Trojan removal - Thx for your help

[cian31]

MBAM updated and currently running.

I will check my JAVA version after MBAM processing.

Thk u  for your time and instructions!

[cian31]

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 8198

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

20/11/2011 19:06:32
mbam-log-2011-11-20 (19-06-32).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|)
Elément(s) analysé(s): 345180
Temps écoulé: 4 heure(s), 19 minute(s), 45 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

[cian31]

ComboFix alert me on a rootkit! 


ComboFix 11-11-20.02 - Cecile 20/11/2011  22:55:52.2.2 - x86
Microsoft® Windows Vista™ Édition Familiale Premium   6.0.6002.2.1252.33.1036.18.3069.1922 [GMT 1:00]
Lancé depuis: c:\users\Cecile\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Un antivirus résident est actif
.
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2011-10-20 au 2011-11-20  ))))))))))))))))))))))))))))))))))))
.
.
2011-11-20 22:12 . 2011-11-20 22:12   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-11-20 21:47 . 2011-11-20 21:47   56200   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{9EB35648-5A28-4EC7-8CD3-01DEDF112A85}\offreg.dll
2011-11-20 21:32 . 2011-11-20 22:12   --------   d-----w-   c:\users\Cecile\AppData\Local\temp
2011-11-20 13:44 . 2011-08-31 16:00   22216   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-11-20 13:40 . 2011-11-20 13:41   --------   d-----w-   c:\program files\Common Files\Adobe
2011-11-19 01:17 . 2011-10-07 03:48   6668624   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{9EB35648-5A28-4EC7-8CD3-01DEDF112A85}\mpengine.dll
2011-11-17 08:01 . 2011-11-17 08:01   --------   d-----w-   c:\program files\CCleaner
2011-11-13 13:17 . 2011-11-13 13:17   --------   d-----w-   c:\users\Cecile\AppData\Roaming\Malwarebytes
2011-11-13 13:16 . 2011-11-13 13:16   --------   d-----w-   c:\programdata\Malwarebytes
2011-11-13 13:16 . 2011-11-20 13:45   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2011-11-13 09:55 . 2011-11-13 09:56   --------   d--h--w-   c:\program files\Ask.com
2011-11-13 09:53 . 2011-11-13 09:53   --------   d--h--w-   c:\users\Cecile\AppData\Roaming\SUPERAntiSpyware.com
2011-11-13 09:52 . 2011-11-17 20:13   --------   d--h--w-   c:\program files\SUPERAntiSpyware
2011-11-13 09:52 . 2011-11-13 09:52   --------   d--h--w-   c:\programdata\SUPERAntiSpyware.com
2011-11-09 17:45 . 2011-10-17 11:41   2409784   ----a-w-   c:\program files\Windows Mail\OESpamFilter.dat
2011-11-09 17:45 . 2011-09-20 21:02   905088   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2011-11-09 17:45 . 2011-09-30 15:57   707584   ----a-w-   c:\program files\Common Files\System\wab32.dll
2011-11-05 10:05 . 2011-11-05 10:05   653576   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-06 13:30 . 2011-10-12 23:52   2043392   ----a-w-   c:\windows\system32\win32k.sys
2011-09-02 13:39 . 2011-10-12 23:50   1383424   ----a-w-   c:\windows\system32\mshtml.tlb
2011-08-25 16:15 . 2011-10-12 23:52   555520   ----a-w-   c:\windows\system32\UIAutomationCore.dll
2011-08-25 16:14 . 2011-10-12 23:52   563712   ----a-w-   c:\windows\system32\oleaut32.dll
2011-08-25 16:14 . 2011-10-12 23:52   238080   ----a-w-   c:\windows\system32\oleacc.dll
2011-08-25 13:31 . 2011-10-12 23:52   4096   ----a-w-   c:\windows\system32\oleaccrc.dll
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-09-30 972080]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-04-18 3037696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136]
"DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-09-26 1148200]
"TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-09-25 1152296]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-09-25 189736]
"TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2008-09-24 206120]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-10-03 912688]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-09-05 206128]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-09-11 446556]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54   551296   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-10-22 107360]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 59376]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe [2008-06-27 77824]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-08 108289]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]
S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-09-24 296320]
S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-09-24 116096]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-09-08 193840]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation   REG_MULTI_SZ      FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 09:14   451872   ----a-w-   c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'
.
2011-11-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3543032756-1341853526-3042005519-1000Core.job
- c:\users\Cecile\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-05 12:04]
.
2011-11-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3543032756-1341853526-3042005519-1000UA.job
- c:\users\Cecile\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-05 12:04]
.
2011-11-18 c:\windows\Tasks\HPCeeScheduleForCecile.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 02:22]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.27.40.240 212.27.40.241
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\users\Cecile\AppData\Roaming\Mozilla\Firefox\Profiles\wa878qin.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60341&qkw=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: iGraal: {e411bb40-b04c-11d8-92e7-00d09e0179f2} - %profile%\extensions\{e411bb40-b04c-11d8-92e7-00d09e0179f2}
FF - Ext: SUPERAntiSpyware Toolbar Powered by Ask.com: [email protected] - %profile%\extensions\[email protected]
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-20 23:12
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
.
Heure de fin: 2011-11-20  23:16:45
ComboFix-quarantined-files.txt  2011-11-20 22:16
ComboFix2.txt  2011-11-20 21:44
.
Avant-CF: 54 672 093 184 octets libres
Après-CF: 54 635 429 888 octets libres
.
- - End Of File - - B5217E7A66B62F8FC968DDCFA5ADB6E3

[cian31]

 Results of screen317's Security Check version 0.99.28 
 Windows Vista Service Pack 2 x86 (UAC is enabled) 
 Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
 Avira AntiVir Personal - Free Antivirus
 McAfee Security Scan Plus   
 WMI entry may not exist for antivirus; attempting automatic update.
 Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
 Malwarebytes' Anti-Malware   
 CCleaner     
 Java(TM) 6 Update 20 
 Java version out of date!
  Adobe Flash Player (   10.2.153.1) Flash Player Out of Date! 
 Adobe Reader 9 (Adobe Reader out of date!)
 Mozilla Firefox ((3.6.24)) Firefox Out of Date! 
````````````````````````````````
Process Check: 
objlist.exe by Laurent
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
``````````End of Log````````````

[cian31]

- Java update always stop on an error : internal Interne 2753.regutils.dll
- windows updates also stop on an error : Code 80096001
- Firefox is updated in 8.0
- I don't understand the warning on Adobe Reader version since Adobe 9 is installed et that no other version is detected by the update process of Adobe Reader ...

[SuperDave]

Your Internet Explorer is also out-of-date. You should update it. Out-dated programs are susceptible to infections.

Let's run a few more scans to see what turns up.

Please download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



On completion of the scan click save log, save it to your desktop and post in your next reply
*******************************************************
SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

http://sites.google.com/site/sysprotantirootkit/

Unzip it into a folder on your desktop.

• Double click Sysprot.exe to start the program.
• Click on the Log tab.
• In the Write to log box select the following items.
• Process << Selected
  
• Kernel Modules << Selected
  
• SSDT << Selected
  
• Kernel Hooks << Selected
  
• IRP Hooks << NOT Selected
  
• Ports << NOT Selected
  
• Hidden Files << Selected
  
• At the bottom of the page
• Hidden Objects Only << Selected
  
• Click on the Create Log button on the bottom right.
• After a few seconds a new window should appear.
• Select Scan Root Drive. Click on the Start button.
• When it is complete a new window will appear to indicate that the scan is finished.
• The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

[cian31]

Your Internet Explorer is also out-of-date. You should update it. Out-dated programs are susceptible to infections.

I agree but I can't... the updates mentionned always fail...
I don't know how to force the updates for these programs 

[cian31]

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-21 21:06:22
-----------------------------
21:06:22.865    OS Version: Windows 6.0.6002 Service Pack 2
21:06:22.865    Number of processors: 2 586 0x301
21:06:22.869    ComputerName: NAVIS  UserName:
21:06:24.176    Initialize success
21:12:42.472    AVAST engine defs: 11112100
21:13:27.590    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:13:27.596    Disk 0 Vendor: FUJITSU_MHZ2160BH_G2 8909 Size: 152627MB BusType: 3
21:13:29.646    Disk 0 MBR read successfully
21:13:29.653    Disk 0 MBR scan
21:13:29.664    Disk 0 unknown MBR code
21:13:29.681    Disk 0 scanning sectors +312573952
21:13:29.789    Disk 0 scanning C:\Windows\system32\drivers
21:13:51.976    Service scanning
21:13:54.274    Modules scanning
21:14:04.720    Disk 0 trace - called modules:
21:14:04.762    ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys tcpip.sys NETIO.SYS
21:14:04.770    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x858cc8e8]
21:14:04.779    3 CLASSPNP.SYS[807a48b3] -> nt!IofCallDriver -> [0x858da890]
21:14:05.158    5 hpdskflt.sys[8b1b0f05] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85891b98]
21:14:06.690    AVAST engine scan C:\Windows
21:14:13.120    AVAST engine scan C:\Windows\system32
21:17:20.886    AVAST engine scan C:\Windows\system32\drivers
21:17:35.932    AVAST engine scan C:\Users\Cecile
21:29:35.799    AVAST engine scan C:\ProgramData
21:32:19.987    Scan finished successfully
21:32:59.863    Disk 0 MBR has been saved successfully to "C:\Users\Cecile\Desktop\MBR.dat"
21:32:59.888    The log file has been saved successfully to "C:\Users\Cecile\Desktop\aswMBR.txt"


good log ?

[SuperDave]

I don't know how to force the updates for these programs 

What happens when you try updating from this site?

Please download TDSSKiller from here and save it to your Desktop.

• Doubleclick TDSSKiller.exe to run the tool
  
• Click the Start Scan button (If prompted with a "hidden service warning" do go ahead and delete it.)
  
  
• After the scan has finished, click the Close button
  
• Click the Report button and copy/paste the contents of it into your next reply
  
• Note:It will also create a log in the C:\ directory.
  

[cian31]

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-21 21:06:22
-----------------------------
21:06:22.865    OS Version: Windows 6.0.6002 Service Pack 2
21:06:22.865    Number of processors: 2 586 0x301
21:06:22.869    ComputerName: NAVIS  UserName:
21:06:24.176    Initialize success
21:12:42.472    AVAST engine defs: 11112100
21:13:27.590    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:13:27.596    Disk 0 Vendor: FUJITSU_MHZ2160BH_G2 8909 Size: 152627MB BusType: 3
21:13:29.646    Disk 0 MBR read successfully
21:13:29.653    Disk 0 MBR scan
21:13:29.664    Disk 0 unknown MBR code
21:13:29.681    Disk 0 scanning sectors +312573952
21:13:29.789    Disk 0 scanning C:\Windows\system32\drivers
21:13:51.976    Service scanning
21:13:54.274    Modules scanning
21:14:04.720    Disk 0 trace - called modules:
21:14:04.762    ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys tcpip.sys NETIO.SYS
21:14:04.770    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x858cc8e8]
21:14:04.779    3 CLASSPNP.SYS[807a48b3] -> nt!IofCallDriver -> [0x858da890]
21:14:05.158    5 hpdskflt.sys[8b1b0f05] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85891b98]
21:14:06.690    AVAST engine scan C:\Windows
21:14:13.120    AVAST engine scan C:\Windows\system32
21:17:20.886    AVAST engine scan C:\Windows\system32\drivers
21:17:35.932    AVAST engine scan C:\Users\Cecile
21:29:35.799    AVAST engine scan C:\ProgramData
21:32:19.987    Scan finished successfully
21:32:59.863    Disk 0 MBR has been saved successfully to "C:\Users\Cecile\Desktop\MBR.dat"
21:32:59.888    The log file has been saved successfully to "C:\Users\Cecile\Desktop\aswMBR.txt"


aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-23 21:23:51
-----------------------------
21:23:51.718    OS Version: Windows 6.0.6002 Service Pack 2
21:23:51.718    Number of processors: 2 586 0x301
21:23:51.720    ComputerName: NAVIS  UserName:
21:23:55.649    Initialize success
21:30:20.794    AVAST engine defs: 11112302
21:32:42.683    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:32:42.689    Disk 0 Vendor: FUJITSU_MHZ2160BH_G2 8909 Size: 152627MB BusType: 3
21:32:44.743    Disk 0 MBR read successfully
21:32:44.749    Disk 0 MBR scan
21:32:44.760    Disk 0 unknown MBR code
21:32:44.788    Disk 0 scanning sectors +312573952
21:32:44.916    Disk 0 scanning C:\Windows\system32\drivers
21:33:24.149    Service scanning
21:33:26.206    Modules scanning
21:34:12.392    Disk 0 trace - called modules:
21:34:12.478    ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
21:34:12.487    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x858cc8e8]
21:34:12.495    3 CLASSPNP.SYS[807a48b3] -> nt!IofCallDriver -> [0x858da890]
21:34:12.508    5 hpdskflt.sys[8b1b0f05] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85891b98]
21:34:13.817    AVAST engine scan C:\Windows
21:34:36.011    AVAST engine scan C:\Windows\system32
21:41:43.801    AVAST engine scan C:\Windows\system32\drivers
21:42:39.545    AVAST engine scan C:\Users\Cecile
21:43:59.675    Disk 0 MBR has been saved successfully to "C:\Users\Cecile\Desktop\MBR.dat"
21:43:59.713    The log file has been saved successfully to "C:\Users\Cecile\Desktop\aswMBR.txt"

[cian31]

What happens when you try updating from this site?

I try with your link and it's the same : it failed...

[cian31]

21:53:09.0514 5884   TDSS rootkit removing tool 2.6.20.0 Nov 22 2011 12:05:55
21:53:09.0700 5884   ============================================================
21:53:09.0700 5884   Current date / time: 2011/11/23 21:53:09.0700
21:53:09.0700 5884   SystemInfo:
21:53:09.0700 5884   
21:53:09.0701 5884   OS Version: 6.0.6002 ServicePack: 2.0
21:53:09.0701 5884   Product type: Workstation
21:53:09.0701 5884   ComputerName: NAVIS
21:53:09.0702 5884   UserName: Cecile
21:53:09.0702 5884   Windows directory: C:\Windows
21:53:09.0702 5884   System windows directory: C:\Windows
21:53:09.0702 5884   Processor architecture: Intel x86
21:53:09.0702 5884   Number of processors: 2
21:53:09.0702 5884   Page size: 0x1000
21:53:09.0702 5884   Boot type: Normal boot
21:53:09.0702 5884   ============================================================
21:53:11.0995 5884   Initialize success
21:55:06.0949 6016   ============================================================
21:55:06.0949 6016   Scan started
21:55:06.0949 6016   Mode: Manual;
21:55:06.0949 6016   ============================================================
21:55:07.0943 6016   Accelerometer   (3b10711ad8656c097e0d16a41b29c54c) C:\Windows\system32\DRIVERS\Accelerometer.sys
21:55:07.0945 6016   Accelerometer - ok
21:55:08.0203 6016   ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:55:08.0209 6016   ACPI - ok
21:55:08.0526 6016   adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
21:55:08.0582 6016   adp94xx - ok
21:55:08.0784 6016   adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
21:55:08.0822 6016   adpahci - ok
21:55:09.0016 6016   adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
21:55:09.0042 6016   adpu160m - ok
21:55:09.0200 6016   adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
21:55:09.0222 6016   adpu320 - ok
21:55:09.0620 6016   AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
21:55:09.0645 6016   AFD - ok
21:55:09.0817 6016   agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
21:55:09.0834 6016   agp440 - ok
21:55:10.0050 6016   aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:55:10.0052 6016   aic78xx - ok
21:55:10.0191 6016   aliide          (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys
21:55:10.0201 6016   aliide - ok
21:55:10.0432 6016   amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
21:55:10.0450 6016   amdagp - ok
21:55:10.0628 6016   amdide          (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys
21:55:10.0629 6016   amdide - ok
21:55:10.0848 6016   AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
21:55:10.0861 6016   AmdK7 - ok
21:55:11.0031 6016   AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
21:55:11.0032 6016   AmdK8 - ok
21:55:11.0439 6016   arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
21:55:11.0450 6016   arc - ok
21:55:11.0667 6016   arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
21:55:11.0670 6016   arcsas - ok
21:55:11.0927 6016   AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:55:11.0954 6016   AsyncMac - ok
21:55:12.0076 6016   atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:55:12.0078 6016   atapi - ok
21:55:12.0427 6016   athr            (57a25b2a015b6f3d4aef751dd7f517f4) C:\Windows\system32\DRIVERS\athr.sys
21:55:12.0572 6016   athr - ok
21:55:13.0129 6016   atikmdag        (ac9e487e3513561e4f7953c438727ff7) C:\Windows\system32\DRIVERS\atikmdag.sys
21:55:13.0624 6016   atikmdag - ok
21:55:13.0849 6016   AtiPcie         (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
21:55:13.0850 6016   AtiPcie - ok
21:55:14.0076 6016   avgio           (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
21:55:14.0083 6016   avgio - ok
21:55:14.0294 6016   avgntflt        (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
21:55:14.0303 6016   avgntflt - ok
21:55:14.0491 6016   avipbb          (ad9bd66a862116e79cb45bb6be46055f) C:\Windows\system32\DRIVERS\avipbb.sys
21:55:14.0499 6016   avipbb - ok
21:55:14.0757 6016   Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:55:14.0758 6016   Beep - ok
21:55:15.0031 6016   blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
21:55:15.0032 6016   blbdrive - ok
21:55:15.0172 6016   bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
21:55:15.0182 6016   bowser - ok
21:55:15.0314 6016   BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:55:15.0315 6016   BrFiltLo - ok
21:55:15.0492 6016   BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:55:15.0494 6016   BrFiltUp - ok
21:55:15.0691 6016   Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:55:15.0699 6016   Brserid - ok
21:55:15.0893 6016   BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:55:15.0896 6016   BrSerWdm - ok
21:55:16.0019 6016   BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:55:16.0020 6016   BrUsbMdm - ok
21:55:16.0190 6016   BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:55:16.0191 6016   BrUsbSer - ok
21:55:16.0427 6016   BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:55:16.0429 6016   BTHMODEM - ok
21:55:16.0614 6016   catchme - ok
21:55:16.0814 6016   cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:55:16.0823 6016   cdfs - ok
21:55:16.0991 6016   cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:55:17.0003 6016   cdrom - ok
21:55:17.0163 6016   circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
21:55:17.0171 6016   circlass - ok
21:55:17.0334 6016   CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:55:17.0353 6016   CLFS - ok
21:55:17.0534 6016   CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
21:55:17.0535 6016   CmBatt - ok
21:55:17.0658 6016   cmdide          (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys
21:55:17.0670 6016   cmdide - ok
21:55:17.0883 6016   Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
21:55:17.0886 6016   Compbatt - ok
21:55:18.0064 6016   crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
21:55:18.0066 6016   crcdisk - ok
21:55:18.0244 6016   Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
21:55:18.0252 6016   Crusoe - ok
21:55:18.0414 6016   DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
21:55:18.0435 6016   DfsC - ok
21:55:18.0663 6016   disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:55:18.0666 6016   disk - ok
21:55:18.0835 6016   drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:55:18.0836 6016   drmkaud - ok
21:55:19.0040 6016   DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:55:19.0102 6016   DXGKrnl - ok
21:55:19.0229 6016   E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:55:19.0257 6016   E1G60 - ok
21:55:19.0500 6016   Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:55:19.0505 6016   Ecache - ok
21:55:19.0773 6016   elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
21:55:19.0815 6016   elxstor - ok
21:55:20.0100 6016   enecir          (004b2ea6cc2598ec5f0552e43ce29cef) C:\Windows\system32\DRIVERS\enecir.sys
21:55:20.0116 6016   enecir - ok
21:55:20.0312 6016   ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
21:55:20.0313 6016   ErrDev - ok
21:55:20.0555 6016   exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:55:20.0568 6016   exfat - ok
21:55:20.0863 6016   fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:55:20.0887 6016   fastfat - ok
21:55:21.0130 6016   fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
21:55:21.0132 6016   fdc - ok
21:55:21.0373 6016   FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:55:21.0376 6016   FileInfo - ok
21:55:21.0681 6016   Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:55:21.0699 6016   Filetrace - ok
21:55:21.0902 6016   flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:55:21.0903 6016   flpydisk - ok
21:55:22.0119 6016   FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:55:22.0139 6016   FltMgr - ok
21:55:22.0305 6016   Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:55:22.0306 6016   Fs_Rec - ok
21:55:22.0485 6016   gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
21:55:22.0488 6016   gagp30kx - ok
21:55:22.0812 6016   HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
21:55:22.0835 6016   HdAudAddService - ok
21:55:23.0047 6016   HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:55:23.0115 6016   HDAudBus - ok
21:55:23.0289 6016   HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:55:23.0298 6016   HidBth - ok
21:55:23.0441 6016   HidIr           (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
21:55:23.0449 6016   HidIr - ok
21:55:23.0688 6016   HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:55:23.0689 6016   HidUsb - ok
21:55:23.0877 6016   HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
21:55:23.0886 6016   HpCISSs - ok
21:55:24.0097 6016   hpdskflt        (24f3f496c18efc234777723a67a85f81) C:\Windows\system32\DRIVERS\hpdskflt.sys
21:55:24.0099 6016   hpdskflt - ok
21:55:24.0232 6016   HpqKbFiltr      (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:55:24.0240 6016   HpqKbFiltr - ok
21:55:24.0511 6016   HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:55:24.0575 6016   HTTP - ok
21:55:24.0755 6016   i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
21:55:24.0757 6016   i2omp - ok
21:55:25.0038 6016   i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:55:25.0040 6016   i8042prt - ok
21:55:25.0198 6016   iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
21:55:25.0216 6016   iaStorV - ok
21:55:25.0396 6016   iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:55:25.0398 6016   iirsp - ok
21:55:25.0587 6016   intelide        (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys
21:55:25.0588 6016   intelide - ok
21:55:25.0819 6016   intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:55:25.0827 6016   intelppm - ok
21:55:25.0971 6016   IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:55:25.0980 6016   IpFilterDriver - ok
21:55:26.0082 6016   IpInIp - ok
21:55:26.0261 6016   IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
21:55:26.0262 6016   IPMIDRV - ok
21:55:26.0417 6016   IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:55:26.0428 6016   IPNAT - ok
21:55:26.0615 6016   IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:55:26.0616 6016   IRENUM - ok
21:55:26.0750 6016   isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
21:55:26.0759 6016   isapnp - ok
21:55:27.0053 6016   iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:55:27.0076 6016   iScsiPrt - ok
21:55:27.0205 6016   iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:55:27.0207 6016   iteatapi - ok
21:55:27.0394 6016   iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:55:27.0397 6016   iteraid - ok
21:55:27.0553 6016   JMCR            (ab772e9cc29c29f59cb4b75f9d6f3f96) C:\Windows\system32\DRIVERS\jmcr.sys
21:55:27.0571 6016   JMCR - ok
21:55:27.0776 6016   kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:55:27.0778 6016   kbdclass - ok
21:55:27.0944 6016   kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:55:27.0945 6016   kbdhid - ok
21:55:28.0184 6016   KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
21:55:28.0245 6016   KSecDD - ok
21:55:28.0553 6016   lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:55:28.0556 6016   lltdio - ok
21:55:28.0707 6016   LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
21:55:28.0716 6016   LSI_FC - ok
21:55:28.0875 6016   LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
21:55:28.0878 6016   LSI_SAS - ok
21:55:29.0089 6016   LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
21:55:29.0091 6016   LSI_SCSI - ok
21:55:29.0312 6016   luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:55:29.0332 6016   luafv - ok
21:55:29.0597 6016   megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
21:55:29.0606 6016   megasas - ok
21:55:29.0827 6016   MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
21:55:29.0895 6016   MegaSR - ok
21:55:30.0111 6016   Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:55:30.0119 6016   Modem - ok
21:55:30.0265 6016   monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:55:30.0267 6016   monitor - ok
21:55:30.0376 6016   mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:55:30.0384 6016   mouclass - ok
21:55:30.0516 6016   mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:55:30.0517 6016   mouhid - ok
21:55:30.0679 6016   MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:55:30.0701 6016   MountMgr - ok
21:55:30.0870 6016   mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
21:55:30.0888 6016   mpio - ok
21:55:31.0061 6016   mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:55:31.0063 6016   mpsdrv - ok
21:55:31.0313 6016   Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:55:31.0321 6016   Mraid35x - ok
21:55:31.0510 6016   MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:55:31.0547 6016   MRxDAV - ok
21:55:31.0721 6016   mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:55:31.0730 6016   mrxsmb - ok
21:55:31.0862 6016   mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:55:31.0927 6016   mrxsmb10 - ok
21:55:32.0054 6016   mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:55:32.0086 6016   mrxsmb20 - ok
21:55:32.0316 6016   msahci          (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
21:55:32.0325 6016   msahci - ok
21:55:32.0459 6016   msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
21:55:32.0469 6016   msdsm - ok
21:55:32.0647 6016   Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:55:32.0649 6016   Msfs - ok
21:55:32.0866 6016   msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:55:32.0867 6016   msisadrv - ok
21:55:33.0082 6016   MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:55:33.0083 6016   MSKSSRV - ok
21:55:33.0300 6016   MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:55:33.0302 6016   MSPCLOCK - ok
21:55:33.0423 6016   MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:55:33.0424 6016   MSPQM - ok
21:55:33.0585 6016   MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:55:33.0602 6016   MsRPC - ok
21:55:33.0727 6016   mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:55:33.0729 6016   mssmbios - ok
21:55:33.0868 6016   MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:55:33.0869 6016   MSTEE - ok
21:55:34.0027 6016   Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:55:34.0036 6016   Mup - ok
21:55:34.0236 6016   NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:55:34.0259 6016   NativeWifiP - ok
21:55:34.0539 6016   NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:55:34.0593 6016   NDIS - ok
21:55:34.0752 6016   NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:55:34.0761 6016   NdisTapi - ok
21:55:34.0982 6016   Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:55:35.0000 6016   Ndisuio - ok
21:55:35.0176 6016   NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:55:35.0179 6016   NdisWan - ok
21:55:35.0392 6016   NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:55:35.0395 6016   NDProxy - ok
21:55:35.0566 6016   NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:55:35.0574 6016   NetBIOS - ok
21:55:35.0795 6016   netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:55:35.0800 6016   netbt - ok
21:55:36.0315 6016   NETw3v32        (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
21:55:36.0715 6016   NETw3v32 - ok
21:55:36.0871 6016   nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:55:36.0880 6016   nfrd960 - ok
21:55:36.0996 6016   Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:55:36.0998 6016   Npfs - ok
21:55:37.0129 6016   nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:55:37.0131 6016   nsiproxy - ok
21:55:37.0442 6016   Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:55:37.0572 6016   Ntfs - ok
21:55:37.0777 6016   ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:55:37.0787 6016   ntrigdigi - ok
21:55:37.0948 6016   Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:55:37.0950 6016   Null - ok
21:55:38.0194 6016   nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
21:55:38.0219 6016   nvraid - ok
21:55:38.0311 6016   nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
21:55:38.0329 6016   nvstor - ok
21:55:38.0507 6016   nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
21:55:38.0515 6016   nv_agp - ok
21:55:38.0614 6016   NwlnkFlt - ok
21:55:38.0718 6016   NwlnkFwd - ok
21:55:38.0923 6016   ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
21:55:38.0925 6016   ohci1394 - ok
21:55:39.0125 6016   Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:55:39.0144 6016   Parport - ok
21:55:39.0391 6016   partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:55:39.0400 6016   partmgr - ok
21:55:39.0547 6016   Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:55:39.0548 6016   Parvdm - ok
21:55:39.0776 6016   pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:55:39.0780 6016   pci - ok
21:55:39.0938 6016   pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
21:55:39.0939 6016   pciide - ok
21:55:40.0146 6016   pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:55:40.0166 6016   pcmcia - ok
21:55:40.0438 6016   PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:55:40.0581 6016   PEAUTH - ok
21:55:40.0849 6016   PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:55:40.0851 6016   PptpMiniport - ok
21:55:40.0978 6016   Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
21:55:40.0981 6016   Processor - ok
21:55:41.0207 6016   PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:55:41.0209 6016   PSched - ok
21:55:41.0402 6016   ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
21:55:41.0496 6016   ql2300 - ok
21:55:41.0730 6016   ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:55:41.0747 6016   ql40xx - ok
21:55:41.0920 6016   QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:55:41.0930 6016   QWAVEdrv - ok
21:55:42.0127 6016   RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:55:42.0128 6016   RasAcd - ok
21:55:42.0287 6016   Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:55:42.0290 6016   Rasl2tp - ok
21:55:42.0588 6016   RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:55:42.0590 6016   RasPppoe - ok
21:55:42.0863 6016   RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:55:42.0872 6016   RasSstp - ok
21:55:43.0162 6016   rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:55:43.0204 6016   rdbss - ok
21:55:43.0428 6016   RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:55:43.0429 6016   RDPCDD - ok
21:55:43.0554 6016   rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
21:55:43.0578 6016   rdpdr - ok
21:55:43.0758 6016   RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:55:43.0760 6016   RDPENCDD - ok
21:55:43.0925 6016   RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
21:55:43.0934 6016   RDPWD - ok
21:55:44.0142 6016   rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:55:44.0158 6016   rspndr - ok
21:55:44.0384 6016   RTL8169         (174b9514cd1a0c33ce4bbc02a3c81a62) C:\Windows\system32\DRIVERS\Rtlh86.sys
21:55:44.0387 6016   RTL8169 - ok
21:55:44.0571 6016   SASDIFSV        (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:55:44.0573 6016   SASDIFSV - ok
21:55:44.0616 6016   SASKUTIL        (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:55:44.0634 6016   SASKUTIL - ok
21:55:44.0847 6016   sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:55:44.0855 6016   sbp2port - ok
21:55:45.0097 6016   sdbus           (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
21:55:45.0121 6016   sdbus - ok
21:55:45.0304 6016   secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:55:45.0326 6016   secdrv - ok
21:55:45.0480 6016   Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
21:55:45.0481 6016   Serenum - ok
21:55:45.0641 6016   Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:55:45.0643 6016   Serial - ok
21:55:45.0869 6016   sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:55:45.0886 6016   sermouse - ok
21:55:46.0090 6016   sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
21:55:46.0091 6016   sffdisk - ok
21:55:46.0222 6016   sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
21:55:46.0224 6016   sffp_mmc - ok
21:55:46.0430 6016   sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
21:55:46.0431 6016   sffp_sd - ok
21:55:46.0633 6016   sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
21:55:46.0634 6016   sfloppy - ok
21:55:46.0890 6016   sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
21:55:46.0901 6016   sisagp - ok
21:55:47.0027 6016   SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
21:55:47.0037 6016   SiSRaid2 - ok
21:55:47.0170 6016   SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
21:55:47.0172 6016   SiSRaid4 - ok
21:55:47.0326 6016   Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:55:47.0329 6016   Smb - ok
21:55:47.0510 6016   spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:55:47.0519 6016   spldr - ok
21:55:47.0728 6016   srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
21:55:47.0770 6016   srv - ok
21:55:47.0981 6016   srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
21:55:47.0985 6016   srv2 - ok
21:55:48.0152 6016   srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
21:55:48.0155 6016   srvnet - ok
21:55:48.0345 6016   ssmdrv          (3ad0362cf68de3ac500e981700242cca) C:\Windows\system32\DRIVERS\ssmdrv.sys
21:55:48.0353 6016   ssmdrv - ok
21:55:48.0562 6016   STHDA           (87a094ca41bc86ce430df0ed0c846dc8) C:\Windows\system32\DRIVERS\stwrt.sys
21:55:48.0578 6016   STHDA - ok
21:55:48.0738 6016   swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:55:48.0740 6016   swenum - ok
21:55:48.0901 6016   Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:55:48.0903 6016   Symc8xx - ok
21:55:49.0011 6016   Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:55:49.0012 6016   Sym_hi - ok
21:55:49.0196 6016   Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:55:49.0197 6016   Sym_u3 - ok
21:55:49.0403 6016   SynTP           (964524a9edcce945e82419abe9db94ee) C:\Windows\system32\DRIVERS\SynTP.sys
21:55:49.0412 6016   SynTP - ok
21:55:49.0617 6016   Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
21:55:49.0687 6016   Tcpip - ok
21:55:49.0921 6016   Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
21:55:49.0936 6016   Tcpip6 - ok
21:55:50.0076 6016   tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
21:55:50.0077 6016   tcpipreg - ok
21:55:50.0274 6016   TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:55:50.0275 6016   TDPIPE - ok
21:55:50.0421 6016   TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:55:50.0423 6016   TDTCP - ok
21:55:50.0572 6016   tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:55:50.0574 6016   tdx - ok
21:55:50.0680 6016   TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:55:50.0682 6016   TermDD - ok
21:55:50.0873 6016   tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:55:50.0875 6016   tssecsrv - ok
21:55:51.0071 6016   tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:55:51.0073 6016   tunmp - ok
21:55:51.0230 6016   tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:55:51.0232 6016   tunnel - ok
21:55:51.0407 6016   uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
21:55:51.0409 6016   uagp35 - ok
21:55:51.0607 6016   udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:55:51.0621 6016   udfs - ok
21:55:51.0851 6016   uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
21:55:51.0853 6016   uliagpkx - ok
21:55:51.0985 6016   uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
21:55:52.0013 6016   uliahci - ok
21:55:52.0176 6016   UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:55:52.0178 6016   UlSata - ok
21:55:52.0279 6016   ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:55:52.0282 6016   ulsata2 - ok
21:55:52.0466 6016   umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:55:52.0468 6016   umbus - ok
21:55:52.0602 6016   usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:55:52.0604 6016   usbccgp - ok
21:55:52.0798 6016   usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:55:52.0822 6016   usbcir - ok
21:55:53.0056 6016   usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:55:53.0058 6016   usbehci - ok
21:55:53.0275 6016   usbfilter       (edca5124b54bcf04e5c0538aa397a9c1) C:\Windows\system32\DRIVERS\usbfilter.sys
21:55:53.0277 6016   usbfilter - ok
21:55:53.0392 6016   usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:55:53.0402 6016   usbhub - ok
21:55:53.0528 6016   usbohci         (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
21:55:53.0530 6016   usbohci - ok
21:55:53.0714 6016   usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
21:55:53.0715 6016   usbprint - ok
21:55:53.0857 6016   USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:55:53.0859 6016   USBSTOR - ok
21:55:53.0993 6016   usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
21:55:53.0995 6016   usbuhci - ok
21:55:54.0185 6016   usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
21:55:54.0188 6016   usbvideo - ok
21:55:54.0403 6016   vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
21:55:54.0405 6016   vga - ok
21:55:54.0543 6016   VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:55:54.0545 6016   VgaSave - ok
21:55:54.0680 6016   viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
21:55:54.0683 6016   viaagp - ok
21:55:54.0905 6016   ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
21:55:54.0906 6016   ViaC7 - ok
21:55:55.0091 6016   viaide          (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys
21:55:55.0093 6016   viaide - ok
21:55:55.0317 6016   volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:55:55.0320 6016   volmgr - ok
21:55:55.0546 6016   volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:55:55.0564 6016   volmgrx - ok
21:55:55.0787 6016   volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
21:55:55.0797 6016   volsnap - ok
21:55:55.0937 6016   vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
21:55:55.0940 6016   vsmraid - ok
21:55:56.0143 6016   WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:55:56.0145 6016   WacomPen - ok
21:55:56.0292 6016   Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:55:56.0296 6016   Wanarp - ok
21:55:56.0333 6016   Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:55:56.0335 6016   Wanarpv6 - ok
21:55:56.0530 6016   Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
21:55:56.0532 6016   Wd - ok
21:55:56.0733 6016   Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
21:55:56.0786 6016   Wdf01000 - ok
21:55:57.0083 6016   WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:55:57.0084 6016   WmiAcpi - ok
21:55:57.0248 6016   ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:55:57.0250 6016   ws2ifsl - ok
21:55:57.0460 6016   WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:55:57.0462 6016   WUDFRd - ok
21:55:57.0663 6016   yukonwlh        (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
21:55:57.0678 6016   yukonwlh - ok
21:55:57.0861 6016   {55662437-DA8C-40c0-AADA-2C816A897A49} (bdfde977f5e88a539187aef24ded7c40) C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
21:55:57.0880 6016   {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
21:55:57.0936 6016   MBR (0x1B8)     (5c86adec17b739c437e145e3b3fc2e6d) \Device\Harddisk0\DR0
21:55:57.0954 6016   \Device\Harddisk0\DR0 - ok
21:55:57.0967 6016   MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
21:55:59.0619 6016   \Device\Harddisk1\DR1 - ok
21:55:59.0631 6016   MBR (0x1B8)     (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk2\DR2
21:56:01.0229 6016   \Device\Harddisk2\DR2 - ok
21:56:01.0259 6016   Boot (0x1200)   (967cea4e3bb8b75f3689a169f2ce7cae) \Device\Harddisk0\DR0\Partition0
21:56:01.0267 6016   \Device\Harddisk0\DR0\Partition0 - ok
21:56:01.0311 6016   Boot (0x1200)   (70d61108dde852fbf1de720d227b7b9f) \Device\Harddisk0\DR0\Partition1
21:56:01.0337 6016   \Device\Harddisk0\DR0\Partition1 - ok
21:56:01.0370 6016   Boot (0x1200)   (7ca00ad7d2761211d9bf976d38688a4a) \Device\Harddisk1\DR1\Partition0
21:56:01.0379 6016   \Device\Harddisk1\DR1\Partition0 - ok
21:56:01.0389 6016   Boot (0x1200)   (b80072c5a60f70c6e3f25bc4734fd2da) \Device\Harddisk2\DR2\Partition0
21:56:01.0391 6016   \Device\Harddisk2\DR2\Partition0 - ok
21:56:01.0394 6016   ============================================================
21:56:01.0394 6016   Scan finished
21:56:01.0394 6016   ============================================================
21:56:01.0427 3052   Detected object count: 0
21:56:01.0427 3052   Actual detected object count: 0

[cian31]

all my personnal files have disapeared ... do you think i can retrieve them ? 

[SuperDave]

all my personnal files have disapeared ... do you think i can retrieve them ?

Can you please explain in more detail?

[cian31]

Can you please explain in more detail?

when I look in my "personnal documents folder" all the folders are empty (except Download). Documents/Pictures/Music are totally empty... (I have a quite recent save of all my personnal folder hopefully). I wonder if it is only that files are masked or if all these trojan/virus/malware/rootkit suff have destroyed them?