Cheval de troie Win32.ZAccess.ob

Voici un premier test

Webroot AntiZeroAccess 0.8 Log File
Execution time: 28/10/2011 - 12:05
Host operation System: Windows Xp X86 version 5.1.2600 Service Pack 3
12:05:26 - CheckSystem - Begin to check system...
12:05:26 - OpenRootDrive - Opening system root volume and physical drive....
12:05:26 - C Root Drive: Disk number: 0 Start sector: 0x0000003F Partition Size: 0x098A40EC sectors.
12:05:27 - PrevX Main driver extracted in "C:\WINDOWS\system32\drivers\ZeroAccess.sys".
12:05:28 - InstallAndStartDriver - Main driver was installed and now is running.
12:05:28 - CheckSystem - Warning! Disk class driver is INFECTED.
12:05:29 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 5
12:05:29 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 5
12:05:29 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 5
12:05:29 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 5
12:05:29 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 5
12:05:29 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 5
12:05:32 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.
12:05:32 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!

Maintenant voici un autre virus: Trojan-Clicker.Win32.Agent.vdt

c:\Documents and Settings\Johanne loiselle\Local Settings\Application Data\c5c2101b\U\80000000.@

Je l'ai sur mon ordi mais kaspersky me demande a chaque fois l'autorisation mais ce n'est pas seulement rootkit qui le demande est-ce que je dit oui à tous

Ne serait-il pas mieux de tout formater et réinstaller win XP

Dis à Kaspersky d'accepter.

Le formatage est une solution, à toi de voir, si ça ira plus vite :)

Ok l'a j le refait mais il reste sur initializing depuis 3 minutes. Est-ce normal?

Ok toujours sur écran noir et ça dit:
Rootkit Remover vo.1
McAfee Labs
-=* FOR LIMITED DISTRIBUTION ONLY*=-
iNITIALIZING _ _ _

si ca ne marche pas, vais-je pouvoir revenir en mode normal

Il n veux même pas me donner le mode sans échec avec rise e charge du réseau. I y a un défilé de mon système et après reboot mon ordi

toujours là

Voici un autre test

Webroot ZeroAccess Remover
Copyright(c) 2011 Webroot
www.webroot.com
This program will scan and remove any form of ZeroAccess Rootkit.
Would you like to perform a System Scan? [Y/N] y
Check rootkit device: Found!
System Disk class driver state: Infected!!!
Current analysis path: C:\WINDOWS\system32\Drivers\
Check file "acpi.sys"... Clean!
Check file "acpiec.sys"... Clean!
Check file "aec.sys"... Clean!
Check file "afd.sys"... Clean!
Check file "alcxwdm.sys"... Clean!
Check file "amdk6.sys"... Clean!
Check file "amdk7.sys"... Clean!
Check file "arp1394.sys"... Clean!
Check file "asyncmac.sys"... Clean!
Check file "atapi.sys"... Clean!
Check file "atmarpc.sys"... Clean!
Check file "atmepvc.sys"... Clean!
Check file "atmlane.sys"... Clean!
Check file "atmuni.sys"... Clean!
Check file "audstub.sys"... Clean!
Check file "beep.sys"... Clean!
Check file "bridge.sys"... Clean!
Check file "bthport.sys"... Clean!
Check file "cbidf2k.sys"... Clean!
Check file "cdaudio.sys"... Clean!
Check file "cdfs.sys"... Clean!
Check file "cdr4_xp.sys"... Clean!
Check file "cdralw2k.sys"... Clean!
Check file "cdrom.sys"... Clean!
Check file "cinemst2.sys"... Clean!
Check file "classpnp.sys"... Clean!
Check file "cmuda.sys"... Clean!
Check file "cpqdap01.sys"... Clean!
Check file "crusoe.sys"... Clean!
Check file "CSCrySec.sys"... Clean!
Check file "CSVirtualDiskDrv.sys"... Clean!
Check file "disk.sys"... Clean!
Check file "diskdump.sys"... Clean!
Check file "dmboot.sys"... Clean!
Check file "dmio.sys"... Clean!
Check file "dmload.sys"... Clean!
Check file "DMusic.sys"... Clean!
Check file "drmk.sys"... Clean!
Check file "drmkaud.sys"... Clean!
Check file "dxapi.sys"... Clean!
Check file "dxg.sys"... Clean!
Check file "dxgthk.sys"... Clean!
Check file "fastfat.sys"... Clean!
Check file "fdc.sys"... Clean!
Check file "fetnd5bv.sys"... Clean!
Check file "fips.sys"... Clean!
Check file "flpydisk.sys"... Clean!
Check file "fltMgr.sys"... Clean!
Check file "fsvga.sys"... Clean!
Check file "fs_rec.sys"... Clean!
Check file "ftdisk.sys"... Clean!
Check file "GEARAspiWDM.sys"... Clean!
Check file "grmngen.sys"... Clean!
Check file "grmnusb.sys"... Clean!
Check file "hdaudbus.sys"... Clean!
Check file "hidclass.sys"... Clean!
Check file "hidparse.sys"... Clean!
Check file "hidusb.sys"... Clean!
Check file "http.sys"... Clean!
Check file "i8042prt.sys"... Clean!
Check file "imapi.sys"... Clean!
Check file "intelppm.sys"... Clean!
Check file "ip6fw.sys"... Clean!
Check file "ipfltdrv.sys"... Clean!
Check file "ipinip.sys"... Clean!
Check file "ipnat.sys"... Clean!
Check file "ipsec.sys"... Clean!
Check file "irenum.sys"... Clean!
Check file "isapnp.sys"... Clean!
Check file "kbdclass.sys"... Clean!
Check file "kbdhid.sys"... Error!
Check file "kl1.sys"... Error!
Check file "klbg.sys"... Error!
Check file "klif.sys"... Error!
Check file "klim5.sys"... Error!
Check file "klmouflt.sys"... Error!
Check file "kmixer.sys"... Clean!
Check file "ks.sys"... Clean!
Check file "ksecdd.sys"... Clean!
Check file "mcd.sys"... Clean!
Check file "mf.sys"... Clean!
Check file "mhndrv.sys"... Clean!
Check file "mnmdd.sys"... Clean!
Check file "modem.sys"... Clean!
Check file "mouclass.sys"... Clean!
Check file "mouhid.sys"... Clean!
Check file "mountmgr.sys"... Clean!
Check file "mqac.sys"... Clean!
Check file "mrxdav.sys"... Clean!
Check file "mrxsmb.sys"... Clean!
Check file "msfs.sys"... Clean!
Check file "msgpc.sys"... Clean!
Check file "MSKSSRV.sys"... Clean!
Check file "MSPCLOCK.sys"... Clean!
Check file "MSPQM.sys"... Clean!
Check file "mssmbios.sys"... Clean!
Check file "mup.sys"... Clean!
Check file "ndis.sys"... Clean!
Check file "ndistapi.sys"... Clean!
Check file "ndisuio.sys"... Clean!
Check file "ndiswan.sys"... Clean!
Check file "ndproxy.sys"... Clean!
Check file "netbios.sys"... Clean!
Check file "netbt.sys"... Clean!
Check file "nic1394.sys"... Clean!
Check file "nikedrv.sys"... Clean!
Check file "nmnt.sys"... Clean!
Check file "npfs.sys"... Clean!
Check file "ntfs.sys"... Clean!
Check file "nuidfltr.sys"... Clean!
Check file "null.sys"... Clean!
Check file "nwlnkflt.sys"... Clean!
Check file "nwlnkfwd.sys"... Clean!
Check file "nwlnkipx.sys"... Clean!
Check file "nwlnknb.sys"... Clean!
Check file "nwlnkspx.sys"... Clean!
Check file "nwrdr.sys"... Clean!
Check file "oprghdlr.sys"... Clean!
Check file "p3.sys"... Clean!
Check file "parport.sys"... Clean!
Check file "partmgr.sys"... Clean!
Check file "parvdm.sys"... Clean!
Check file "pci.sys"... Clean!
Check file "pciidex.sys"... Clean!
Check file "pcmcia.sys"... Clean!
Check file "point32.sys"... Clean!
Check file "portcls.sys"... Clean!
Check file "processr.sys"... Clean!
Check file "psched.sys"... Clean!
Check file "ptilink.sys"... Clean!
Check file "pxhelp20.sys"... Clean!
Check file "rasacd.sys"... Clean!
Check file "rasl2tp.sys"... Clean!
Check file "raspppoe.sys"... Clean!
Check file "raspptp.sys"... Clean!
Check file "raspti.sys"... Clean!
Check file "rawwan.sys"... Clean!
Check file "rdbss.sys"... Clean!
Check file "rdpcdd.sys"... Clean!
Check file "rdpdr.sys"... Clean!
Check file "rdpwd.sys"... Clean!
Check file "redbook.sys"... Clean!
Check file "RimSerial.sys"... Clean!
Check file "rio8drv.sys"... Clean!
Check file "riodrv.sys"... Clean!
Check file "RMCast.sys"... Clean!
Check file "rndismp.sys"... Clean!
Check file "rootmdm.sys"... Clean!
Check file "rspndr.sys"... Clean!
Check file "RTL8192u.sys"... Clean!
Check file "s3gnbm.sys"... Clean!
Check file "scsiport.sys"... Clean!
Check file "sdbus.sys"... Clean!
Check file "secdrv.sys"... Clean!
Check file "serenum.sys"... Clean!
Check file "serial.sys"... Clean!
Check file "sffdisk.sys"... Clean!
Check file "sffp_mmc.sys"... Clean!
Check file "sffp_sd.sys"... Clean!
Check file "sfloppy.sys"... Clean!
Check file "smclib.sys"... Clean!
Check file "sonydcam.sys"... Clean!
Check file "splitter.sys"... Clean!
Check file "sr.sys"... Clean!
Check file "srv.sys"... Clean!
Check file "stream.sys"... Clean!
Check file "swenum.sys"... Clean!
Check file "swmidi.sys"... Clean!
Check file "sysaudio.sys"... Clean!
Check file "tape.sys"... Clean!
Check file "tcpip.sys"... Clean!
Check file "tcpip6.sys"... Clean!
Check file "tdi.sys"... Clean!
Check file "tdpipe.sys"... Clean!
Check file "tdtcp.sys"... Clean!
Check file "termdd.sys"... Clean!
Check file "tosdvd.sys"... Clean!
Check file "tsbvcap.sys"... Clean!
Check file "tunmp.sys"... Clean!
Check file "udfs.sys"... Clean!
Check file "update.sys"... Clean!
Check file "usb8023.sys"... Clean!
Check file "usbaapl.sys"... Clean!
Check file "usbcamd.sys"... Clean!
Check file "usbcamd2.sys"... Clean!
Check file "usbccgp.sys"... Clean!
Check file "usbd.sys"... Clean!
Check file "usbehci.sys"... Clean!
Check file "usbhub.sys"... Clean!
Check file "usbintel.sys"... Clean!
Check file "usbport.sys"... Clean!
Check file "usbprint.sys"... Clean!
Check file "usbscan.sys"... Clean!
Check file "USBSTOR.SYS"... Clean!
Check file "usbuhci.sys"... Clean!
Check file "vdmindvd.sys"... Clean!
Check file "vga.sys"... Clean!
Check file "VIAAGP1.SYS"... Clean!
Check file "viaide.sys"... Clean!
Check file "videoprt.sys"... Clean!
Check file "videX32.sys"... Clean!
Check file "volsnap.sys"... Clean!
Check file "wanarp.sys"... Clean!
Check file "wdf01000.sys"... Clean!
Check file "wdfldr.sys"... Clean!
Check file "wdmaud.sys"... Clean!
Check file "wmilib.sys"... Clean!
Check file "wpdusb.sys"... Clean!
Check file "ws2ifsl.sys"... Clean!
Check file "wudfpf.sys"... Clean!
Check file "wudfrd.sys"... Clean!
Warning! One or more errors occurred!
Your system is not infected by ZeroAccess/Max++ Rootkit!
Execution ended.