Infection par Vista security 2012 Fermé

Question

Bonjour, 

Je vous demande votre aide car mon ordinateur de bureau s'est fait infesté aujourd'hui par Vista Security 2012... 
N'étant pas très douée dans le domaine des traitements de virus, pourriez-vous m'aider svp ? 

Merci d'avance à ceux qui prendront le temps de me répondre, et surtout de m'aider. :)


Configuration: Windows Vista / Internet Explorer 9.0

juju666 · Answer

bonjour

telecharge et enregistre ceci sur ton bureau :

Pre_Scan

Avertissement: tous les processus non-vitaux de windows seront coupés --> pas de panique. 

une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition du rapport sur le bureau.

si 'outil est bloqué par l'infection utilise cette version : Version .pif

ou encore cette version renommée : Winlogon.exe

si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"

 Il se peut qu'une multitude de fenêtres noires clignotent , laisse-le travailler 

Poste Pre_Scan_la_date_et_l'heure.txt qui apparaitra sur le bureau en fin de scan après redemarrage

&#9654&#9654&#9654 NE LE POSTE PAS SUR LE FORUM (il est trop long)

heberge le rapport sur http://pjjoint.malekal.com et donne le lien obtenu

mlle-no · Answer

Je ne peux pas le télécharger, il bloque les pages internet, et explorer bug, firefox ne s'ouvre plus...

juju666 · Answer

Démarre en mode sans échec avec réseau :)

Tapote F8 au démarrage ;)

mlle-no · Answer

Lorsque j'exécute Pre_Scan, l'écran est noir, avec seulement une petite fenetre de "Réparation". Normal ?

juju666 · Answer

yes laisse tourner :D

mlle-no · Answer

Okay :) Merci, je poste le lien du texte dès qu'il a fini :) 
Si jamais je ne peux finir ce soir, je le laisse tourner cette nuit, ou je peux qd mm l'éteindre ? :$ (Question débile, mais je préfère ne pas avoir à tout refaire... lol)

juju666 · Answer

bah on verra si dans 15 min il a pas fini c'pas normal du tout lol ça dure 3 min au max

mlle-no · Answer

Je n'arrive pas à déposer le document .txt sur le site d'hébergement que vous m'avez conseillé...

juju666 · Answer

clique sur parcourir, choisi le fichier 
puis clique sur envoyé
un lien te sera donné :)

mlle-no · Answer

J'ai répété l'opération 5 fois, mon navigateur me dit qu'il ne peut afficher la page web...

juju666 · Answer

envoie le sur https://www.cjoint.com/ alors :p

mlle-no · Answer

Je n'y parviens pas non plus... :/

juju666 · Answer

Ok compris :)

&#9654 Télécharge TDSSKiller

&#9654 Lance le ( Utilisateurs de vista/Seven -> Clic droit puis " Exécuter en tant que........... " )

Clique sur Start Scan 

Patiente pendant le scan. A la fin de l'analyse, laisse les choix par défaut et un rapport s'ouvrira

&#9654 Copie/Colle son contenu dans ta prochaine réponse.

Note : Le rapport se trouve également sous C:	dsskiller.txt.

mlle-no · Answer

Ca y est, je l'ai !
https://www.cjoint.com/?BAqwhFxQeDG

juju666 · Answer

poste aussi le rapport tdss killer stp :)

mlle-no · Answer

22:13:15.0826 3732	TDSS rootkit removing tool 2.7.2.0 Jan 14 2012 20:07:30
22:13:16.0044 3732	============================================================
22:13:16.0044 3732	Current date / time: 2012/01/16 22:13:16.0044
22:13:16.0044 3732	SystemInfo:
22:13:16.0044 3732	
22:13:16.0044 3732	OS Version: 6.0.6002 ServicePack: 2.0
22:13:16.0044 3732	Product type: Workstation
22:13:16.0044 3732	ComputerName: PC-10-04-2009
22:13:16.0044 3732	UserName: Admin
22:13:16.0044 3732	Windows directory: C:\Windows
22:13:16.0044 3732	System windows directory: C:\Windows
22:13:16.0044 3732	Processor architecture: Intel x86
22:13:16.0044 3732	Number of processors: 2
22:13:16.0044 3732	Page size: 0x1000
22:13:16.0044 3732	Boot type: Safe boot with network
22:13:16.0044 3732	============================================================
22:13:16.0871 3732	Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400, SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000050
22:13:16.0871 3732	Drive \Device\Harddisk1\DR1 - Size: 0x7AF00000, SectorSize: 0x200, Cylinders: 0xFA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:13:16.0949 3732	Initialize success
22:13:26.0949 3748	============================================================
22:13:26.0949 3748	Scan started
22:13:26.0949 3748	Mode: Manual; 
22:13:26.0949 3748	============================================================
22:13:27.0978 3748	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:13:27.0978 3748	ACPI - ok
22:13:28.0072 3748	adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:13:28.0072 3748	adp94xx - ok
22:13:28.0150 3748	adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:13:28.0150 3748	adpahci - ok
22:13:28.0243 3748	adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:13:28.0243 3748	adpu160m - ok
22:13:28.0275 3748	adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:13:28.0275 3748	adpu320 - ok
22:13:28.0353 3748	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:13:28.0368 3748	AFD - ok
22:13:28.0462 3748	agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:13:28.0462 3748	agp440 - ok
22:13:28.0524 3748	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:13:28.0524 3748	aic78xx - ok
22:13:28.0555 3748	aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:13:28.0555 3748	aliide - ok
22:13:28.0633 3748	amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:13:28.0649 3748	amdagp - ok
22:13:28.0665 3748	amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:13:28.0665 3748	amdide - ok
22:13:28.0743 3748	AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:13:28.0743 3748	AmdK7 - ok
22:13:28.0789 3748	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
22:13:28.0789 3748	AmdK8 - ok
22:13:28.0883 3748	arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:13:28.0883 3748	arc - ok
22:13:28.0961 3748	arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:13:28.0961 3748	arcsas - ok
22:13:29.0008 3748	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:13:29.0008 3748	AsyncMac - ok
22:13:29.0070 3748	atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:13:29.0070 3748	atapi - ok
22:13:29.0226 3748	atikmdag        (514771df4c8e653126c6dd7ee3661766) C:\Windows\system32\DRIVERS\atikmdag.sys
22:13:29.0273 3748	atikmdag - ok
22:13:29.0382 3748	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:13:29.0382 3748	Beep - ok
22:13:29.0429 3748	blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:13:29.0429 3748	blbdrive - ok
22:13:29.0523 3748	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:13:29.0523 3748	bowser - ok
22:13:29.0601 3748	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:13:29.0601 3748	BrFiltLo - ok
22:13:29.0632 3748	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:13:29.0632 3748	BrFiltUp - ok
22:13:29.0710 3748	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:13:29.0710 3748	Brserid - ok
22:13:29.0710 3748	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:13:29.0710 3748	BrSerWdm - ok
22:13:29.0803 3748	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:13:29.0803 3748	BrUsbMdm - ok
22:13:29.0835 3748	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:13:29.0835 3748	BrUsbSer - ok
22:13:29.0881 3748	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:13:29.0881 3748	BTHMODEM - ok
22:13:30.0006 3748	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:13:30.0022 3748	cdfs - ok
22:13:30.0069 3748	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:13:30.0069 3748	cdrom - ok
22:13:30.0100 3748	circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
22:13:30.0100 3748	circlass - ok
22:13:30.0147 3748	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:13:30.0193 3748	CLFS - ok
22:13:30.0303 3748	cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:13:30.0303 3748	cmdide - ok
22:13:30.0334 3748	Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
22:13:30.0334 3748	Compbatt - ok
22:13:30.0334 3748	crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:13:30.0334 3748	crcdisk - ok
22:13:30.0365 3748	Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:13:30.0365 3748	Crusoe - ok
22:13:30.0490 3748	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:13:30.0490 3748	DfsC - ok
22:13:30.0552 3748	dgderdrv        (6216fd7fd227de454238a702b218cec7) C:\Windows\system32\drivers\dgderdrv.sys
22:13:30.0552 3748	dgderdrv - ok
22:13:30.0677 3748	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:13:30.0677 3748	disk - ok
22:13:30.0739 3748	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:13:30.0739 3748	drmkaud - ok
22:13:30.0864 3748	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:13:30.0864 3748	DXGKrnl - ok
22:13:30.0942 3748	e1express       (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
22:13:30.0958 3748	e1express - ok
22:13:30.0973 3748	E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:13:30.0973 3748	E1G60 - ok
22:13:31.0051 3748	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:13:31.0051 3748	Ecache - ok
22:13:31.0145 3748	elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:13:31.0161 3748	elxstor - ok
22:13:31.0223 3748	ErrDev          (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:13:31.0223 3748	ErrDev - ok
22:13:31.0363 3748	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:13:31.0363 3748	exfat - ok
22:13:31.0395 3748	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:13:31.0410 3748	fastfat - ok
22:13:31.0426 3748	fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:13:31.0426 3748	fdc - ok
22:13:31.0504 3748	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:13:31.0504 3748	FileInfo - ok
22:13:31.0535 3748	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:13:31.0535 3748	Filetrace - ok
22:13:31.0551 3748	flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:13:31.0551 3748	flpydisk - ok
22:13:31.0629 3748	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:13:31.0629 3748	FltMgr - ok
22:13:31.0722 3748	fssfltr         (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
22:13:31.0722 3748	fssfltr - ok
22:13:31.0816 3748	FsUsbExDisk     (b07663a810e861eebfd0eac7e82ca62d) C:\Windows\system32\FsUsbExDisk.SYS
22:13:31.0894 3748	FsUsbExDisk - ok
22:13:31.0987 3748	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
22:13:31.0987 3748	Fs_Rec - ok
22:13:32.0019 3748	gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:13:32.0019 3748	gagp30kx - ok
22:13:32.0143 3748	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:13:32.0143 3748	GEARAspiWDM - ok
22:13:32.0206 3748	HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
22:13:32.0206 3748	HdAudAddService - ok
22:13:32.0299 3748	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:13:32.0299 3748	HDAudBus - ok
22:13:32.0393 3748	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:13:32.0393 3748	HidBth - ok
22:13:32.0487 3748	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:13:32.0487 3748	HidIr - ok
22:13:32.0533 3748	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:13:32.0533 3748	HidUsb - ok
22:13:32.0580 3748	HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:13:32.0580 3748	HpCISSs - ok
22:13:32.0674 3748	HTTP            (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
22:13:32.0689 3748	HTTP - ok
22:13:32.0736 3748	i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:13:32.0736 3748	i2omp - ok
22:13:32.0830 3748	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:13:32.0830 3748	i8042prt - ok
22:13:32.0892 3748	iaStor          (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
22:13:32.0892 3748	iaStor - ok
22:13:32.0986 3748	iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:13:32.0986 3748	iaStorV - ok
22:13:33.0017 3748	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:13:33.0017 3748	iirsp - ok
22:13:33.0157 3748	IntcAzAudAddService (4eae74c8bcbca309a5d7cbad7e231427) C:\Windows\system32\drivers\RTKVHDA.sys
22:13:33.0173 3748	IntcAzAudAddService - ok
22:13:33.0267 3748	intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
22:13:33.0267 3748	intelide - ok
22:13:33.0282 3748	intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:13:33.0282 3748	intelppm - ok
22:13:33.0313 3748	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:13:33.0313 3748	IpFilterDriver - ok
22:13:33.0391 3748	IpInIp - ok
22:13:33.0423 3748	IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:13:33.0423 3748	IPMIDRV - ok
22:13:33.0438 3748	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:13:33.0438 3748	IPNAT - ok
22:13:33.0469 3748	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:13:33.0469 3748	IRENUM - ok
22:13:33.0563 3748	isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:13:33.0579 3748	isapnp - ok
22:13:33.0610 3748	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:13:33.0610 3748	iScsiPrt - ok
22:13:33.0641 3748	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:13:33.0641 3748	iteatapi - ok
22:13:33.0735 3748	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:13:33.0735 3748	iteraid - ok
22:13:33.0766 3748	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:13:33.0766 3748	kbdclass - ok
22:13:33.0813 3748	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
22:13:33.0813 3748	kbdhid - ok
22:13:33.0906 3748	KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
22:13:33.0922 3748	KSecDD - ok
22:13:33.0969 3748	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:13:33.0969 3748	lltdio - ok
22:13:34.0015 3748	LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:13:34.0031 3748	LSI_FC - ok
22:13:34.0125 3748	LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:13:34.0125 3748	LSI_SAS - ok
22:13:34.0156 3748	LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:13:34.0156 3748	LSI_SCSI - ok
22:13:34.0187 3748	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:13:34.0187 3748	luafv - ok
22:13:34.0296 3748	LVPr2Mon        (f96cfb47903854f228baaf3e2d41a0a3) C:\Windows\system32\Drivers\LVPr2Mon.sys
22:13:34.0296 3748	LVPr2Mon - ok
22:13:34.0405 3748	LVRS            (e22fd7852e74f04cceb6b8a684a51f3e) C:\Windows\system32\DRIVERS\lvrs.sys
22:13:34.0405 3748	LVRS - ok
22:13:34.0515 3748	LVUSBSta        (5f987fc1aad215ec2c60cf07719b1cce) C:\Windows\system32\drivers\LVUSBSta.sys
22:13:34.0515 3748	LVUSBSta - ok
22:13:34.0686 3748	LVUVC           (e89df2b88ee659954de79827ddf46dc9) C:\Windows\system32\DRIVERS\lvuvc.sys
22:13:34.0795 3748	LVUVC - ok
22:13:34.0889 3748	megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:13:34.0905 3748	megasas - ok
22:13:34.0920 3748	MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:13:34.0936 3748	MegaSR - ok
22:13:34.0951 3748	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:13:34.0951 3748	Modem - ok
22:13:34.0967 3748	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:13:34.0967 3748	monitor - ok
22:13:35.0014 3748	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:13:35.0029 3748	mouclass - ok
22:13:35.0092 3748	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:13:35.0092 3748	mouhid - ok
22:13:35.0139 3748	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:13:35.0139 3748	MountMgr - ok
22:13:35.0263 3748	MpFilter        (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
22:13:35.0263 3748	MpFilter - ok
22:13:35.0357 3748	mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:13:35.0357 3748	mpio - ok
22:13:35.0404 3748	MpNWMon         (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
22:13:35.0404 3748	MpNWMon - ok
22:13:35.0482 3748	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:13:35.0482 3748	mpsdrv - ok
22:13:35.0513 3748	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:13:35.0513 3748	Mraid35x - ok
22:13:35.0560 3748	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:13:35.0560 3748	MRxDAV - ok
22:13:35.0607 3748	mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:13:35.0607 3748	mrxsmb - ok
22:13:35.0716 3748	mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:13:35.0716 3748	mrxsmb10 - ok
22:13:35.0747 3748	mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:13:35.0747 3748	mrxsmb20 - ok
22:13:35.0794 3748	msahci          (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
22:13:35.0794 3748	msahci - ok
22:13:35.0887 3748	msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:13:35.0887 3748	msdsm - ok
22:13:35.0903 3748	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:13:35.0903 3748	Msfs - ok
22:13:35.0934 3748	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:13:35.0934 3748	msisadrv - ok
22:13:36.0028 3748	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:13:36.0028 3748	MSKSSRV - ok
22:13:36.0106 3748	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:13:36.0106 3748	MSPCLOCK - ok
22:13:36.0199 3748	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:13:36.0199 3748	MSPQM - ok
22:13:36.0262 3748	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:13:36.0277 3748	MsRPC - ok
22:13:36.0277 3748	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:13:36.0277 3748	mssmbios - ok
22:13:36.0309 3748	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:13:36.0309 3748	MSTEE - ok
22:13:36.0355 3748	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:13:36.0355 3748	Mup - ok
22:13:36.0480 3748	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS
wifi.sys
22:13:36.0480 3748	NativeWifiP - ok
22:13:36.0574 3748	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers
dis.sys
22:13:36.0589 3748	NDIS - ok
22:13:36.0652 3748	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS
distapi.sys
22:13:36.0652 3748	NdisTapi - ok
22:13:36.0683 3748	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS
disuio.sys
22:13:36.0683 3748	Ndisuio - ok
22:13:36.0745 3748	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS
diswan.sys
22:13:36.0745 3748	NdisWan - ok
22:13:36.0823 3748	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:13:36.0823 3748	NDProxy - ok
22:13:36.0855 3748	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS
etbios.sys
22:13:36.0855 3748	NetBIOS - ok
22:13:36.0917 3748	netbt           (b9e384eb33667521b8ec6e32d4330b89) C:\Windows\system32\DRIVERS
etbt.sys
22:13:36.0917 3748	Suspicious file (Forged): C:\Windows\system32\DRIVERS
etbt.sys. Real md5: b9e384eb33667521b8ec6e32d4330b89, Fake md5: ecd64230a59cbd93c85f1cd1cab9f3f6
22:13:36.0917 3748	netbt ( Rootkit.Win32.ZAccess.aml ) - infected
22:13:36.0917 3748	netbt - detected Rootkit.Win32.ZAccess.aml (0)
22:13:37.0026 3748	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers
frd960.sys
22:13:37.0026 3748	nfrd960 - ok
22:13:37.0073 3748	NisDrv          (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:13:37.0073 3748	NisDrv - ok
22:13:37.0135 3748	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:13:37.0151 3748	Npfs - ok
22:13:37.0213 3748	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers
siproxy.sys
22:13:37.0213 3748	nsiproxy - ok
22:13:37.0338 3748	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:13:37.0354 3748	Ntfs - ok
22:13:37.0432 3748	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers
trigdigi.sys
22:13:37.0432 3748	ntrigdigi - ok
22:13:37.0463 3748	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:13:37.0463 3748	Null - ok
22:13:37.0494 3748	nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers
vraid.sys
22:13:37.0494 3748	nvraid - ok
22:13:37.0525 3748	nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers
vstor.sys
22:13:37.0525 3748	nvstor - ok
22:13:37.0619 3748	nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers
v_agp.sys
22:13:37.0619 3748	nv_agp - ok
22:13:37.0650 3748	NwlnkFlt - ok
22:13:37.0650 3748	NwlnkFwd - ok
22:13:37.0713 3748	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
22:13:37.0713 3748	ohci1394 - ok
22:13:37.0822 3748	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:13:37.0822 3748	Parport - ok
22:13:37.0900 3748	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:13:37.0900 3748	partmgr - ok
22:13:37.0915 3748	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:13:37.0931 3748	Parvdm - ok
22:13:38.0025 3748	pccsmcfd        (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
22:13:38.0025 3748	pccsmcfd - ok
22:13:38.0056 3748	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:13:38.0056 3748	pci - ok
22:13:38.0118 3748	pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
22:13:38.0118 3748	pciide - ok
22:13:38.0212 3748	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:13:38.0212 3748	pcmcia - ok
22:13:38.0290 3748	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:13:38.0305 3748	PEAUTH - ok
22:13:38.0399 3748	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERSaspptp.sys
22:13:38.0399 3748	PptpMiniport - ok
22:13:38.0430 3748	Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:13:38.0430 3748	Processor - ok
22:13:38.0508 3748	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:13:38.0508 3748	PSched - ok
22:13:38.0586 3748	PxHelp20        (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
22:13:38.0586 3748	PxHelp20 - ok
22:13:38.0664 3748	ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:13:38.0680 3748	ql2300 - ok
22:13:38.0742 3748	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:13:38.0742 3748	ql40xx - ok
22:13:38.0789 3748	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:13:38.0789 3748	QWAVEdrv - ok
22:13:38.0883 3748	R300            (514771df4c8e653126c6dd7ee3661766) C:\Windows\system32\DRIVERS\atikmdag.sys
22:13:38.0898 3748	R300 - ok
22:13:38.0976 3748	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERSasacd.sys
22:13:38.0976 3748	RasAcd - ok
22:13:38.0992 3748	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERSasl2tp.sys
22:13:38.0992 3748	Rasl2tp - ok
22:13:39.0054 3748	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERSaspppoe.sys
22:13:39.0054 3748	RasPppoe - ok
22:13:39.0163 3748	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERSassstp.sys
22:13:39.0163 3748	RasSstp - ok
22:13:39.0226 3748	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERSdbss.sys
22:13:39.0226 3748	rdbss - ok
22:13:39.0304 3748	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:13:39.0304 3748	RDPCDD - ok
22:13:39.0382 3748	rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\driversdpdr.sys
22:13:39.0382 3748	rdpdr - ok
22:13:39.0382 3748	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\driversdpencdd.sys
22:13:39.0397 3748	RDPENCDD - ok
22:13:39.0444 3748	RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
22:13:39.0444 3748	RDPWD - ok
22:13:39.0491 3748	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERSspndr.sys
22:13:39.0491 3748	rspndr - ok
22:13:39.0569 3748	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:13:39.0569 3748	sbp2port - ok
22:13:39.0631 3748	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:13:39.0631 3748	secdrv - ok
22:13:39.0678 3748	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:13:39.0678 3748	Serenum - ok
22:13:39.0741 3748	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:13:39.0741 3748	Serial - ok
22:13:39.0772 3748	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:13:39.0772 3748	sermouse - ok
22:13:39.0865 3748	sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
22:13:39.0865 3748	sffdisk - ok
22:13:39.0959 3748	sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:13:39.0959 3748	sffp_mmc - ok
22:13:39.0975 3748	sffp_sd         (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
22:13:39.0975 3748	sffp_sd - ok
22:13:40.0006 3748	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:13:40.0006 3748	sfloppy - ok
22:13:40.0053 3748	sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:13:40.0053 3748	sisagp - ok
22:13:40.0146 3748	SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:13:40.0146 3748	SiSRaid2 - ok
22:13:40.0162 3748	SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:13:40.0162 3748	SiSRaid4 - ok
22:13:40.0209 3748	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:13:40.0209 3748	Smb - ok
22:13:40.0365 3748	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:13:40.0365 3748	spldr - ok
22:13:40.0489 3748	sptd            (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
22:13:40.0505 3748	sptd - ok
22:13:40.0552 3748	srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:13:40.0552 3748	srv - ok
22:13:40.0661 3748	srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:13:40.0661 3748	srv2 - ok
22:13:40.0692 3748	srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:13:40.0692 3748	srvnet - ok
22:13:40.0739 3748	ss_bbus         (3f0164fbc0bd1adbd02df9759181451a) C:\Windows\system32\DRIVERS\ss_bbus.sys
22:13:40.0755 3748	ss_bbus - ok
22:13:40.0848 3748	ss_bmdfl        (b89d62206034e5fe573c80a24dd55675) C:\Windows\system32\DRIVERS\ss_bmdfl.sys
22:13:40.0848 3748	ss_bmdfl - ok
22:13:40.0895 3748	ss_bmdm         (1ed0fcea586fe2a416ee15196e5631dd) C:\Windows\system32\DRIVERS\ss_bmdm.sys
22:13:40.0895 3748	ss_bmdm - ok
22:13:40.0926 3748	ss_bserd        (994d2e5378cc337ec7dd73c1e04fcaa4) C:\Windows\system32\DRIVERS\ss_bserd.sys
22:13:40.0926 3748	ss_bserd - ok
22:13:41.0020 3748	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:13:41.0020 3748	swenum - ok
22:13:41.0067 3748	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:13:41.0067 3748	Symc8xx - ok
22:13:41.0082 3748	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:13:41.0082 3748	Sym_hi - ok
22:13:41.0160 3748	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:13:41.0176 3748	Sym_u3 - ok
22:13:41.0269 3748	Tcpip           (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers	cpip.sys
22:13:41.0285 3748	Tcpip - ok
22:13:41.0301 3748	Tcpip6          (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS	cpip.sys
22:13:41.0301 3748	Tcpip6 - ok
22:13:41.0332 3748	tcpipreg        (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers	cpipreg.sys
22:13:41.0332 3748	tcpipreg - ok
22:13:41.0457 3748	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers	dpipe.sys
22:13:41.0457 3748	TDPIPE - ok
22:13:41.0519 3748	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers	dtcp.sys
22:13:41.0519 3748	TDTCP - ok
22:13:41.0581 3748	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS	dx.sys
22:13:41.0581 3748	tdx - ok
22:13:41.0659 3748	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS	ermdd.sys
22:13:41.0659 3748	TermDD - ok
22:13:41.0722 3748	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS	ssecsrv.sys
22:13:41.0722 3748	tssecsrv - ok
22:13:41.0784 3748	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS	unmp.sys
22:13:41.0784 3748	tunmp - ok
22:13:41.0862 3748	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS	unnel.sys
22:13:41.0862 3748	tunnel - ok
22:13:41.0909 3748	uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:13:41.0909 3748	uagp35 - ok
22:13:41.0956 3748	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:13:41.0956 3748	udfs - ok
22:13:42.0049 3748	uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:13:42.0049 3748	uliagpkx - ok
22:13:42.0159 3748	uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:13:42.0174 3748	uliahci - ok
22:13:42.0268 3748	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:13:42.0268 3748	UlSata - ok
22:13:42.0330 3748	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:13:42.0330 3748	ulsata2 - ok
22:13:42.0361 3748	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:13:42.0361 3748	umbus - ok
22:13:42.0471 3748	USBAAPL         (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
22:13:42.0471 3748	USBAAPL - ok
22:13:42.0517 3748	usbaudio        (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
22:13:42.0517 3748	usbaudio - ok
22:13:42.0580 3748	usbccgp         (79a58d49e042e80f1909d8ed0a3c47a8) C:\Windows\system32\DRIVERS\usbccgp.sys
22:13:42.0580 3748	usbccgp - ok
22:13:42.0673 3748	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:13:42.0673 3748	usbcir - ok
22:13:42.0736 3748	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:13:42.0736 3748	usbehci - ok
22:13:42.0861 3748	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:13:42.0861 3748	usbhub - ok
22:13:43.0017 3748	usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
22:13:43.0017 3748	usbohci - ok
22:13:43.0095 3748	usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
22:13:43.0095 3748	usbprint - ok
22:13:43.0126 3748	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:13:43.0126 3748	USBSTOR - ok
22:13:43.0204 3748	usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:13:43.0204 3748	usbuhci - ok
22:13:43.0235 3748	usbvideo        (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
22:13:43.0235 3748	usbvideo - ok
22:13:43.0344 3748	vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:13:43.0344 3748	vga - ok
22:13:43.0375 3748	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:13:43.0375 3748	VgaSave - ok
22:13:43.0407 3748	viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:13:43.0407 3748	viaagp - ok
22:13:43.0438 3748	ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:13:43.0438 3748	ViaC7 - ok
22:13:43.0625 3748	viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:13:43.0625 3748	viaide - ok
22:13:43.0687 3748	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:13:43.0687 3748	volmgr - ok
22:13:43.0812 3748	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:13:43.0812 3748	volmgrx - ok
22:13:43.0937 3748	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:13:43.0953 3748	volsnap - ok
22:13:44.0031 3748	vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:13:44.0046 3748	vsmraid - ok
22:13:44.0140 3748	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:13:44.0140 3748	WacomPen - ok
22:13:44.0218 3748	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:13:44.0218 3748	Wanarp - ok
22:13:44.0218 3748	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:13:44.0218 3748	Wanarpv6 - ok
22:13:44.0327 3748	Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:13:44.0327 3748	Wd - ok
22:13:44.0421 3748	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
22:13:44.0421 3748	Wdf01000 - ok
22:13:44.0530 3748	WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
22:13:44.0530 3748	WmiAcpi - ok
22:13:44.0623 3748	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
22:13:44.0623 3748	WpdUsb - ok
22:13:44.0701 3748	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:13:44.0701 3748	ws2ifsl - ok
22:13:44.0764 3748	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
22:13:44.0826 3748	\Device\Harddisk0\DR0 - ok
22:13:44.0826 3748	MBR (0x1B8)     (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR1
22:13:59.0709 3748	\Device\Harddisk1\DR1 - ok
22:13:59.0729 3748	Boot (0x1200)   (bcb8cb6f315a0a06f028498392169a9b) \Device\Harddisk0\DR0\Partition0
22:13:59.0729 3748	\Device\Harddisk0\DR0\Partition0 - ok
22:13:59.0749 3748	Boot (0x1200)   (e61157f7f664f972e5e7ab06cf62820b) \Device\Harddisk0\DR0\Partition1
22:13:59.0749 3748	\Device\Harddisk0\DR0\Partition1 - ok
22:13:59.0749 3748	Boot (0x1200)   (93e5cae1eccb3c996713d14c0b5af1dc) \Device\Harddisk1\DR1\Partition0
22:13:59.0749 3748	\Device\Harddisk1\DR1\Partition0 - ok
22:13:59.0749 3748	============================================================
22:13:59.0749 3748	Scan finished
22:13:59.0749 3748	============================================================
22:13:59.0769 3860	Detected object count: 1
22:13:59.0769 3860	Actual detected object count: 1
22:18:23.0551 3860	Backup copy found, using it..
22:18:23.0601 3860	C:\Windows\system32\DRIVERS
etbt.sys - will be cured on reboot
22:18:29.0981 3860	netbt ( Rootkit.Win32.ZAccess.aml ) - User select action: Cure

mlle-no · Answer

Désormais, au démarrage normal de mon pc, une fenêtre du centre de sécurité windows s'affiche, est-ce normal ?
https://www.cjoint.com/?BAgwHsCQffV
De plus, mon pc ne rame absolument pas, mais internet explorer ne va plus sur internet...

mlle-no · Answer

Moi qui pourtant était soulagée... lol

juju666 · Answer

Fun un zeroaccess pour le prix d'un rogue ^^ poubelle => Softomate Toolbar poubelle => Toolbar.DAEMON Tools (tu désinstalles via le panneau de configuration) ~~ une fois fait tu passe à ça : fais glisser une icone n'importe quel fichier sur Pre_scan , pre_script va apparaitre Lance Pre_script , une page vierge va s'ouvrir. selectionne tout le texte en gras ci-dessous, puis (clic droit/copier ou ctrl+c) : ___________________________________________________ Kill:: Registry:: [-HKEY_CLASSES_ROOT\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{1BB22D38-A411-4B13-A746-C2A4F4EC7344}"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks] "{1BB22D38-A411-4B13-A746-C2A4F4EC7344}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{1BB22D38-A411-4B13-A746-C2A4F4EC7344}"=- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{1BB22D38-A411-4B13-A746-C2A4F4EC7344}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{1BB22D38-A411-4B13-A746-C2A4F4EC7344}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{1BB22D38-A411-4B13-A746-C2A4F4EC7344}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{1BB22D38-A411-4B13-A746-C2A4F4EC7344}"=- [-HKEY_CLASSES_ROOT\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32099AAC-C132-4136-9E9A-4E364A424E17}] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\settings\{32099AAC-C132-4136-9E9A-4E364A424E17}] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\stats\{32099AAC-C132-4136-9E9A-4E364A424E17}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks] "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- [-HKEY_CLASSES_ROOT\CLSID\{F0626A63-410B-45E2-99A1-3F2475B2D695}]] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\settings\{F0626A63-410B-45E2-99A1-3F2475B2D695}]] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\stats\{F0626A63-410B-45E2-99A1-3F2475B2D695}]] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{F0626A63-410B-45E2-99A1-3F2475B2D695}]"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks] "{F0626A63-410B-45E2-99A1-3F2475B2D695}]"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{F0626A63-410B-45E2-99A1-3F2475B2D695}]"=- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{F0626A63-410B-45E2-99A1-3F2475B2D695}]"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{F0626A63-410B-45E2-99A1-3F2475B2D695}]"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{F0626A63-410B-45E2-99A1-3F2475B2D695}]"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{F0626A63-410B-45E2-99A1-3F2475B2D695}]"=- [-HKEY_CLASSES_ROOT\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ext\stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\URLSearchHooks] "{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]"=- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]"=- [-HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}] [-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AskSearchAsst.exe] [-HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}] [-HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}] [-HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6DBB5BA3-80FB-46CB-810A-34B817563763}] [-HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] [-HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B61A2A4E-559E-FEA4-259F-6EBD3BC10172}] [-HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}] [-HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] [-HKCU\Software\AskSearchAsst] [-HKCU\Software\Grand Virtual] [-HKCU\Software\Official-eMule] [-HKCU\Software\PopCap] [-HKCU\Software\ShopperReports3] [-HKCU\Software\Totem] [-HKLM\Software\BrowserChoice] [-HKLM\Software\GamesBarSetup] [-HKLM\Software\Official-eMule] [-HKLM\Software\OpenCandy NSIS SDK] [-HKLM\Software\QuestBrowse] [-HKLM\Software\ShopperReports3] folder:: C:\Program Files\SGPSA C:\Program Files\Fast Browser Search C:\Users\Admin\AppData\Roaming\Microsoft\36BB C:\39d56d3d2723452cdc91 C:\4444098d195ebfd49bbe98a9d6 C:\6d9cfde532710011fdccaf0a3796 C:\8f455478ddb2c44317216e502e5ec290 C:\Windows\$NtUninstallKB23265$ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports C:\Users\Admin\AppData\Roaming\337e9d71 C:\Users\Admin\AppData\Roaming\B4FF1 C:\Users\Admin\AppData\Roaming\F160E C:\Users\Admin\AppData\Roaming\iWin C:\Users\Admin\AppData\Roaming\iWin_generic C:\Users\Admin\AppData\Roaming\ShopperReports3 C:\ProgramData\7a8ac718 C:\ProgramData\Babylon C:\ProgramData\iWin_generic C:\ProgramData\Fitn17 C:\ProgramData\PopCap Games C:\ProgramData\QuestBrwSearch C:\Users\Admin\AppData\Local\12b5a85c C:\Program Files\Ask Search Assistant C:\Program Files\DAEMON Tools Toolbar C:\Program Files\Fast Browser Search C:\Program Files\GamesBar C:\Program Files\QuestBrwSearch C:\Program Files\ShopperReports3 clean:: Reboot:: ___________________________________________________ colle-le ensuite (clic droit/coller ou ctrl+V) dans la page vierge. puis onglet fichier => enregistrer (pas enregistrer sous...) , puis ferme le texte des fenetres noires risquent de clignoter , c'est normal , c'est le programme qui travaille poste Pre_Script.txt qui apparaitra sur le bureau en fin de travail si ton bureau ne reapparait pas => ctrl+alt+supp , gestionnaire des taches => onglet fichier => nouvelle tache puis tape explorer ~~ une fois fait : /!\ ATTENTION SUIVRE A LA LETTRE CES INDICATIONS/!\ __________________________________________________________ >Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.< >>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<< ===================================================== ▶ Surtout , pense à l'enregistrement à renommer Combofix en "ton prenom.exe" avant qu'il soit enregistré sur ton disque dur Telecharge ici : Combofix Avant d'utiliser ComboFix : Si tu utilises AVG, IL FAUT IMPERATIVEMENT LE DESINSTALLER avant d'utiliser Combofix car il peut causer des dégâts en interaction avec l'outil pouvant mener à la réinstallation totale du système. La simple désactivation du résident n'est pas suffisante. Télécharge le désinstalleur d'AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover Choisis la version adéquate (32 ou 64 bits)/!\ Les logiciels d'émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement : ▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau ▶ Lance le Une fenêtre apparait : clique sur "Disable" ▶ Fais redémarrer l'ordinateur si l'outil te le demande Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable" _________________________________________________________ >> referme les fenêtres de tous les programmes en cours. >> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, >>la protection en temps réel de ton Antivirus et de tes Antispywares, >>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil. °°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°° si tu as XP => double clique si tu as Vista ou windows 7 => clic droit "executer en tant que...." sur combofix renommé ¤¤¤¤¤¤¤¤¤¤ LAISSE-LE INSTALLER LA CONSOLE DE RECUPERATION S'IL TE LE DEMANDE ¤¤¤¤¤¤¤¤¤¤ ▶ !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!! ▶ n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet. ▶▶ Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message. ~~ et pour finir : Télécharge DDS de sUBs sur le bureau: https://download.bleepingcomputer.com/sUBs/dds.scr (!) L'outil ne nécessite pas d'installation. Lances-le en cliquant sur l'icône ( selon celui des 3 que tu as téléchargé ). Cette fenêtre DOS va apparaitre : https://i75.servimg.com/u/f75/11/05/93/83/ddsdos10.jpg Le scan ne doit pas dépasser trois minutes. Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le bureau. Il te sera demandé si tu veux faire le scan optionnel. Accepte par Oui Un nouveau rapport s'ouvre que tu enregistres sous Attach.txt sur le bureau. poste moi les 2 rapports dans des liens cjoint

mlle-no · Answer

Pour Pre_script, je peux meme utilier une image, ou il faut un .doc ou un document texte ?

mlle-no · Answer

Et Softomate Toolbar n'existe pas dans mes programmes...

mlle-no · Answer

juju666 · Answer

bah ouais t'as rien mis dans le bloc note ^^

g3n-h@ckm@n · Answer

salut pour avancer : passe à Combofix

g3n-h@ckm@n · Answer

ca serait bien de le refaire je me dis.....ca ne pourrait que faciliter le travail de combofix ensuite

g3n-h@ckm@n · Answer

tant pis fais peter combofix

mlle-no · Answer

J'utilise Microsoft security essentials comme antivirus et antispyware, mais je n'arrive pas à le désactiver completement pour permettre ) combofix de faire son analyse. 
Sauriez-vous comment je peux faire ? Est-ce que le désinstaller suffirait à régler mon problème ?

g3n-h@ckm@n · Answer

1.      Ouvrez Microsoft Security Essentials

2.      Selectionnez l'onglet Paramètres

3.      A droite cliquez sur Protection en temps réel

4.      Décochez la boite Activer la protection en temps réel et cliquez sur le bouton Enregistrer les modifications

g3n-h@ckm@n · Answer

lance-le en mode sans echec

g3n-h@ckm@n · Answer

passe outre l'avertissement

g3n-h@ckm@n · Answer

ok fais comme tu veux

mlle-no · Answer

Ca m'énerve, psk je comprends rien, et je ne veux pas perdre déjà tout ce que j'ai...

g3n-h@ckm@n · Answer

ben mets-toi en mode sans echec et ouvre le gestionnaire des taches tu verras bien que les processus de l'antivirus n'y sont pas

g3n-h@ckm@n · Answer

bah t'es pas en mode sans echec alors

g3n-h@ckm@n · Answer

bah desinstalle-le tu le remettras apres alors

Infection par Vista security 2012

35 réponses

Discussions similaires