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

21:03:08.0881 1156 cdrom - ok

21:03:08.0881 1156 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys

21:03:08.0896 1156 circlass - ok

21:03:08.0928 1156 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

21:03:08.0928 1156 CLFS - ok

21:03:08.0959 1156 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys

21:03:08.0959 1156 cmdide - ok

21:03:08.0974 1156 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys

21:03:08.0974 1156 Compbatt - ok

21:03:08.0990 1156 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

21:03:08.0990 1156 crcdisk - ok

21:03:09.0006 1156 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

21:03:09.0006 1156 Crusoe - ok

21:03:09.0052 1156 CSC (9a5434125c3dfe42393de4bbb791bd19) C:\Windows\system32\drivers\csc.sys

21:03:09.0052 1156 CSC - ok

21:03:09.0099 1156 CXSONORA (449a7ca685c7342771baa7e162b94777) C:\Windows\system32\drivers\A885VCap.sys

21:03:09.0115 1156 CXSONORA - ok

21:03:09.0162 1156 DfsC (bb89c28472020ecdc565bd2985928a7b) C:\Windows\system32\Drivers\dfsc.sys

21:03:09.0162 1156 DfsC ( Rootkit.Win32.ZAccess.e ) - infected

21:03:09.0162 1156 DfsC - detected Rootkit.Win32.ZAccess.e (0)

21:03:09.0208 1156 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\Windows\system32\drivers\dgderdrv.sys

21:03:09.0224 1156 dgderdrv - ok

21:03:09.0271 1156 dg_ssudbus (8d949255edc6f4aa87730b8472106591) C:\Windows\system32\DRIVERS\ssudbus.sys

21:03:09.0271 1156 dg_ssudbus - ok

21:03:09.0302 1156 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

21:03:09.0302 1156 disk - ok

21:03:09.0333 1156 DLXPDisplayName (999e4dbed85966ff4e7d82a774107af7) C:\Windows\system32\DRIVERS\DLACPI.sys

21:03:09.0333 1156 DLXPDisplayName - ok

21:03:09.0349 1156 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

21:03:09.0349 1156 drmkaud - ok

21:03:09.0364 1156 DSDrv4 - ok

21:03:09.0411 1156 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

21:03:09.0427 1156 DXGKrnl - ok

21:03:09.0458 1156 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys

21:03:09.0474 1156 e1express - ok

21:03:09.0505 1156 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

21:03:09.0505 1156 E1G60 - ok

21:03:09.0552 1156 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

21:03:09.0552 1156 Ecache - ok

21:03:09.0598 1156 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

21:03:09.0598 1156 elxstor - ok

21:03:09.0630 1156 epfwtdir (ccfb3bb29c08fcab134f237743bb0311) C:\Windows\system32\DRIVERS\epfwtdir.sys

21:03:09.0645 1156 epfwtdir - ok

21:03:09.0692 1156 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

21:03:09.0708 1156 exfat - ok

21:03:09.0786 1156 eyeonedp (8313a6af9de34a9d24df2329a548b004) C:\Windows\system32\DRIVERS\eyeonedp.sys

21:03:09.0801 1156 eyeonedp - ok

21:03:09.0848 1156 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

21:03:09.0848 1156 fastfat - ok

21:03:09.0879 1156 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

21:03:09.0879 1156 fdc - ok

21:03:09.0895 1156 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

21:03:09.0895 1156 FileInfo - ok

21:03:09.0926 1156 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

21:03:09.0926 1156 Filetrace - ok

21:03:09.0957 1156 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

21:03:09.0957 1156 flpydisk - ok

21:03:09.0988 1156 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

21:03:09.0988 1156 FltMgr - ok

21:03:10.0004 1156 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

21:03:10.0004 1156 Fs_Rec - ok

21:03:10.0035 1156 fvevol (1400c747e2b73966b100fdce5426b7b2) C:\Windows\system32\DRIVERS\fvevol.sys

21:03:10.0035 1156 fvevol - ok

21:03:10.0066 1156 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

21:03:10.0066 1156 gagp30kx - ok

21:03:10.0113 1156 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

21:03:10.0113 1156 GEARAspiWDM - ok

21:03:10.0160 1156 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

21:03:10.0176 1156 HdAudAddService - ok

21:03:10.0191 1156 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

21:03:10.0207 1156 HDAudBus - ok

21:03:10.0222 1156 HECI (c865d1f6d03595df213dc3c67e4e4c58) C:\Windows\system32\DRIVERS\HECI.sys

21:03:10.0222 1156 HECI - ok

21:03:10.0254 1156 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

21:03:10.0269 1156 HidBth - ok

21:03:10.0300 1156 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys

21:03:10.0300 1156 HidIr - ok

21:03:10.0316 1156 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys

21:03:10.0316 1156 HidUsb - ok

21:03:10.0347 1156 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

21:03:10.0347 1156 HpCISSs - ok

21:03:10.0425 1156 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

21:03:10.0425 1156 HTTP - ok

21:03:10.0456 1156 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

21:03:10.0456 1156 i2omp - ok

21:03:10.0472 1156 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

21:03:10.0472 1156 i8042prt - ok

21:03:10.0503 1156 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

21:03:10.0503 1156 iaStorV - ok

21:03:10.0581 1156 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

21:03:10.0581 1156 iirsp - ok

21:03:10.0659 1156 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys

21:03:10.0690 1156 IntcAzAudAddService - ok

21:03:10.0722 1156 intelide (1c60617d54bc9f035671a44b75d9f7cc) C:\Windows\system32\drivers\intelide.sys

21:03:10.0722 1156 intelide - ok

21:03:10.0753 1156 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

21:03:10.0753 1156 intelppm - ok

21:03:10.0784 1156 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:03:10.0784 1156 IpFilterDriver - ok

21:03:10.0800 1156 IpInIp - ok

21:03:10.0831 1156 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

21:03:10.0831 1156 IPMIDRV - ok

21:03:10.0878 1156 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

21:03:10.0878 1156 IPNAT - ok

21:03:10.0909 1156 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

21:03:10.0909 1156 IRENUM - ok

21:03:10.0924 1156 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

21:03:10.0924 1156 isapnp - ok

21:03:10.0971 1156 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys

21:03:10.0971 1156 iScsiPrt - ok

21:03:11.0018 1156 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

21:03:11.0018 1156 iteatapi - ok

21:03:11.0018 1156 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

21:03:11.0018 1156 iteraid - ok

21:03:11.0065 1156 ivusb - ok

21:03:11.0080 1156 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

21:03:11.0080 1156 kbdclass - ok

21:03:11.0112 1156 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys

21:03:11.0112 1156 kbdhid - ok

21:03:11.0158 1156 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

21:03:11.0158 1156 KSecDD - ok

21:03:11.0190 1156 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\Windows\system32\DRIVERS\LHidFilt.Sys

21:03:11.0190 1156 LHidFilt - ok

21:03:11.0221 1156 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

21:03:11.0221 1156 lltdio - ok

21:03:11.0252 1156 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\Windows\system32\DRIVERS\LMouFilt.Sys

21:03:11.0252 1156 LMouFilt - ok

21:03:11.0283 1156 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

21:03:11.0283 1156 LSI_FC - ok

21:03:11.0314 1156 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

21:03:11.0314 1156 LSI_SAS - ok

21:03:11.0346 1156 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

21:03:11.0346 1156 LSI_SCSI - ok

21:03:11.0377 1156 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

21:03:11.0377 1156 luafv - ok

21:03:11.0392 1156 LUsbFilt (144011d14bd35f4e36136ae057b1aadd) C:\Windows\system32\Drivers\LUsbFilt.Sys

21:03:11.0392 1156 LUsbFilt - ok

21:03:11.0424 1156 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

21:03:11.0424 1156 megasas - ok

21:03:11.0486 1156 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

21:03:11.0486 1156 Modem - ok

21:03:11.0502 1156 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

21:03:11.0517 1156 monitor - ok

21:03:11.0548 1156 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

21:03:11.0548 1156 mouclass - ok

21:03:11.0564 1156 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

21:03:11.0564 1156 mouhid - ok

21:03:11.0580 1156 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

21:03:11.0580 1156 MountMgr - ok

21:03:11.0611 1156 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

21:03:11.0611 1156 mpio - ok

21:03:11.0626 1156 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

21:03:11.0642 1156 mpsdrv - ok

21:03:11.0673 1156 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

21:03:11.0673 1156 Mraid35x - ok

21:03:11.0704 1156 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

21:03:11.0704 1156 MRxDAV - ok

21:03:11.0751 1156 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys

21:03:11.0751 1156 mrxsmb - ok

21:03:11.0767 1156 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:03:11.0767 1156 mrxsmb10 - ok

21:03:11.0782 1156 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:03:11.0782 1156 mrxsmb20 - ok

21:03:11.0814 1156 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

21:03:11.0814 1156 msahci - ok

21:03:11.0845 1156 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

21:03:11.0845 1156 msdsm - ok

21:03:11.0907 1156 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

21:03:11.0907 1156 Msfs - ok

21:03:11.0923 1156 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

21:03:11.0923 1156 msisadrv - ok

21:03:11.0954 1156 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

21:03:11.0954 1156 MSKSSRV - ok

21:03:11.0970 1156 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

21:03:11.0970 1156 MSPCLOCK - ok

21:03:12.0001 1156 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

21:03:12.0001 1156 MSPQM - ok

21:03:12.0016 1156 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

21:03:12.0032 1156 MsRPC - ok

21:03:12.0048 1156 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

21:03:12.0048 1156 mssmbios - ok

21:03:12.0063 1156 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

21:03:12.0063 1156 MSTEE - ok

21:03:12.0079 1156 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

21:03:12.0079 1156 Mup - ok

21:03:12.0110 1156 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

21:03:12.0110 1156 NativeWifiP - ok

21:03:12.0157 1156 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys

21:03:12.0157 1156 NDIS - ok

21:03:12.0188 1156 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

21:03:12.0188 1156 NdisTapi - ok

21:03:12.0204 1156 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

21:03:12.0204 1156 Ndisuio - ok

21:03:12.0219 1156 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

21:03:12.0235 1156 NdisWan - ok

21:03:12.0266 1156 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

21:03:12.0266 1156 NDProxy - ok

21:03:12.0297 1156 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

21:03:12.0297 1156 NetBIOS - ok

21:03:12.0328 1156 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

21:03:12.0328 1156 netbt - ok

21:03:12.0391 1156 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

21:03:12.0391 1156 nfrd960 - ok

21:03:12.0422 1156 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

21:03:12.0422 1156 Npfs - ok

21:03:12.0453 1156 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

21:03:12.0453 1156 nsiproxy - ok

21:03:12.0484 1156 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

21:03:12.0516 1156 Ntfs - ok

21:03:12.0531 1156 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

21:03:12.0531 1156 ntrigdigi - ok

21:03:12.0562 1156 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

21:03:12.0562 1156 Null - ok

21:03:12.0609 1156 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys

21:03:12.0609 1156 nvraid - ok

21:03:12.0640 1156 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys

21:03:12.0640 1156 nvstor - ok

21:03:12.0672 1156 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

21:03:12.0672 1156 nv_agp - ok

21:03:12.0687 1156 NwlnkFlt - ok

21:03:12.0687 1156 NwlnkFwd - ok

21:03:12.0734 1156 OEM07Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM07Vfx.sys

21:03:12.0734 1156 OEM07Vfx - ok

21:03:12.0765 1156 OEM07Vid (bca1f5249018277cd423f00de448a8d2) C:\Windows\system32\DRIVERS\OEM07Vid.sys

21:03:12.0765 1156 OEM07Vid - ok

21:03:12.0796 1156 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys

21:03:12.0796 1156 ohci1394 - ok

21:03:12.0812 1156 OMCI - ok

21:03:12.0843 1156 OxFWLF (ec10f580fbe583e377b5d86081923998) C:\Windows\system32\drivers\OxFWLF.sys

21:03:12.0843 1156 OxFWLF - ok

21:03:12.0874 1156 OXUDIDRV (f76a3952fb6ccfdb74446d74840ba404) C:\Windows\system32\Drivers\OXUDIDRV_X32.sys

21:03:12.0874 1156 OXUDIDRV - ok

21:03:12.0890 1156 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

21:03:12.0906 1156 Parport - ok

21:03:12.0937 1156 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

21:03:12.0937 1156 partmgr - ok

21:03:12.0952 1156 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

21:03:12.0952 1156 Parvdm - ok

21:03:12.0984 1156 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

21:03:12.0984 1156 pci - ok

21:03:13.0015 1156 pciide (20b869152448f80ac49cf10264e91f5e) C:\Windows\system32\drivers\pciide.sys

21:03:13.0015 1156 pciide - ok

21:03:13.0046 1156 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

21:03:13.0046 1156 pcmcia - ok

21:03:13.0093 1156 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys

21:03:13.0093 1156 pcouffin - ok

21:03:13.0171 1156 PDIHWCTL (274fb48dc92e0ec012d4d8d866cfaf8a) C:\Windows\system32\drivers\pdihwctl.sys

21:03:13.0171 1156 PDIHWCTL - ok

21:03:13.0202 1156 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

21:03:13.0233 1156 PEAUTH - ok

21:03:13.0264 1156 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

21:03:13.0264 1156 PptpMiniport - ok

21:03:13.0296 1156 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

21:03:13.0296 1156 Processor - ok

21:03:13.0342 1156 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

21:03:13.0342 1156 PSched - ok

21:03:13.0374 1156 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys

21:03:13.0374 1156 PxHelp20 - ok

21:03:13.0436 1156 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

21:03:13.0452 1156 ql2300 - ok

21:03:13.0483 1156 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

21:03:13.0483 1156 ql40xx - ok

21:03:13.0514 1156 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

21:03:13.0514 1156 QWAVEdrv - ok

21:03:13.0561 1156 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

21:03:13.0561 1156 RasAcd - ok

21:03:13.0576 1156 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

21:03:13.0576 1156 Rasl2tp - ok

21:03:13.0623 1156 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

21:03:13.0623 1156 RasPppoe - ok

21:03:13.0654 1156 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

21:03:13.0654 1156 RasSstp - ok

21:03:13.0670 1156 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

21:03:13.0686 1156 rdbss - ok

21:03:13.0717 1156 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

21:03:13.0717 1156 RDPCDD - ok

21:03:13.0748 1156 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\DRIVERS\rdpdr.sys

21:03:13.0748 1156 rdpdr - ok

21:03:13.0764 1156 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

21:03:13.0764 1156 RDPENCDD - ok

21:03:13.0795 1156 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

21:03:13.0795 1156 RDPWD - ok

21:03:13.0826 1156 RFCOMM (34cc78c06587718c2ad6d3aa83b1f072) C:\Windows\system32\DRIVERS\rfcomm.sys

21:03:13.0826 1156 RFCOMM - ok

21:03:13.0873 1156 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys

21:03:13.0873 1156 rimmptsk - ok

21:03:13.0873 1156 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys

21:03:13.0873 1156 rimsptsk - ok

21:03:13.0888 1156 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys

21:03:13.0888 1156 rismxdp - ok

21:03:13.0935 1156 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

21:03:13.0935 1156 rspndr - ok

21:03:13.0966 1156 sbp2port (e0be42226ef2cc26f3e271ae7b00e211) C:\Windows\system32\DRIVERS\sbp2port.sys

21:03:13.0966 1156 sbp2port - ok

21:03:13.0998 1156 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

21:03:13.0998 1156 sdbus - ok

21:03:14.0029 1156 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

21:03:14.0029 1156 secdrv - ok

21:03:14.0076 1156 Ser2pl - ok

21:03:14.0091 1156 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys

21:03:14.0091 1156 Serenum - ok

21:03:14.0122 1156 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

21:03:14.0122 1156 Serial - ok

21:03:14.0154 1156 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

21:03:14.0154 1156 sermouse - ok

21:03:14.0200 1156 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys

21:03:14.0200 1156 sffdisk - ok

21:03:14.0232 1156 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

21:03:14.0232 1156 sffp_mmc - ok

21:03:14.0263 1156 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\DRIVERS\sffp_sd.sys

21:03:14.0263 1156 sffp_sd - ok

21:03:14.0278 1156 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

21:03:14.0278 1156 sfloppy - ok

21:03:14.0310 1156 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

21:03:14.0310 1156 sisagp - ok

21:03:14.0341 1156 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

21:03:14.0341 1156 SiSRaid2 - ok

21:03:14.0356 1156 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

21:03:14.0372 1156 SiSRaid4 - ok

21:03:14.0403 1156 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

21:03:14.0403 1156 Smb - ok

21:03:14.0434 1156 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

21:03:14.0434 1156 spldr - ok

21:03:14.0481 1156 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys

21:03:14.0497 1156 srv - ok

21:03:14.0512 1156 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys

21:03:14.0512 1156 srv2 - ok

21:03:14.0559 1156 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys

21:03:14.0559 1156 srvnet - ok

21:03:14.0606 1156 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

21:03:14.0606 1156 ssmdrv - ok

21:03:14.0668 1156 ssudmdm (15376507e439f73610f83947f1727e84) C:\Windows\system32\DRIVERS\ssudmdm.sys

21:03:14.0684 1156 ssudmdm - ok

21:03:14.0700 1156 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

21:03:14.0715 1156 swenum - ok

21:03:14.0731 1156 swpag (e6d35f3aa51a65eb35c1f2340154a25e) C:\Windows\system32\drivers\mycnin.sys

21:03:14.0731 1156 swpag - ok

21:03:14.0762 1156 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

21:03:14.0762 1156 Symc8xx - ok

21:03:14.0793 1156 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

21:03:14.0793 1156 Sym_hi - ok

21:03:14.0824 1156 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

21:03:14.0824 1156 Sym_u3 - ok

21:03:14.0871 1156 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys

21:03:14.0902 1156 Tcpip - ok

21:03:14.0934 1156 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys

21:03:14.0934 1156 Tcpip6 - ok

21:03:14.0980 1156 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

21:03:14.0980 1156 tcpipreg - ok

21:03:15.0012 1156 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

21:03:15.0012 1156 TDPIPE - ok

21:03:15.0027 1156 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

21:03:15.0043 1156 TDTCP - ok

21:03:15.0074 1156 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

21:03:15.0074 1156 tdx - ok

21:03:15.0105 1156 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

21:03:15.0105 1156 TermDD - ok

21:03:15.0136 1156 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

21:03:15.0136 1156 tssecsrv - ok

21:03:15.0152 1156 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

21:03:15.0168 1156 tunmp - ok

21:03:15.0246 1156 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys

21:03:15.0246 1156 tunnel - ok

21:03:15.0261 1156 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

21:03:15.0277 1156 uagp35 - ok

21:03:15.0308 1156 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

21:03:15.0308 1156 udfs - ok

21:03:15.0324 1156 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

21:03:15.0324 1156 uliagpkx - ok

21:03:15.0370 1156 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

21:03:15.0370 1156 uliahci - ok

21:03:15.0402 1156 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

21:03:15.0402 1156 UlSata - ok

21:03:15.0433 1156 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

21:03:15.0433 1156 ulsata2 - ok

21:03:15.0480 1156 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

21:03:15.0480 1156 umbus - ok

21:03:15.0526 1156 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys

21:03:15.0526 1156 USBAAPL - ok

21:03:15.0558 1156 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

21:03:15.0558 1156 usbccgp - ok

21:03:15.0573 1156 usbcir (47b9770ea21436de4ad5aea7926e0900) C:\Windows\system32\DRIVERS\usbcir.sys

21:03:15.0573 1156 usbcir - ok

21:03:15.0604 1156 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys

21:03:15.0620 1156 usbehci - ok

21:03:15.0636 1156 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys

21:03:15.0651 1156 usbhub - ok

21:03:15.0682 1156 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

21:03:15.0682 1156 usbohci - ok

21:03:15.0729 1156 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

21:03:15.0729 1156 usbprint - ok

21:03:15.0760 1156 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:03:15.0760 1156 USBSTOR - ok

21:03:15.0792 1156 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

21:03:15.0792 1156 usbuhci - ok

21:03:15.0823 1156 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys

21:03:15.0823 1156 usbvideo - ok

21:03:15.0854 1156 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

21:03:15.0854 1156 vga - ok

21:03:15.0885 1156 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

21:03:15.0885 1156 VgaSave - ok

21:03:15.0901 1156 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

21:03:15.0901 1156 viaagp - ok

21:03:15.0963 1156 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

21:03:15.0963 1156 ViaC7 - ok

21:03:16.0010 1156 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys

21:03:16.0010 1156 viaide - ok

21:03:16.0041 1156 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

21:03:16.0057 1156 volmgr - ok

21:03:16.0088 1156 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

21:03:16.0088 1156 volmgrx - ok

21:03:16.0119 1156 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

21:03:16.0119 1156 volsnap - ok

21:03:16.0150 1156 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

21:03:16.0150 1156 vsmraid - ok

21:03:16.0166 1156 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

21:03:16.0166 1156 WacomPen - ok

21:03:16.0197 1156 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

21:03:16.0197 1156 Wanarp - ok

21:03:16.0197 1156 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

21:03:16.0213 1156 Wanarpv6 - ok

21:03:16.0228 1156 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

21:03:16.0228 1156 Wd - ok

21:03:16.0244 1156 WDC_SAM - ok

21:03:16.0275 1156 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

21:03:16.0291 1156 Wdf01000 - ok

21:03:16.0338 1156 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys

21:03:16.0338 1156 WmiAcpi - ok

21:03:16.0384 1156 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

21:03:16.0384 1156 WpdUsb - ok

21:03:16.0400 1156 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

21:03:16.0400 1156 ws2ifsl - ok

21:03:16.0447 1156 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

21:03:16.0447 1156 WUDFRd - ok

21:03:16.0478 1156 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

21:03:16.0494 1156 \Device\Harddisk0\DR0 - ok

21:03:16.0494 1156 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1

21:03:16.0509 1156 \Device\Harddisk1\DR1 - ok

21:03:16.0509 1156 Boot (0x1200) (6e6e98c3c0041061333ea58384bc1a7a) \Device\Harddisk0\DR0\Partition0

21:03:16.0509 1156 \Device\Harddisk0\DR0\Partition0 - ok

21:03:16.0525 1156 Boot (0x1200) (b69c860aff9350af431f84e435aa41b6) \Device\Harddisk0\DR0\Partition1

21:03:16.0525 1156 \Device\Harddisk0\DR0\Partition1 - ok

21:03:16.0525 1156 Boot (0x1200) (c13ae6503713c7865e3c4592762563e8) \Device\Harddisk1\DR1\Partition0

21:03:16.0525 1156 \Device\Harddisk1\DR1\Partition0 - ok

21:03:16.0525 1156 ============================================================

21:03:16.0525 1156 Scan finished

21:03:16.0525 1156 ============================================================

21:03:16.0572 1784 Detected object count: 1

21:03:16.0572 1784 Actual detected object count: 1

21:26:01.0228 1784 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\dfsc.sys) error 1813

21:26:08.0155 1784 Backup copy not found, trying to cure infected file..

21:26:08.0202 1784 Cure success, using it..

21:26:08.0233 1784 C:\Windows\system32\Drivers\dfsc.sys - will be cured on reboot

21:26:08.0233 1784 DfsC ( Rootkit.Win32.ZAccess.e ) - User select action: Cure

21:28:46.0698 1088 Deinitialize success

ET un d'avant ou on retrouve le fameux longchiffre.exe que je reconnaissais dans mes process à chaque démarrage en mode réseau, process impossible à arrêter bien sur.

16:39:29.0799 4308 TDSS rootkit removing tool 2.6.11.0 Oct 19 2011 13:50:27

16:39:29.0939 4308 ============================================================

16:39:29.0939 4308 Current date / time: 2011/10/20 16:39:29.0939

16:39:29.0939 4308 SystemInfo:

16:39:29.0939 4308

16:39:29.0939 4308 OS Version: 6.0.6001 ServicePack: 1.0

16:39:29.0939 4308 Product type: Workstation

16:39:29.0939 4308 ComputerName: DELLONE

16:39:29.0939 4308 UserName: damienb

16:39:29.0939 4308 Windows directory: C:\Windows

16:39:29.0939 4308 System windows directory: C:\Windows

16:39:29.0939 4308 Processor architecture: Intel x86

16:39:29.0939 4308 Number of processors: 2

16:39:29.0939 4308 Page size: 0x1000

16:39:29.0939 4308 Boot type: Normal boot

16:39:29.0939 4308 ============================================================

16:39:32.0108 4308 Initialize success

16:39:35.0618 4488 ============================================================

16:39:35.0618 4488 Scan started

16:39:35.0618 4488 Mode: Manual;

16:39:35.0618 4488 ============================================================

16:39:38.0036 4488 112892b5 (8f2bb1827cac01aee6a16e30a1260199) C:\Windows\3046254609:4007095626.exe

16:39:38.0036 4488 Suspicious file (Hidden): C:\Windows\3046254609:4007095626.exe. md5: 8f2bb1827cac01aee6a16e30a1260199

16:39:38.0036 4488 112892b5 ( HiddenFile.Multi.Generic ) - warning

16:39:38.0036 4488 112892b5 - detected HiddenFile.Multi.Generic (1)

16:39:38.0145 4488 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

16:39:38.0145 4488 ACPI - ok

16:39:38.0706 4488 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

16:39:38.0722 4488 adp94xx - ok

16:39:38.0769 4488 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

16:39:38.0769 4488 adpahci - ok

16:39:38.0847 4488 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

16:39:38.0847 4488 adpu160m - ok

16:39:38.0972 4488 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

16:39:38.0972 4488 adpu320 - ok

16:39:39.0112 4488 AFD (45f5f6da69684c75d43acc37b151e0e0) C:\Windows\system32\drivers\afd.sys

16:39:39.0112 4488 Suspicious file (Forged): C:\Windows\system32\drivers\afd.sys. Real md5: 45f5f6da69684c75d43acc37b151e0e0, Fake md5: 48eb99503533c27ac6135648e5474457

16:39:39.0112 4488 AFD ( ForgedFile.Multi.Generic ) - warning

16:39:39.0112 4488 AFD - detected ForgedFile.Multi.Generic (1)

16:39:39.0174 4488 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

16:39:39.0190 4488 agp440 - ok

16:39:39.0252 4488 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

16:39:39.0252 4488 aic78xx - ok

16:39:39.0299 4488 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys

16:39:39.0299 4488 aliide - ok

16:39:39.0362 4488 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

16:39:39.0362 4488 amdagp - ok

16:39:39.0455 4488 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys

16:39:39.0455 4488 amdide - ok

16:39:39.0486 4488 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

16:39:39.0486 4488 AmdK7 - ok

16:39:39.0564 4488 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

16:39:39.0564 4488 AmdK8 - ok

16:39:39.0642 4488 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

16:39:39.0642 4488 arc - ok

16:39:39.0689 4488 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

16:39:39.0689 4488 arcsas - ok

16:39:39.0720 4488 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

16:39:39.0720 4488 AsyncMac - ok

16:39:39.0767 4488 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

16:39:39.0767 4488 atapi - ok

16:39:39.0861 4488 atikmdag (7310e80e3347cb758d61eb6d5041fcd4) C:\Windows\system32\DRIVERS\atikmdag.sys

16:39:40.0017 4488 atikmdag - ok

16:39:40.0095 4488 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys

16:39:40.0095 4488 avgntflt - ok

16:39:40.0126 4488 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys

16:39:40.0126 4488 avipbb - ok

16:39:40.0173 4488 BCM43XV (bfdb53bb0c1c9d50ea47c939c5c1807c) C:\Windows\system32\DRIVERS\bcmwl6.sys

16:39:40.0188 4488 BCM43XV - ok

16:39:40.0220 4488 BCM43XX (bfdb53bb0c1c9d50ea47c939c5c1807c) C:\Windows\system32\DRIVERS\bcmwl6.sys

16:39:40.0220 4488 BCM43XX - ok

16:39:40.0329 4488 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

16:39:40.0329 4488 Beep - ok

16:39:40.0344 4488 blbdrive - ok

16:39:40.0422 4488 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys

16:39:40.0422 4488 bowser - ok

16:39:40.0469 4488 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

16:39:40.0469 4488 BrFiltLo - ok

16:39:40.0578 4488 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

16:39:40.0578 4488 BrFiltUp - ok

16:39:40.0656 4488 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

16:39:40.0656 4488 Brserid - ok

16:39:40.0688 4488 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

16:39:40.0688 4488 BrSerWdm - ok

16:39:40.0797 4488 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

16:39:40.0797 4488 BrUsbMdm - ok

16:39:40.0828 4488 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

16:39:40.0828 4488 BrUsbSer - ok

16:39:40.0890 4488 BthEnum (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys

16:39:40.0890 4488 BthEnum - ok

16:39:40.0937 4488 BTHMODEM (5ffa6988ff9597986ff2ada736cc90c0) C:\Windows\system32\DRIVERS\bthmodem.sys

16:39:40.0937 4488 BTHMODEM - ok

16:39:41.0078 4488 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

16:39:41.0078 4488 BthPan - ok

16:39:41.0140 4488 BTHPORT (73d53f8e90550ba81e2cf44a0873b410) C:\Windows\system32\Drivers\BTHport.sys

16:39:41.0140 4488 BTHPORT - ok

16:39:41.0280 4488 BTHUSB (32045a4bb143bbc5bab1298c4e9e309a) C:\Windows\system32\Drivers\BTHUSB.sys

16:39:41.0280 4488 BTHUSB - ok

16:39:41.0374 4488 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

16:39:41.0374 4488 cdfs - ok

16:39:41.0421 4488 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

16:39:41.0421 4488 cdrom - ok

16:39:41.0530 4488 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys

16:39:41.0530 4488 circlass - ok

16:39:41.0561 4488 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

16:39:41.0577 4488 CLFS - ok

16:39:41.0904 4488 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys

16:39:41.0904 4488 cmdide - ok

16:39:41.0951 4488 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys

16:39:41.0967 4488 Compbatt - ok

16:39:42.0060 4488 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

16:39:42.0076 4488 crcdisk - ok

16:39:42.0107 4488 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

16:39:42.0107 4488 Crusoe - ok

16:39:42.0216 4488 CSC (9a5434125c3dfe42393de4bbb791bd19) C:\Windows\system32\drivers\csc.sys

16:39:42.0216 4488 CSC - ok

16:39:42.0326 4488 CXSONORA (449a7ca685c7342771baa7e162b94777) C:\Windows\system32\drivers\A885VCap.sys

16:39:42.0341 4488 CXSONORA - ok

16:39:42.0606 4488 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys

16:39:42.0606 4488 DfsC - ok

16:39:42.0716 4488 dgderdrv (6216fd7fd227de454238a702b218cec7) C:\Windows\system32\drivers\dgderdrv.sys

16:39:42.0716 4488 dgderdrv - ok

16:39:43.0277 4488 dg_ssudbus (8d949255edc6f4aa87730b8472106591) C:\Windows\system32\DRIVERS\ssudbus.sys

16:39:43.0340 4488 dg_ssudbus - ok

16:39:43.0667 4488 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

16:39:43.0667 4488 disk - ok

16:39:43.0761 4488 DLXPDisplayName (999e4dbed85966ff4e7d82a774107af7) C:\Windows\system32\DRIVERS\DLACPI.sys

16:39:43.0776 4488 DLXPDisplayName - ok

16:39:43.0932 4488 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

16:39:43.0932 4488 drmkaud - ok

16:39:43.0964 4488 DSDrv4 - ok

16:39:44.0088 4488 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

16:39:44.0104 4488 DXGKrnl - ok

16:39:44.0307 4488 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys

16:39:44.0322 4488 e1express - ok

16:39:44.0416 4488 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

16:39:44.0432 4488 E1G60 - ok

16:39:44.0478 4488 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

16:39:44.0478 4488 Ecache - ok

16:39:44.0541 4488 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

16:39:44.0541 4488 elxstor - ok

16:39:45.0087 4488 epfwtdir (ccfb3bb29c08fcab134f237743bb0311) C:\Windows\system32\DRIVERS\epfwtdir.sys

16:39:45.0087 4488 epfwtdir - ok

16:39:45.0180 4488 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

16:39:45.0180 4488 exfat - ok

16:39:46.0397 4488 eyeonedp (8313a6af9de34a9d24df2329a548b004) C:\Windows\system32\DRIVERS\eyeonedp.sys

16:39:46.0397 4488 eyeonedp - ok

16:39:46.0538 4488 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

16:39:46.0538 4488 fastfat - ok

16:39:46.0600 4488 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

16:39:46.0600 4488 fdc - ok

16:39:46.0631 4488 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

16:39:46.0647 4488 FileInfo - ok

16:39:46.0725 4488 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

16:39:46.0725 4488 Filetrace - ok

16:39:46.0772 4488 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

16:39:46.0772 4488 flpydisk - ok

16:39:46.0818 4488 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

16:39:46.0818 4488 FltMgr - ok

16:39:46.0834 4488 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

16:39:46.0834 4488 Fs_Rec - ok

16:39:46.0881 4488 fvevol (1400c747e2b73966b100fdce5426b7b2) C:\Windows\system32\DRIVERS\fvevol.sys

16:39:46.0881 4488 fvevol - ok

16:39:46.0912 4488 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

16:39:46.0912 4488 gagp30kx - ok

16:39:47.0006 4488 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:39:47.0006 4488 GEARAspiWDM - ok

16:39:47.0099 4488 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

16:39:47.0099 4488 HdAudAddService - ok

16:39:47.0162 4488 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

16:39:47.0162 4488 HDAudBus - ok

16:39:47.0224 4488 HECI (c865d1f6d03595df213dc3c67e4e4c58) C:\Windows\system32\DRIVERS\HECI.sys

16:39:47.0224 4488 HECI - ok

16:39:47.0380 4488 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

16:39:47.0380 4488 HidBth - ok

16:39:47.0474 4488 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys

16:39:47.0474 4488 HidIr - ok

16:39:47.0489 4488 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys

16:39:47.0505 4488 HidUsb - ok

16:39:47.0552 4488 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

16:39:47.0552 4488 HpCISSs - ok

16:39:47.0708 4488 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

16:39:47.0723 4488 HTTP - ok

16:39:47.0801 4488 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

16:39:47.0817 4488 i2omp - ok

16:39:47.0910 4488 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

16:39:47.0910 4488 i8042prt - ok

16:39:48.0020 4488 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

16:39:48.0020 4488 iaStorV - ok

16:39:48.0332 4488 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

16:39:48.0332 4488 iirsp - ok

16:39:48.0612 4488 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys

16:39:48.0628 4488 IntcAzAudAddService - ok

16:39:48.0722 4488 intelide (1c60617d54bc9f035671a44b75d9f7cc) C:\Windows\system32\drivers\intelide.sys

16:39:48.0722 4488 intelide - ok

16:39:48.0846 4488 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

16:39:48.0846 4488 intelppm - ok

16:39:48.0987 4488 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:39:48.0987 4488 IpFilterDriver - ok

16:39:49.0268 4488 IpInIp - ok

16:39:49.0408 4488 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

16:39:49.0408 4488 IPMIDRV - ok

16:39:49.0517 4488 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

16:39:49.0517 4488 IPNAT - ok

16:39:49.0689 4488 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

16:39:49.0689 4488 IRENUM - ok

16:39:49.0736 4488 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

16:39:49.0751 4488 isapnp - ok

16:39:49.0860 4488 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys

16:39:49.0860 4488 iScsiPrt - ok

16:39:49.0954 4488 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

16:39:49.0954 4488 iteatapi - ok

16:39:51.0140 4488 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

16:39:51.0249 4488 iteraid - ok

16:39:51.0498 4488 ivusb - ok

16:39:51.0561 4488 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

16:39:51.0561 4488 kbdclass - ok

16:39:51.0639 4488 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys

16:39:51.0639 4488 kbdhid - ok

16:39:51.0779 4488 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

16:39:51.0779 4488 KSecDD - ok

16:39:51.0904 4488 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\Windows\system32\DRIVERS\LHidFilt.Sys

16:39:51.0904 4488 LHidFilt - ok

16:39:51.0951 4488 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

16:39:51.0951 4488 lltdio - ok

16:39:52.0044 4488 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\Windows\system32\DRIVERS\LMouFilt.Sys

16:39:52.0044 4488 LMouFilt - ok

16:39:52.0091 4488 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

16:39:52.0091 4488 LSI_FC - ok

16:39:52.0154 4488 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

16:39:52.0169 4488 LSI_SAS - ok

16:39:52.0232 4488 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

16:39:52.0247 4488 LSI_SCSI - ok

16:39:52.0341 4488 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

16:39:52.0341 4488 luafv - ok

16:39:52.0450 4488 LUsbFilt (144011d14bd35f4e36136ae057b1aadd) C:\Windows\system32\Drivers\LUsbFilt.Sys

16:39:52.0450 4488 LUsbFilt - ok

16:39:52.0512 4488 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

16:39:52.0512 4488 megasas - ok

16:39:52.0622 4488 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

16:39:52.0622 4488 Modem - ok

16:39:52.0668 4488 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

16:39:52.0668 4488 monitor - ok

16:39:52.0715 4488 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

16:39:52.0715 4488 mouclass - ok

16:39:52.0793 4488 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

16:39:52.0793 4488 mouhid - ok

16:39:52.0824 4488 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

16:39:52.0840 4488 MountMgr - ok

16:39:53.0027 4488 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

16:39:53.0292 4488 mpio - ok

16:39:53.0370 4488 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

16:39:53.0448 4488 mpsdrv - ok

16:39:53.0636 4488 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

16:39:53.0636 4488 Mraid35x - ok

16:39:53.0698 4488 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

16:39:53.0714 4488 MRxDAV - ok

16:39:53.0854 4488 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:39:53.0854 4488 mrxsmb - ok

16:39:53.0885 4488 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:39:53.0885 4488 mrxsmb10 - ok

16:39:53.0901 4488 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:39:53.0901 4488 mrxsmb20 - ok

16:39:53.0948 4488 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

16:39:53.0948 4488 msahci - ok

16:39:53.0994 4488 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

16:39:53.0994 4488 msdsm - ok

16:39:54.0182 4488 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

16:39:54.0275 4488 Msfs - ok

16:39:54.0338 4488 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

16:39:54.0338 4488 msisadrv - ok

16:39:54.0447 4488 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

16:39:54.0447 4488 MSKSSRV - ok

16:39:54.0540 4488 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

16:39:54.0540 4488 MSPCLOCK - ok

16:39:54.0650 4488 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

16:39:54.0650 4488 MSPQM - ok

16:39:54.0681 4488 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

16:39:54.0681 4488 MsRPC - ok

16:39:54.0728 4488 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

16:39:54.0728 4488 mssmbios - ok

16:39:54.0884 4488 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

16:39:54.0884 4488 MSTEE - ok

16:39:54.0930 4488 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

16:39:54.0930 4488 Mup - ok

16:39:54.0993 4488 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

16:39:55.0008 4488 NativeWifiP - ok

16:39:55.0071 4488 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys

16:39:55.0086 4488 NDIS - ok

16:39:55.0320 4488 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

16:39:55.0320 4488 NdisTapi - ok

16:39:55.0476 4488 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

16:39:55.0476 4488 Ndisuio - ok

16:39:55.0554 4488 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

16:39:55.0554 4488 NdisWan - ok

16:39:55.0586 4488 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

16:39:55.0601 4488 NDProxy - ok

16:39:55.0695 4488 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

16:39:55.0695 4488 NetBIOS - ok

16:39:55.0788 4488 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

16:39:55.0788 4488 netbt - ok

16:39:55.0882 4488 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

16:39:55.0882 4488 nfrd960 - ok

16:39:56.0007 4488 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

16:39:56.0007 4488 Npfs - ok

16:39:56.0085 4488 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

16:39:56.0085 4488 nsiproxy - ok

16:39:56.0132 4488 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

16:39:56.0256 4488 Ntfs - ok

16:39:56.0303 4488 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

16:39:56.0303 4488 ntrigdigi - ok

16:39:56.0319 4488 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

16:39:56.0319 4488 Null - ok

16:39:56.0428 4488 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys

16:39:56.0584 4488 nvraid - ok

16:39:56.0880 4488 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys

16:39:56.0880 4488 nvstor - ok

16:39:56.0927 4488 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

16:39:56.0927 4488 nv_agp - ok

16:39:56.0943 4488 NwlnkFlt - ok

16:39:56.0958 4488 NwlnkFwd - ok

16:39:57.0005 4488 OEM07Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM07Vfx.sys

16:39:57.0005 4488 OEM07Vfx - ok

16:39:57.0036 4488 OEM07Vid (bca1f5249018277cd423f00de448a8d2) C:\Windows\system32\DRIVERS\OEM07Vid.sys

16:39:57.0036 4488 OEM07Vid - ok

16:39:57.0177 4488 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys

16:39:57.0177 4488 ohci1394 - ok

16:39:57.0177 4488 OMCI - ok

16:39:57.0270 4488 OxFWLF (ec10f580fbe583e377b5d86081923998) C:\Windows\system32\drivers\OxFWLF.sys

16:39:57.0270 4488 OxFWLF - ok

16:39:57.0302 4488 OXUDIDRV (f76a3952fb6ccfdb74446d74840ba404) C:\Windows\system32\Drivers\OXUDIDRV_X32.sys

16:39:57.0317 4488 OXUDIDRV - ok

16:39:57.0504 4488 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

16:39:57.0504 4488 Parport - ok

16:39:57.0567 4488 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

16:39:57.0582 4488 partmgr - ok

16:39:57.0660 4488 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

16:39:57.0660 4488 Parvdm - ok

16:39:57.0738 4488 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

16:39:57.0738 4488 pci - ok

16:39:57.0785 4488 pciide (20b869152448f80ac49cf10264e91f5e) C:\Windows\system32\drivers\pciide.sys

16:39:57.0785 4488 pciide - ok

16:39:57.0879 4488 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

16:39:57.0879 4488 pcmcia - ok

16:39:57.0988 4488 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys

16:39:57.0988 4488 pcouffin - ok

16:39:58.0269 4488 PDIHWCTL (274fb48dc92e0ec012d4d8d866cfaf8a) C:\Windows\system32\drivers\pdihwctl.sys

16:39:58.0269 4488 PDIHWCTL - ok

16:39:58.0331 4488 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

16:39:58.0362 4488 PEAUTH - ok

16:39:58.0472 4488 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

16:39:58.0472 4488 PptpMiniport - ok

16:39:58.0503 4488 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

16:39:58.0518 4488 Processor - ok

16:39:58.0565 4488 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

16:39:58.0565 4488 PSched - ok

16:39:58.0628 4488 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys

16:39:58.0628 4488 PxHelp20 - ok

16:39:58.0721 4488 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

16:39:58.0752 4488 ql2300 - ok

16:39:58.0940 4488 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

16:39:58.0986 4488 ql40xx - ok

16:39:59.0174 4488 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

16:39:59.0189 4488 QWAVEdrv - ok

16:39:59.0283 4488 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

16:39:59.0283 4488 RasAcd - ok

16:39:59.0408 4488 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:39:59.0423 4488 Rasl2tp - ok

16:39:59.0517 4488 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

16:39:59.0517 4488 RasPppoe - ok

16:39:59.0564 4488 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

16:39:59.0564 4488 RasSstp - ok

16:39:59.0610 4488 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

16:39:59.0610 4488 rdbss - ok

16:39:59.0704 4488 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:39:59.0704 4488 RDPCDD - ok

16:39:59.0735 4488 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\DRIVERS\rdpdr.sys

16:39:59.0735 4488 rdpdr - ok

16:39:59.0751 4488 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

16:39:59.0766 4488 RDPENCDD - ok

16:39:59.0891 4488 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

16:39:59.0891 4488 RDPWD - ok

16:39:59.0985 4488 RFCOMM (34cc78c06587718c2ad6d3aa83b1f072) C:\Windows\system32\DRIVERS\rfcomm.sys

16:39:59.0985 4488 RFCOMM - ok

16:40:00.0063 4488 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys

16:40:00.0063 4488 rimmptsk - ok

16:40:00.0094 4488 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys

16:40:00.0094 4488 rimsptsk - ok

16:40:00.0094 4488 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys

16:40:00.0110 4488 rismxdp - ok

16:40:00.0188 4488 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

16:40:00.0188 4488 rspndr - ok

16:40:00.0250 4488 sbp2port (e0be42226ef2cc26f3e271ae7b00e211) C:\Windows\system32\DRIVERS\sbp2port.sys

16:40:00.0266 4488 sbp2port - ok

16:40:00.0328 4488 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

16:40:00.0328 4488 sdbus - ok

16:40:00.0453 4488 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

16:40:00.0453 4488 secdrv - ok

16:40:00.0952 4488 Ser2pl - ok

16:40:01.0108 4488 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys

16:40:01.0124 4488 Serenum - ok

16:40:01.0451 4488 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

16:40:01.0451 4488 Serial - ok

16:40:01.0670 4488 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

16:40:01.0670 4488 sermouse - ok

16:40:03.0698 4488 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys

16:40:03.0698 4488 sffdisk - ok

16:40:03.0932 4488 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

16:40:03.0932 4488 sffp_mmc - ok

16:40:03.0963 4488 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\DRIVERS\sffp_sd.sys

16:40:03.0978 4488 sffp_sd - ok

16:40:03.0994 4488 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

16:40:03.0994 4488 sfloppy - ok

16:40:04.0056 4488 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

16:40:04.0056 4488 sisagp - ok

16:40:04.0088 4488 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

16:40:04.0103 4488 SiSRaid2 - ok

16:40:04.0150 4488 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

16:40:04.0151 4488 SiSRaid4 - ok

16:40:04.0313 4488 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

16:40:04.0314 4488 Smb - ok

16:40:04.0397 4488 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

16:40:04.0398 4488 spldr - ok

16:40:04.0458 4488 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys

16:40:04.0463 4488 srv - ok

16:40:04.0579 4488 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys

16:40:04.0582 4488 srv2 - ok

16:40:04.0763 4488 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys

16:40:04.0765 4488 srvnet - ok

16:40:05.0059 4488 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys

16:40:05.0059 4488 ssmdrv - ok

16:40:05.0759 4488 ssudmdm (15376507e439f73610f83947f1727e84) C:\Windows\system32\DRIVERS\ssudmdm.sys

16:40:05.0769 4488 ssudmdm - ok

16:40:05.0986 4488 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

16:40:05.0987 4488 swenum - ok

16:40:06.0197 4488 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

16:40:06.0199 4488 Symc8xx - ok

16:40:06.0547 4488 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

16:40:06.0548 4488 Sym_hi - ok

16:40:06.0642 4488 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

16:40:06.0643 4488 Sym_u3 - ok

16:40:06.0752 4488 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys

16:40:06.0774 4488 Tcpip - ok

16:40:06.0951 4488 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys

16:40:06.0956 4488 Tcpip6 - ok

16:40:07.0087 4488 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

16:40:07.0088 4488 tcpipreg - ok

16:40:07.0152 4488 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

16:40:07.0154 4488 TDPIPE - ok

16:40:07.0263 4488 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

16:40:07.0346 4488 TDTCP - ok

16:40:07.0494 4488 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

16:40:07.0497 4488 tdx - ok

16:40:07.0679 4488 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

16:40:07.0679 4488 TermDD - ok

16:40:07.0843 4488 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:40:07.0844 4488 tssecsrv - ok

16:40:07.0943 4488 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

16:40:07.0979 4488 tunmp - ok

16:40:08.0644 4488 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys

16:40:08.0644 4488 tunnel - ok

16:40:10.0095 4488 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

16:40:10.0095 4488 uagp35 - ok

16:40:10.0345 4488 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

16:40:10.0345 4488 udfs - ok

16:40:10.0485 4488 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

16:40:10.0485 4488 uliagpkx - ok

16:40:10.0532 4488 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

16:40:10.0532 4488 uliahci - ok

16:40:10.0610 4488 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

16:40:10.0610 4488 UlSata - ok

16:40:10.0672 4488 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

16:40:10.0672 4488 ulsata2 - ok

16:40:10.0735 4488 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

16:40:10.0735 4488 umbus - ok

16:40:10.0860 4488 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys

16:40:10.0860 4488 USBAAPL - ok

16:40:10.0922 4488 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

16:40:10.0922 4488 usbccgp - ok

16:40:10.0984 4488 usbcir (47b9770ea21436de4ad5aea7926e0900) C:\Windows\system32\DRIVERS\usbcir.sys

16:40:10.0984 4488 usbcir - ok

16:40:11.0078 4488 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys

16:40:11.0078 4488 usbehci - ok

16:40:11.0125 4488 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys

16:40:11.0125 4488 usbhub - ok

16:40:11.0203 4488 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

16:40:11.0203 4488 usbohci - ok

16:40:11.0343 4488 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

16:40:11.0343 4488 usbprint - ok

16:40:11.0390 4488 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:40:11.0390 4488 USBSTOR - ok

16:40:11.0484 4488 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

16:40:11.0484 4488 usbuhci - ok

16:40:11.0577 4488 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys

16:40:11.0577 4488 usbvideo - ok

16:40:11.0624 4488 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

16:40:11.0624 4488 vga - ok

16:40:11.0671 4488 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

16:40:11.0671 4488 VgaSave - ok

16:40:11.0686 4488 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

16:40:11.0702 4488 viaagp - ok

16:40:11.0764 4488 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

16:40:11.0764 4488 ViaC7 - ok

16:40:11.0858 4488 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys

16:40:11.0858 4488 viaide - ok

16:40:11.0920 4488 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

16:40:11.0920 4488 volmgr - ok

16:40:12.0014 4488 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

16:40:12.0030 4488 volmgrx - ok

16:40:12.0076 4488 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

16:40:12.0076 4488 volsnap - ok

16:40:12.0139 4488 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

16:40:12.0139 4488 vsmraid - ok

16:40:12.0186 4488 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

16:40:12.0186 4488 WacomPen - ok

16:40:12.0217 4488 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

16:40:12.0217 4488 Wanarp - ok

16:40:12.0217 4488 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

16:40:12.0217 4488 Wanarpv6 - ok

16:40:12.0295 4488 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

16:40:12.0295 4488 Wd - ok

16:40:12.0310 4488 WDC_SAM - ok

16:40:12.0373 4488 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

16:40:12.0388 4488 Wdf01000 - ok

16:40:12.0466 4488 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys

16:40:12.0466 4488 WmiAcpi - ok

16:40:12.0513 4488 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

16:40:12.0513 4488 WpdUsb - ok

16:40:12.0576 4488 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

16:40:12.0576 4488 ws2ifsl - ok

16:40:12.0607 4488 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:40:12.0607 4488 WUDFRd - ok

16:40:12.0669 4488 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

16:40:12.0700 4488 \Device\Harddisk0\DR0 - ok

16:40:13.0028 4488 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1

16:40:13.0044 4488 \Device\Harddisk1\DR1 - ok

16:40:13.0122 4488 Boot (0x1200) (6e6e98c3c0041061333ea58384bc1a7a) \Device\Harddisk0\DR0\Partition0

16:40:13.0122 4488 \Device\Harddisk0\DR0\Partition0 - ok

16:40:13.0122 4488 Boot (0x1200) (b69c860aff9350af431f84e435aa41b6) \Device\Harddisk0\DR0\Partition1

16:40:13.0122 4488 \Device\Harddisk0\DR0\Partition1 - ok

16:40:13.0137 4488 Boot (0x1200) (c13ae6503713c7865e3c4592762563e8) \Device\Harddisk1\DR1\Partition0

16:40:13.0137 4488 \Device\Harddisk1\DR1\Partition0 - ok

16:40:13.0137 4488 ============================================================

16:40:13.0137 4488 Scan finished

16:40:13.0137 4488 ============================================================

16:40:13.0137 4480 Detected object count: 2

16:40:13.0137 4480 Actual detected object count: 2

16:40:29.0813 4480 HKLM\SYSTEM\ControlSet001\services\112892b5 - will be deleted on reboot

16:40:29.0828 4480 HKLM\SYSTEM\ControlSet002\services\112892b5 - will be deleted on reboot

16:40:29.0922 4480 C:\Windows\3046254609:4007095626.exe - will be deleted on reboot

16:40:29.0922 4480 112892b5 ( HiddenFile.Multi.Generic ) - User select action: Delete

16:40:29.0953 4480 HKLM\SYSTEM\ControlSet001\services\AFD - will be deleted on reboot

16:40:29.0953 4480 HKLM\SYSTEM\ControlSet001\control\safeboot\Network\AFD - will be deleted on reboot

16:40:29.0953 4480 HKLM\SYSTEM\ControlSet002\services\AFD - will be deleted on reboot

16:40:29.0953 4480 HKLM\SYSTEM\ControlSet002\control\safeboot\Network\AFD - will be deleted on reboot

16:40:29.0953 4480 HKLM\SYSTEM\ControlSet004\services\AFD - will be deleted on reboot

16:40:29.0953 4480 HKLM\SYSTEM\ControlSet004\control\safeboot\Network\AFD - will be deleted on reboot

16:40:29.0953 4480 C:\Windows\system32\drivers\afd.sys - will be deleted on reboot

16:40:29.0953 4480 AFD ( ForgedFile.Multi.Generic ) - User select action: Delete

16:45:01.0765 4288 Deinitialize success

bernard53 · le 21 octobre 2011

ok fait ceci alors dans cet ordre.

A télécharger DummyCreator.zip et décompresser cette archive.

Lancez l'exécution de l'outil.
Faites un copier/coller de la ligne ci-dessous dans la zone blanche:

C:\Windows\3046254609
Cliquez sur le bouton Create et envoyez le rapport (contenu du fichier Result.txt).

Important: Faites redémarrer l'ordinateur.

Ensuite:

Télécharges GrantPerms.

Version 32bit: http://download.blee.../GrantPerm s .zip

Version 64bit: http://download.blee...rantPerm s 64.zip

Puis ceci dans la zone de saisie puis valider Unlock

C:\Windows\3046254609

Redémarres le pc en mode normal cette fois et ceci.

Télécharge ComboFix <ICI>>

Pour les Utilisateurs de VISTA: Clic-droit et choisis "Exécuter en tant qu'administrateur".

Pour VISTA : pas d'installation de la console de récupération.

>> Lors de son exécution, ComboFix va vérifier si la Console de récupération Microsoft Windows est installée.

Avec des infections comme celles d'aujourd'hui, il est fortement conseillé de l'avoir préinstallée sur votre PC avant toute suppression de nuisibles.

Elle permettra de démarrer dans un mode spécial, de récupération (réparation), qui nous permet de vous aider plus facilement si jamais votre ordinateur rencontre un problème après une tentative de nettoyage.

Suis les invites pour permettre à ComboFix de télécharger et installer la Console de récupération Microsoft Windows, et lorsque cela est demandé, accepte le Contrat de Licence Utilisateur Final pour l'installer.

>> Une fois sur ton bureau double clique dessus pour le lancer.

Note importante : Si la Console de récupération Microsoft Windows est déjà installée, ComboFix continuera ses procédures de suppression de nuisibles.

Lorsque le scan sera complet, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

>>Ne pas cliquer dans la fenêtre de Combofix durant l’analyse, ceci provoquerait le gel du programme

damned006 · le 21 octobre 2011

ok fait ceci alors dans cet ordre.

A télécharger DummyCreator.zip et décompresser cette archive.

Lancez l'exécution de l'outil.

Faites un copier/coller de la ligne ci-dessous dans la zone blanche:

C:\Windows\3046254609

Cliquez sur le bouton Create et envoyez le rapport (contenu du fichier Result.txt).

Important: Faites redémarrer l'ordinateur.

merci. A cette première étape, je redémarre en mode ss echec n'est-ce pas ?

edit. et impossible de télécharger grantperms, aucune des 2 versions, même si c'est la 32 dans mon cas, le lien ne fonctionne pas du tout.

Modifié le 21 octobre 2011 par damned006

bernard53 · le 21 octobre 2011

:outch: nouveau lien.

Télécharges GrantPerms.

Version 32bit: http://download.bleepingcomputer.com/farbar/GrantPerms.zip

Version 64bit: http://download.bleepingcomputer.com/farbar/GrantPerms64.zip

damned006 · le 21 octobre 2011

nouveau lien.

Télécharges GrantPerms.

Version 32bit: http://download.bleepingcomputer.com/farbar/GrantPerm s .zip

Version 64bit: http://download.bleepingcomputer.com/farbar/GrantPerm s 64.zip

ca fonctionne !

alors rapport dummy, y a pas grand chose, je reboot en safe mode

DummyCreator by Farbar

Ran by damienb (administrator) on 21-10-2011 at 19:59:24

**************************************************************

C:\Windows\3046254609 [21-10-2011 19:56:37]

== End of log ==

bernard53 · le 21 octobre 2011

Rapport court mais ok :super:

damned006 · le 21 octobre 2011

Rapport court mais ok

ah bon, parfait alors, je reboot en normal (avec un petit stress qd même :roll: )

Connexion

Pas encore inscrit ?

[Abandonné] Help Rootkit et autre backdoor

Messages recommandés

damned006

Lien vers le commentaire

Partager sur d’autres sites

bernard53

Lien vers le commentaire

Partager sur d’autres sites

damned006

Lien vers le commentaire

Partager sur d’autres sites

damned006

Lien vers le commentaire

Partager sur d’autres sites

bernard53

Lien vers le commentaire

Partager sur d’autres sites

damned006

Lien vers le commentaire

Partager sur d’autres sites

bernard53

Lien vers le commentaire

Partager sur d’autres sites

damned006

Lien vers le commentaire

Partager sur d’autres sites

bernard53

Lien vers le commentaire

Partager sur d’autres sites

damned006

Lien vers le commentaire

Partager sur d’autres sites

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer