Aller au contenu
Zebulon
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Virus ZeroAccess


Messages recommandés

Bonjour,

 

Après avoir fait tous les scans avec plusieurs logiciels, j'ai découvert que le virus ZeroAccess bloque ma connexion Internet ! J'aurais besoin de votre aide pour utiliser le logiciel comboFix en sécurité. Je vous poste le rapport de RogueKiller après suppression :

 

17:42:09.0703 1972 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00

17:42:09.0718 1972 ============================================================

17:42:09.0718 1972 Current date / time: 2012/03/24 17:42:09.0718

17:42:09.0718 1972 SystemInfo:

17:42:09.0718 1972

17:42:09.0718 1972 OS Version: 5.1.2600 ServicePack: 3.0

17:42:09.0718 1972 Product type: Workstation

17:42:09.0718 1972 ComputerName: PROPRIET-691E28

17:42:09.0718 1972 UserName: PROPRIETAIRE

17:42:09.0718 1972 Windows directory: C:\WINDOWS

17:42:09.0718 1972 System windows directory: C:\WINDOWS

17:42:09.0718 1972 Processor architecture: Intel x86

17:42:09.0718 1972 Number of processors: 2

17:42:09.0718 1972 Page size: 0x1000

17:42:09.0718 1972 Boot type: Normal boot

17:42:09.0718 1972 ============================================================

17:42:11.0406 1972 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

17:42:11.0578 1972 Drive \Device\Harddisk5\DR15 - Size: 0xF1800000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

17:42:11.0578 1972 \Device\Harddisk0\DR0:

17:42:11.0578 1972 MBR used

17:42:11.0609 1972 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x1C7D2DF9

17:42:11.0609 1972 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x1C7D6CF9, BlocksNum 0x9ED888

17:42:11.0609 1972 \Device\Harddisk5\DR15:

17:42:11.0609 1972 MBR used

17:42:11.0609 1972 \Device\Harddisk5\DR15\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x78BFC1

17:42:11.0781 1972 Initialize success

17:42:11.0781 1972 ============================================================

17:42:14.0140 3232 ============================================================

17:42:14.0140 3232 Scan started

17:42:14.0140 3232 Mode: Manual;

17:42:14.0140 3232 ============================================================

17:42:15.0046 3232 Aavmker4 (fdba5bb4c8171cda00b2233d5389ee5f) C:\WINDOWS\system32\drivers\Aavmker4.sys

17:42:15.0062 3232 Aavmker4 - ok

17:42:15.0093 3232 Abiosdsk - ok

17:42:15.0109 3232 abp480n5 - ok

17:42:15.0187 3232 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys

17:42:15.0187 3232 ACPI - ok

17:42:15.0250 3232 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys

17:42:15.0250 3232 ACPIEC - ok

17:42:15.0250 3232 adpu160m - ok

17:42:15.0312 3232 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

17:42:15.0328 3232 aec - ok

17:42:15.0390 3232 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

17:42:15.0390 3232 AFD - ok

17:42:15.0390 3232 Aha154x - ok

17:42:15.0406 3232 aic78u2 - ok

17:42:15.0421 3232 aic78xx - ok

17:42:15.0656 3232 Akamai (31bd294dc6ddbc0f16356d958d0743a4) c:\program files\fichiers communs\akamai/netsession_win_7de0ed9.dll

17:42:15.0656 3232 Suspicious file (Hidden): c:\program files\fichiers communs\akamai/netsession_win_7de0ed9.dll. md5: 31bd294dc6ddbc0f16356d958d0743a4

17:42:15.0656 3232 Akamai ( HiddenFile.Multi.Generic ) - warning

17:42:15.0656 3232 Akamai - detected HiddenFile.Multi.Generic (1)

17:42:15.0703 3232 Alerter (758fdc60d41716ef889d849989b4b1cd) C:\WINDOWS\system32\alrsvc.dll

17:42:15.0703 3232 Alerter - ok

17:42:15.0734 3232 ALG (5e9a6658a2a69ae7eb195113b7a2e7a9) C:\WINDOWS\System32\alg.exe

17:42:15.0734 3232 ALG - ok

17:42:15.0750 3232 AliIde - ok

17:42:15.0750 3232 amsint - ok

17:42:15.0765 3232 AppMgmt - ok

17:42:15.0765 3232 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

17:42:15.0765 3232 Arp1394 - ok

17:42:15.0781 3232 asc - ok

17:42:15.0781 3232 asc3350p - ok

17:42:15.0796 3232 asc3550 - ok

17:42:15.0843 3232 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

17:42:15.0843 3232 aspnet_state - ok

17:42:15.0890 3232 aswFsBlk (581b82df5dbcc1dda6b775fac0d92472) C:\WINDOWS\system32\drivers\aswFsBlk.sys

17:42:15.0890 3232 aswFsBlk - ok

17:42:15.0906 3232 aswMon2 (4310e0977b48ec9bc5cca6931f806e6d) C:\WINDOWS\system32\drivers\aswMon2.sys

17:42:15.0921 3232 aswMon2 - ok

17:42:15.0984 3232 aswRdr (0b44ee90b3db93582b260a80b28b7ffd) C:\WINDOWS\system32\drivers\aswRdr.sys

17:42:15.0984 3232 aswRdr - ok

17:42:16.0328 3232 aswSnx (ca9601cd277a1e510b80422a40240a95) C:\WINDOWS\system32\drivers\aswSnx.sys

17:42:16.0343 3232 aswSnx - ok

17:42:16.0375 3232 aswSP (05ea22dde5ca7ee3a865046aff2f0229) C:\WINDOWS\system32\drivers\aswSP.sys

17:42:16.0375 3232 aswSP - ok

17:42:16.0390 3232 aswTdi (3ac73a9e7378848d1bde174b4bb39212) C:\WINDOWS\system32\drivers\aswTdi.sys

17:42:16.0390 3232 aswTdi - ok

17:42:16.0406 3232 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

17:42:16.0406 3232 AsyncMac - ok

17:42:16.0500 3232 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

17:42:16.0500 3232 atapi - ok

17:42:16.0515 3232 Atdisk - ok

17:42:16.0546 3232 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

17:42:16.0562 3232 Atmarpc - ok

17:42:16.0609 3232 AudioSrv (b4005aef7873144634765b570dac466e) C:\WINDOWS\System32\audiosrv.dll

17:42:16.0609 3232 AudioSrv - ok

17:42:16.0671 3232 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

17:42:16.0671 3232 audstub - ok

17:42:16.0750 3232 avast! Antivirus (a45aa986d9490a4e5b87563d9cd7b175) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

17:42:16.0750 3232 avast! Antivirus - ok

17:42:16.0812 3232 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

17:42:16.0812 3232 Beep - ok

17:42:16.0859 3232 BITS (baa0b6e647c1ad593e9bae5cc31bcffb) C:\WINDOWS\system32\qmgr.dll

17:42:16.0921 3232 BITS - ok

17:42:16.0968 3232 Browser (06b54a7b1ef7cb16bfd0e208d343fa71) C:\WINDOWS\System32\browser.dll

17:42:16.0968 3232 Browser - ok

17:42:17.0046 3232 camfilt2 (088c0978203d59425a12b2a53fccd02b) C:\WINDOWS\system32\DRIVERS\camfilt2.sys

17:42:17.0046 3232 camfilt2 - ok

17:42:17.0109 3232 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

17:42:17.0109 3232 cbidf2k - ok

17:42:17.0171 3232 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

17:42:17.0171 3232 CCDECODE - ok

17:42:17.0171 3232 cd20xrnt - ok

17:42:17.0234 3232 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

17:42:17.0250 3232 Cdaudio - ok

17:42:17.0281 3232 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

17:42:17.0281 3232 Cdfs - ok

17:42:17.0312 3232 Cdrom (fe763ea06a05042c19dcf97da01123a0) C:\WINDOWS\system32\DRIVERS\cdrom.sys

17:42:17.0312 3232 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\cdrom.sys. Real md5: fe763ea06a05042c19dcf97da01123a0, Fake md5: 61e89604a184cc18608590a5a2214b45

17:42:17.0328 3232 Cdrom ( ForgedFile.Multi.Generic ) - warning

17:42:17.0328 3232 Cdrom - detected ForgedFile.Multi.Generic (1)

17:42:17.0328 3232 Changer - ok

17:42:17.0343 3232 CiSvc (793ef38a5fd086c3c8e48a8a861562ed) C:\WINDOWS\system32\cisvc.exe

17:42:17.0343 3232 CiSvc - ok

17:42:17.0375 3232 ClipSrv (8b30cbb0c07d49b2658fb190946b0e7e) C:\WINDOWS\system32\clipsrv.exe

17:42:17.0375 3232 ClipSrv - ok

17:42:17.0406 3232 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:42:17.0421 3232 clr_optimization_v2.0.50727_32 - ok

17:42:17.0421 3232 CmdIde - ok

17:42:17.0437 3232 COMSysApp - ok

17:42:17.0437 3232 Cpqarray - ok

17:42:17.0468 3232 CryptSvc (7a6d0b71035e123fdda2156a25578ad3) C:\WINDOWS\System32\cryptsvc.dll

17:42:17.0484 3232 CryptSvc - ok

17:42:17.0546 3232 dac2w2k - ok

17:42:17.0546 3232 dac960nt - ok

17:42:17.0625 3232 DcomLaunch (0203b1aad358f206cb0a3c1f93cce17a) C:\WINDOWS\system32\rpcss.dll

17:42:17.0640 3232 DcomLaunch - ok

17:42:17.0828 3232 ddxgb - ok

17:42:17.0890 3232 dgderdrv (3be1651c63954067940e7f473498ad70) C:\WINDOWS\system32\drivers\dgderdrv.sys

17:42:17.0890 3232 dgderdrv - ok

17:42:17.0921 3232 dgdersvc (10b8f89d146d0e20b1284d47bb4ec6c9) C:\WINDOWS\system32\dgdersvc.exe

17:42:17.0921 3232 dgdersvc - ok

17:42:17.0968 3232 Dhcp (318f535dc05551d96deeb90b6d6904de) C:\WINDOWS\System32\dhcpcsvc.dll

17:42:17.0984 3232 Dhcp - ok

17:42:18.0031 3232 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

17:42:18.0031 3232 Disk - ok

17:42:18.0031 3232 dmadmin - ok

17:42:18.0078 3232 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys

17:42:18.0140 3232 dmboot - ok

17:42:18.0203 3232 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys

17:42:18.0203 3232 dmio - ok

17:42:18.0234 3232 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

17:42:18.0250 3232 dmload - ok

17:42:18.0265 3232 dmserver (6797c23d6b79935482d7f0e8ca5e5b67) C:\WINDOWS\System32\dmserver.dll

17:42:18.0265 3232 dmserver - ok

17:42:18.0328 3232 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

17:42:18.0328 3232 DMusic - ok

17:42:18.0375 3232 Dnscache (1a1e59377fb6cacd711cc5073c4a7d79) C:\WINDOWS\System32\dnsrslvr.dll

17:42:18.0375 3232 Dnscache - ok

17:42:18.0421 3232 Dot3svc (3fcf86f03d0302443c21ce6e5bbf7a25) C:\WINDOWS\System32\dot3svc.dll

17:42:18.0437 3232 Dot3svc - ok

17:42:18.0453 3232 dpti2o - ok

17:42:18.0562 3232 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys

17:42:18.0562 3232 driverhardwarev2 - ok

17:42:18.0609 3232 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

17:42:18.0609 3232 drmkaud - ok

17:42:18.0671 3232 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\WINDOWS\system32\DRIVERS\e100b325.sys

17:42:18.0671 3232 E100B - ok

17:42:18.0765 3232 EapHost (8b5fc9087d2cab110bc2ed5cc5e7b8ac) C:\WINDOWS\System32\eapsvc.dll

17:42:18.0765 3232 EapHost - ok

17:42:18.0812 3232 ERSvc (94f948cb12c4d35483f1e815deb16c7b) C:\WINDOWS\System32\ersvc.dll

17:42:18.0812 3232 ERSvc - ok

17:42:18.0875 3232 Eventlog (c3fb1d70cb88722267949694ba51759e) C:\WINDOWS\system32\services.exe

17:42:18.0875 3232 Eventlog - ok

17:42:18.0953 3232 EventSystem (ec16ae9b37eacf871629227a3f3913fd) C:\WINDOWS\system32\es.dll

17:42:18.0968 3232 EventSystem - ok

17:42:19.0046 3232 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

17:42:19.0046 3232 Fastfat - ok

17:42:19.0109 3232 FastUserSwitchingCompatibility (1b8542f338cdd86929a084a455837158) C:\WINDOWS\System32\shsvcs.dll

17:42:19.0125 3232 FastUserSwitchingCompatibility - ok

17:42:19.0187 3232 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

17:42:19.0187 3232 Fdc - ok

17:42:19.0203 3232 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys

17:42:19.0203 3232 FETNDIS - ok

17:42:19.0218 3232 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys

17:42:19.0218 3232 Fips - ok

17:42:19.0234 3232 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

17:42:19.0234 3232 Flpydisk - ok

17:42:19.0296 3232 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

17:42:19.0312 3232 FltMgr - ok

17:42:19.0390 3232 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

17:42:19.0390 3232 FontCache3.0.0.0 - ok

17:42:19.0437 3232 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\WINDOWS\system32\FsUsbExDisk.SYS

17:42:19.0437 3232 FsUsbExDisk - ok

17:42:19.0515 3232 FsUsbExService (f96c429788350db4ba6771c3034dfd88) C:\WINDOWS\system32\FsUsbExService.Exe

17:42:19.0515 3232 FsUsbExService - ok

17:42:19.0562 3232 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:42:19.0562 3232 Fs_Rec - ok

17:42:19.0578 3232 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

17:42:19.0578 3232 Ftdisk - ok

17:42:19.0734 3232 FTRTSVC (17f954e3696180c52ea55fdb13a6a70f) C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

17:42:19.0750 3232 FTRTSVC - ok

17:42:19.0812 3232 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

17:42:19.0812 3232 Gpc - ok

17:42:19.0875 3232 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

17:42:19.0875 3232 gupdate - ok

17:42:19.0890 3232 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

17:42:19.0890 3232 gupdatem - ok

17:42:19.0953 3232 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

17:42:19.0953 3232 HDAudBus - ok

17:42:19.0968 3232 helpsvc (1247f83b705af0e796330442f7967cf8) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

17:42:19.0968 3232 helpsvc - ok

17:42:20.0015 3232 HidServ (a3b9b4a68bc839ce5a264d5908092261) C:\WINDOWS\System32\hidserv.dll

17:42:20.0015 3232 HidServ - ok

17:42:20.0062 3232 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

17:42:20.0062 3232 HidUsb - ok

17:42:20.0109 3232 hkmsvc (17b3c3d40cdba40c2e331d28be4de27f) C:\WINDOWS\System32\kmsvc.dll

17:42:20.0125 3232 hkmsvc - ok

17:42:20.0125 3232 hpn - ok

17:42:20.0187 3232 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

17:42:20.0187 3232 HTTP - ok

17:42:20.0234 3232 HTTPFilter (bd31cface38d1800abdb43f4260af0d5) C:\WINDOWS\System32\w3ssl.dll

17:42:20.0234 3232 HTTPFilter - ok

17:42:20.0250 3232 i2omgmt - ok

17:42:20.0250 3232 i2omp - ok

17:42:20.0328 3232 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

17:42:20.0328 3232 i8042prt - ok

17:42:20.0437 3232 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

17:42:20.0437 3232 IDriverT - ok

17:42:20.0531 3232 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

17:42:20.0546 3232 idsvc - ok

17:42:20.0593 3232 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

17:42:20.0593 3232 Imapi - ok

17:42:20.0671 3232 ImapiService (c4221678bbaa55239c23632875759961) C:\WINDOWS\system32\imapi.exe

17:42:20.0671 3232 ImapiService - ok

17:42:20.0734 3232 ini910u - ok

17:42:20.0890 3232 IntcAzAudAddService (64be56b8858ca0153c725c720ffd194f) C:\WINDOWS\system32\drivers\RtkHDAud.sys

17:42:20.0921 3232 IntcAzAudAddService - ok

17:42:20.0921 3232 IntelIde - ok

17:42:20.0968 3232 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys

17:42:20.0968 3232 intelppm - ok

17:42:21.0031 3232 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

17:42:21.0031 3232 Ip6Fw - ok

17:42:21.0078 3232 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

17:42:21.0078 3232 IpFilterDriver - ok

17:42:21.0078 3232 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

17:42:21.0078 3232 IpInIp - ok

17:42:21.0125 3232 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

17:42:21.0125 3232 IpNat - ok

17:42:21.0140 3232 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

17:42:21.0140 3232 IPSec - ok

17:42:21.0171 3232 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

17:42:21.0171 3232 IRENUM - ok

17:42:21.0218 3232 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys

17:42:21.0218 3232 isapnp - ok

17:42:21.0390 3232 JavaQuickStarterService (9ae07549a0d691a103faf8946554bdb7) C:\Program Files\Java\jre6\bin\jqs.exe

17:42:21.0406 3232 JavaQuickStarterService - ok

17:42:21.0453 3232 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

17:42:21.0468 3232 Kbdclass - ok

17:42:21.0531 3232 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

17:42:21.0531 3232 kbdhid - ok

17:42:21.0593 3232 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

17:42:21.0609 3232 kmixer - ok

17:42:21.0640 3232 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

17:42:21.0640 3232 KSecDD - ok

17:42:21.0687 3232 LanmanServer (1db8078a32e03ac8f5eb5e6dcac2aa34) C:\WINDOWS\System32\srvsvc.dll

17:42:21.0703 3232 LanmanServer - ok

17:42:21.0765 3232 lanmanworkstation (ad54ead46d92f413be189aabc1c59490) C:\WINDOWS\System32\wkssvc.dll

17:42:21.0796 3232 lanmanworkstation - ok

17:42:21.0796 3232 lbrtfdc - ok

17:42:21.0859 3232 LmHosts (0f357c079ac529a844ab5b18e4eef881) C:\WINDOWS\System32\lmhsvc.dll

17:42:21.0875 3232 LmHosts - ok

17:42:21.0968 3232 maconfservice (09ed79fb8364390ba894806da2f66a55) C:\Program Files\ma-config.com\maconfservice.exe

17:42:21.0968 3232 maconfservice - ok

17:42:22.0062 3232 Messenger (e67a66a3781c1a483f0f8992664cbe0d) C:\WINDOWS\System32\msgsvc.dll

17:42:22.0078 3232 Messenger - ok

17:42:22.0125 3232 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

17:42:22.0125 3232 mnmdd - ok

17:42:22.0203 3232 mnmsrvc (d3a2870cd96cda7bcff3dc54f64087ad) C:\WINDOWS\system32\mnmsrvc.exe

17:42:22.0203 3232 mnmsrvc - ok

17:42:22.0265 3232 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys

17:42:22.0265 3232 Modem - ok

17:42:22.0281 3232 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys

17:42:22.0281 3232 Mouclass - ok

17:42:22.0296 3232 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys

17:42:22.0296 3232 mouhid - ok

17:42:22.0328 3232 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

17:42:22.0328 3232 MountMgr - ok

17:42:22.0343 3232 mraid35x - ok

17:42:22.0390 3232 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

17:42:22.0390 3232 MRxDAV - ok

17:42:22.0468 3232 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

17:42:22.0468 3232 MRxSmb - ok

17:42:22.0500 3232 MSDTC (8648d670ae0d95c95e7bbb5b80661796) C:\WINDOWS\system32\msdtc.exe

17:42:22.0515 3232 MSDTC - ok

17:42:22.0546 3232 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

17:42:22.0546 3232 Msfs - ok

17:42:22.0546 3232 MSIServer - ok

17:42:22.0593 3232 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

17:42:22.0593 3232 MSKSSRV - ok

17:42:22.0609 3232 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

17:42:22.0609 3232 MSPCLOCK - ok

17:42:22.0625 3232 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

17:42:22.0625 3232 MSPQM - ok

17:42:22.0671 3232 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

17:42:22.0671 3232 mssmbios - ok

17:42:22.0718 3232 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

17:42:22.0718 3232 MSTEE - ok

17:42:22.0734 3232 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

17:42:22.0734 3232 Mup - ok

17:42:22.0765 3232 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

17:42:22.0765 3232 NABTSFEC - ok

17:42:22.0796 3232 napagent (69e4fbbabaeee1bff422e091da3171da) C:\WINDOWS\System32\qagentrt.dll

17:42:22.0812 3232 napagent - ok

17:42:22.0812 3232 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

17:42:22.0828 3232 NDIS - ok

17:42:22.0843 3232 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

17:42:22.0843 3232 NdisIP - ok

17:42:22.0890 3232 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

17:42:22.0890 3232 NdisTapi - ok

17:42:23.0000 3232 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

17:42:23.0000 3232 Ndisuio - ok

17:42:23.0062 3232 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:42:23.0078 3232 NdisWan - ok

17:42:23.0093 3232 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

17:42:23.0109 3232 NDProxy - ok

17:42:23.0156 3232 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

17:42:23.0156 3232 NetBIOS - ok

17:42:23.0218 3232 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

17:42:23.0218 3232 NetBT - ok

17:42:23.0296 3232 NetDDE (5c9b1d83755b36237b70f95df3d46a52) C:\WINDOWS\system32\netdde.exe

17:42:23.0296 3232 NetDDE - ok

17:42:23.0312 3232 NetDDEdsdm (5c9b1d83755b36237b70f95df3d46a52) C:\WINDOWS\system32\netdde.exe

17:42:23.0312 3232 NetDDEdsdm - ok

17:42:23.0359 3232 Netlogon (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe

17:42:23.0359 3232 Netlogon - ok

17:42:23.0421 3232 Netman (be0cb143fa427d93440ded18db8c918b) C:\WINDOWS\System32\netman.dll

17:42:23.0453 3232 Netman - ok

17:42:23.0500 3232 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

17:42:23.0515 3232 NetTcpPortSharing - ok

17:42:23.0562 3232 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

17:42:23.0562 3232 NIC1394 - ok

17:42:23.0609 3232 Nla (6f5f546a92c7b6ae45db1d6910781eb0) C:\WINDOWS\System32\mswsock.dll

17:42:23.0609 3232 Nla - ok

17:42:23.0671 3232 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

17:42:23.0687 3232 Npfs - ok

17:42:23.0687 3232 npggsvc - ok

17:42:23.0734 3232 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys

17:42:23.0750 3232 NPPTNT2 - ok

17:42:23.0796 3232 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

17:42:23.0828 3232 Ntfs - ok

17:42:23.0843 3232 NtLmSsp (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe

17:42:23.0843 3232 NtLmSsp - ok

17:42:23.0906 3232 NtmsSvc (037d92b3a7853a183fcab77fb1d13d6c) C:\WINDOWS\system32\ntmssvc.dll

17:42:23.0953 3232 NtmsSvc - ok

17:42:24.0046 3232 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

17:42:24.0062 3232 Null - ok

17:42:24.0406 3232 nv (b9b1bb146eb9a83dcf0f5635b09d3d43) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

17:42:24.0468 3232 nv - ok

17:42:24.0515 3232 nvsvc (cc4f8220ead1f6a38d51679708f435b9) C:\WINDOWS\system32\nvsvc32.exe

17:42:24.0531 3232 nvsvc - ok

17:42:24.0578 3232 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

17:42:24.0578 3232 NwlnkFlt - ok

17:42:24.0593 3232 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

17:42:24.0593 3232 NwlnkFwd - ok

17:42:24.0609 3232 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

17:42:24.0609 3232 ohci1394 - ok

17:42:24.0656 3232 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys

17:42:24.0656 3232 Parport - ok

17:42:24.0656 3232 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

17:42:24.0671 3232 PartMgr - ok

17:42:24.0671 3232 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys

17:42:24.0671 3232 ParVdm - ok

17:42:24.0718 3232 PCAMPR5 (b670c5d89f0726b7a2a7dfb4e968cdf8) C:\WINDOWS\system32\PCAMPR5.SYS

17:42:24.0734 3232 PCAMPR5 - ok

17:42:24.0781 3232 PCANDIS5 (ecd2f9d67b06606064daf6961a6d5efe) C:\WINDOWS\system32\PCANDIS5.SYS

17:42:24.0781 3232 PCANDIS5 - ok

17:42:24.0812 3232 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

17:42:24.0828 3232 pccsmcfd - ok

17:42:24.0875 3232 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys

17:42:24.0875 3232 PCI - ok

17:42:24.0875 3232 PCIDump - ok

17:42:24.0921 3232 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys

17:42:24.0921 3232 PCIIde - ok

17:42:24.0937 3232 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys

17:42:24.0937 3232 Pcmcia - ok

17:42:24.0953 3232 PDCOMP - ok

17:42:24.0953 3232 PDFRAME - ok

17:42:24.0968 3232 PDRELI - ok

17:42:24.0968 3232 PDRFRAME - ok

17:42:24.0984 3232 perc2 - ok

17:42:24.0984 3232 perc2hib - ok

17:42:25.0046 3232 PlugPlay (c3fb1d70cb88722267949694ba51759e) C:\WINDOWS\system32\services.exe

17:42:25.0046 3232 PlugPlay - ok

17:42:25.0109 3232 PnkBstrA (a1dd33d16f277ce34124ee52ab2c0f14) C:\WINDOWS\system32\PnkBstrA.exe

17:42:25.0109 3232 PnkBstrA - ok

17:42:25.0171 3232 PnkBstrB (27f1be4a53441c9f1f48b9adc145b0a5) C:\WINDOWS\system32\PnkBstrB.exe

17:42:25.0187 3232 PnkBstrB - ok

17:42:25.0281 3232 PolicyAgent (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe

17:42:25.0281 3232 PolicyAgent - ok

17:42:25.0312 3232 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

17:42:25.0328 3232 PptpMiniport - ok

17:42:25.0328 3232 ProtectedStorage (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe

17:42:25.0328 3232 ProtectedStorage - ok

17:42:25.0343 3232 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

17:42:25.0343 3232 PSched - ok

17:42:25.0375 3232 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

17:42:25.0375 3232 Ptilink - ok

17:42:25.0390 3232 ql1080 - ok

17:42:25.0390 3232 Ql10wnt - ok

17:42:25.0406 3232 ql12160 - ok

17:42:25.0406 3232 ql1240 - ok

17:42:25.0421 3232 ql1280 - ok

17:42:25.0453 3232 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

17:42:25.0453 3232 RasAcd - ok

17:42:25.0500 3232 RasAuto (78da9ccdac683ef5aa87d1c919f6d221) C:\WINDOWS\System32\rasauto.dll

17:42:25.0515 3232 RasAuto - ok

17:42:25.0546 3232 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

17:42:25.0546 3232 Rasl2tp - ok

17:42:25.0562 3232 RasMan (0a48df90b4784f9b90a2671af992c914) C:\WINDOWS\System32\rasmans.dll

17:42:25.0578 3232 RasMan - ok

17:42:25.0593 3232 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

17:42:25.0593 3232 RasPppoe - ok

17:42:25.0609 3232 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

17:42:25.0609 3232 Raspti - ok

17:42:25.0625 3232 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

17:42:25.0625 3232 Rdbss - ok

17:42:25.0640 3232 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

17:42:25.0640 3232 RDPCDD - ok

17:42:25.0703 3232 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

17:42:25.0703 3232 RDPWD - ok

17:42:25.0750 3232 RDSessMgr (9f63d9c5b238ed1c375d417eff3d5be7) C:\WINDOWS\system32\sessmgr.exe

17:42:25.0796 3232 RDSessMgr - ok

17:42:25.0843 3232 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys

17:42:25.0859 3232 redbook - ok

17:42:25.0906 3232 RemoteAccess (7da370c31673c99497bd07068ee6e354) C:\WINDOWS\System32\mprdim.dll

17:42:25.0906 3232 RemoteAccess - ok

17:42:25.0921 3232 RpcLocator (499c59a2584f6d4ea41e944da571d993) C:\WINDOWS\system32\locator.exe

17:42:25.0937 3232 RpcLocator - ok

17:42:25.0984 3232 RpcSs (0203b1aad358f206cb0a3c1f93cce17a) C:\WINDOWS\system32\rpcss.dll

17:42:26.0000 3232 RpcSs - ok

17:42:26.0046 3232 RSVP (414964844f4793acb868d057e8ed997e) C:\WINDOWS\system32\rsvp.exe

17:42:26.0093 3232 RSVP - ok

17:42:26.0140 3232 SamSs (91e6024d6d4dcdecdb36c43ecf9bbecb) C:\WINDOWS\system32\lsass.exe

17:42:26.0140 3232 SamSs - ok

17:42:26.0187 3232 SCardSvr (67949cc8a865296c1333c96a4e1a2d66) C:\WINDOWS\System32\SCardSvr.exe

17:42:26.0203 3232 SCardSvr - ok

17:42:26.0265 3232 Schedule (55f5c5c1be1a78e285033e432ba01597) C:\WINDOWS\system32\schedsvc.dll

17:42:26.0281 3232 Schedule - ok

17:42:26.0375 3232 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

17:42:26.0375 3232 Secdrv - ok

17:42:26.0437 3232 seclogon (5ac311c0af2af5ec221670bb8dc479d3) C:\WINDOWS\System32\seclogon.dll

17:42:26.0437 3232 seclogon - ok

17:42:26.0453 3232 SENS (3531366f38f453d08fe72e7b32dfe786) C:\WINDOWS\system32\sens.dll

17:42:26.0453 3232 SENS - ok

17:42:26.0531 3232 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys

17:42:26.0531 3232 Serial - ok

17:42:26.0671 3232 ServiceLayer (3ec8de67b1c78c31e54c0f030e6bd7d5) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

17:42:26.0734 3232 ServiceLayer - ok

17:42:26.0765 3232 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

17:42:26.0765 3232 Sfloppy - ok

17:42:26.0843 3232 SG762_XP (fa30e1c37b67de5a2e4cb8815d022880) C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys

17:42:26.0843 3232 SG762_XP - ok

17:42:26.0921 3232 SharedAccess (f4ce708a7d17a625de6c0fd746d50e88) C:\WINDOWS\System32\ipnathlp.dll

17:42:26.0937 3232 SharedAccess - ok

17:42:27.0000 3232 ShellHWDetection (1b8542f338cdd86929a084a455837158) C:\WINDOWS\System32\shsvcs.dll

17:42:27.0015 3232 ShellHWDetection - ok

17:42:27.0015 3232 Simbad - ok

17:42:27.0062 3232 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

17:42:27.0078 3232 SLIP - ok

17:42:27.0328 3232 SNPSTD3 (9cd6ffc9f5b999eb5df69b9177d9848f) C:\WINDOWS\system32\DRIVERS\snpstd3.sys

17:42:27.0406 3232 SNPSTD3 - ok

17:42:27.0406 3232 Sparrow - ok

17:42:27.0421 3232 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

17:42:27.0437 3232 splitter - ok

17:42:27.0468 3232 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

17:42:27.0484 3232 Spooler - ok

17:42:27.0609 3232 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys

17:42:27.0609 3232 sr - ok

17:42:27.0640 3232 srservice (6ed29124a1c83bd0cf6b26bd01ca6f6f) C:\WINDOWS\system32\srsvc.dll

17:42:27.0656 3232 srservice - ok

17:42:27.0718 3232 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

17:42:27.0718 3232 Srv - ok

17:42:27.0781 3232 SSDPSRV (ea9e0db8684cef2fd3badd671df5a112) C:\WINDOWS\System32\ssdpsrv.dll

17:42:27.0781 3232 SSDPSRV - ok

17:42:27.0843 3232 ss_bbus (3f0164fbc0bd1adbd02df9759181451a) C:\WINDOWS\system32\DRIVERS\ss_bbus.sys

17:42:27.0843 3232 ss_bbus - ok

17:42:27.0859 3232 ss_bmdfl (b89d62206034e5fe573c80a24dd55675) C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys

17:42:27.0859 3232 ss_bmdfl - ok

17:42:27.0875 3232 ss_bmdm (1ed0fcea586fe2a416ee15196e5631dd) C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys

17:42:27.0875 3232 ss_bmdm - ok

17:42:27.0890 3232 ss_bserd (994d2e5378cc337ec7dd73c1e04fcaa4) C:\WINDOWS\system32\DRIVERS\ss_bserd.sys

17:42:27.0890 3232 ss_bserd - ok

17:42:27.0937 3232 ss_mdm (11028c6a84a967070cb1286550f2058f) C:\WINDOWS\system32\modem.dll

17:42:27.0937 3232 ss_mdm ( Backdoor.Multi.ZAccess.gen ) - infected

17:42:27.0937 3232 ss_mdm - detected Backdoor.Multi.ZAccess.gen (0)

17:42:28.0015 3232 stisvc (d76b0e8a4ecad1adcc75fd14a7acc54c) C:\WINDOWS\system32\wiaservc.dll

17:42:28.0046 3232 stisvc - ok

17:42:28.0093 3232 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

17:42:28.0093 3232 streamip - ok

17:42:28.0140 3232 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

17:42:28.0156 3232 swenum - ok

17:42:28.0218 3232 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

17:42:28.0218 3232 swmidi - ok

17:42:28.0218 3232 SwPrv - ok

17:42:28.0234 3232 symc810 - ok

17:42:28.0234 3232 symc8xx - ok

17:42:28.0250 3232 sym_hi - ok

17:42:28.0250 3232 sym_u3 - ok

17:42:28.0296 3232 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

17:42:28.0312 3232 sysaudio - ok

17:42:28.0359 3232 SysmonLog (0899061318a6b1d9596aabfc77f45e44) C:\WINDOWS\system32\smlogsvc.exe

17:42:28.0375 3232 SysmonLog - ok

17:42:28.0421 3232 TapiSrv (8e5231171ad6595ff002e848cc54fcd7) C:\WINDOWS\System32\tapisrv.dll

17:42:28.0437 3232 TapiSrv - ok

17:42:28.0562 3232 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

17:42:28.0562 3232 Tcpip - ok

17:42:28.0609 3232 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

17:42:28.0609 3232 TDPIPE - ok

17:42:28.0640 3232 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

17:42:28.0640 3232 TDTCP - ok

17:42:28.0687 3232 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

17:42:28.0687 3232 TermDD - ok

17:42:28.0765 3232 TermService (710bc85a8c22626ee094439e3ea0d38c) C:\WINDOWS\System32\termsrv.dll

17:42:28.0781 3232 TermService - ok

17:42:28.0843 3232 Themes (1b8542f338cdd86929a084a455837158) C:\WINDOWS\System32\shsvcs.dll

17:42:28.0859 3232 Themes - ok

17:42:28.0859 3232 TosIde - ok

17:42:28.0937 3232 TrkWks (e1a84a5067627407a53c2c4f8d8a1d2e) C:\WINDOWS\system32\trkwks.dll

17:42:28.0937 3232 TrkWks - ok

17:42:29.0000 3232 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

17:42:29.0000 3232 Udfs - ok

17:42:29.0000 3232 ultra - ok

17:42:29.0062 3232 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

17:42:29.0078 3232 Update - ok

17:42:29.0140 3232 upnphost (bd8166a495b02308f364b36249475f22) C:\WINDOWS\System32\upnphost.dll

17:42:29.0187 3232 upnphost - ok

17:42:29.0234 3232 UPS (1edc93d7bd731b5ca6248ae245099b60) C:\WINDOWS\System32\ups.exe

17:42:29.0250 3232 UPS - ok

17:42:29.0296 3232 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

17:42:29.0296 3232 usbaudio - ok

17:42:29.0375 3232 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

17:42:29.0375 3232 usbccgp - ok

17:42:29.0453 3232 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

17:42:29.0453 3232 usbehci - ok

17:42:29.0515 3232 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

17:42:29.0515 3232 usbhub - ok

17:42:29.0578 3232 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

17:42:29.0578 3232 usbscan - ok

17:42:29.0593 3232 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

17:42:29.0593 3232 usbstor - ok

17:42:29.0625 3232 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

17:42:29.0640 3232 usbuhci - ok

17:42:29.0750 3232 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

17:42:29.0765 3232 VgaSave - ok

17:42:29.0765 3232 ViaIde - ok

17:42:29.0828 3232 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys

17:42:29.0843 3232 VolSnap - ok

17:42:29.0875 3232 VSS (5a4da252b2c0550ab83d129c02cf6c19) C:\WINDOWS\System32\vssvc.exe

17:42:29.0921 3232 VSS - ok

17:42:29.0984 3232 W32Time (c1f726ee0b043b074a68992bc4aef8fd) C:\WINDOWS\system32\w32time.dll

17:42:30.0015 3232 W32Time - ok

17:42:30.0062 3232 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

17:42:30.0078 3232 Wanarp - ok

17:42:30.0078 3232 WDICA - ok

17:42:30.0156 3232 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

17:42:30.0156 3232 wdmaud - ok

17:42:30.0218 3232 WebClient (714670e64fbe6d28d99871ed9a52a334) C:\WINDOWS\System32\webclnt.dll

17:42:30.0218 3232 WebClient - ok

17:42:30.0343 3232 winmgmt (5e9deae9980ff34bcd6dde2e9e2bf911) C:\WINDOWS\system32\wbem\WMIsvc.dll

17:42:30.0359 3232 winmgmt - ok

17:42:30.0406 3232 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

17:42:30.0406 3232 WmdmPmSN - ok

17:42:30.0468 3232 WmiApSrv (4e8e8a58f56b25d0795f484e5eb7f898) C:\WINDOWS\system32\wbem\wmiapsrv.exe

17:42:30.0468 3232 WmiApSrv - ok

17:42:30.0640 3232 WMPNetworkSvc (c9bea742ce225cc993c9465fddae4656) C:\Program Files\Windows Media Player\WMPNetwk.exe

17:42:30.0671 3232 WMPNetworkSvc - ok

17:42:30.0687 3232 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

17:42:30.0687 3232 WpdUsb - ok

17:42:30.0718 3232 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

17:42:30.0734 3232 WSTCODEC - ok

17:42:30.0765 3232 wuauserv (75d6c5c3d2c93b1f9931e5dfb693ae2a) C:\WINDOWS\system32\wuauserv.dll

17:42:30.0781 3232 wuauserv - ok

17:42:30.0859 3232 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

17:42:30.0859 3232 WudfPf - ok

17:42:30.0890 3232 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

17:42:30.0890 3232 WudfRd - ok

17:42:31.0062 3232 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

17:42:31.0140 3232 WudfSvc - ok

17:42:31.0328 3232 WZCSVC (c336e54ee0c291a02f004667db1e66cb) C:\WINDOWS\System32\wzcsvc.dll

17:42:31.0359 3232 WZCSVC - ok

17:42:31.0406 3232 xmlprov (f92a87fdda0c11c8604fbc2b864fa726) C:\WINDOWS\System32\xmlprov.dll

17:42:31.0468 3232 xmlprov - ok

17:42:31.0484 3232 ZDCndis5 - ok

17:42:31.0484 3232 ZDPNDIS5 - ok

17:42:31.0578 3232 ZDPSp50 (00ae175b903d45ed4a62384d3315dc2a) C:\WINDOWS\system32\Drivers\ZDPSp50.sys

17:42:31.0578 3232 ZDPSp50 - ok

17:42:31.0625 3232 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0

17:42:31.0765 3232 \Device\Harddisk0\DR0 - ok

17:42:31.0765 3232 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR15

17:42:35.0093 3232 \Device\Harddisk5\DR15 - ok

17:42:35.0125 3232 Boot (0x1200) (9300ffa9184375493fdcc0b3940ba353) \Device\Harddisk0\DR0\Partition0

17:42:35.0125 3232 \Device\Harddisk0\DR0\Partition0 - ok

17:42:35.0125 3232 Boot (0x1200) (883b73ef42ac0d8abcea82136a03bf27) \Device\Harddisk0\DR0\Partition1

17:42:35.0125 3232 \Device\Harddisk0\DR0\Partition1 - ok

17:42:35.0125 3232 Boot (0x1200) (4b660d958324cb3298acc8b7236d7067) \Device\Harddisk5\DR15\Partition0

17:42:35.0125 3232 \Device\Harddisk5\DR15\Partition0 - ok

17:42:35.0125 3232 ============================================================

17:42:35.0125 3232 Scan finished

17:42:35.0125 3232 ============================================================

17:42:35.0140 3684 Detected object count: 3

17:42:35.0140 3684 Actual detected object count: 3

17:43:55.0406 3684 Akamai ( HiddenFile.Multi.Generic ) - skipped by user

17:43:55.0406 3684 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

17:43:55.0406 3684 Cdrom ( ForgedFile.Multi.Generic ) - skipped by user

17:43:55.0406 3684 Cdrom ( ForgedFile.Multi.Generic ) - User select action: Skip

17:43:55.0562 3684 C:\WINDOWS\system32\modem.dll - copied to quarantine

17:43:55.0578 3684 HKLM\SYSTEM\ControlSet001\services\ss_mdm - will be deleted on reboot

17:43:55.0578 3684 HKLM\SYSTEM\ControlSet002\services\ss_mdm - will be deleted on reboot

17:43:55.0609 3684 C:\WINDOWS\system32\modem.dll - will be deleted on reboot

17:43:55.0609 3684 ss_mdm ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete

17:44:01.0828 0512 Deinitialize success

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...