Ragazzi avast mi da sempre questo avviso io metto sempre ok con l'opzione sposta nel cestino ma non succede niente la finestra ricompare dopo qualche ora come faccio a rimuovere questo file???

grazie a tutti

E te credo, è un potentissimo RootKit.

Scarica TDSSKiller: http://support.kaspersky.com/downloads/utils/tdsskiller.zip
● estrai il contenuto del file zippato sul Desktop
● doppio click su TDSSKiller.exe per avviare l'applicazione e successivamente sul pulsante Start Scan

Giunti a questo punto, inizia la scansione del tuo sistema alla ricerca di software malevolo:
● se viene trovato un file infetto, l'azione di default sarà Cure, clicca quindi su Continua
● se viene trovato un file sospetto, l'azione di default sarà Skip, clicca quindi su Continua

Una volta terminata la scansione, si presenterà una di queste due opzioni:
● non è necessario il riavvio del sistema: clicca su Report e salva il contenuto in un file di testo
● è necessario riavviare il sistema: clicca su Riavvia ora
● una volta riavviato il sistema, il report del programma da allegare si trova in C:\ in questa forma:
TDSSKiller.[Version]_[Date]_[Time]_log.txt

ho fatto la scansione dopo ho riavviato ma quel file non l'ho trovato sono andato in cerca ho fatto copia e incolla di come hai scritto tu ma nn ha trovato niente.. dove lo trovo?

L'unico che trovo in C:\ e questo:

2011/01/23 18:01:06.0890 TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53
2011/01/23 18:01:06.0890 ================================================================================
2011/01/23 18:01:06.0890 SystemInfo:
2011/01/23 18:01:06.0890
2011/01/23 18:01:06.0890 OS Version: 5.1.2600 ServicePack: 3.0
2011/01/23 18:01:06.0890 Product type: Workstation
2011/01/23 18:01:06.0890 ComputerName: SALVATORE
2011/01/23 18:01:06.0890 UserName: Angelo
2011/01/23 18:01:06.0890 Windows directory: C:\WINDOWS
2011/01/23 18:01:06.0890 System windows directory: C:\WINDOWS
2011/01/23 18:01:06.0890 Processor architecture: Intel x86
2011/01/23 18:01:06.0890 Number of processors: 1
2011/01/23 18:01:06.0890 Page size: 0x1000
2011/01/23 18:01:06.0890 Boot type: Normal boot
2011/01/23 18:01:06.0890 ================================================================================
2011/01/23 18:01:07.0515 Initialize success
2011/01/23 18:01:12.0500 ================================================================================
2011/01/23 18:01:12.0500 Scan started
2011/01/23 18:01:12.0500 Mode: Manual;
2011/01/23 18:01:12.0500 ================================================================================
2011/01/23 18:01:13.0734 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
2011/01/23 18:01:13.0906 Aavmker4 (479c9835b91147be1a92cb76fad9c6de) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/01/23 18:01:14.0250 ACPI (d766e636187b8f240bbfbabcd51eb2c6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/01/23 18:01:14.0437 ACPIEC (49ac5cd87fbdda62f3e25190019e7627) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/01/23 18:01:14.0843 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/01/23 18:01:15.0000 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/01/23 18:01:15.0609 ALCXWDM (8bce7d9b7b56b75b5ea5028c1ffa50ab) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/01/23 18:01:15.0890 AmdK8 (a96cc1761e4e6e997f3ca0021226c431) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/01/23 18:01:16.0437 ANIO (920298c7aef97d8168d219d35975d295) C:\WINDOWS\system32\ANIO.SYS
2011/01/23 18:01:16.0656 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/01/23 18:01:17.0109 aswFsBlk (cba53c5e29ae0a0ce76f9a2be3a40d9e) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/01/23 18:01:17.0265 aswMon2 (a1c52b822b7b8a5c2162d38f579f97b7) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/01/23 18:01:17.0437 aswRdr (b6e8c5874377a42756c282fac2e20836) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/01/23 18:01:17.0625 aswSP (b93a553c9b0f14263c8f016a44c3258c) C:\WINDOWS\system32\drivers\aswSP.sys
2011/01/23 18:01:17.0812 aswTdi (1408421505257846eb336feeef33352d) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/01/23 18:01:17.0921 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/01/23 18:01:18.0078 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/01/23 18:01:18.0375 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/01/23 18:01:18.0531 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/01/23 18:01:18.0734 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
2011/01/23 18:01:18.0921 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/01/23 18:01:19.0109 BlueletAudio (31ff5b87c1dd907613cc613224b8e303) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
2011/01/23 18:01:19.0265 BT (9da8abc4885aff4793d4aa420e40bb12) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
2011/01/23 18:01:19.0390 Btcsrusb (7e99a004329250900818ee0de014f032) C:\WINDOWS\system32\Drivers\btcusb.sys
2011/01/23 18:01:19.0531 BTHidEnum (0448968ba21acde511c19f3c0296e23b) C:\WINDOWS\system32\DRIVERS\vbtenum.sys
2011/01/23 18:01:19.0734 BTHidMgr (f408264f6ad1dc7e7bdd4837440f115d) C:\WINDOWS\system32\Drivers\BTHidMgr.sys
2011/01/23 18:01:19.0812 BTNetFilter (6b05fdc0cfc3753b520d2d4176cc32d0) C:\WINDOWS\system32\drivers\BTNetFilter.sys
2011/01/23 18:01:19.0984 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/01/23 18:01:20.0078 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/01/23 18:01:20.0406 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/01/23 18:01:20.0593 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/01/23 18:01:20.0796 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/01/23 18:01:21.0531 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/01/23 18:01:21.0765 dmboot (82bc125a8ed33f5f0e75f2aac1065323) C:\WINDOWS\system32\drivers\dmboot.sys
2011/01/23 18:01:21.0968 dmio (e959ddc0ea7ac11ee5e5602e2a364310) C:\WINDOWS\system32\drivers\dmio.sys
2011/01/23 18:01:22.0140 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/01/23 18:01:22.0281 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/01/23 18:01:22.0640 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/01/23 18:01:22.0796 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/01/23 18:01:22.0953 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/01/23 18:01:23.0171 FETND5BV (af8af100f0dd397a34bb273bc64aef1a) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
2011/01/23 18:01:23.0343 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
2011/01/23 18:01:23.0437 Fips (2cfea3326981a18c6baf2bd9be76225b) C:\WINDOWS\system32\drivers\Fips.sys
2011/01/23 18:01:23.0593 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/01/23 18:01:23.0796 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/01/23 18:01:23.0984 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/01/23 18:01:24.0187 Ftdisk (f3269a6ee547ea87b949a1cea4816b38) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/01/23 18:01:24.0359 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
2011/01/23 18:01:24.0546 gmer (35b24c17f8aea65cabc4a4e63e88ac45) C:\WINDOWS\system32\DRIVERS\gmer.sys
2011/01/23 18:01:24.0750 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/01/23 18:01:24.0875 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/01/23 18:01:25.0109 HSFHWBS2 (128ef741b2293c36810561092b566b1c) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
2011/01/23 18:01:25.0328 HSF_DP (9a0d0c461ef2b3d80cb7875b4b995e47) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2011/01/23 18:01:25.0578 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/01/23 18:01:25.0984 i8042prt (610726e28af55b95043c5c35a727e320) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/01/23 18:01:26.0125 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/01/23 18:01:26.0500 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/01/23 18:01:26.0656 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/01/23 18:01:26.0812 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/01/23 18:01:26.0921 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/01/23 18:01:27.0125 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/01/23 18:01:27.0250 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/01/23 18:01:27.0406 isapnp (0953594beb81cc72fcc62d37921b25a6) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/01/23 18:01:27.0625 Kbdclass (28b6eace513ca7eaba3b809ad4bc274d) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/01/23 18:01:27.0750 kbdhid (4c61c226bdda2ef1672b2c5f4e56625e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/01/23 18:01:27.0890 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/01/23 18:01:28.0093 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/01/23 18:01:28.0375 mdmxsdk (5110edd87e2508f02b922e83a2487dfc) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/01/23 18:01:28.0593 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/01/23 18:01:28.0781 Modem (8cb6636806d76b85fafaee94d75f5129) C:\WINDOWS\system32\drivers\Modem.sys
2011/01/23 18:01:28.0937 Mouclass (e904ebed608055a2bfb824c07f59766c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/01/23 18:01:29.0109 mouhid (d7662f0cf5b77bbbe3202716f5bd5318) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/01/23 18:01:29.0218 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/01/23 18:01:29.0500 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/01/23 18:01:29.0765 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/01/23 18:01:29.0968 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
2011/01/23 18:01:30.0046 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/01/23 18:01:30.0218 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/01/23 18:01:30.0343 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/01/23 18:01:30.0546 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/01/23 18:01:30.0687 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/01/23 18:01:30.0859 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/01/23 18:01:30.0953 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
2011/01/23 18:01:31.0093 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/01/23 18:01:31.0265 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/01/23 18:01:31.0390 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/01/23 18:01:31.0625 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/01/23 18:01:31.0812 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/01/23 18:01:31.0875 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/01/23 18:01:32.0031 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/01/23 18:01:32.0234 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/01/23 18:01:32.0343 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/01/23 18:01:32.0546 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/01/23 18:01:32.0765 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/01/23 18:01:32.0875 nmwcd (28e36e677849174c910faaead3e60e9e) C:\WINDOWS\system32\drivers\ccdcmb.sys
2011/01/23 18:01:33.0015 nmwcdc (3823deb17f9f6775de0187a98fa0536d) C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011/01/23 18:01:33.0203 nmwcdnsu (496f34fb30dd541350b29558842cd42a) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2011/01/23 18:01:33.0375 nmwcdnsuc (99fbb538789888e6a48b902417f68dd4) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2011/01/23 18:01:33.0578 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/01/23 18:01:33.0781 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/01/23 18:01:34.0000 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/01/23 18:01:34.0125 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/01/23 18:01:34.0265 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/01/23 18:01:34.0453 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/01/23 18:01:34.0671 Parport (4e9408a178b2d955871c2cdd278de3c3) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/01/23 18:01:34.0843 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/01/23 18:01:34.0921 ParVdm (0dabef655a444cb1e193626fb1d24b9f) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/01/23 18:01:35.0062 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/01/23 18:01:35.0203 PCI (f40a46892afebb0314536b849d57c11e) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/01/23 18:01:35.0437 PCIIde (b2df00d650fd6c4ee781740ed3c8e67f) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/01/23 18:01:35.0625 Pcmcia (815c50f2b1d1562800bdce8be895000e) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/01/23 18:01:36.0453 pfc (957b82ec80ad7ead64e5e47df6b0dc40) C:\WINDOWS\system32\drivers\pfc.sys
2011/01/23 18:01:36.0656 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/01/23 18:01:36.0843 Processor (b479f50e883b2297a5f7f212aaee6f6c) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/01/23 18:01:37.0046 PsSdk41 (0c234a4a2fbab98e5e1bafaf3e3e403a) C:\WINDOWS\system32\Drivers\pssdk41.sys
2011/01/23 18:01:37.0203 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/01/23 18:01:38.0015 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/01/23 18:01:38.0203 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/01/23 18:01:38.0390 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/01/23 18:01:38.0609 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/01/23 18:01:38.0750 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/01/23 18:01:38.0906 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/01/23 18:01:39.0000 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/01/23 18:01:39.0187 redbook (393fc252593323b624b230eca6b85e63) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/01/23 18:01:39.0375 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/01/23 18:01:39.0562 RT73 (5eff124bfabac3e7fc2908be28906b1b) C:\WINDOWS\system32\DRIVERS\Dr71WU.sys
2011/01/23 18:01:39.0765 SDTHOOK (f88d17b93621eeb8bef33b81e3af9207) C:\WINDOWS\system32\DRIVERS\SDTHOOK.sys
2011/01/23 18:01:39.0859 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/01/23 18:01:40.0046 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/01/23 18:01:40.0218 Serial (fdbd9d64e2e03270021d424f0dccf79d) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/01/23 18:01:40.0406 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/01/23 18:01:40.0687 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/01/23 18:01:41.0250 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\WINDOWS\system32\DRIVERS\snpstd3.sys
2011/01/23 18:01:41.0828 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/01/23 18:01:42.0046 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
2011/01/23 18:01:42.0062 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/01/23 18:01:42.0062 sptd - detected Locked file (1)
2011/01/23 18:01:42.0234 sr (618718cae288bf7cbd8fcbab2577d932) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/01/23 18:01:42.0375 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/01/23 18:01:42.0625 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/01/23 18:01:42.0812 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/01/23 18:01:42.0921 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/01/23 18:01:43.0500 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/01/23 18:01:43.0750 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/01/23 18:01:43.0937 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/01/23 18:01:44.0015 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/01/23 18:01:44.0156 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/01/23 18:01:44.0250 thdudf (9d4bbd6e27b5562aea8295de7134e386) C:\WINDOWS\system32\DRIVERS\thdudf.sys
2011/01/23 18:01:44.0515 U81xbus (8452977e2331af70652c3a4c28d2706d) C:\WINDOWS\system32\DRIVERS\U81xbus.sys
2011/01/23 18:01:44.0718 U81xmdfl (e39c410fcd87570e36dcc34f6d2502b7) C:\WINDOWS\system32\DRIVERS\U81xmdfl.sys
2011/01/23 18:01:44.0875 U81xmdm (eb0bbf5d8c53f1abe7911907b276a0b6) C:\WINDOWS\system32\DRIVERS\U81xmdm.sys
2011/01/23 18:01:45.0031 U81xmgmt (f0eea020cc5986260b87cb92050af160) C:\WINDOWS\system32\DRIVERS\U81xmgmt.sys
2011/01/23 18:01:45.0281 U81xobex (aa1eb6bfd8176c25c04b803542bcd7ac) C:\WINDOWS\system32\DRIVERS\U81xobex.sys
2011/01/23 18:01:45.0453 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/01/23 18:01:45.0796 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Programmi\Unlocker\UnlockerDriver5.sys
2011/01/23 18:01:45.0984 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/01/23 18:01:46.0203 upperdev (b1b8bee26227dad9835019201552cb05) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
2011/01/23 18:01:46.0328 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/01/23 18:01:46.0500 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/01/23 18:01:46.0640 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/01/23 18:01:46.0843 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/01/23 18:01:47.0062 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/01/23 18:01:47.0234 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/01/23 18:01:47.0390 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
2011/01/23 18:01:47.0515 UsbserFilt (98e1ff1d732c6c7200b6c59d4ff8c1c3) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
2011/01/23 18:01:47.0671 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/01/23 18:01:47.0796 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/01/23 18:01:47.0968 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/01/23 18:01:48.0140 VComm (9ebee4a060c5364a31aeaa04eac2af1e) C:\WINDOWS\system32\DRIVERS\VComm.sys
2011/01/23 18:01:48.0312 VcommMgr (ef0d45ed806b0c9ae9756bfeecb077ed) C:\WINDOWS\system32\Drivers\VcommMgr.sys
2011/01/23 18:01:48.0484 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/01/23 18:01:48.0687 viaagp1 (4b039bbd037b01f5db5a144c837f283a) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
2011/01/23 18:01:48.0796 viagfx (b5cdb297f5fd2825e4422a495b356a84) C:\WINDOWS\system32\DRIVERS\vtmini.sys
2011/01/23 18:01:48.0968 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/01/23 18:01:49.0062 VolSnap (e46c1b5a56da7da603d09dfcc79ec59e) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/01/23 18:01:49.0234 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/01/23 18:01:49.0468 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/01/23 18:01:49.0765 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/01/23 18:01:50.0015 winachsf (ce545a84bf3411e7516fa8da51ad9d93) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/01/23 18:01:50.0281 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/01/23 18:01:50.0453 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/01/23 18:01:50.0656 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/01/23 18:01:50.0828 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/01/23 18:01:51.0093 ZSMC301b (d0683508cbe6b9bcb0577d9e23621591) C:\WINDOWS\system32\Drivers\usbVM31b.sys
2011/01/23 18:01:51.0187 \HardDisk0 - detected Backdoor.Win32.Sinowal.knf (0)
2011/01/23 18:01:51.0203 ================================================================================
2011/01/23 18:01:51.0203 Scan finished
2011/01/23 18:01:51.0203 ================================================================================
2011/01/23 18:01:51.0234 Detected object count: 2
2011/01/23 18:06:40.0828 Locked file(sptd) - User select action: Skip
2011/01/23 18:06:40.0843 \HardDisk0 - will be cured after reboot
2011/01/23 18:06:40.0843 Backdoor.Win32.Sinowal.knf(\HardDisk0) - User select action: Cure
2011/01/23 18:08:16.0125 Deinitialize success