Probleme rootkit Fermé

Question

Bonjour, depuis aujourd'hui , avast me trouve un rootkit, je le supprime, et il revient à chaque fois.
J'ai passé un coup de malwarebyte, j'ai enlevé un autre virus, qui correspond a un crack de seven.

Mais le rootkit revient toujours ! Comment le suppr ?

kalimusic · Answer

Bonsoir,

Avast! localise le rootkit à quel endroit ?

Ton système d'exploitation est légitime ?

A +

doudou · Answer

Je ne sais plus dans quel endroit, mais ya marqué "démarrage".

Sinon, oui j'ai le cd win 7.

kalimusic · Answer

re,

Ouvre l'interface de Avast! et recherche les informations sur l'alerte, cela permettra de mieux cibler les actions futures.

A +

doudou · Answer

Nom du fichier

MBR:\.\PSHYSICALDRIVE0\partition3

Nom du rootkit
Rootkit secteur de démarrage

kalimusic · Answer

Bonjour,

1. Télécharge l'utilitaire TDSSKiller (de Kaspersky) sur ton Bureau.

&#x25CF; Lance TDSSKiller.exe 
- Sous XP double-clic sur l'icône pour lancer l'outil. 
- Sous Vista/Seven  clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel. 
&#x25CF; Clique sur Start scan.
&#x25CF; Laisse l'outil balayer ton système sans l'interrompre et sans utiliser le PC.
&#x25CF; Conserve l'action proposée par défaut par l'outil
&#9656; Pour TDSS.tdl2 : l'option Delete sera cochée.
&#9656; Pour TDSS.tdl3 ou TDSS.tdl4 : assure toi que Cure est bien cochée.
&#9656; Pour "Suspicious object" laisse sur "Skip"
&#9656; Pour Rootkit.Win32.ZAccess : Choisir Cure pour les fichiers .sys et Delete pour le fichier .exe
&#x25CF; Clique sur Continue puis sur Reboot now si le redémarrage est proposé.
&#x25CF; Le rapport se trouve à la racine du disque principal : C:\TDSSKiller.n° de version_date_heure_log.txt 

2. Télécharge MBRScan (de Eric_71) sur ton Bureau.

&#x25CF;  Lance MbrScan.exe  
- Sous XP double-clic sur l'icône pour lancer l'outil. 
- Sous Vista/Seven  clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel. 
&#x25CF; Clique sur le bouton "Report" 

Note : cet outil est détecté à tord comme une menace par certains antivirus, désactive temporairement celui-ci si nécéssaire.

3. Héberge les 2 rapports sur un des sites suivants :
https://www.cjoint.com/
http://pjjoint.malekal.com/
http://threat-rc.com/ 
https://textup.fr/ 
&#x25CF;  Tu obtiendras 2 liens que tu me donneras dans ton prochain message afin que je puisse les consulter.

A +

doudou · Answer

14:58:34.0371 3872	TDSS rootkit removing tool 2.7.11.0 Feb  9 2012 10:12:57
14:58:34.0522 3872	============================================================
14:58:34.0522 3872	Current date / time: 2012/02/11 14:58:34.0522
14:58:34.0522 3872	SystemInfo:
14:58:34.0522 3872	
14:58:34.0522 3872	OS Version: 6.1.7600 ServicePack: 0.0
14:58:34.0522 3872	Product type: Workstation
14:58:34.0522 3872	ComputerName: HUGO-PC
14:58:34.0522 3872	UserName: Hugo
14:58:34.0522 3872	Windows directory: C:\Windows
14:58:34.0522 3872	System windows directory: C:\Windows
14:58:34.0522 3872	Running under WOW64
14:58:34.0522 3872	Processor architecture: Intel x64
14:58:34.0522 3872	Number of processors: 4
14:58:34.0522 3872	Page size: 0x1000
14:58:34.0522 3872	Boot type: Normal boot
14:58:34.0522 3872	============================================================
14:58:36.0895 3872	Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:58:37.0086 3872	\Device\Harddisk0\DR0:
14:58:37.0086 3872	MBR used
14:58:37.0086 3872	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3C9B0000
14:58:37.0086 3872	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3C9B0800, BlocksNum 0xDEA7000
14:58:37.0359 3872	Initialize success
14:58:37.0359 3872	============================================================
14:58:38.0835 3780	============================================================
14:58:38.0835 3780	Scan started
14:58:38.0835 3780	Mode: Manual; 
14:58:38.0835 3780	============================================================
14:58:42.0112 3780	1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
14:58:42.0116 3780	1394ohci - ok
14:58:42.0144 3780	ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
14:58:42.0148 3780	ACPI - ok
14:58:42.0158 3780	AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
14:58:42.0160 3780	AcpiPmi - ok
14:58:42.0232 3780	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:58:42.0239 3780	adp94xx - ok
14:58:42.0266 3780	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:58:42.0270 3780	adpahci - ok
14:58:42.0293 3780	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:58:42.0296 3780	adpu320 - ok
14:58:42.0355 3780	AFD             (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
14:58:42.0363 3780	AFD - ok
14:58:42.0426 3780	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
14:58:42.0428 3780	agp440 - ok
14:58:42.0453 3780	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
14:58:42.0454 3780	aliide - ok
14:58:42.0464 3780	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
14:58:42.0466 3780	amdide - ok
14:58:42.0477 3780	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:58:42.0479 3780	AmdK8 - ok
14:58:42.0490 3780	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:58:42.0491 3780	AmdPPM - ok
14:58:42.0523 3780	amdsata         (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
14:58:42.0526 3780	amdsata - ok
14:58:42.0555 3780	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:58:42.0558 3780	amdsbs - ok
14:58:42.0590 3780	amdxata         (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
14:58:42.0592 3780	amdxata - ok
14:58:42.0612 3780	AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
14:58:42.0613 3780	AppID - ok
14:58:42.0674 3780	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:58:42.0677 3780	arc - ok
14:58:42.0688 3780	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:58:42.0690 3780	arcsas - ok
14:58:42.0733 3780	asmthub3        (954950d11ada98ac1b7ee3c770e4622c) C:\Windows\system32\DRIVERS\asmthub3.sys
14:58:42.0736 3780	asmthub3 - ok
14:58:42.0788 3780	asmtxhci        (01dbb05db1db95803e3c9f2b49afe79c) C:\Windows\system32\DRIVERS\asmtxhci.sys
14:58:42.0794 3780	asmtxhci - ok
14:58:42.0848 3780	aswFsBlk        (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
14:58:42.0850 3780	aswFsBlk - ok
14:58:42.0892 3780	aswMonFlt       (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
14:58:42.0894 3780	aswMonFlt - ok
14:58:42.0916 3780	aswRdr          (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
14:58:42.0918 3780	aswRdr - ok
14:58:42.0959 3780	aswSnx          (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
14:58:43.0011 3780	aswSnx - ok
14:58:43.0069 3780	aswSP           (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
14:58:43.0073 3780	aswSP - ok
14:58:43.0130 3780	aswTdi          (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
14:58:43.0132 3780	aswTdi - ok
14:58:43.0186 3780	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:58:43.0187 3780	AsyncMac - ok
14:58:43.0198 3780	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
14:58:43.0199 3780	atapi - ok
14:58:43.0249 3780	AthBTPort       (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
14:58:43.0251 3780	AthBTPort - ok
14:58:43.0305 3780	ATHDFU          (4119870b90e1b5e7797d6433d21f9216) C:\Windows\system32\Drivers\AthDfu.sys
14:58:43.0307 3780	ATHDFU - ok
14:58:43.0379 3780	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:58:43.0386 3780	b06bdrv - ok
14:58:43.0460 3780	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:58:43.0464 3780	b57nd60a - ok
14:58:43.0478 3780	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:58:43.0480 3780	Beep - ok
14:58:43.0515 3780	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:58:43.0517 3780	blbdrive - ok
14:58:43.0546 3780	bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
14:58:43.0548 3780	bowser - ok
14:58:43.0574 3780	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:58:43.0575 3780	BrFiltLo - ok
14:58:43.0586 3780	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:58:43.0588 3780	BrFiltUp - ok
14:58:43.0612 3780	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:58:43.0616 3780	Brserid - ok
14:58:43.0628 3780	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:58:43.0629 3780	BrSerWdm - ok
14:58:43.0640 3780	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:58:43.0641 3780	BrUsbMdm - ok
14:58:43.0652 3780	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:58:43.0653 3780	BrUsbSer - ok
14:58:43.0711 3780	BTATH_A2DP      (fe70889a85c57a9268101b2db0474509) C:\Windows\system32\drivers\btath_a2dp.sys
14:58:43.0720 3780	BTATH_A2DP - ok
14:58:43.0806 3780	BTATH_BUS       (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys
14:58:43.0808 3780	BTATH_BUS - ok
14:58:43.0849 3780	BTATH_HCRP      (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys
14:58:43.0852 3780	BTATH_HCRP - ok
14:58:43.0889 3780	BTATH_LWFLT     (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
14:58:43.0891 3780	BTATH_LWFLT - ok
14:58:43.0945 3780	BTATH_RCP       (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys
14:58:43.0948 3780	BTATH_RCP - ok
14:58:43.0996 3780	BtFilter        (aa0f5afcf077c5246589b32eceeae566) C:\Windows\system32\DRIVERS\btfilter.sys
14:58:44.0001 3780	BtFilter - ok
14:58:44.0070 3780	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
14:58:44.0071 3780	BthEnum - ok
14:58:44.0106 3780	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:58:44.0106 3780	BTHMODEM - ok
14:58:44.0156 3780	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:58:44.0167 3780	BthPan - ok
14:58:44.0202 3780	BTHPORT         (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
14:58:44.0209 3780	BTHPORT - ok
14:58:44.0266 3780	BTHUSB          (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
14:58:44.0268 3780	BTHUSB - ok
14:58:44.0315 3780	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:58:44.0318 3780	cdfs - ok
14:58:44.0353 3780	cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
14:58:44.0357 3780	cdrom - ok
14:58:44.0408 3780	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:58:44.0410 3780	circlass - ok
14:58:44.0750 3780	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:58:44.0756 3780	CLFS - ok
14:58:45.0058 3780	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:58:45.0059 3780	CmBatt - ok
14:58:45.0075 3780	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
14:58:45.0084 3780	cmdide - ok
14:58:45.0152 3780	CNG             (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
14:58:45.0159 3780	CNG - ok
14:58:45.0169 3780	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:58:45.0171 3780	Compbatt - ok
14:58:45.0182 3780	CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:58:45.0192 3780	CompositeBus - ok
14:58:45.0221 3780	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:58:45.0222 3780	crcdisk - ok
14:58:45.0256 3780	CSC             (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
14:58:45.0272 3780	CSC - ok
14:58:45.0312 3780	DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
14:58:45.0315 3780	DfsC - ok
14:58:45.0335 3780	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:58:45.0337 3780	discache - ok
14:58:45.0356 3780	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:58:45.0358 3780	Disk - ok
14:58:45.0502 3780	driverhardwarev2x64 (b28c853770c995552b9f5760d8245f44) C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys
14:58:45.0504 3780	driverhardwarev2x64 - ok
14:58:45.0689 3780	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:58:45.0690 3780	drmkaud - ok
14:58:45.0751 3780	dtsoftbus01     (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:58:45.0756 3780	dtsoftbus01 - ok
14:58:45.0815 3780	DXGKrnl         (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
14:58:45.0849 3780	DXGKrnl - ok
14:58:45.0906 3780	e1cexpress      (6bafd9819d9fec2edbaebc8493c711a4) C:\Windows\system32\DRIVERS\e1c62x64.sys
14:58:45.0911 3780	e1cexpress - ok
14:58:45.0947 3780	E1G60           (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
14:58:45.0951 3780	E1G60 - ok
14:58:46.0068 3780	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:58:46.0158 3780	ebdrv - ok
14:58:46.0200 3780	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:58:46.0205 3780	elxstor - ok
14:58:46.0216 3780	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
14:58:46.0217 3780	ErrDev - ok
14:58:46.0246 3780	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:58:46.0248 3780	exfat - ok
14:58:46.0259 3780	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:58:46.0261 3780	fastfat - ok
14:58:46.0282 3780	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:58:46.0293 3780	fdc - ok
14:58:46.0317 3780	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:58:46.0319 3780	FileInfo - ok
14:58:46.0330 3780	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:58:46.0332 3780	Filetrace - ok
14:58:46.0342 3780	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:58:46.0344 3780	flpydisk - ok
14:58:46.0362 3780	FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
14:58:46.0366 3780	FltMgr - ok
14:58:46.0389 3780	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:58:46.0403 3780	FsDepends - ok
14:58:46.0420 3780	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:58:46.0421 3780	Fs_Rec - ok
14:58:46.0460 3780	fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:58:46.0494 3780	fvevol - ok
14:58:46.0681 3780	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:58:46.0683 3780	gagp30kx - ok
14:58:46.0781 3780	hamachi         (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
14:58:46.0784 3780	hamachi - ok
14:58:46.0858 3780	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:58:46.0865 3780	hcw85cir - ok
14:58:46.0900 3780	HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
14:58:46.0905 3780	HdAudAddService - ok
14:58:46.0929 3780	HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:58:46.0931 3780	HDAudBus - ok
14:58:46.0943 3780	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:58:46.0944 3780	HidBatt - ok
14:58:46.0956 3780	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:58:46.0958 3780	HidBth - ok
14:58:46.0982 3780	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:58:46.0984 3780	HidIr - ok
14:58:47.0029 3780	HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
14:58:47.0031 3780	HidUsb - ok
14:58:47.0054 3780	HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
14:58:47.0056 3780	HpSAMD - ok
14:58:47.0082 3780	HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
14:58:47.0093 3780	HTTP - ok
14:58:47.0104 3780	hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
14:58:47.0105 3780	hwpolicy - ok
14:58:47.0140 3780	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:58:47.0142 3780	i8042prt - ok
14:58:47.0197 3780	iaStorV         (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
14:58:47.0237 3780	iaStorV - ok
14:58:47.0261 3780	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:58:47.0261 3780	iirsp - ok
14:58:47.0398 3780	IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
14:58:47.0489 3780	IntcAzAudAddService - ok
14:58:48.0010 3780	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
14:58:48.0011 3780	intelide - ok
14:58:48.0423 3780	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:58:48.0425 3780	intelppm - ok
14:58:49.0080 3780	IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:58:49.0082 3780	IpFilterDriver - ok
14:58:49.0539 3780	IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:58:49.0542 3780	IPMIDRV - ok
14:58:49.0919 3780	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:58:49.0921 3780	IPNAT - ok
14:58:49.0948 3780	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:58:49.0950 3780	IRENUM - ok
14:58:49.0964 3780	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
14:58:49.0965 3780	isapnp - ok
14:58:49.0991 3780	iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
14:58:49.0995 3780	iScsiPrt - ok
14:58:50.0054 3780	JRAID           (a577f5db30f70eca9708c07c2eacbd9d) C:\Windows\system32\DRIVERS\jraid.sys
14:58:50.0070 3780	JRAID - ok
14:58:50.0096 3780	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:58:50.0112 3780	kbdclass - ok
14:58:50.0131 3780	kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
14:58:50.0132 3780	kbdhid - ok
14:58:50.0193 3780	KSecDD          (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
14:58:50.0196 3780	KSecDD - ok
14:58:50.0249 3780	KSecPkg         (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
14:58:50.0252 3780	KSecPkg - ok
14:58:50.0277 3780	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:58:50.0278 3780	ksthunk - ok
14:58:50.0328 3780	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:58:50.0330 3780	lltdio - ok
14:58:50.0369 3780	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:58:50.0371 3780	LSI_FC - ok
14:58:50.0398 3780	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:58:50.0400 3780	LSI_SAS - ok
14:58:50.0412 3780	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:58:50.0414 3780	LSI_SAS2 - ok
14:58:50.0427 3780	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:58:50.0429 3780	LSI_SCSI - ok
14:58:50.0453 3780	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:58:50.0455 3780	luafv - ok
14:58:50.0478 3780	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:58:50.0480 3780	megasas - ok
14:58:50.0510 3780	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:58:50.0552 3780	MegaSR - ok
14:58:50.0658 3780	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
14:58:50.0695 3780	MEIx64 - ok
14:58:50.0708 3780	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:58:50.0711 3780	Modem - ok
14:58:50.0730 3780	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:58:50.0732 3780	monitor - ok
14:58:50.0768 3780	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:58:50.0770 3780	mouclass - ok
14:58:50.0787 3780	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:58:50.0789 3780	mouhid - ok
14:58:50.0812 3780	mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
14:58:50.0822 3780	mountmgr - ok
14:58:50.0846 3780	mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
14:58:50.0849 3780	mpio - ok
14:58:50.0861 3780	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:58:50.0863 3780	mpsdrv - ok
14:58:50.0877 3780	MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
14:58:50.0880 3780	MRxDAV - ok
14:58:50.0916 3780	mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:58:50.0920 3780	mrxsmb - ok
14:58:50.0956 3780	mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:58:50.0962 3780	mrxsmb10 - ok
14:58:51.0046 3780	mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:58:51.0048 3780	mrxsmb20 - ok
14:58:51.0075 3780	msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
14:58:51.0077 3780	msahci - ok
14:58:51.0090 3780	msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
14:58:51.0100 3780	msdsm - ok
14:58:51.0117 3780	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:58:51.0118 3780	Msfs - ok
14:58:51.0140 3780	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:58:51.0153 3780	mshidkmdf - ok
14:58:51.0161 3780	MSICDSetup - ok
14:58:51.0174 3780	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
14:58:51.0175 3780	msisadrv - ok
14:58:51.0213 3780	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:58:51.0214 3780	MSKSSRV - ok
14:58:51.0225 3780	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:58:51.0227 3780	MSPCLOCK - ok
14:58:51.0238 3780	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:58:51.0254 3780	MSPQM - ok
14:58:51.0284 3780	MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
14:58:51.0290 3780	MsRPC - ok
14:58:51.0303 3780	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
14:58:51.0304 3780	mssmbios - ok
14:58:51.0316 3780	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:58:51.0317 3780	MSTEE - ok
14:58:51.0328 3780	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:58:51.0344 3780	MTConfig - ok
14:58:51.0356 3780	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:58:51.0358 3780	Mup - ok
14:58:51.0394 3780	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS
wifi.sys
14:58:51.0399 3780	NativeWifiP - ok
14:58:51.0447 3780	NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers
dis.sys
14:58:51.0481 3780	NDIS - ok
14:58:51.0499 3780	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS
discap.sys
14:58:51.0501 3780	NdisCap - ok
14:58:51.0524 3780	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS
distapi.sys
14:58:51.0528 3780	NdisTapi - ok
14:58:51.0540 3780	Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS
disuio.sys
14:58:51.0542 3780	Ndisuio - ok
14:58:51.0554 3780	NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS
diswan.sys
14:58:51.0558 3780	NdisWan - ok
14:58:51.0569 3780	NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
14:58:51.0571 3780	NDProxy - ok
14:58:51.0583 3780	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS
etbios.sys
14:58:51.0584 3780	NetBIOS - ok
14:58:51.0605 3780	NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS
etbt.sys
14:58:51.0605 3780	NetBT - ok
14:58:51.0677 3780	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS
frd960.sys
14:58:51.0679 3780	nfrd960 - ok
14:58:51.0693 3780	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:58:51.0695 3780	Npfs - ok
14:58:51.0709 3780	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers
siproxy.sys
14:58:51.0721 3780	nsiproxy - ok
14:58:51.0790 3780	Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
14:58:51.0860 3780	Ntfs - ok
14:58:51.0882 3780	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:58:51.0895 3780	Null - ok
14:58:51.0943 3780	NVHDA           (10204955027011e08a9dc27737a48a54) C:\Windows\system32\drivers
vhda64v.sys
14:58:51.0947 3780	NVHDA - ok
14:58:52.0288 3780	nvlddmkm        (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS
vlddmkm.sys
14:58:52.0689 3780	nvlddmkm - ok
14:58:52.0831 3780	nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers
vraid.sys
14:58:52.0834 3780	nvraid - ok
14:58:52.0888 3780	nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers
vstor.sys
14:58:52.0892 3780	nvstor - ok
14:58:53.0020 3780	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS
v_agp.sys
14:58:53.0023 3780	nv_agp - ok
14:58:53.0034 3780	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
14:58:53.0036 3780	ohci1394 - ok
14:58:53.0070 3780	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:58:53.0072 3780	Parport - ok
14:58:53.0085 3780	partmgr         (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
14:58:53.0087 3780	partmgr - ok
14:58:53.0102 3780	pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
14:58:53.0105 3780	pci - ok
14:58:53.0123 3780	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
14:58:53.0124 3780	pciide - ok
14:58:53.0145 3780	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:58:53.0148 3780	pcmcia - ok
14:58:53.0158 3780	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:58:53.0160 3780	pcw - ok
14:58:53.0182 3780	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:58:53.0194 3780	PEAUTH - ok
14:58:53.0375 3780	PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERSaspptp.sys
14:58:53.0388 3780	PptpMiniport - ok
14:58:53.0401 3780	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:58:53.0403 3780	Processor - ok
14:58:53.0444 3780	Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
14:58:53.0447 3780	Psched - ok
14:58:53.0511 3780	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:58:53.0559 3780	ql2300 - ok
14:58:53.0584 3780	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:58:53.0587 3780	ql40xx - ok
14:58:53.0601 3780	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:58:53.0603 3780	QWAVEdrv - ok
14:58:53.0614 3780	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERSasacd.sys
14:58:53.0616 3780	RasAcd - ok
14:58:53.0647 3780	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:58:53.0649 3780	RasAgileVpn - ok
14:58:53.0663 3780	Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERSasl2tp.sys
14:58:53.0666 3780	Rasl2tp - ok
14:58:53.0705 3780	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERSaspppoe.sys
14:58:53.0707 3780	RasPppoe - ok
14:58:53.0720 3780	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERSassstp.sys
14:58:53.0723 3780	RasSstp - ok
14:58:53.0755 3780	rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERSdbss.sys
14:58:53.0760 3780	rdbss - ok
14:58:53.0773 3780	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERSdpbus.sys
14:58:53.0774 3780	rdpbus - ok
14:58:53.0805 3780	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:58:53.0807 3780	RDPCDD - ok
14:58:53.0837 3780	RDPDR           (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\driversdpdr.sys
14:58:53.0840 3780	RDPDR - ok
14:58:53.0852 3780	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\driversdpencdd.sys
14:58:53.0853 3780	RDPENCDD - ok
14:58:53.0893 3780	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\driversdprefmp.sys
14:58:53.0894 3780	RDPREFMP - ok
14:58:53.0918 3780	RDPWD           (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
14:58:53.0922 3780	RDPWD - ok
14:58:53.0936 3780	rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\driversdyboost.sys
14:58:53.0939 3780	rdyboost - ok
14:58:53.0989 3780	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERSfcomm.sys
14:58:53.0993 3780	RFCOMM - ok
14:58:54.0074 3780	RimUsb          (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
14:58:54.0076 3780	RimUsb - ok
14:58:54.0094 3780	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERSspndr.sys
14:58:54.0096 3780	rspndr - ok
14:58:54.0117 3780	s3cap           (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
14:58:54.0118 3780	s3cap - ok
14:58:54.0144 3780	sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
14:58:54.0146 3780	sbp2port - ok
14:58:54.0160 3780	scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
14:58:54.0162 3780	scfilter - ok
14:58:54.0186 3780	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:58:54.0188 3780	secdrv - ok
14:58:54.0208 3780	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:58:54.0210 3780	Serenum - ok
14:58:54.0234 3780	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:58:54.0237 3780	Serial - ok
14:58:54.0255 3780	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:58:54.0257 3780	sermouse - ok
14:58:54.0275 3780	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
14:58:54.0277 3780	sffdisk - ok
14:58:54.0288 3780	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:58:54.0289 3780	sffp_mmc - ok
14:58:54.0300 3780	sffp_sd         (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:58:54.0302 3780	sffp_sd - ok
14:58:54.0313 3780	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:58:54.0314 3780	sfloppy - ok
14:58:54.0330 3780	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:58:54.0332 3780	SiSRaid2 - ok
14:58:54.0353 3780	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:58:54.0355 3780	SiSRaid4 - ok
14:58:54.0378 3780	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:58:54.0381 3780	Smb - ok
14:58:54.0398 3780	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:58:54.0400 3780	spldr - ok
14:58:54.0445 3780	srv             (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
14:58:54.0452 3780	srv - ok
14:58:54.0503 3780	srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
14:58:54.0509 3780	srv2 - ok
14:58:54.0541 3780	srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
14:58:54.0544 3780	srvnet - ok
14:58:54.0624 3780	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:58:54.0626 3780	stexstor - ok
14:58:54.0653 3780	storflt         (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
14:58:54.0656 3780	storflt - ok
14:58:54.0668 3780	storvsc         (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
14:58:54.0669 3780	storvsc - ok
14:58:54.0681 3780	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
14:58:54.0682 3780	swenum - ok
14:58:54.0768 3780	Tcpip           (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers	cpip.sys
14:58:54.0848 3780	Tcpip - ok
14:58:54.0916 3780	TCPIP6          (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS	cpip.sys
14:58:54.0931 3780	TCPIP6 - ok
14:58:55.0123 3780	tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers	cpipreg.sys
14:58:55.0125 3780	tcpipreg - ok
14:58:55.0758 3780	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers	dpipe.sys
14:58:55.0760 3780	TDPIPE - ok
14:58:56.0045 3780	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers	dtcp.sys
14:58:56.0046 3780	TDTCP - ok
14:58:56.0058 3780	tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS	dx.sys
14:58:56.0061 3780	tdx - ok
14:58:56.0081 3780	TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS	ermdd.sys
14:58:56.0082 3780	TermDD - ok
14:58:56.0127 3780	tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS	ssecsrv.sys
14:58:56.0128 3780	tssecsrv - ok
14:58:56.0180 3780	tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS	unnel.sys
14:58:56.0183 3780	tunnel - ok
14:58:56.0216 3780	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:58:56.0218 3780	uagp35 - ok
14:58:56.0261 3780	udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
14:58:56.0266 3780	udfs - ok
14:58:56.0296 3780	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
14:58:56.0298 3780	uliagpkx - ok
14:58:56.0319 3780	umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
14:58:56.0321 3780	umbus - ok
14:58:56.0333 3780	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:58:56.0335 3780	UmPass - ok
14:58:56.0386 3780	usbccgp         (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
14:58:56.0389 3780	usbccgp - ok
14:58:56.0413 3780	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
14:58:56.0415 3780	usbcir - ok
14:58:56.0438 3780	usbehci         (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
14:58:56.0440 3780	usbehci - ok
14:58:56.0492 3780	usbhub          (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
14:58:56.0499 3780	usbhub - ok
14:58:56.0526 3780	usbohci         (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
14:58:56.0527 3780	usbohci - ok
14:58:56.0563 3780	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:58:56.0566 3780	usbprint - ok
14:58:56.0603 3780	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:58:56.0605 3780	usbscan - ok
14:58:56.0653 3780	USBSTOR         (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
14:58:56.0656 3780	USBSTOR - ok
14:58:56.0694 3780	usbuhci         (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
14:58:56.0696 3780	usbuhci - ok
14:58:56.0723 3780	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
14:58:56.0725 3780	vdrvroot - ok
14:58:56.0744 3780	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:58:56.0746 3780	vga - ok
14:58:56.0757 3780	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:58:56.0759 3780	VgaSave - ok
14:58:56.0779 3780	vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
14:58:56.0783 3780	vhdmp - ok
14:58:56.0795 3780	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
14:58:56.0797 3780	viaide - ok
14:58:56.0816 3780	vmbus           (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
14:58:56.0820 3780	vmbus - ok
14:58:56.0831 3780	VMBusHID        (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
14:58:56.0833 3780	VMBusHID - ok
14:58:56.0855 3780	volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
14:58:56.0858 3780	volmgr - ok
14:58:56.0880 3780	volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
14:58:56.0886 3780	volmgrx - ok
14:58:56.0912 3780	volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
14:58:56.0917 3780	volsnap - ok
14:58:56.0949 3780	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:58:56.0952 3780	vsmraid - ok
14:58:56.0966 3780	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
14:58:56.0967 3780	vwifibus - ok
14:58:56.0992 3780	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:58:56.0994 3780	WacomPen - ok
14:58:57.0054 3780	WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:58:57.0057 3780	WANARP - ok
14:58:57.0070 3780	Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:58:57.0072 3780	Wanarpv6 - ok
14:58:57.0101 3780	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:58:57.0103 3780	Wd - ok
14:58:57.0138 3780	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:58:57.0147 3780	Wdf01000 - ok
14:58:57.0172 3780	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:58:57.0173 3780	WfpLwf - ok
14:58:57.0185 3780	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:58:57.0187 3780	WIMMount - ok
14:58:57.0247 3780	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:58:57.0248 3780	WmiAcpi - ok
14:58:57.0284 3780	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:58:57.0286 3780	ws2ifsl - ok
14:58:57.0307 3780	WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
14:58:57.0310 3780	WudfPf - ok
14:58:57.0332 3780	WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:58:57.0336 3780	WUDFRd - ok
14:58:57.0384 3780	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:58:57.0426 3780	\Device\Harddisk0\DR0 - ok
14:58:57.0707 3780	Boot (0x1200)   (b38455d13a1341bd74640c68622deb05) \Device\Harddisk0\DR0\Partition0
14:58:57.0708 3780	\Device\Harddisk0\DR0\Partition0 - ok
14:58:57.0711 3780	Boot (0x1200)   (6de2b6f9e592700844c605e72af13a2f) \Device\Harddisk0\DR0\Partition1
14:58:57.0712 3780	\Device\Harddisk0\DR0\Partition1 - ok
14:58:57.0713 3780	============================================================
14:58:57.0713 3780	Scan finished
14:58:57.0713 3780	============================================================
14:58:57.0723 4856	Detected object count: 0
14:58:57.0723 4856	Actual detected object count: 0
14:59:05.0597 4116	Deinitialize success




Pour MBRScan, ca marche pas

kalimusic · Answer

re,

Fait ceci à la place :

Télécharge aswMBR sur ton Bureau.

&#x25CF; Lance  aswMBR.exe
- Sous XP double-clic sur l'icône pour lancer l'outil. 
- Sous Vista/Seven  clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel. 
&#x25CF; Refuse la demande de mise à jour
&#x25CF; Clique sur le bouton Scan
&#x25CF; Patiente pendant l'analyse
&#x25CF; Clique sur Save log 
&#x25CF; Enregistre le rapport sur le Bureau. 
&#x25CF; Copie/colle le rapport dans ton prochain message.

A +

doudou · Answer

----------------------------- 
16:03:47.147    OS Version: Windows x64 6.1.7600  
16:03:47.147    Number of processors: 4 586 0x2A07 
16:03:47.148    ComputerName: HUGO-PC  UserName: Hugo 
16:03:48.744    Initialize success 
16:03:49.370    AVAST engine defs: 12021100 
16:03:57.052    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 
16:03:57.054    Disk 0 Vendor: WDC_WD6400AACS-00G8B1 05.04C05 Size: 610480MB BusType: 11 
16:03:57.075    Disk 0 MBR read successfully 
16:03:57.077    Disk 0 MBR scan 
16:03:57.079    Disk 0 Windows 7 default MBR code 
16:03:57.086    Disk 0 Partition 1 00     07    HPFS/NTFS NTFS       496480 MB offset 2048 
16:03:57.105    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       113998 MB offset 1016793088 
16:03:57.122    Disk 0 Partition 3 00     17 Hidd HPFS/NTFS NTFS            1 MB offset 1250260992 
16:03:57.125    Disk 0 Partition 3  **INFECTED** MBR:Alureon-K [Rtk] 
16:03:57.128    Service scanning 
16:04:00.202    Modules scanning 
16:04:00.207    Disk 0 trace - called modules: 
16:04:00.230    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys  
16:04:00.237    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004738060] 
16:04:00.242    3 CLASSPNP.SYS[fffff8800196d43f] -> nt!IofCallDriver -> [0xfffffa80044c1200] 
16:04:00.246    5 ACPI.sys[fffff88000d54781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80044c1550] 
16:04:00.596    AVAST engine scan C:\Windows 
16:04:02.077    AVAST engine scan C:\Windows\system32 
16:05:40.095    AVAST engine scan C:\Windows\system32\drivers 
16:05:46.469    AVAST engine scan C:\Users\Hugo 
16:06:15.332    Disk 0 MBR has been saved successfully to "C:\Users\Hugo\Desktop\MBR.dat" 
16:06:15.336    The log file has been saved successfully to "C:\Users\Hugo\Desktop\aswMBR.txt" 
16:07:37.904    AVAST engine scan C:\ProgramData 
16:07:53.232    Scan finished successfully 
16:08:12.374    Disk 0 MBR has been saved successfully to "C:\Users\Hugo\Desktop\MBR.dat" 
16:08:12.378    The log file has been saved successfully to "C:\Users\Hugo\Desktop\aswMBR.txt" 




Apperement il a trouvé l'infection, mais n'a rien fait ?

kalimusic · Answer

C'est normal, l'infection se trouve sur une partition cachée qu'elle a crée.
Ce serait dangereux de le faire sous Windows. Il faut passer par un CD Live.

Télécharge Ubuntu ici => https://ubuntu.com/
Et grave le CD au format .ISO et modifie l'ordre du démarrage du BIOS
tuto : http://www.01audio-video.com/live-cd-linux-ubuntu.htm

Choisir d'essayer Ubuntu

Une fois sur le bureau, lance Gparted :
Application >  Système > Administration > Éditeur de partition
Fait une copie d'écran, héberge l'image et donne le lien.

A +

doudou · Answer

voilà 
http://www.casimages.com/img.php?i=1202110555586156.png

kalimusic · Answer

re,

Sélectionne la ligne /dev/sda3
Choisir Delete > Apply
Referme tout et redémarre sur Windows en enlevant le CD

Relance aswMBR et copie/colle le rapport.

A +

doudou · Answer

aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software
Run date: 2012-02-11 18:10:49
-----------------------------
18:10:49.964    OS Version: Windows x64 6.1.7600 
18:10:49.964    Number of processors: 4 586 0x2A07
18:10:49.964    ComputerName: HUGO-PC  UserName: Hugo
18:10:51.821    Initialize success
18:10:51.977    AVAST engine defs: 12021100
18:10:54.551    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:10:54.551    Disk 0 Vendor: WDC_WD6400AACS-00G8B1 05.04C05 Size: 610480MB BusType: 11
18:10:54.566    Disk 0 MBR read successfully
18:10:54.566    Disk 0 MBR scan
18:10:54.566    Disk 0 Windows 7 default MBR code
18:10:54.613    Disk 0 Partition 1 00     07    HPFS/NTFS NTFS       496480 MB offset 2048
18:10:54.769    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       113998 MB offset 1016793088
18:10:54.769    Service scanning
18:11:00.276    Service MSICDSetup E:\CDriver64.sys **LOCKED** 21
18:11:01.384    Modules scanning
18:11:01.524    Disk 0 trace - called modules:
18:11:01.555    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
18:11:01.555    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800473c060]
18:11:01.555    3 CLASSPNP.SYS[fffff880019a543f] -> nt!IofCallDriver -> [0xfffffa80044d09b0]
18:11:01.555    5 ACPI.sys[fffff88000f3d781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800416b060]
18:11:02.741    AVAST engine scan C:\Windows
18:11:04.706    AVAST engine scan C:\Windows\system32
18:13:31.720    AVAST engine scan C:\Windows\system32\drivers
18:13:40.237    AVAST engine scan C:\Users\Hugo
18:15:41.361    AVAST engine scan C:\ProgramData
18:15:54.035    Scan finished successfully
18:16:03.503    Disk 0 MBR has been saved successfully to "C:\Users\Hugo\Desktop\MBR.dat"
18:16:03.509    The log file has been saved successfully to "C:\Users\Hugo\Desktop\aswMBR2.txt"

Voilà chef, j'ai mis en gras, ce qui était en jaune dans le scan.

kalimusic · Answer

Je pense que nous avons fait le plus dur, tu te débrouilles très bien
Nous allons utiliser cet outil de diagnostic afin d'identifier les problèmes restants.

Télécharge OTL  (de OldTimer) sur ton Bureau. 

 Ferme toutes tes applications en cours 

&#x25CF;  Lance OTL.exe  
- Sous XP double-clic sur l'icône pour lancer l'outil. 
- Sous Vista/Seven  clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel. 
&#x25CF;  L'interface principale s'ouvre : 
&#x25CF;  Dans la section Rapport en haut à droite de la fenêtre, coche Rapport minimal 
&#x25CF;  Coche la case également Tous les utilisateurs
&#x25CF;  Laisse tous les autres paramètres par défaut 
&#x25CF;  Dans la partie du bas "Personnalisation", copie/colle la liste en citation : 

msconfig 
safebootminimal 
safebootnetwork 
/md5start
volsnap.*
explorer.exe
winlogon.exe
userinit.exe
svchost.exe
/md5stop
%temp%\*.exe /s 
%ALLUSERSPROFILE%\Application Data\*.exe /s 
%ALLUSERSPROFILE%\Application Data\*.
%APPDATA%\*.exe /s 
%APPDATA%\*.
%SYSTEMDRIVE%\*.exe 
%systemroot%\Tasks\*.* /s
hklm\system\CurrentControlSet\Services\lanmanserver\parameters /s 
hklm\system\CurrentControlSet\Control\Session Manager\SubSystems /s 
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT 
&#x25CF;  Clique sur le bouton Analyse rapide, patiente pendant le balayage du système.   
&#x25CF;  2 rapports vont s'ouvrir au format bloc-note : 
OTL.txt (qui sera affiché) ainsi que Extras.txt (réduit dans la barre des tâches)  
&#x25CF;  Ne les poste pas sur le forum, ils seraient trop long  
&#x25CF;  Héberge les sur un des sites suivants :
https://www.cjoint.com/
http://pjjoint.malekal.com/
http://threat-rc.com/ 
https://textup.fr/ 
&#x25CF;  Tu obtiendras 2 liens que tu me donneras dans ton prochain message. 

A +

doudou · Answer

http://textup.fr/13311oi

http://textup.fr/13312dD

kalimusic · Answer

re,

Analyse le fichier C:\Windows\SysWow64\QQVistaHelper.dll sur https://www.virustotal.com/gui/
Si un message te dit que le fichier à déjà été analysé, ré-analyse le
Copie-colle l'url affichée dans la barre d'adresse dans ta réponse.
tuto : Analyser un fichier avec VirusTotal

A +

doudou · Answer

https://www.virustotal.com/file/99867fd6a42101eebaa2c1d0dbacd3d859bc4d472c1c163aee65ba969da0d38b/analysis/1328984470/

kalimusic · Answer

re,

1. Relance OTL
- Sous XP double-clic sur l'icône pour lancer l'outil. 
- Sous Vista/Seven  clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel. 
&#x25CF; Dans la partie "Personnalisation", copie/colle les instructions suivantes :

:OTL
[2012/02/04 19:26:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tencent 
[2012/02/04 19:26:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Tencent     
[2012/02/04 19:26:05 | 000,000,000 | ---D | C] -- C:\Users\Hugo\Documents\Tencent Files 
[2012/02/04 19:25:41 | 000,000,000 | ---D | C] -- C:\Users\Hugo\AppData\Roaming\Tencent     
O37 - HKLM\...com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
O37 - HKLM\...exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
[115 C:\Users\Hugo\AppData\Local\Temp\*.tmp files -> C:\Users\Hugo\AppData\Local\Temp\*.tmp -> ] 
:Files
ipconfig /flushdns /c
:Commands 
[emptytemp]
&#x25CF; Clique sur le bouton Correction.
&#x25CF; Patiente pendant le travail de l'outil, il doit ensuite redémarrer le PC.   
&#x25CF; Accepte en cliquant sur OK. 
&#x25CF; Le rapport indiquant les actions réalisées par OTL doit s'ouvrir spontanément.   

Tu peux le retrouver le fichier à la racine du disque : C:\_OTL\MovedFiles  

2. Télécharge MBAM et installe le selon l'emplacement par défaut.
(l'essai de la version pro est facultative)

&#x25CF; Effectue la mise à jour et lance Malwarebytes' Anti-Malware
&#x25CF; Clique dans l'onglet du haut "Recherche"
&#x25CF; Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher" 
&#x25CF; Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"

A la fin de l'analyse, si MBAM n'a rien trouvé :

&#x25CF; Clique sur OK, le rapport s'ouvre spontanément

Si des menaces ont été détectées :

&#x25CF; Clique sur OK puis "Afficher les résultats"
&#x25CF; Choisis l'option "Supprimer la sélection"
&#x25CF; Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
&#x25CF; Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
&#x25CF; Sinon le rapport s'ouvre automatiquement après la suppression.

3. Héberge les rapports et donne moi les liens.

A +

doudou · Answer

http://textup.fr/13361bp

http://textup.fr/13369Of

kalimusic · Answer

Bonjour,

1. Lance OTL
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
&#x25CF; Dans la partie "Personnalisation", copie/colle:

:commands
[clearallrestorepoints]
&#x25CF; Clique sur le bouton Correction. 

2. Relance OTL en tant qu'administrateur  
&#x25CF; Clique sur le bouton Purge outils
&#x25CF; Puis sur OK dans la boite de dialogue qui t'invite à redémarrer le système.
&#x25CF; Supprime les outils et les rapports restants éventuellement sur ton Bureau

3. Tu peux garder Malwarebytes Anti-Malware comme logiciel complémentaire à ton antivirus et t'en servir contrôler ton PC avec un scan rapide de temps en temps sans oublier de le mettre à jour avant 

4. Vérifie que les logiciels pouvant présenter des failles de sécurité sont à jour :

Tutoriel SX Check&Update

 == == == == == == == == == == == == == == == == == == == == == ==

 La sécurité de son PC, c'est quoi ? (par Malekal)    

 == == == == == == == == == == == == == == == == == == == == == ==
 
Bonne continuation

Probleme rootkit

19 réponses

Discussions similaires