Se connecter / S'enregistrer
Votre question

Un rootkit dans mon pc

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Décembre 2010 23:54:47

Bonjour voila j'ai besoin d'aide svp on scannant avec tdsskiller j'ai eu le rapport suivant:

2010/12/12 19:45:46.0234 TDSS rootkit removing tool 2.4.11.0 Dec 8 2010 14:46:40
2010/12/12 19:45:46.0234 ================================================================================
2010/12/12 19:45:46.0234 SystemInfo:
2010/12/12 19:45:46.0234
2010/12/12 19:45:46.0234 OS Version: 5.1.2600 ServicePack: 3.0
2010/12/12 19:45:46.0234 Product type: Workstation
2010/12/12 19:45:46.0234 ComputerName: DELL-7F2ED8A518
2010/12/12 19:45:46.0234 UserName: Propriétaire
2010/12/12 19:45:46.0234 Windows directory: C:\WINDOWS
2010/12/12 19:45:46.0234 System windows directory: C:\WINDOWS
2010/12/12 19:45:46.0234 Processor architecture: Intel x86
2010/12/12 19:45:46.0234 Number of processors: 1
2010/12/12 19:45:46.0234 Page size: 0x1000
2010/12/12 19:45:46.0234 Boot type: Normal boot
2010/12/12 19:45:46.0234 ================================================================================
2010/12/12 19:45:46.0593 Initialize success
2010/12/12 19:46:05.0437 ================================================================================
2010/12/12 19:46:05.0437 Scan started
2010/12/12 19:46:05.0437 Mode: Manual;
2010/12/12 19:46:05.0437 ================================================================================
2010/12/12 19:46:07.0671 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/12/12 19:46:07.0828 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/12/12 19:46:08.0109 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/12/12 19:46:08.0281 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
2010/12/12 19:46:09.0031 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/12/12 19:46:09.0156 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/12/12 19:46:09.0484 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/12/12 19:46:09.0687 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/12/12 19:46:09.0921 bdfsfltr (4c44d82e372a87b3cb439a7f14cfef03) C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys
2010/12/12 19:46:10.0125 BdRawPr (d077f523538c9fb83b3c3fae13861579) C:\WINDOWS\system32\DRIVERS\bdrawpr.sys
2010/12/12 19:46:10.0703 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/12/12 19:46:10.0921 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/12/12 19:46:11.0125 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/12/12 19:46:11.0484 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/12/12 19:46:11.0656 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/12/12 19:46:11.0812 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/12/12 19:46:12.0734 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/12/12 19:46:12.0968 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2010/12/12 19:46:13.0125 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2010/12/12 19:46:13.0281 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/12/12 19:46:13.0500 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/12/12 19:46:13.0796 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/12/12 19:46:13.0953 E1000 (de5d0ccce14b774d4de68e44c0d6d980) C:\WINDOWS\system32\DRIVERS\e1000325.sys
2010/12/12 19:46:14.0218 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/12/12 19:46:14.0390 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2010/12/12 19:46:14.0562 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2010/12/12 19:46:14.0734 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2010/12/12 19:46:14.0937 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/12/12 19:46:15.0125 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2010/12/12 19:46:15.0328 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/12/12 19:46:15.0515 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/12/12 19:46:15.0656 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/12/12 19:46:15.0828 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/12/12 19:46:16.0171 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/12/12 19:46:16.0671 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/12/12 19:46:16.0875 ialm (0294a30b302ca71a2c26e582dda93486) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2010/12/12 19:46:17.0093 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/12/12 19:46:17.0390 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/12/12 19:46:17.0578 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/12/12 19:46:17.0734 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/12/12 19:46:17.0937 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/12/12 19:46:18.0218 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/12/12 19:46:18.0390 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/12/12 19:46:18.0640 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/12/12 19:46:18.0921 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/12/12 19:46:19.0203 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/12/12 19:46:19.0484 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/12/12 19:46:19.0703 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\WINDOWS\system32\DRIVERS\kl1.sys
2010/12/12 19:46:19.0984 kl2 (713576569667ac9e0f8556076004a96b) C:\WINDOWS\system32\DRIVERS\kl2.sys
2010/12/12 19:46:20.0281 KLIF (44ec6b3dbe167c7fa818f9918d2cbf22) C:\WINDOWS\system32\DRIVERS\klif.sys
2010/12/12 19:46:20.0625 klim5 (8d6e11bfa9927978d25b1b8029554f07) C:\WINDOWS\system32\DRIVERS\klim5.sys
2010/12/12 19:46:20.0859 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
2010/12/12 19:46:21.0078 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/12/12 19:46:21.0250 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/12/12 19:46:21.0640 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2010/12/12 19:46:21.0812 LVUSBSta (be5e104be263921d6842c555db6a5c23) C:\WINDOWS\system32\drivers\LVUSBSta.sys
2010/12/12 19:46:22.0109 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/12/12 19:46:22.0312 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2010/12/12 19:46:22.0500 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/12/12 19:46:22.0687 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/12/12 19:46:22.0859 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/12/12 19:46:23.0328 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/12/12 19:46:23.0593 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/12/12 19:46:23.0781 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/12/12 19:46:23.0953 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/12/12 19:46:24.0109 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/12/12 19:46:24.0265 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/12/12 19:46:24.0484 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/12/12 19:46:24.0640 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/12/12 19:46:24.0843 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/12/12 19:46:25.0000 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/12/12 19:46:25.0203 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/12/12 19:46:25.0375 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/12/12 19:46:25.0578 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/12/12 19:46:25.0796 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/12/12 19:46:25.0953 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/12/12 19:46:26.0125 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/12/12 19:46:26.0296 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/12/12 19:46:26.0500 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/12/12 19:46:26.0765 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/12/12 19:46:26.0953 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/12/12 19:46:27.0140 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/12/12 19:46:27.0281 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/12/12 19:46:27.0437 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/12/12 19:46:27.0593 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/12/12 19:46:27.0750 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/12/12 19:46:27.0890 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/12/12 19:46:28.0062 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/12/12 19:46:28.0375 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\drivers\PCIIde.sys
2010/12/12 19:46:28.0578 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/12/12 19:46:29.0578 PID_0928 (d2d2fa02b722336960eeae0ae7107891) C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
2010/12/12 19:46:29.0765 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/12/12 19:46:29.0937 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/12/12 19:46:30.0078 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/12/12 19:46:31.0250 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/12/12 19:46:31.0437 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/12/12 19:46:31.0593 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/12/12 19:46:31.0796 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/12/12 19:46:31.0984 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/12/12 19:46:32.0140 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/12/12 19:46:32.0328 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/12/12 19:46:32.0609 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/12/12 19:46:32.0796 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/12/12 19:46:33.0031 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
2010/12/12 19:46:33.0203 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/12/12 19:46:33.0406 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/12/12 19:46:33.0609 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/12/12 19:46:33.0875 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/12/12 19:46:34.0031 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
2010/12/12 19:46:34.0312 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/12/12 19:46:34.0531 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\WINDOWS\system32\Drivers\sptd.sys
2010/12/12 19:46:34.0531 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
2010/12/12 19:46:34.0531 sptd - detected Locked file (1)
2010/12/12 19:46:34.0687 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/12/12 19:46:34.0875 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/12/12 19:46:35.0062 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/12/12 19:46:35.0218 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/12/12 19:46:35.0453 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/12/12 19:46:36.0109 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/12/12 19:46:36.0296 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/12/12 19:46:36.0484 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/12/12 19:46:36.0640 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/12/12 19:46:36.0796 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/12/12 19:46:37.0109 Trufos (4110efd1649e0f276e061fe06d0fca36) C:\WINDOWS\system32\DRIVERS\Trufos.sys
2010/12/12 19:46:37.0265 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/12/12 19:46:37.0578 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/12/12 19:46:37.0781 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/12/12 19:46:37.0906 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/12/12 19:46:38.0062 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/12/12 19:46:38.0234 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/12/12 19:46:38.0390 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/12/12 19:46:38.0937 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/12/12 19:46:39.0125 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/12/12 19:46:39.0453 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/12/12 19:46:39.0718 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/12/12 19:46:39.0875 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/12/12 19:46:40.0015 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/12/12 19:46:40.0218 ================================================================================
2010/12/12 19:46:40.0218 Scan finished
2010/12/12 19:46:40.0234 ================================================================================
2010/12/12 19:46:40.0234 Detected object count: 1
2010/12/12 19:46:59.0281 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\WINDOWS\system32\Drivers\sptd.sys
2010/12/12 19:46:59.0281 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
2010/12/12 19:46:59.0296 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
2010/12/12 19:46:59.0312 Locked file(sptd) - User select action: Quarantine
2010/12/12 19:47:51.0015 ================================================================================
2010/12/12 19:47:51.0015 Scan started
2010/12/12 19:47:51.0015 Mode: Manual;
2010/12/12 19:47:51.0015 ================================================================================
2010/12/12 19:47:51.0593 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/12/12 19:47:51.0734 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/12/12 19:47:52.0062 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/12/12 19:47:52.0203 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
2010/12/12 19:47:53.0484 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/12/12 19:47:53.0687 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/12/12 19:47:54.0015 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/12/12 19:47:54.0156 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/12/12 19:47:54.0390 bdfsfltr (4c44d82e372a87b3cb439a7f14cfef03) C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys
2010/12/12 19:47:54.0609 BdRawPr (d077f523538c9fb83b3c3fae13861579) C:\WINDOWS\system32\DRIVERS\bdrawpr.sys
2010/12/12 19:47:54.0921 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/12/12 19:47:55.0125 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/12/12 19:47:55.0328 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/12/12 19:47:55.0640 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/12/12 19:47:55.0781 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/12/12 19:47:55.0937 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/12/12 19:47:57.0000 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/12/12 19:47:57.0187 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys
2010/12/12 19:47:57.0390 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2010/12/12 19:47:57.0593 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/12/12 19:47:57.0765 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/12/12 19:47:57.0984 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/12/12 19:47:58.0156 E1000 (de5d0ccce14b774d4de68e44c0d6d980) C:\WINDOWS\system32\DRIVERS\e1000325.sys
2010/12/12 19:47:58.0390 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/12/12 19:47:58.0609 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2010/12/12 19:47:58.0765 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2010/12/12 19:47:58.0984 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2010/12/12 19:47:59.0140 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/12/12 19:47:59.0296 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2010/12/12 19:47:59.0484 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/12/12 19:47:59.0671 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/12/12 19:47:59.0828 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/12/12 19:48:00.0015 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/12/12 19:48:00.0312 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/12/12 19:48:00.0781 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/12/12 19:48:00.0953 ialm (0294a30b302ca71a2c26e582dda93486) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2010/12/12 19:48:01.0203 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/12/12 19:48:01.0546 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/12/12 19:48:01.0703 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/12/12 19:48:01.0890 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/12/12 19:48:02.0046 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/12/12 19:48:02.0203 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/12/12 19:48:02.0343 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/12/12 19:48:02.0578 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/12/12 19:48:02.0781 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/12/12 19:48:02.0984 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/12/12 19:48:03.0156 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/12/12 19:48:03.0312 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\WINDOWS\system32\DRIVERS\kl1.sys
2010/12/12 19:48:03.0515 kl2 (713576569667ac9e0f8556076004a96b) C:\WINDOWS\system32\DRIVERS\kl2.sys
2010/12/12 19:48:03.0687 KLIF (44ec6b3dbe167c7fa818f9918d2cbf22) C:\WINDOWS\system32\DRIVERS\klif.sys
2010/12/12 19:48:03.0843 klim5 (8d6e11bfa9927978d25b1b8029554f07) C:\WINDOWS\system32\DRIVERS\klim5.sys
2010/12/12 19:48:04.0000 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
2010/12/12 19:48:04.0187 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/12/12 19:48:04.0359 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/12/12 19:48:04.0734 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2010/12/12 19:48:04.0921 LVUSBSta (be5e104be263921d6842c555db6a5c23) C:\WINDOWS\system32\drivers\LVUSBSta.sys
2010/12/12 19:48:05.0109 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/12/12 19:48:05.0281 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2010/12/12 19:48:05.0437 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/12/12 19:48:05.0578 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/12/12 19:48:05.0750 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/12/12 19:48:06.0234 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/12/12 19:48:06.0421 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/12/12 19:48:06.0578 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/12/12 19:48:06.0734 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/12/12 19:48:06.0921 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/12/12 19:48:07.0062 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/12/12 19:48:07.0218 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/12/12 19:48:07.0375 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/12/12 19:48:07.0593 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/12/12 19:48:07.0750 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/12/12 19:48:07.0937 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/12/12 19:48:08.0140 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/12/12 19:48:08.0296 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/12/12 19:48:08.0468 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/12/12 19:48:08.0640 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/12/12 19:48:08.0796 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/12/12 19:48:08.0953 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/12/12 19:48:09.0125 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/12/12 19:48:09.0328 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/12/12 19:48:09.0562 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/12/12 19:48:09.0750 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/12/12 19:48:09.0921 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/12/12 19:48:10.0109 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/12/12 19:48:10.0328 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/12/12 19:48:10.0515 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/12/12 19:48:10.0671 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/12/12 19:48:10.0828 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/12/12 19:48:11.0109 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\drivers\PCIIde.sys
2010/12/12 19:48:11.0281 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/12/12 19:48:12.0281 PID_0928 (d2d2fa02b722336960eeae0ae7107891) C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
2010/12/12 19:48:12.0515 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/12/12 19:48:12.0687 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/12/12 19:48:12.0859 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/12/12 19:48:13.0687 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/12/12 19:48:13.0843 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/12/12 19:48:14.0031 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/12/12 19:48:14.0203 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/12/12 19:48:14.0375 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/12/12 19:48:14.0578 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/12/12 19:48:14.0765 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/12/12 19:48:14.0937 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/12/12 19:48:15.0156 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/12/12 19:48:15.0593 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
2010/12/12 19:48:15.0890 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/12/12 19:48:16.0046 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/12/12 19:48:16.0312 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/12/12 19:48:16.0593 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/12/12 19:48:16.0765 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
2010/12/12 19:48:17.0078 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/12/12 19:48:17.0312 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\WINDOWS\system32\Drivers\sptd.sys
2010/12/12 19:48:17.0312 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
2010/12/12 19:48:17.0328 sptd - detected Locked file (1)
2010/12/12 19:48:17.0500 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/12/12 19:48:17.0671 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/12/12 19:48:17.0859 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/12/12 19:48:18.0062 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/12/12 19:48:18.0218 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/12/12 19:48:19.0015 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/12/12 19:48:19.0203 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/12/12 19:48:19.0359 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/12/12 19:48:19.0578 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/12/12 19:48:19.0734 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/12/12 19:48:20.0078 Trufos (4110efd1649e0f276e061fe06d0fca36) C:\WINDOWS\system32\DRIVERS\Trufos.sys
2010/12/12 19:48:20.0250 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/12/12 19:48:20.0609 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/12/12 19:48:20.0796 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/12/12 19:48:21.0000 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/12/12 19:48:21.0171 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/12/12 19:48:21.0343 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/12/12 19:48:21.0562 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/12/12 19:48:21.0890 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/12/12 19:48:22.0078 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/12/12 19:48:22.0375 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/12/12 19:48:22.0640 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/12/12 19:48:22.0796 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/12/12 19:48:22.0984 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/12/12 19:48:23.0203 ================================================================================
2010/12/12 19:48:23.0203 Scan finished
2010/12/12 19:48:23.0203 ================================================================================
2010/12/12 19:48:23.0218 Detected object count: 1
2010/12/12 19:49:12.0437 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\WINDOWS\system32\Drivers\sptd.sys
2010/12/12 19:49:12.0437 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
2010/12/12 19:49:12.0453 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
2010/12/12 19:49:12.0453 Locked file(sptd) - User select action: Quarantine
2010/12/12 19:51:29.0359 Deinitialize success


et voila je ne sais pas quoi faire ,j'ai scanné aussi avec malwarebytes et j'ai supprimer les fichiers suspects mais es ce que c'est suffisait merci a l'avance

Autres pages sur : rootkit

14 Décembre 2010 16:51:13

re bonjour svp il y a personne pour m'aider hier il y a aussi des icônes sur mon bureau qui sont effacé tout seul
15 Décembre 2010 20:58:07

en scannant aujourd'hui avec malwarebytes j'ai eu le rapport suivant:
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 5315

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

15/12/2010 13:54:51
mbam-log-2010-12-15 (13-54-51).txt

Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 179207
Temps écoulé: 54 minute(s), 30 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détect


je dois faire quoi svp
Contenus similaires
16 Décembre 2010 20:26:45

bonjour

sptd.sys c'est daemon tool, c'est pas un rootkit.... du moins, même s'il est unsigned avec TDSS,

http://www.virustotal.com/file-scan/report.html?id=4be4...

http://www.systemexplorer.net/fileinfo/157369.html

++++++++++

On reprend donc au début: Pourquoi tu as fais des scans? quels sont les symptômes de ton pc?


1

Télécharge DDS et sauvegarde-le sur ton bureau.
  • Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
  • Double-clique sur dds.scr pour lancer l'outil.
  • Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
  • Clique Oui à la prochaine invite Optional Scan.
  • Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.

    <@_@>**<@_@>**<@_@>**<@_@>**<@_@>**@_@>**<@_@><@_@>**<@_@>**<@_@>**<@_@>**

    ++

    ****
    2

    Télécharge GMER à partir de ce lien : http://www.gmer.net/files.php - clic sur "Download EXE" et télécharge le fichier sur ton bureau.
    Voir le tutorial GMER, ça peut peut-être t'aider : http://www.malekal.com/tutorial_GMER.php

  • Désactive tes logiciels de protection (antivirus, antispyware etc) et ferme tous les programmes ouverts.
  • Double-clique sur le fichier GMER téléchargé.
    IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
  • Clique sur l'onglet "rootkit"
  • A droite, coche tout.
  • Clique maintenant sur Scan.
  • Lorsque le scan est terminé, clique sur Copy.
  • Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
    Le rapport doit alors apparaître.
  • Enregistre le fichier sur ton Bureau et poste le contenu ici.



    16 Décembre 2010 20:41:39

    merci pour votre réponse j'ai fais un scan car des raccourci sur le bureau sont effacé seul et mon pc lent :
    le rapport de DDS:
    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Propri‚taire at 14:37:21,51 on 16/12/2010
    Internet Explorer: 6.0.2900.5512
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.510.214 [GMT -5:00]

    AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    FW: Kaspersky Internet Security *Disabled*

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Athan\Athan.exe
    C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    C:\Program Files\WebSur\serv.exe
    C:\Program Files\Internet Explorer\AntiPornoWin\AntiPornoWin.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\wscntfy.exe
    C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Documents and Settings\Propriétaire\Bureau\dds.scr

    ============== Pseudo HJT Report ===============

    uSearchMigratedDefaultURL = hxxp://www.durable.com/result?cx=partner-pub-7902900401080901%...{searchTerms}
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2011\ievkbd.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
    BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
    TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [Athan] c:\program files\athan\Athan.exe
    mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
    mRun: [SunJavaUpdateSched] "c:\program files\fichiers communs\java\java update\jusched.exe"
    mRun: [TkBellExe] "c:\program files\fichiers communs\real\update_ob\realsched.exe" -osboot
    mRun: [SysServProtect] c:\program files\websur\serv.exe
    mRun: [AntiPornoWin] c:\program files\internet explorer\antipornowin\AntiPornoWin.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\fichiers communs\adobe\arm\1.0\AdobeARM.exe"
    mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe"
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    dRunOnce: [WUAppSetup] c:\program files\fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092f -f video -m logitech -d 11.5.0.1145
    IE: Ajouter à l'Anti-bannière - c:\program files\kaspersky lab\kaspersky internet security 2011\ie_banner_deny.htm
    IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257091728244
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\fichie~1\skype\SKYPE4~1.DLL
    Notify: igfxcui - igfxdev.dll
    Notify: klogon - c:\windows\system32\klogon.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\propri~1\applic~1\mozilla\firefox\profiles\lzce7ygh.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.meteomedia.com/weather/caqc0363
    FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
    FF - component: c:\documents and settings\propriétaire\application data\mozilla\firefox\profiles\lzce7ygh.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
    FF - component: c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll
    FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
    FF - plugin: c:\browserplusplugins\eb59d3b00f8811c16a9789668c153b72\npybrowserplus_2.6.0.dll
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
    FF - plugin: c:\documents and settings\propriã©taire\application data\move networks\plugins\npqmp071700000016.dll
    FF - plugin: c:\documents and settings\propriã©taire\application data\mozilla\firefox\profiles\lzce7ygh.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
    FF - plugin: c:\program files\fichiers communs\oberon media\ncadapter\1.0.0.7\npapicomadapter.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Anti-bannière: KavAntiBanner@Kaspersky.ru - c:\program files\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru
    FF - Ext: Analyse des liens (URL Advisor): linkfilter@kaspersky.ru - c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru
    FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
    FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext

    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

    ============= SERVICES / DRIVERS ===============

    R0 KL1;kl1;c:\windows\system32\drivers\kl1.sys [2010-6-9 132184]
    R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [2010-11-17 12960]
    R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2010-6-9 11352]
    R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2010-12-12 475736]
    R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2011\avp.exe [2010-11-2 365336]
    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-2-9 54752]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2010-5-7 32856]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19472]
    S2 gupdate;Service Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-2 135664]
    S3 fsssvc;Service Windows Live Contrôle parental;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
    S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\57.tmp --> c:\windows\system32\57.tmp [?]

    =============== Created Last 30 ================

    2010-12-16 00:02:36 -------- d--h--r- c:\documents and settings\propriétaire\Recent
    2010-12-13 00:46:59 -------- d-----w- C:\TDSSKiller_Quarantine
    2010-12-13 00:22:09 -------- d-sha-r- C:\cmdcons
    2010-12-13 00:18:37 98816 ----a-w- c:\windows\sed.exe
    2010-12-13 00:18:37 256512 ----a-w- c:\windows\PEV.exe
    2010-12-13 00:18:37 161792 ----a-w- c:\windows\SWREG.exe
    2010-12-12 21:54:10 -------- d-----w- c:\program files\Sophos
    2010-12-12 21:44:10 -------- d-----w- c:\docume~1\propri~1\applic~1\QuickScan
    2010-12-12 17:59:24 109240 ----a-w- c:\program files\mozilla firefox\extensions\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll
    2010-12-12 17:59:21 150200 ----a-w- c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
    2010-12-12 17:59:02 97859 ----a-w- c:\windows\system32\drivers\klick.dat
    2010-12-12 17:59:02 114243 ----a-w- c:\windows\system32\drivers\klin.dat
    2010-12-12 17:57:00 -------- d-----w- c:\program files\Kaspersky Lab
    2010-12-12 17:19:27 -------- d-----w- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
    2010-12-12 02:23:25 -------- d-----w- c:\windows\system32\NtmsData
    2010-12-12 01:23:10 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
    2010-12-12 01:21:44 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
    2010-12-12 01:21:26 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
    2010-12-12 01:19:37 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
    2010-12-12 01:14:58 274288 ----a-w- c:\windows\system32\mucltui.dll
    2010-12-12 01:14:58 215920 ----a-w- c:\windows\system32\muweb.dll
    2010-12-12 01:14:58 18288 ----a-w- c:\windows\system32\mucltui.dll.mui
    2010-12-12 00:25:12 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-12-12 00:25:05 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-12-12 00:25:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-12-07 02:33:20 -------- d-----w- c:\docume~1\alluse~1\applic~1\Friends Games
    2010-12-07 02:32:08 -------- d-----w- c:\program files\Oberon Media
    2010-12-07 02:32:07 -------- d-----w- c:\docume~1\propri~1\applic~1\Oberon Media
    2010-12-07 02:31:59 -------- d-----w- c:\program files\fichiers communs\Oberon Media
    2010-12-06 21:35:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\Rumbic Studio
    2010-12-06 01:04:08 -------- d-----w- c:\docume~1\propri~1\applic~1\Malwarebytes
    2010-12-06 01:04:01 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2010-12-03 20:51:43 -------- d-----w- c:\program files\Easy Graphic Converter
    2010-12-03 20:40:44 -------- d-----w- c:\docume~1\propri~1\applic~1\OfficeRecovery
    2010-11-17 22:28:25 257712 ----a-w- c:\windows\system32\drivers\Trufos.sys
    2010-11-17 22:28:18 327368 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
    2010-11-17 22:28:18 12960 ----a-w- c:\windows\system32\drivers\bdrawpr.sys
    2010-11-17 22:28:15 8167 ----a-w- c:\docume~1\alluse~1\applic~1\bdinstall.bin

    ==================== Find3M ====================

    2010-11-09 01:43:08 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
    2010-10-06 01:27:04 228024 ----a-w- c:\windows\system32\klogon.dll

    ============= FINISH: 14:38:36,21 ===============


    et le 2eme rapport:
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft Windows XP Édition familiale
    Boot Device: \Device\HarddiskVolume1
    Install Date: 01/11/2009 11:01:10
    System Uptime: 16/12/2010 10:28:36 (4 hours ago)

    Motherboard: Dell Computer Corp. | | 0N6016
    Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2793/533mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 37 GiB total, 13,048 GiB free.
    D: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP316: 12/12/2010 22:01:46 - Point de vérification système
    RP317: 15/12/2010 23:05:51 - Point de vérification système

    ==== Installed Programs ======================

    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.1 - Français
    Analyseur MSXML 6.0
    Apple Application Support
    Apple Software Update
    Around The World in 80 Days
    Assistant de connexion Windows Live
    Athan Basic 3.8
    calibre
    CCleaner
    Coffret de pilotes Logitech Webcam Software
    Correctif pour Windows XP (KB2158563)
    Correctif pour Windows XP (KB942288-v3)
    Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)
    Galerie de photos Windows Live
    Google Toolbar for Internet Explorer
    Google Update Helper
    GoToMeeting 4.1.0.366
    Hotfix for Windows XP (KB954550-v5)
    Installation Windows Live
    Intel(R) Extreme Graphics 2 Driver
    Intel(R) PRO Network Connections Drivers
    Java Auto Updater
    Junk Mail filter update
    K-Lite Mega Codec Pack 5.9.7 BETA
    Kaspersky Internet Security 2011
    Lecteur Windows Media 11
    Logiciel d'archivage WinRAR
    Logitech Webcam Software
    Lost Treasures Of ElDorado
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 2.0 Language Pack - FRA
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Mise à jour de sécurité pour Windows XP (KB2360937)
    Mise à jour de sécurité pour Windows XP (KB923561)
    Mise à jour de sécurité pour Windows XP (KB956802)
    Mise à jour de sécurité pour Windows XP (KB958644)
    Mise à jour de sécurité pour Windows XP (KB971961)
    Mise à jour de sécurité pour Windows XP (KB975467)
    Mise à jour de sécurité pour Windows XP (KB982665)
    Mise à jour pour Windows XP (KB968389)
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
    Move Media Player
    Mozilla Firefox (3.6)
    MSVCRT
    OpenOffice.org 3.2
    Outil de téléchargement Windows Live
    QuickTime
    RealPlayer
    RealUpgrade 1.0
    RPS CRT
    Segoe UI
    Skype Toolbars
    Skype™ 5.0
    The Treasures Of Montezuma
    Tomb Of Giza
    VLC media player 1.0.2
    WebFldrs XP
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Contrôle parental
    Windows Live FolderShare
    Windows Live Mail
    Windows Live Messenger
    Windows Live Toolbar
    Windows Live Writer
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    Yahoo! BrowserPlus 2.6.0
    Yahoo! Messenger
    ZOODomino

    ==== End Of File ===========================
    16 Décembre 2010 21:50:45

    le rapport de gmer
    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2010-12-16 15:43:17
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 IC35L060AVV207-0 rev.V22OA66A
    Running: zs6i5hbp.exe; Driver: C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\ffgyqfog.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xEFAA25FA]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xEFAA2EFE]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xEFAA3D32]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xEFAA427C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateFile [0xEFAA31DA]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateKey [0xEFAA146A]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xEFAA4162]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0xEFAA21E8]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xEFAA4036]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xEFAA2390]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xEFAA439C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xEFAA2B86]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xEFAA40CC]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xEFAA5A84]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xEFAA1A74]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xEFAA1E28]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xEFAA365C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xEFAA6C90]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xEFAA1F74]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xEFAA200C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwFsControlFile [0xEFAA346A]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xEFAA5B76]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xEFAA1446]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xEFAA1458]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xEFAA62DE]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xEFAA2138]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xEFAA4312]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenFile [0xEFAA2F80]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenKey [0xEFAA162A]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xEFAA41F2]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xEFAA2836]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xEFAA6078]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xEFAA4432]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xEFAA2728]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xEFAA20A4]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xEFAA1CDC]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xEFAA6618]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xEFAA1906]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xEFAA5F0A]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xEFAA1B96]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xEFAA0E80]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xEFAA4796]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xEFAA465C]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xEFAA581E]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xEFAA11F8]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xEFAA6B32]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xEFAA0E18]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xEFAA3A78]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xEFAA2DA2]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xEFAA50BE]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSecurityObject [0xEFAA5D14]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xEFAA6768]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xEFAA1780]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xEFAA685A]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xEFAA6994]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xEFAA59A8]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateProcess [0xEFAA29D2]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xEFAA2932]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xEFAA64BC]
    SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xEFAA2ABC]

    INT 0x62 ? 82F71C88
    INT 0x63 ? 82BA9F00
    INT 0x63 ? 82BA9F00
    INT 0x82 ? 82F71C88
    INT 0x83 ? 82BA9F00
    INT 0xA4 ? 82BA9F00
    INT 0xB4 ? 82BA9F00

    Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
    Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntoskrnl.exe!_abnormal_termination + 1D0 804E282C 12 Bytes [76, 5B, AA, EF, 46, 14, AA, ...] {JBE 0x5d; STOSB ; OUT DX, EAX; INC ESI; ADC AL, 0xaa; OUT DX, EAX; POP EAX; ADC AL, 0xaa; OUT DX, EAX}
    .text ntoskrnl.exe!_abnormal_termination + 34C 804E29A8 16 Bytes [96, 1B, AA, EF, 80, 0E, AA, ...] {XCHG ESI, EAX; SBB EBP, [EDX-0x55f17f11]; OUT DX, EAX; XCHG ESI, EAX; INC EDI; STOSB ; OUT DX, EAX; POP ESP; INC ESI; STOSB ; OUT DX, EAX}
    .text ntoskrnl.exe!_abnormal_termination + 440 804E2A9C 12 Bytes [5A, 68, AA, EF, 94, 69, AA, ...] {POP EDX; PUSH 0x6994efaa; STOSB ; OUT DX, EAX; TEST AL, 0x59; STOSB ; OUT DX, EAX}
    .text ntoskrnl.exe!IoIsOperationSynchronous 804E875A 5 Bytes JMP EFA953C8 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
    .text ntoskrnl.exe!FsRtlCheckLockForReadAccess 80512919 5 Bytes JMP EFA94FEC \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
    ? spog.sys Le fichier spécifié est introuvable. !
    .text USBPORT.SYS!DllUnload F7E868AC 5 Bytes JMP 82BA9450
    init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xF7D67F80]

    ---- User code sections - GMER 1.0.15 ----

    ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
    ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
    .text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] USER32.dll!AlignRects + FFFA5598 7E392A78 4 Bytes [E0, 13, 48, 6C] {LOOPNZ 0x15; DEC EAX; INSB }
    ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
    ? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
    .text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] USER32.dll!AlignRects + FFFA5598 7E392A78 4 Bytes [E0, 13, 48, 6C] {LOOPNZ 0x15; DEC EAX; INSB }

    ---- Kernel IAT/EAT - GMER 1.0.15 ----

    IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 82FE0308
    IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F872BECE] spog.sys
    IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F872BF22] spog.sys
    IAT \WINDOWS\System32\Drivers\PCIIDEX.SYS[HAL.dll!WRITE_PORT_ULONG] [F86FE3E6] spog.sys
    IAT \WINDOWS\System32\Drivers\PCIIDEX.SYS[HAL.dll!READ_PORT_UCHAR] [F86FE90E] spog.sys
    IAT \WINDOWS\System32\Drivers\PCIIDEX.SYS[HAL.dll!WRITE_PORT_UCHAR] [F86FEF9C] spog.sys
    IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F86FE90E] spog.sys
    IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F86FE1D4] spog.sys
    IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F86FE116] spog.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F86FF178] spog.sys
    IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F86FEF9C] spog.sys
    IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 82BA9580
    IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F870F976] spog.sys
    IAT \SystemRoot\system32\DRIVERS\ipsec.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\tcpip.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [F8070D50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\netbt.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [F8070D50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\netbios.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\rdbss.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\mrxsmb.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\System32\Drivers\Fips.SYS[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\ipnat.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\wanarp.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\System32\Drivers\Cdfs.SYS[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\HIDCLASS.SYS[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\mouhid.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\drivers\wdmaud.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\drivers\sysaudio.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\mrxdav.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\System32\Drivers\ParVdm.SYS[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
    IAT \SystemRoot\System32\Drivers\HTTP.sys[ntoskrnl.exe!IoCreateDevice] [F8070C00] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT C:\WINDOWS\Explorer.EXE[180] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01902F20] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\Explorer.EXE[180] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01902C90] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\Explorer.EXE[180] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01902CF0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\WINDOWS\Explorer.EXE[180] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01902CC0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe[420] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [025C2F20] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe[420] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [025C2C90] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe[420] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [025C2CF0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe[420] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [025C2CC0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 011B0240
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 011B02B0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 011B0320
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 011B0390
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 013804E0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01380550
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 013805C0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 01380630
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 013806A0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 011B0940
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 011B09B0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 011B0A20
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 011B0A90
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 011B0B70
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 013808D0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 011B0CC0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 01380940
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013809B0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 01380A20
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 01380A90
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 01380B00
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 011B0E10
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 011B0E80
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 011B0EF0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 011B0F60
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7D200400
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 01380B70
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 01380BE0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01380C50
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7D200550
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 01380CC0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 7D2005C0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 7D200630
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7D2006A0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7D200710
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01380D30
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 01380DA0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 01380E10
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 01380E80
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7D200780
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7D2007F0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 01380EF0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 01380F60
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D2102B0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7D200860
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7D210320
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7D2104E0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7D2008D0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7D210550
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D2105C0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7D210630
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7D2106A0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7D200B00
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7D200B70
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D210710
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7D210780
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7D2107F0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7D200BE0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7D200C50
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7D210D30
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 011C0320
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7D210DA0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 7D210E10
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D210E80
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 011C0390
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013900F0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!FreeLibrary] 01390160
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] 013901D0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!CreateThread] 011C0470
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlAllocateHeap] 011C05C0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlFreeHeap] 011C0630
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 01390390
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 01390400
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01390470
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013904E0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 01390550
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 013905C0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 01390630
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 013906A0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 011C08D0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 011C0940
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 011C0A20
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 01390710
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 01390B70
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 01390BE0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 01390C50
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 011C0F60
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 011D0010
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01390CC0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 011D0080
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 011D0240
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 01390DA0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 011D02B0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 011D0320
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 011D04E0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01390E10
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 01390E80
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 01390EF0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 01390F60
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 011D0550
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 013A0010
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[632] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 011D05C0
    IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [02432F20] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [02432C90] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [02432CF0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[684] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [02432CC0] C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00EE0240
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 00EE02B0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 00EE0320
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00EE0390
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 011B04E0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011B0550
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 011B05C0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 011B0630
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 011B06A0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 00EE0940
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 00EE09B0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 00EE0A20
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 00EE0A90
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 00EE0B70
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 011B08D0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 00EE0CC0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 011B0940
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011B09B0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 011B0A20
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 011B0A90
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 011B0B00
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 00EE0E10
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 00EE0E80
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 00EE0EF0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 00EE0F60
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7D200400
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 011B0B70
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 011B0BE0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011B0C50
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7D200550
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 011B0CC0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 7D2005C0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 7D200630
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7D2006A0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7D200710
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011B0D30
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 011B0DA0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 011B0E10
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 011B0E80
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7D200780
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7D2007F0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 011B0EF0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 011B0F60
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D2102B0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7D200860
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7D210320
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7D2104E0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7D2008D0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7D210550
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D2105C0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7D210630
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7D2106A0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7D200B00
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7D200B70
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D210710
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7D210780
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7D2107F0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7D200BE0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7D200C50
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7D210D30
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 00EF0320
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7D210DA0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 7D210E10
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D210E80
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 00EF0390
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011C00F0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!FreeLibrary] 011C0160
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] 011C01D0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!CreateThread] 00EF0470
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlAllocateHeap] 00EF05C0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlFreeHeap] 00EF0630
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 011C0390
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 011C0400
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 011C0470
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011C04E0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 011C0550
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 011C05C0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 011C0630
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 011C06A0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00EF08D0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 00EF0940
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 00EF0A20
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 011C0710
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 011C0B70
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 011C0BE0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 011C0C50
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 00EF0F60
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 00F00010
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011C0CC0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00F00080
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 00F00240
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 011C0DA0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 00F002B0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 00F00320
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 00F004E0
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011C0E10
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 011C0E80
    IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2
    17 Décembre 2010 21:02:36

    re
    GMER n'est pas complet, fais attention à poster les prochains rapports en entier stp

    Désactive ton antivirus et tout autre type de protection.
    Télécharge ComboFix de sUBs : Combofix
    Sauvegarde-le sur ton bureau et pas ailleurs!

    Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
    clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

    viens sur le forum et édition "coller"

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer

    <@_@>


    18 Décembre 2010 23:48:41

    re avec gmer mon pc bloque je ne sais pas pourquoi et concernant le rapport combofix:

    ComboFix 10-12-18.01 - Propriétaire 18/12/2010 17:31:30.4.1 - x86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.510.261 [GMT -5:00]
    Lancé depuis: c:\documents and settings\Propriétaire\Bureau\ComboFix.exe
    AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    FW: Kaspersky Internet Security *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    * Un nouveau point de restauration a été créé
    .

    ((((((((((((((((((((((((((((( Fichiers créés du 2010-11-18 au 2010-12-18 ))))))))))))))))))))))))))))))))))))
    .

    2010-12-13 00:46 . 2010-12-13 00:46 -------- d-----w- C:\TDSSKiller_Quarantine
    2010-12-12 21:54 . 2010-12-12 21:54 -------- d-----w- c:\program files\Sophos
    2010-12-12 21:44 . 2010-12-17 02:13 -------- d-----w- c:\documents and settings\Propriétaire\Application Data\QuickScan
    2010-12-12 17:59 . 2010-10-06 01:26 109240 ----a-w- c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll
    2010-12-12 17:59 . 2010-10-06 01:27 150200 ----a-w- c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
    2010-12-12 17:59 . 2010-12-12 18:12 97859 ----a-w- c:\windows\system32\drivers\klick.dat
    2010-12-12 17:59 . 2010-12-12 18:12 114243 ----a-w- c:\windows\system32\drivers\klin.dat
    2010-12-12 17:57 . 2010-12-12 17:57 -------- d-----w- c:\program files\Kaspersky Lab
    2010-12-12 17:19 . 2010-12-12 17:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
    2010-12-12 02:23 . 2010-12-12 02:25 -------- d-----w- c:\windows\system32\NtmsData
    2010-12-12 01:23 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
    2010-12-12 01:21 . 2008-04-21 21:15 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
    2010-12-12 01:21 . 2009-08-13 15:20 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
    2010-12-12 01:19 . 2010-08-16 08:44 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
    2010-12-12 01:14 . 2009-08-07 00:23 274288 ----a-w- c:\windows\system32\mucltui.dll
    2010-12-12 01:14 . 2009-08-07 00:23 215920 ----a-w- c:\windows\system32\muweb.dll
    2010-12-12 00:25 . 2010-11-29 22:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-12-12 00:25 . 2010-11-29 22:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-12-12 00:25 . 2010-12-13 00:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-12-07 02:33 . 2010-12-07 02:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Friends Games
    2010-12-07 02:32 . 2010-12-07 02:32 -------- d-----w- c:\program files\Oberon Media
    2010-12-07 02:32 . 2010-12-12 02:02 -------- d-----w- c:\documents and settings\Propriétaire\Application Data\Oberon Media
    2010-12-07 02:31 . 2010-12-07 02:32 -------- d-----w- c:\program files\Fichiers communs\Oberon Media
    2010-12-06 21:35 . 2010-12-06 21:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Rumbic Studio
    2010-12-06 01:04 . 2010-12-06 01:04 -------- d-----w- c:\documents and settings\Propriétaire\Application Data\Malwarebytes
    2010-12-06 01:04 . 2010-12-06 01:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2010-12-03 20:51 . 2010-12-03 21:05 -------- d-----w- c:\program files\Easy Graphic Converter
    2010-12-03 20:40 . 2010-12-03 20:44 -------- d-----w- c:\documents and settings\Propriétaire\Application Data\OfficeRecovery

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-11-17 22:28 . 2010-11-17 22:28 8167 ----a-w- c:\documents and settings\All Users\Application Data\bdinstall.bin
    2010-11-09 01:43 . 2010-11-09 01:43 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
    2010-10-25 20:50 . 2010-11-17 22:28 257712 ----a-w- c:\windows\system32\drivers\Trufos.sys
    2010-10-06 01:27 . 2010-10-06 01:27 228024 ----a-w- c:\windows\system32\klogon.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
    2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]

    [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]

    [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-10 39408]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-04-01 94208]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-04-01 77824]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2006-04-01 114688]
    "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-04-01 1404928]
    "Athan"="c:\program files\Athan\Athan.exe" [2009-08-23 1138688]
    "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
    "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]
    "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2010-09-04 202256]
    "SysServProtect"="c:\program files\WebSur\serv.exe" [2003-08-11 36864]
    "AntiPornoWin"="c:\program files\Internet Explorer\AntiPornoWin\AntiPornoWin.exe" [2010-08-09 863347]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
    "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
    "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-03 365336]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "WUAppSetup"="c:\program files\Fichiers communs\logishrd\WUApp32.exe" [2009-04-30 460048]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\WINDOWS\\system32\\dpvsetup.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\Program Files\\WebSur\\serv.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29/07/2010 14:28 697328]
    R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [17/11/2010 17:28 12960]
    R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [09/06/2010 16:43 11352]
    R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [07/05/2010 11:06 32856]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02/11/2009 19:27 19472]
    S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [02/03/2010 18:28 135664]
    S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\57.tmp --> c:\windows\system32\57.tmp [?]
    .
    Contenu du dossier 'Tâches planifiées'

    2010-10-18 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

    2010-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 23:28]

    2010-12-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-03-02 23:28]

    2010-12-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1844237615-413027322-725345543-1003.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02]

    2010-12-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1844237615-413027322-725345543-1003.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02]
    .
    .
    ------- Examen supplémentaire -------
    .
    uSearchMigratedDefaultURL = hxxp://www.durable.com/result?cx=partner-pub-7902900401080901%...{searchTerms}
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Ajouter à l'Anti-bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
    FF - ProfilePath - c:\documents and settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\lzce7ygh.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.meteomedia.com/weather/caqc0363
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Anti-bannière: KavAntiBanner@Kaspersky.ru - c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
    FF - Ext: Analyse des liens (URL Advisor): linkfilter@kaspersky.ru - c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
    FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-12-18 17:39
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
    "ImagePath"="\??\c:\windows\system32\57.tmp"
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'explorer.exe'(2984)
    c:\windows\system32\msi.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    c:\windows\system32\eappprxy.dll
    .
    Heure de fin: 2010-12-18 17:43:42
    ComboFix-quarantined-files.txt 2010-12-18 22:43

    Avant-CF: 14 121 828 352 octets libres
    Après-CF: 14 120 132 608 octets libres

    - - End Of File - - DCF933BD32C332470E62B3313C92282C
    19 Décembre 2010 13:39:29

    re

  • Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Scanner.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\



    19 Décembre 2010 20:23:50

    re le rapport de ad:
    ======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 08/12/10 à 10:40
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 14:13:35 le 19/12/2010, Mode normal

    Microsoft Windows XP Édition familiale Service Pack 3 (X86)
    Propriétaire@DELL-7F2ED8A518 ( )

    ============== RECHERCHE ==============


    Dossier trouvé: C:\Documents and Settings\Propriétaire\Application Data\Mozilla\FireFox\Profiles\lzce7ygh.default\conduit
    Fichier trouvé: C:\Documents and Settings\Propriétaire\Application Data\Mozilla\FireFox\Profiles\lzce7ygh.default\searchplugins\conduit.xml
    Dossier trouvé: C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ConduitEngine
    Dossier trouvé: C:\Program Files\ConduitEngine

    Clé trouvée: HKLM\Software\Classes\CLSID\{0F77D632-AD78-4869-8F12-09943F0A65F2}
    Clé trouvée: HKLM\Software\Classes\CLSID\{1D62EB65-0EAF-4743-9D88-B63B9879670F}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D62EB65-0EAF-4743-9D88-B63B9879670F}
    Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT1098640
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT1552122
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT1700389
    Clé trouvée: HKLM\Software\Classes\Toolbar.CT2542115
    Clé trouvée: HKLM\Software\conduitEngine
    Clé trouvée: HKCU\Software\conduitEngine
    Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\GamesBar
    Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{111A6EDC-713C-4053-8804-8995957838EB}

    Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
    Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}


    ============== SCAN ADDITIONNEL ==============

    ** Mozilla Firefox Version [3.6 (fr)] **

    -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\FireFox\Profiles\lzce7ygh.default\Prefs.js --
    browser.download.lastDir, C:\\Documents and Settings\\Propriétaire\\Bureau
    browser.startup.homepage, hxxp://www.meteomedia.com/weather/caqc0363
    browser.startup.homepage_override.mstone, rv:1.9.2

    ========================================

    ** Internet Explorer Version [6.0.2900.5512] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://www.google.com/ie
    Search Page: hxxp://www.google.com
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Custom Search URL: 1
    Use Search Asst: no

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Start Page: hxxp://fr.msn.com/

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

    C:\Ad-Report-SCAN[1].txt - 19/12/2010 (3821 Octet(s))

    Fin à: 14:14:19, 19/12/2010

    ============== E.O.F ==============
    19 Décembre 2010 21:55:41

    re
    /!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\

  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
    (Sous Vista, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
  • Choisis la langue F pour français.
  • Au menu principal, choisis l'option Nettoyer.

    /!\ Laisse travailler l'outil /!\

  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
    /!\ Pense à réactiver ton antivirus /!\
    21 Décembre 2010 03:21:43

    re après le nettoyage:
    ======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 08/12/10 à 10:40
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 20:51:53 le 20/12/2010, Mode normal

    Microsoft Windows XP Édition familiale Service Pack 3 (X86)
    Propriétaire@DELL-7F2ED8A518 ( )

    ============== ACTION(S) ==============


    Dossier supprimé: C:\Documents and Settings\Propriétaire\Application Data\Mozilla\FireFox\Profiles\lzce7ygh.default\conduit
    Fichier supprimé: C:\Documents and Settings\Propriétaire\Application Data\Mozilla\FireFox\Profiles\lzce7ygh.default\searchplugins\conduit.xml
    Dossier supprimé: C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ConduitEngine
    Dossier supprimé: C:\Program Files\ConduitEngine

    (!) -- Fichiers temporaires supprimés.


    Clé supprimée: HKLM\Software\Classes\CLSID\{0F77D632-AD78-4869-8F12-09943F0A65F2}
    Clé supprimée: HKLM\Software\Classes\CLSID\{1D62EB65-0EAF-4743-9D88-B63B9879670F}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D62EB65-0EAF-4743-9D88-B63B9879670F}
    Clé supprimée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT1098640
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT1552122
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT1700389
    Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
    Clé supprimée: HKLM\Software\conduitEngine
    Clé supprimée: HKCU\Software\conduitEngine
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\GamesBar
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{111A6EDC-713C-4053-8804-8995957838EB}

    Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}


    ============== SCAN ADDITIONNEL ==============

    ** Mozilla Firefox Version [3.6 (fr)] **

    -- C:\Documents and Settings\Propriétaire\Application Data\Mozilla\FireFox\Profiles\lzce7ygh.default\Prefs.js --
    browser.download.lastDir, C:\\Program Files\\Athan\\Athan
    browser.startup.homepage, hxxp://www.meteomedia.com/weather/caqc0363
    browser.startup.homepage_override.mstone, rv:1.9.2

    ========================================

    ** Internet Explorer Version [6.0.2900.5512] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/
    Use Custom Search URL: 1
    Use Search Asst: no

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 29 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 20/12/2010 (3989 Octet(s))
    C:\Ad-Report-SCAN[1].txt - 19/12/2010 (3950 Octet(s))

    Fin à: 20:53:04, 20/12/2010

    ============== E.O.F ==============
    21 Décembre 2010 10:16:23

    Désinstalle combofix en suivant cette procédure:

  • Menu démarrer puis exécuter
  • Tape maintenant Combofix /u dans la fenêtre que apparaît puis valide par OK. Veille à bien laisser un espace entre le X et le /U, car cela est nécessaire ici.





    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    Lire aussi:
  • Antispyware gratuit : ça sert à rien!


    ~Edite ton premier message et marque [résolu] dans le titre.
    Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

    :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS