2011/09/02 14:08:47.0765 0220	TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/09/02 14:08:48.0531 0220	================================================================================
2011/09/02 14:08:48.0531 0220	SystemInfo:
2011/09/02 14:08:48.0531 0220	
2011/09/02 14:08:48.0531 0220	OS Version: 5.1.2600 ServicePack: 3.0
2011/09/02 14:08:48.0531 0220	Product type: Workstation
2011/09/02 14:08:48.0531 0220	ComputerName: ETIENNE
2011/09/02 14:08:48.0546 0220	UserName: Etienne
2011/09/02 14:08:48.0546 0220	Windows directory: C:\WINDOWS
2011/09/02 14:08:48.0546 0220	System windows directory: C:\WINDOWS
2011/09/02 14:08:48.0546 0220	Processor architecture: Intel x86
2011/09/02 14:08:48.0546 0220	Number of processors: 2
2011/09/02 14:08:48.0546 0220	Page size: 0x1000
2011/09/02 14:08:48.0546 0220	Boot type: Safe boot
2011/09/02 14:08:48.0546 0220	================================================================================
2011/09/02 14:09:01.0875 0220	Initialize success
2011/09/02 14:09:05.0328 0248	================================================================================
2011/09/02 14:09:05.0328 0248	Scan started
2011/09/02 14:09:05.0328 0248	Mode: Manual; 
2011/09/02 14:09:05.0328 0248	================================================================================
2011/09/02 14:09:14.0921 0248	12279359        (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\1502816018:3990383782.exe
2011/09/02 14:09:14.0937 0248	Suspicious file (Hidden): C:\WINDOWS\1502816018:3990383782.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/02 14:09:15.0015 0248	12279359 - detected HiddenFile.Multi.Generic (1)
2011/09/02 14:09:26.0750 0248	ACPI            (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/02 14:09:30.0687 0248	ACPIEC          (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/02 14:09:34.0500 0248	adfs            (6d7f09cd92a9fef3a8efce66231fdd79) C:\WINDOWS\system32\drivers\adfs.sys
2011/09/02 14:09:42.0312 0248	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/02 14:09:46.0453 0248	AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/02 14:10:20.0765 0248	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/02 14:10:24.0890 0248	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/02 14:10:33.0203 0248	AtiHdmiService  (41c8f0eda10da14378d304c20ba6e558) C:\WINDOWS\system32\drivers\AtiHdmi.sys
2011/09/02 14:10:37.0562 0248	ATITool         (0e4bb35c5305099ac82053ac992e3e0e) C:\WINDOWS\system32\DRIVERS\ATITool.sys
2011/09/02 14:10:41.0718 0248	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/02 14:10:45.0953 0248	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/02 14:10:50.0343 0248	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/02 14:10:54.0718 0248	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/02 14:10:59.0156 0248	CCDECODE        (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/02 14:11:07.0140 0248	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/02 14:11:11.0281 0248	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/02 14:11:15.0312 0248	Cdrom           (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/02 14:11:23.0171 0248	cmdGuard        (dd530ee7d9efbb0ec42aebe7226b8a93) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
2011/09/02 14:11:29.0609 0248	cmdHlp          (07cbbe993ed08a52dafac1e6cf27b6a5) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
2011/09/02 14:11:50.0156 0248	Disk            (47b6aaec570f2c11d8bad80a064d8ed1) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/02 14:11:54.0593 0248	dmboot          (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/02 14:11:58.0421 0248	dmio            (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/02 14:12:01.0921 0248	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/02 14:12:05.0718 0248	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/02 14:12:13.0218 0248	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/02 14:12:16.0750 0248	eamon           (3b2e8f97b6869c29da023ee75bf585d5) C:\WINDOWS\system32\DRIVERS\eamon.sys
2011/09/02 14:12:19.0734 0248	ehdrv           (4fad054cbcaa296be7bd2cb77da9d9b4) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2011/09/02 14:12:22.0812 0248	epfwtdir        (d2a915b725845c3eda5a68ed2da74700) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2011/09/02 14:12:26.0609 0248	exFat           (4d893323dae445e34a4c9038b0551bc9) C:\WINDOWS\system32\drivers\exFat.sys
2011/09/02 14:12:30.0531 0248	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/02 14:12:34.0750 0248	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/09/02 14:12:38.0890 0248	Fips            (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/02 14:12:42.0937 0248	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/09/02 14:12:46.0515 0248	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/09/02 14:12:49.0359 0248	fssfltr         (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2011/09/02 14:12:52.0078 0248	Fs_Rec          (30d42943a54704ef13e2562911dbfcea) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/02 14:12:55.0140 0248	Ftdisk          (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/02 14:12:58.0031 0248	giveio          (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
2011/09/02 14:13:02.0546 0248	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/02 14:13:06.0218 0248	hcmon           (1f79859a8c1d7c14ef6207852f622add) C:\WINDOWS\system32\drivers\hcmon.sys
2011/09/02 14:13:09.0875 0248	HdAudAddService (8c46428247f7117596ad0e420f32a47d) C:\WINDOWS\system32\drivers\viahdb.sys
2011/09/02 14:13:13.0953 0248	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/02 14:13:17.0781 0248	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/02 14:13:25.0734 0248	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/02 14:13:35.0843 0248	i8042prt        (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/02 14:13:39.0265 0248	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/02 14:13:46.0859 0248	Inspect         (8154a2c13b72b08db11157673c60c3eb) C:\WINDOWS\system32\DRIVERS\inspect.sys
2011/09/02 14:13:51.0625 0248	intelppm        (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/02 14:13:53.0968 0248	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/09/02 14:13:56.0109 0248	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/02 14:13:57.0906 0248	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/02 14:14:00.0187 0248	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/02 14:14:02.0093 0248	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/02 14:14:05.0437 0248	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/02 14:14:08.0921 0248	isapnp          (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/02 14:14:12.0000 0248	Kbdclass        (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/02 14:14:15.0218 0248	kbdhid          (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/02 14:14:18.0437 0248	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/02 14:14:21.0812 0248	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/02 14:14:24.0796 0248	L8042Kbd        (151d8c22a57025d0619d9ed452a4f1ff) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
2011/09/02 14:14:28.0343 0248	LBeepKE         (ca63fe81705ad660e482bef210bf2c73) C:\WINDOWS\system32\Drivers\LBeepKE.sys
2011/09/02 14:14:36.0296 0248	LHidFilt        (b68309f25c5787385da842eb5b496958) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2011/09/02 14:14:40.0359 0248	LMouFilt        (63d3b1d3cd267fcc186a0146b80d453b) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2011/09/02 14:14:44.0328 0248	lusbaudio       (081caf42d5db1fcf8794fd77befd1b11) C:\WINDOWS\system32\drivers\OVSound2.sys
2011/09/02 14:14:48.0578 0248	Modem           (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/02 14:14:52.0968 0248	monfilt         (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
2011/09/02 14:14:57.0687 0248	Mouclass        (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/02 14:15:01.0796 0248	mouhid          (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/02 14:15:05.0281 0248	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/02 14:15:12.0453 0248	MRxDAV          (65e818c473e220b6ab762e1966296fd1) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/02 14:15:16.0296 0248	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/02 14:15:20.0531 0248	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/02 14:15:24.0406 0248	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/02 14:15:28.0265 0248	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/02 14:15:32.0171 0248	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/02 14:15:36.0250 0248	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/02 14:15:40.0078 0248	MSTEE           (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/02 14:15:43.0703 0248	MTsensor        (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
2011/09/02 14:15:47.0421 0248	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/02 14:15:50.0750 0248	NABTSFEC        (ac31b352ce5e92704056d409834beb74) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/02 14:15:53.0968 0248	NDIS            (b5b1080d35974c0e718d64280761bcd5) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/02 14:15:57.0250 0248	NdisIP          (abd7629cf2796250f315c1dd0b6cf7a0) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/02 14:16:00.0796 0248	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/02 14:16:03.0890 0248	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/02 14:16:07.0312 0248	NdisWan         (b053a8411045fd0664b389a090cb2bbc) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/02 14:16:10.0531 0248	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/02 14:16:14.0234 0248	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/02 14:16:19.0250 0248	NetBT           (3fd903637554667dc3ef40a9c5bf8a24) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/02 14:16:19.0406 0248	NetBT - detected Rootkit.Win32.ZAccess.c (0)
2011/09/02 14:16:25.0500 0248	nm              (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2011/09/02 14:16:32.0109 0248	NPF             (b48dc6abcd3aeff8618350ccbdc6b09a) C:\WINDOWS\system32\drivers\npf.sys
2011/09/02 14:16:38.0984 0248	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/02 14:16:43.0890 0248	Ntfs            (4c51d5275ae8a16999edfe7e647d00de) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/02 14:16:48.0703 0248	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/02 14:16:55.0843 0248	nv              (406ddab2b05d94d4818e97ff050d1bc6) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/09/02 14:17:00.0828 0248	NVR0Dev         (61d6b1c71ad94f8485e966bebc36d092) C:\WINDOWS\nvoclock.sys
2011/09/02 14:17:05.0062 0248	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/02 14:17:08.0843 0248	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/02 14:17:12.0265 0248	Parport         (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/02 14:17:15.0437 0248	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/02 14:17:18.0593 0248	ParVdm          (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/02 14:17:22.0531 0248	PCI             (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/02 14:17:28.0437 0248	PCIIde          (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/02 14:17:31.0906 0248	Pcmcia          (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/02 14:17:51.0343 0248	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/02 14:17:54.0421 0248	PQNTDrv         (87d211ba1e9759e26b6296e625a31ce8) C:\WINDOWS\system32\drivers\PQNTDrv.sys
2011/09/02 14:17:57.0640 0248	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/02 14:18:01.0078 0248	PSSDK42         (c8eb36910d3bd582891977e80925e21e) C:\WINDOWS\system32\Drivers\pssdk42.sys
2011/09/02 14:18:04.0390 0248	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/02 14:18:07.0687 0248	PxHelp20        (d970470f8f39470bdae94d313a1ccdce) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/02 14:18:11.0156 0248	QCEmerald       (90849934d37133e069f31f3e9a66c9bc) C:\WINDOWS\system32\DRIVERS\OVCE.sys
2011/09/02 14:18:30.0734 0248	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/02 14:18:34.0093 0248	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/02 14:18:37.0796 0248	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/02 14:18:41.0453 0248	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/02 14:18:44.0578 0248	Rdbss           (77050c6615f6eb5402f832b27fd695e0) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/02 14:18:47.0640 0248	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/02 14:18:51.0234 0248	rdpdr           (c694a927eb7c354f7ae97955043a9641) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/02 14:18:55.0453 0248	RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/02 14:18:59.0328 0248	redbook         (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/02 14:19:03.0390 0248	rspndr          (743d7d59767073a617b1dcc6c546f234) C:\WINDOWS\system32\DRIVERS\rspndr.sys
2011/09/02 14:19:08.0484 0248	RTHDMIAzAudService (017cc2e361a47461472bc4c08bd12440) C:\WINDOWS\system32\drivers\RtHDMI.sys
2011/09/02 14:19:13.0843 0248	RTL8023xp       (62287f3ec4b4948e815a74eddd323843) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2011/09/02 14:19:17.0796 0248	SaiHFF0D        (3acf53e6fa8ae66a15798b2facec6ab4) C:\WINDOWS\system32\DRIVERS\SaiHFF0D.sys
2011/09/02 14:19:21.0296 0248	SaiMini         (bfd889d6612fa9d2d468eba1cfb27b66) C:\WINDOWS\system32\DRIVERS\SaiMini.sys
2011/09/02 14:19:27.0703 0248	SaiNtBus        (1b3b9de4603debd4ec8b7319636bc36f) C:\WINDOWS\system32\drivers\SaiBus.sys
2011/09/02 14:19:32.0562 0248	SaiUFF0D        (483c2282a9272fd4a7b4d86c13ee897d) C:\WINDOWS\system32\DRIVERS\SaiUFF0D.sys
2011/09/02 14:19:37.0921 0248	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/02 14:19:43.0421 0248	SER120          (0752e84e92841df5f7bf518945b29ac7) C:\WINDOWS\system32\DRIVERS\SER120.sys
2011/09/02 14:19:48.0031 0248	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/02 14:19:52.0406 0248	Serial          (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/02 14:19:56.0875 0248	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/02 14:20:04.0937 0248	SLIP            (1ffc44d6787ec1ea9a2b1440a90fa5c1) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/02 14:20:10.0968 0248	speedfan        (5d6401db90ec81b71f8e2c5c8f0fef23) C:\WINDOWS\system32\speedfan.sys
2011/09/02 14:20:13.0937 0248	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/02 14:20:17.0687 0248	sptd            (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2011/09/02 14:20:17.0687 0248	Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/09/02 14:20:17.0781 0248	sptd - detected LockedFile.Multi.Generic (1)
2011/09/02 14:20:20.0968 0248	Sr              (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/02 14:20:24.0156 0248	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/02 14:20:27.0187 0248	streamip        (a9f9fd0212e572b84edb9eb661f6bc04) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/02 14:20:30.0703 0248	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/02 14:20:34.0859 0248	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/02 14:20:50.0843 0248	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/02 14:20:54.0890 0248	Tcpip           (367de8e5f638c091f49273144274f629) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/02 14:20:58.0843 0248	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/02 14:21:02.0359 0248	TDTCP           (c0578456f29e5f26285f81b7b71fe57d) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/02 14:21:05.0875 0248	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/02 14:21:09.0140 0248	TIEHDUSB        (a1124ebc672aa3ae1b327096c1dcc346) C:\WINDOWS\system32\drivers\tiehdusb.sys
2011/09/02 14:21:16.0171 0248	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/02 14:21:23.0968 0248	UltraMonMirror  (26401a2c5e5466857077eadaaec7cdd0) C:\WINDOWS\system32\DRIVERS\UltraMonMirror.sys
2011/09/02 14:21:24.0593 0248	UltraMonUtility (6fc85b4505eefbfdfc817787e4b3e26f) C:\Program Files\Fichiers communs\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys
2011/09/02 14:21:25.0156 0248	UnlockerDriver5 (4847639d852763ee39415c929470f672) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/09/02 14:21:28.0953 0248	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/02 14:21:32.0937 0248	usb2vcom        (66276112dc7089d2d9e58c7cbf0855c1) C:\WINDOWS\system32\Drivers\usb2vcom.sys
2011/09/02 14:21:37.0375 0248	usbccgp         (c18d6c74953621346df6b0a11f80c1cc) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/02 14:21:41.0156 0248	usbehci         (152ee0baa614388273a0b9ae9c9fd5a0) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/02 14:21:43.0953 0248	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/02 14:21:46.0765 0248	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/02 14:21:49.0687 0248	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/02 14:21:53.0156 0248	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/02 14:21:56.0968 0248	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/02 14:22:01.0484 0248	VIAHdAudAddService (51b24990850076f659d1d1daefbed6f1) C:\WINDOWS\system32\drivers\viahduaa.sys
2011/09/02 14:22:09.0781 0248	vmci            (2847315de9ac17c7ff5fa3059d935c07) C:\WINDOWS\system32\Drivers\vmci.sys
2011/09/02 14:22:13.0718 0248	vmkbd           (aaeef4444a6c2bb2e741de684f2a5e56) C:\WINDOWS\system32\drivers\VMkbd.sys
2011/09/02 14:22:18.0062 0248	VMnetAdapter    (e41704d8149992107b333cc7a52c07cc) C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
2011/09/02 14:22:21.0296 0248	VMnetBridge     (3024e9112a237a25008b351fbf134e61) C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
2011/09/02 14:22:24.0078 0248	VMnetuserif     (386234c03f38fa9eae752f4cca7c8336) C:\WINDOWS\system32\drivers\vmnetuserif.sys
2011/09/02 14:22:27.0015 0248	VMparport       (8e91500966f3ba22a162af9e5446fa2c) C:\WINDOWS\system32\Drivers\VMparport.sys
2011/09/02 14:22:30.0406 0248	vmusb           (afb10ad9aa91d2f70c9f0e6bda0d119b) C:\WINDOWS\system32\Drivers\vmusb.sys
2011/09/02 14:22:34.0015 0248	vmx86           (cf8215484f00ae5268a1b3a46dd69e17) C:\WINDOWS\system32\Drivers\vmx86.sys
2011/09/02 14:22:39.0328 0248	VolSnap         (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/02 14:22:40.0343 0248	vstor2-ws60     (476a052b3ce506ed63a94018f3e979d5) C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys
2011/09/02 14:22:44.0953 0248	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/02 14:22:49.0687 0248	Wdf01000        (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/09/02 14:22:56.0531 0248	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/02 14:22:59.0125 0248	WpdUsb          (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/09/02 14:23:03.0171 0248	WS2IFSL         (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2011/09/02 14:23:06.0937 0248	WSTCODEC        (233cdd1c06942115802eb7ce6669e099) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/02 14:23:09.0921 0248	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/09/02 14:23:12.0921 0248	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/09/02 14:23:16.0375 0248	ZD1211U(ZyDAS)  (adf52208702b6cb497dcce95a16f1e32) C:\WINDOWS\system32\DRIVERS\zd1211u.sys
2011/09/02 14:23:16.0609 0248	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/09/02 14:23:19.0562 0248	MBR (0x1B8)     (ca10ffa6c508202ce0a9d48f6976cde0) \Device\Harddisk1\DR1
2011/09/02 14:23:19.0718 0248	Boot (0x1200)   (7c691aa3adab31259ac4e002c5321ef4) \Device\Harddisk0\DR0\Partition0
2011/09/02 14:23:19.0765 0248	Boot (0x1200)   (88978cb17fbd813fa0e8e7e873cb0866) \Device\Harddisk1\DR1\Partition0
2011/09/02 14:23:19.0796 0248	================================================================================
2011/09/02 14:23:19.0796 0248	Scan finished
2011/09/02 14:23:19.0796 0248	================================================================================
2011/09/02 14:23:19.0812 0236	Detected object count: 3
2011/09/02 14:23:19.0812 0236	Actual detected object count: 3
2011/09/02 14:23:47.0656 0236	HKLM\SYSTEM\ControlSet002\services\12279359 - will be deleted after reboot
2011/09/02 14:23:47.0656 0236	HKLM\SYSTEM\ControlSet003\services\12279359 - will be deleted after reboot
2011/09/02 14:23:47.0750 0236	C:\WINDOWS\1502816018:3990383782.exe - will be deleted after reboot
2011/09/02 14:23:47.0750 0236	HiddenFile.Multi.Generic(12279359) - User select action: Delete 
2011/09/02 14:23:51.0062 0236	NetBT           (3fd903637554667dc3ef40a9c5bf8a24) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/02 14:23:51.0062 0236	VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\netbt.sys) error 1813
2011/09/02 14:23:54.0109 0236	Backup copy not found, trying to cure infected file..
2011/09/02 14:23:54.0109 0236	C:\WINDOWS\system32\DRIVERS\netbt.sys - Cure failed (FFFFFFFF)
2011/09/02 14:23:54.0109 0236	C:\WINDOWS\system32\DRIVERS\netbt.sys - processing error
2011/09/02 14:23:54.0109 0236	Rootkit.Win32.ZAccess.c(NetBT) - User select action: Cure 
2011/09/02 14:23:56.0734 0236	sptd            (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2011/09/02 14:23:56.0734 0236	Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/09/02 14:23:56.0937 0236	C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
2011/09/02 14:23:56.0937 0236	LockedFile.Multi.Generic(sptd) - User select action: Quarantine 
2011/09/02 14:25:01.0375 0212	Deinitialize success