Sujet Précédent Sujet Suivant

Cheval de troie win32/mebroot mbr

Fermé
sharkcandle - 30 sept. 2011 à 11:26
 sharkcandle - 30 sept. 2011 à 11:58
Bonjour,
serais t'il possible que quelqu'un puisse m'aider , mon antivirus Nod 32 a detecter ceci : cheval de troie win32/mebroot dans le secteur mbr mais il n'arrive pas a le supprimer , pouvez vous m'aider a le supprimer

merci beaucoup


2 réponses

Réponse 1 / 2
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 272
30 sept. 2011 à 11:46
bonjour

Télécharge Reload_TDSSKiller
http://dl.dropbox.com/u/21363431/Reload_Tdsskiller.exe

Lance le

choisis : télécharger la derniere version

relance-le

choisis : lancer le nettoyage

TDSSKiller va s'ouvrir , clique sur "Start Scan"

Si TDSS.tdl2 est détecté l''option delete sera cochée par défaut.
Si TDSS.tdl3 est détecté assure toi que Cure est bien cochée.
Si TDSS.tdl4(\HardDisk0\MBR) est détecté assure toi que Cure est bien cochée.
Si Suspicious file est indiqué, laisse l''option cochée sur Skip
Si Rootkit.Win32.ZAccess.* est détecté règle sur "cure" en haut , et "delete" en bas

une fois qu'il a terminé , redemarre s'il te le demande pour finir de nettoyer

sinon , ferme tdssKiller et le rapport s'affichera sur le bureau


Copie/Colle son contenu dans ta prochaine réponse.
0
Réponse 2 / 2
sharkcandle
30 sept. 2011 à 11:58
bonjour et merci de ton aide precieuse voici le rapport a l'issu

11:52:48.0093 0228 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
11:52:48.0656 0228 ============================================================
11:52:48.0656 0228 Current date / time: 2011/09/30 11:52:48.0656
11:52:48.0656 0228 SystemInfo:
11:52:48.0656 0228
11:52:48.0656 0228 OS Version: 5.1.2600 ServicePack: 3.0
11:52:48.0656 0228 Product type: Workstation
11:52:48.0656 0228 ComputerName: MAISON-D20346F6
11:52:48.0656 0228 UserName: Maison
11:52:48.0656 0228 Windows directory: C:\WINDOWS
11:52:48.0656 0228 System windows directory: C:\WINDOWS
11:52:48.0656 0228 Processor architecture: Intel x86
11:52:48.0656 0228 Number of processors: 2
11:52:48.0656 0228 Page size: 0x1000
11:52:48.0656 0228 Boot type: Normal boot
11:52:48.0656 0228 ============================================================
11:52:49.0125 0228 Initialize success
11:53:16.0203 2468 ============================================================
11:53:16.0203 2468 Scan started
11:53:16.0203 2468 Mode: Manual;
11:53:16.0203 2468 ============================================================
11:53:16.0390 2468 Abiosdsk - ok
11:53:16.0406 2468 abp480n5 - ok
11:53:16.0453 2468 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:53:16.0453 2468 ACPI - ok
11:53:16.0484 2468 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:53:16.0500 2468 ACPIEC - ok
11:53:16.0500 2468 adpu160m - ok
11:53:16.0546 2468 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:53:16.0546 2468 aec - ok
11:53:16.0593 2468 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
11:53:16.0593 2468 AFD - ok
11:53:16.0593 2468 Aha154x - ok
11:53:16.0609 2468 aic78u2 - ok
11:53:16.0609 2468 aic78xx - ok
11:53:16.0625 2468 AliIde - ok
11:53:16.0703 2468 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
11:53:16.0765 2468 Ambfilt - ok
11:53:16.0781 2468 amsint - ok
11:53:16.0796 2468 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:53:16.0796 2468 Arp1394 - ok
11:53:16.0812 2468 asc - ok
11:53:16.0828 2468 asc3350p - ok
11:53:16.0828 2468 asc3550 - ok
11:53:16.0843 2468 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:53:16.0843 2468 AsyncMac - ok
11:53:16.0875 2468 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:53:16.0875 2468 atapi - ok
11:53:16.0875 2468 Atdisk - ok
11:53:16.0890 2468 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:53:16.0890 2468 Atmarpc - ok
11:53:16.0937 2468 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:53:16.0937 2468 audstub - ok
11:53:16.0984 2468 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:53:16.0984 2468 Beep - ok
11:53:17.0015 2468 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:53:17.0015 2468 cbidf2k - ok
11:53:17.0031 2468 cd20xrnt - ok
11:53:17.0031 2468 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:53:17.0046 2468 Cdaudio - ok
11:53:17.0093 2468 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:53:17.0093 2468 Cdfs - ok
11:53:17.0109 2468 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:53:17.0109 2468 Cdrom - ok
11:53:17.0109 2468 Changer - ok
11:53:17.0125 2468 CmdIde - ok
11:53:17.0156 2468 Cpqarray - ok
11:53:17.0156 2468 dac2w2k - ok
11:53:17.0171 2468 dac960nt - ok
11:53:17.0187 2468 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:53:17.0187 2468 Disk - ok
11:53:17.0234 2468 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
11:53:17.0281 2468 dmboot - ok
11:53:17.0312 2468 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
11:53:17.0312 2468 dmio - ok
11:53:17.0328 2468 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:53:17.0328 2468 dmload - ok
11:53:17.0359 2468 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:53:17.0375 2468 DMusic - ok
11:53:17.0375 2468 dpti2o - ok
11:53:17.0390 2468 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:53:17.0390 2468 drmkaud - ok
11:53:17.0421 2468 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
11:53:17.0437 2468 eamon - ok
11:53:17.0453 2468 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
11:53:17.0453 2468 ehdrv - ok
11:53:17.0468 2468 epfwtdir (06c65ac0a703cf8eea4f284d901a1550) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
11:53:17.0484 2468 epfwtdir - ok
11:53:17.0531 2468 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:53:17.0531 2468 Fastfat - ok
11:53:17.0546 2468 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:53:17.0546 2468 Fdc - ok
11:53:17.0562 2468 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
11:53:17.0562 2468 Fips - ok
11:53:17.0562 2468 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:53:17.0562 2468 Flpydisk - ok
11:53:17.0609 2468 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:53:17.0609 2468 FltMgr - ok
11:53:17.0625 2468 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:53:17.0625 2468 Fs_Rec - ok
11:53:17.0625 2468 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:53:17.0640 2468 Ftdisk - ok
11:53:17.0640 2468 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:53:17.0640 2468 Gpc - ok
11:53:17.0687 2468 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:53:17.0687 2468 HDAudBus - ok
11:53:17.0703 2468 hpn - ok
11:53:17.0750 2468 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:53:17.0765 2468 HTTP - ok
11:53:17.0765 2468 i2omgmt - ok
11:53:17.0781 2468 i2omp - ok
11:53:17.0812 2468 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:53:17.0812 2468 i8042prt - ok
11:53:17.0843 2468 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:53:17.0843 2468 Imapi - ok
11:53:17.0859 2468 ini910u - ok
11:53:18.0046 2468 IntcAzAudAddService (440317795d6f9af27bf305036ad43d1d) C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:53:18.0093 2468 IntcAzAudAddService - ok
11:53:18.0109 2468 IntelIde - ok
11:53:18.0125 2468 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:53:18.0125 2468 Ip6Fw - ok
11:53:18.0156 2468 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:53:18.0156 2468 IpFilterDriver - ok
11:53:18.0171 2468 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:53:18.0171 2468 IpInIp - ok
11:53:18.0187 2468 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:53:18.0203 2468 IpNat - ok
11:53:18.0203 2468 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:53:18.0203 2468 IPSec - ok
11:53:18.0234 2468 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:53:18.0250 2468 IRENUM - ok
11:53:18.0281 2468 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:53:18.0281 2468 isapnp - ok
11:53:18.0296 2468 iteraid (979836fc6dc05218b4e93e5ccea5654b) C:\WINDOWS\system32\DRIVERS\iteraid.sys
11:53:18.0296 2468 iteraid - ok
11:53:18.0312 2468 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:53:18.0312 2468 Kbdclass - ok
11:53:18.0359 2468 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:53:18.0359 2468 kmixer - ok
11:53:18.0406 2468 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:53:18.0406 2468 KSecDD - ok
11:53:18.0421 2468 lbrtfdc - ok
11:53:18.0468 2468 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:53:18.0468 2468 mnmdd - ok
11:53:18.0515 2468 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
11:53:18.0515 2468 Modem - ok
11:53:18.0578 2468 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
11:53:18.0609 2468 Monfilt - ok
11:53:18.0640 2468 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:53:18.0640 2468 Mouclass - ok
11:53:18.0656 2468 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:53:18.0656 2468 MountMgr - ok
11:53:18.0656 2468 mraid35x - ok
11:53:18.0671 2468 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:53:18.0671 2468 MRxDAV - ok
11:53:18.0718 2468 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:53:18.0734 2468 MRxSmb - ok
11:53:18.0750 2468 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:53:18.0750 2468 Msfs - ok
11:53:18.0781 2468 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:53:18.0781 2468 MSKSSRV - ok
11:53:18.0796 2468 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:53:18.0796 2468 MSPCLOCK - ok
11:53:18.0812 2468 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:53:18.0812 2468 MSPQM - ok
11:53:18.0843 2468 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:53:18.0843 2468 mssmbios - ok
11:53:18.0875 2468 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:53:18.0875 2468 Mup - ok
11:53:18.0921 2468 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:53:18.0921 2468 NDIS - ok
11:53:18.0953 2468 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:53:18.0953 2468 NdisTapi - ok
11:53:19.0000 2468 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:53:19.0000 2468 Ndisuio - ok
11:53:19.0015 2468 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:53:19.0015 2468 NdisWan - ok
11:53:19.0046 2468 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:53:19.0046 2468 NDProxy - ok
11:53:19.0062 2468 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:53:19.0062 2468 NetBIOS - ok
11:53:19.0078 2468 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:53:19.0078 2468 NetBT - ok
11:53:19.0125 2468 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:53:19.0125 2468 NIC1394 - ok
11:53:19.0140 2468 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:53:19.0140 2468 Npfs - ok
11:53:19.0171 2468 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:53:19.0187 2468 Ntfs - ok
11:53:19.0203 2468 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:53:19.0218 2468 Null - ok
11:53:19.0531 2468 nv (6733e80a193fc36f41c24142b0c45c0e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:53:19.0812 2468 nv - ok
11:53:19.0828 2468 nvata (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\DRIVERS\nvata.sys
11:53:19.0828 2468 nvata - ok
11:53:19.0859 2468 NVENETFD (cc34564bca235ebad8b308d871efa2df) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
11:53:19.0859 2468 NVENETFD - ok
11:53:19.0875 2468 nvnetbus (46fdb8d07dd4fc81093b0acb243a525d) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
11:53:19.0875 2468 nvnetbus - ok
11:53:19.0906 2468 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:53:19.0937 2468 NwlnkFlt - ok
11:53:19.0937 2468 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:53:19.0937 2468 NwlnkFwd - ok
11:53:19.0968 2468 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:53:19.0968 2468 ohci1394 - ok
11:53:20.0015 2468 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
11:53:20.0015 2468 Parport - ok
11:53:20.0031 2468 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:53:20.0031 2468 PartMgr - ok
11:53:20.0046 2468 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
11:53:20.0046 2468 ParVdm - ok
11:53:20.0046 2468 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
11:53:20.0062 2468 PCI - ok
11:53:20.0062 2468 PCIDump - ok
11:53:20.0078 2468 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:53:20.0078 2468 PCIIde - ok
11:53:20.0109 2468 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:53:20.0109 2468 Pcmcia - ok
11:53:20.0109 2468 PDCOMP - ok
11:53:20.0125 2468 PDFRAME - ok
11:53:20.0125 2468 PDRELI - ok
11:53:20.0140 2468 PDRFRAME - ok
11:53:20.0140 2468 perc2 - ok
11:53:20.0156 2468 perc2hib - ok
11:53:20.0203 2468 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:53:20.0203 2468 PptpMiniport - ok
11:53:20.0234 2468 Processor (e19c9632ac828f6f214391e2bdda11cb) C:\WINDOWS\system32\DRIVERS\processr.sys
11:53:20.0234 2468 Processor - ok
11:53:20.0250 2468 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:53:20.0250 2468 PSched - ok
11:53:20.0250 2468 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:53:20.0250 2468 Ptilink - ok
11:53:20.0265 2468 ql1080 - ok
11:53:20.0265 2468 Ql10wnt - ok
11:53:20.0281 2468 ql12160 - ok
11:53:20.0296 2468 ql1240 - ok
11:53:20.0296 2468 ql1280 - ok
11:53:20.0312 2468 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:53:20.0312 2468 RasAcd - ok
11:53:20.0328 2468 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:53:20.0328 2468 Rasl2tp - ok
11:53:20.0343 2468 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:53:20.0343 2468 RasPppoe - ok
11:53:20.0343 2468 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:53:20.0359 2468 Raspti - ok
11:53:20.0375 2468 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:53:20.0375 2468 Rdbss - ok
11:53:20.0375 2468 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:53:20.0375 2468 RDPCDD - ok
11:53:20.0421 2468 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:53:20.0421 2468 RDPWD - ok
11:53:20.0468 2468 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:53:20.0468 2468 redbook - ok
11:53:20.0515 2468 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:53:20.0531 2468 Secdrv - ok
11:53:20.0562 2468 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:53:20.0562 2468 serenum - ok
11:53:20.0578 2468 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
11:53:20.0578 2468 Serial - ok
11:53:20.0593 2468 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:53:20.0593 2468 Sfloppy - ok
11:53:20.0609 2468 Simbad - ok
11:53:20.0609 2468 Sparrow - ok
11:53:20.0656 2468 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:53:20.0656 2468 splitter - ok
11:53:20.0687 2468 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
11:53:20.0703 2468 sr - ok
11:53:20.0750 2468 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:53:20.0765 2468 Srv - ok
11:53:20.0796 2468 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:53:20.0796 2468 swenum - ok
11:53:20.0812 2468 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:53:20.0812 2468 swmidi - ok
11:53:20.0828 2468 symc810 - ok
11:53:20.0828 2468 symc8xx - ok
11:53:20.0843 2468 sym_hi - ok
11:53:20.0843 2468 sym_u3 - ok
11:53:20.0875 2468 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:53:20.0875 2468 sysaudio - ok
11:53:20.0937 2468 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:53:20.0937 2468 Tcpip - ok
11:53:20.0968 2468 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:53:20.0968 2468 TDPIPE - ok
11:53:20.0984 2468 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:53:20.0984 2468 TDTCP - ok
11:53:21.0015 2468 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:53:21.0015 2468 TermDD - ok
11:53:21.0031 2468 TosIde - ok
11:53:21.0062 2468 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:53:21.0062 2468 Udfs - ok
11:53:21.0078 2468 ultra - ok
11:53:21.0093 2468 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:53:21.0093 2468 Update - ok
11:53:21.0125 2468 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:53:21.0125 2468 usbehci - ok
11:53:21.0140 2468 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:53:21.0140 2468 usbhub - ok
11:53:21.0156 2468 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:53:21.0156 2468 usbohci - ok
11:53:21.0171 2468 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:53:21.0171 2468 usbstor - ok
11:53:21.0203 2468 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:53:21.0218 2468 VgaSave - ok
11:53:21.0218 2468 ViaIde - ok
11:53:21.0234 2468 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
11:53:21.0234 2468 VolSnap - ok
11:53:21.0265 2468 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:53:21.0265 2468 Wanarp - ok
11:53:21.0281 2468 WDICA - ok
11:53:21.0328 2468 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:53:21.0328 2468 wdmaud - ok
11:53:21.0375 2468 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:53:21.0390 2468 WS2IFSL - ok
11:53:21.0437 2468 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
11:53:21.0484 2468 \Device\Harddisk0\DR0 - ok
11:53:21.0500 2468 MBR (0x1B8) (f381baacfc1778337c007982b0c32d82) \Device\Harddisk1\DR1
11:53:21.0500 2468 \Device\Harddisk1\DR1 ( Backdoor.Win32.Sinowal.knf ) - infected
11:53:21.0500 2468 \Device\Harddisk1\DR1 - detected Backdoor.Win32.Sinowal.knf (0)
11:53:21.0515 2468 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
11:53:21.0515 2468 \Device\Harddisk2\DR2 - ok
11:53:21.0531 2468 Boot (0x1200) (ec55ba3292c9c47c42ba766cb395dad5) \Device\Harddisk0\DR0\Partition0
11:53:21.0531 2468 \Device\Harddisk0\DR0\Partition0 - ok
11:53:21.0531 2468 Boot (0x1200) (5708529886adae1c5d6e4ff6fceccf41) \Device\Harddisk1\DR1\Partition0
11:53:21.0546 2468 \Device\Harddisk1\DR1\Partition0 - ok
11:53:21.0546 2468 Boot (0x1200) (343f9707ca24889e43de41770b3734f8) \Device\Harddisk2\DR2\Partition0
11:53:21.0546 2468 \Device\Harddisk2\DR2\Partition0 - ok
11:53:21.0546 2468 ============================================================
11:53:21.0546 2468 Scan finished
11:53:21.0546 2468 ============================================================
11:53:21.0562 0504 Detected object count: 1
11:53:21.0562 0504 Actual detected object count: 1
11:54:16.0484 0504 \Device\Harddisk1\DR1 ( Backdoor.Win32.Sinowal.knf ) - will be cured on reboot
11:54:16.0531 0504 \Device\Harddisk1\DR1 - ok
11:54:16.0531 0504 \Device\Harddisk1\DR1 ( Backdoor.Win32.Sinowal.knf ) - User select action: Cure
11:54:31.0609 1872 Deinitialize success
0

Discussions similaires

Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
Présence ou non de cheval de troie ?
hunter55 -
Malekal_morte- -

14 réponses
infecté par HackTool:Win32/AutoKMS
fredo1968 -
fredo1968 -

5 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
Que fait le virus LPI Win32 Pup-Gen
Tristan Chrome -
Tristan Chrome -

2 réponses