Problème avec Gomeo (Résolu)

[Ben13ben]

Mea culpa, le rapport TDSSKiller : Cijoint.fr - Service gratuit de dépôt de fichiers

 

J'avais pas vu les ... de job AT et sur le winlogon ... ça craint ...

 

Je vois que tu me fais corriger des trucs concernant le firewall.

J'ai Symantec firewall et antivirus, et je dois continuer à les utiliser.

Si cela touche à leur activité, ce ne doit être que temporaire.

 

Après vérif, atmgrtok.dll est sans doute un truc installé en standard sur mon pc ...

Modifié le 25 février 2011 par Ben13ben

[Apollo]

Ok, si tu avais désactivé le firewall de Windows, passe cette ligne dans ZHPFix.

Mais la restauration du système devrait être réactivée car sans ça, pas de récup possible en cas de problème.

 

Je poste le log tdsskiller car quand les rapports ne font pas 2 km, je ne demande pas de les héberger; c'est pour les membres qui suivent et qui cherchent une soluce

 

2011/02/25 13:53:25.0109 1700 TDSS rootkit removing tool 2.4.18.0 Feb 21 2011 11:08:08

2011/02/25 13:53:27.0125 1700 ================================================================================

2011/02/25 13:53:27.0125 1700 SystemInfo:

2011/02/25 13:53:27.0125 1700

2011/02/25 13:53:27.0125 1700 OS Version: 5.1.2600 ServicePack: 3.0

2011/02/25 13:53:27.0125 1700 Product type: Workstation

2011/02/25 13:53:27.0125 1700 ComputerName: BOLIVE8

2011/02/25 13:53:27.0125 1700 UserName: B_Olive_8

2011/02/25 13:53:27.0125 1700 Windows directory: C:\WINDOWS

2011/02/25 13:53:27.0125 1700 System windows directory: C:\WINDOWS

2011/02/25 13:53:27.0125 1700 Processor architecture: Intel x86

2011/02/25 13:53:27.0125 1700 Number of processors: 1

2011/02/25 13:53:27.0125 1700 Page size: 0x1000

2011/02/25 13:53:27.0125 1700 Boot type: Normal boot

2011/02/25 13:53:27.0125 1700 ================================================================================

2011/02/25 13:53:27.0875 1700 Initialize success

2011/02/25 13:53:32.0093 1112 ================================================================================

2011/02/25 13:53:32.0093 1112 Scan started

2011/02/25 13:53:32.0093 1112 Mode: Manual;

2011/02/25 13:53:32.0093 1112 ================================================================================

2011/02/25 13:53:33.0750 1112 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

2011/02/25 13:53:33.0796 1112 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/02/25 13:53:33.0828 1112 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

2011/02/25 13:53:33.0890 1112 ADIHdAudAddService (66614b9fdc7e74ab736a84d89f7b06b6) C:\WINDOWS\system32\drivers\ADIHdAud.sys

2011/02/25 13:53:33.0953 1112 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

2011/02/25 13:53:34.0062 1112 AEAudioService (c984de22ed71414abc42c1e03d412e33) C:\WINDOWS\system32\drivers\AEAudio.sys

2011/02/25 13:53:34.0125 1112 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2011/02/25 13:53:34.0187 1112 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

2011/02/25 13:53:34.0250 1112 agnfilt (4c1cce14c407079393e71f8848062629) C:\WINDOWS\system32\DRIVERS\agnfilt.sys

2011/02/25 13:53:34.0343 1112 agnwifi (685443afa5d1a94c5f47e4846b0e4c3d) C:\WINDOWS\system32\DRIVERS\agnwifi.sys

2011/02/25 13:53:34.0406 1112 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

2011/02/25 13:53:34.0437 1112 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

2011/02/25 13:53:34.0468 1112 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

2011/02/25 13:53:34.0500 1112 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

2011/02/25 13:53:34.0531 1112 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

2011/02/25 13:53:34.0578 1112 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

2011/02/25 13:53:34.0609 1112 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

2011/02/25 13:53:34.0640 1112 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

2011/02/25 13:53:34.0671 1112 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

2011/02/25 13:53:34.0718 1112 Anydlc (afb61970ec98029c2f29ce6d38fb6778) C:\WINDOWS\System32\drivers\anydlc.sys

2011/02/25 13:53:34.0796 1112 Appn (0a8c797d0ad229a777e9184d428255d8) C:\WINDOWS\System32\drivers\appn.sys

2011/02/25 13:53:34.0921 1112 AppnApi (198afc68fd36e337d0366fa87dc64e94) C:\WINDOWS\System32\drivers\appnapi.sys

2011/02/25 13:53:34.0968 1112 AppnBase (86b574c8954dee31555627fcc2c7e5bd) C:\WINDOWS\System32\drivers\AppnBase.sys

2011/02/25 13:53:35.0062 1112 AR5416 (00e031fe2d849be503fc4a47271f1ea5) C:\WINDOWS\system32\DRIVERS\athw.sys

2011/02/25 13:53:35.0187 1112 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

2011/02/25 13:53:35.0234 1112 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

2011/02/25 13:53:35.0265 1112 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

2011/02/25 13:53:35.0343 1112 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/02/25 13:53:35.0375 1112 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/02/25 13:53:35.0437 1112 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/02/25 13:53:35.0484 1112 atmeltpm (dbf0d7e2df33b469eb55406fea759350) C:\WINDOWS\system32\DRIVERS\atmeltpm.sys

2011/02/25 13:53:35.0593 1112 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/02/25 13:53:35.0640 1112 avpnnic (255284c2475588f79edea559d8d110f7) C:\WINDOWS\system32\DRIVERS\avpnnic.sys

2011/02/25 13:53:35.0703 1112 b57w2k (8a8fd355547b50bd5be0bc473c0af148) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

2011/02/25 13:53:35.0750 1112 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/02/25 13:53:35.0812 1112 btaudio (4b43dfe1c1fbb305a1dc5504ef9bb34e) C:\WINDOWS\system32\drivers\btaudio.sys

2011/02/25 13:53:35.0937 1112 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys

2011/02/25 13:53:36.0015 1112 BTKRNL (cf47c53d294abcb5159b02b68b37ba89) C:\WINDOWS\system32\DRIVERS\btkrnl.sys

2011/02/25 13:53:36.0140 1112 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys

2011/02/25 13:53:36.0171 1112 btwhid (949eca9c56f657c06d3166d51f3226c7) C:\WINDOWS\system32\DRIVERS\btwhid.sys

2011/02/25 13:53:36.0234 1112 BTWUSB (6b622612fe21b59faee2ca4385959778) C:\WINDOWS\system32\Drivers\btwusb.sys

2011/02/25 13:53:36.0296 1112 CA561 (50ded7c73e0fb40693edab8cad7c46e7) C:\WINDOWS\system32\Drivers\SPCA561.SYS

2011/02/25 13:53:36.0406 1112 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

2011/02/25 13:53:36.0437 1112 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/02/25 13:53:36.0484 1112 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

2011/02/25 13:53:36.0531 1112 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

2011/02/25 13:53:36.0578 1112 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/02/25 13:53:36.0625 1112 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/02/25 13:53:36.0671 1112 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/02/25 13:53:36.0750 1112 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

2011/02/25 13:53:36.0859 1112 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

2011/02/25 13:53:36.0890 1112 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

2011/02/25 13:53:36.0921 1112 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

2011/02/25 13:53:36.0984 1112 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

2011/02/25 13:53:37.0015 1112 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

2011/02/25 13:53:37.0062 1112 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/02/25 13:53:37.0140 1112 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

2011/02/25 13:53:37.0203 1112 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

2011/02/25 13:53:37.0312 1112 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/02/25 13:53:37.0359 1112 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2011/02/25 13:53:37.0406 1112 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

2011/02/25 13:53:37.0453 1112 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/02/25 13:53:37.0515 1112 e1express (6f7ccd3c02b26d530900f06d98171a69) C:\WINDOWS\system32\DRIVERS\e1e5132.sys

2011/02/25 13:53:37.0625 1112 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

2011/02/25 13:53:37.0765 1112 EGATHDRV (2d0fc676d159525f6cd74c3302c7a61c) C:\WINDOWS\SYSTEM32\EGATHDRV.SYS

2011/02/25 13:53:37.0828 1112 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

2011/02/25 13:53:37.0921 1112 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/02/25 13:53:37.0968 1112 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

2011/02/25 13:53:38.0078 1112 FilterService (20fe03294ac1429ae88a64c2f754b0d4) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys

2011/02/25 13:53:38.0109 1112 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

2011/02/25 13:53:38.0171 1112 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2011/02/25 13:53:38.0203 1112 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

2011/02/25 13:53:38.0265 1112 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/02/25 13:53:38.0375 1112 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/02/25 13:53:38.0437 1112 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/02/25 13:53:38.0484 1112 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

2011/02/25 13:53:38.0546 1112 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/02/25 13:53:38.0625 1112 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

2011/02/25 13:53:38.0750 1112 HSF_DPV (b1fc0b027df4374f9e5b796cfdf797b3) C:\WINDOWS\system32\DRIVERS\hsx_dpv.sys

2011/02/25 13:53:38.0812 1112 HSXHWAZL (3af45f5b4157c88ffae24d89ba408302) C:\WINDOWS\system32\DRIVERS\hsxhwazl.sys

2011/02/25 13:53:38.0859 1112 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/02/25 13:53:38.0968 1112 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

2011/02/25 13:53:39.0015 1112 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

2011/02/25 13:53:39.0062 1112 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/02/25 13:53:39.0281 1112 ialm (06b71441957b48a4866de2fe27cb79c8) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

2011/02/25 13:53:39.0437 1112 iastor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\WINDOWS\system32\Drivers\iaStor.sys

2011/02/25 13:53:39.0484 1112 IBMPMDRV (fa1be28bffaa8c41acdf6c8d3b07960d) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys

2011/02/25 13:53:39.0531 1112 IBM_LLC2 (acf73c770bbded08a59f63523e0109f9) C:\WINDOWS\system32\DRIVERS\llc2.sys

2011/02/25 13:53:39.0609 1112 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/02/25 13:53:39.0656 1112 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

2011/02/25 13:53:39.0890 1112 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

2011/02/25 13:53:40.0031 1112 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2011/02/25 13:53:40.0187 1112 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

2011/02/25 13:53:40.0296 1112 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/02/25 13:53:40.0390 1112 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/02/25 13:53:40.0437 1112 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/02/25 13:53:40.0468 1112 IPSec (bd79926fd2582cacc7835181d67a462d) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/02/25 13:53:40.0468 1112 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ipsec.sys. Real md5: bd79926fd2582cacc7835181d67a462d, Fake md5: 23c74d75e36e7158768dd63d92789a91

2011/02/25 13:53:40.0484 1112 IPSec - detected Rootkit.Win32.TDSS.tdl3 (0)

2011/02/25 13:53:40.0531 1112 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys

2011/02/25 13:53:40.0578 1112 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/02/25 13:53:40.0640 1112 IsamFilter (a5425e15045272e22ce5f61c99fa15a8) C:\WINDOWS\system32\DRIVERS\isamfilter.sys

2011/02/25 13:53:40.0750 1112 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/02/25 13:53:40.0937 1112 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/02/25 13:53:40.0984 1112 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

2011/02/25 13:53:41.0109 1112 KLOGNT (2bc67f2d13d95a5dfe002eb0853f84e1) C:\WINDOWS\System32\drivers\klognt.sys

2011/02/25 13:53:41.0156 1112 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2011/02/25 13:53:41.0203 1112 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/02/25 13:53:41.0343 1112 lvpopflt (af280405c10f0d20f37670b7432e5c2f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys

2011/02/25 13:53:41.0468 1112 LVRS (e52f5a2cadcf08d07f559962f807a0a2) C:\WINDOWS\system32\DRIVERS\lvrs.sys

2011/02/25 13:53:41.0718 1112 LVUVC (c3d02260beb2b48dea1efdfca91e4b69) C:\WINDOWS\system32\DRIVERS\lvuvc.sys

2011/02/25 13:53:41.0875 1112 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

2011/02/25 13:53:41.0921 1112 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/02/25 13:53:41.0984 1112 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

2011/02/25 13:53:42.0046 1112 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/02/25 13:53:42.0156 1112 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/02/25 13:53:42.0203 1112 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/02/25 13:53:42.0234 1112 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

2011/02/25 13:53:42.0265 1112 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/02/25 13:53:42.0328 1112 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/02/25 13:53:42.0453 1112 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2011/02/25 13:53:42.0500 1112 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/02/25 13:53:42.0531 1112 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/02/25 13:53:42.0578 1112 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/02/25 13:53:42.0625 1112 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/02/25 13:53:42.0703 1112 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

2011/02/25 13:53:42.0812 1112 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

2011/02/25 13:53:42.0875 1112 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

2011/02/25 13:53:43.0015 1112 NAVENG (c8ef74e4d8105b1d02d58ea4734cf616) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110224.003\naveng.sys

2011/02/25 13:53:43.0109 1112 NAVEX15 (94b3164055d821a62944d9fe84036470) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110224.003\navex15.sys

2011/02/25 13:53:43.0234 1112 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2011/02/25 13:53:43.0296 1112 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

2011/02/25 13:53:43.0328 1112 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/02/25 13:53:43.0375 1112 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/02/25 13:53:43.0421 1112 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/02/25 13:53:43.0437 1112 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/02/25 13:53:43.0562 1112 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/02/25 13:53:43.0593 1112 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/02/25 13:53:43.0687 1112 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2011/02/25 13:53:43.0734 1112 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys

2011/02/25 13:53:43.0781 1112 NsTrcNT (142c5492928b5954cd287034a90bb35f) C:\WINDOWS\System32\drivers\nstrcnt.sys

2011/02/25 13:53:43.0828 1112 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/02/25 13:53:43.0937 1112 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/02/25 13:53:43.0984 1112 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/02/25 13:53:44.0031 1112 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/02/25 13:53:44.0109 1112 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

2011/02/25 13:53:44.0140 1112 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/02/25 13:53:44.0187 1112 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/02/25 13:53:44.0281 1112 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/02/25 13:53:44.0343 1112 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/02/25 13:53:44.0375 1112 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

2011/02/25 13:53:44.0484 1112 pdlnacom (fa9ce27ddd5e7eb366a349ca5ed3caf7) C:\WINDOWS\System32\drivers\pdlnacom.sys

2011/02/25 13:53:44.0515 1112 pdlnafac (33ab029e6ea1ea816e15c4f0d2cf58a6) C:\WINDOWS\System32\drivers\pdlnafac.sys

2011/02/25 13:53:44.0562 1112 pdlnatcm (b4ae10a7d535d1b22a6d9d472391fb16) C:\WINDOWS\System32\drivers\pdlnatcm.sys

2011/02/25 13:53:44.0593 1112 pdlnatdl (26b91237fcb02f7daa1c963294560f13) C:\WINDOWS\System32\drivers\pdlnatdl.sys

2011/02/25 13:53:44.0640 1112 pdlncbas (6371a9d8b0e0da653835c3ce88fb7f92) C:\WINDOWS\System32\drivers\pdlncbas.sys

2011/02/25 13:53:44.0812 1112 pdlncfwk (a9f40643bcc39fc1586abc0d45fe5400) C:\WINDOWS\System32\drivers\pdlncfwk.sys

2011/02/25 13:53:44.0843 1112 pdlnctdl (56cb971c76e2f5e33ad07a7ff7a0eec4) C:\WINDOWS\System32\drivers\pdlnctdl.sys

2011/02/25 13:53:44.0890 1112 pdlndint (5e61e8e8dcb62d97cf8ea1467f661deb) C:\WINDOWS\System32\drivers\pdlndint.sys

2011/02/25 13:53:44.0921 1112 pdlndldl (c44cf875fa6c8f1a60b1a95e3ef57375) C:\WINDOWS\System32\drivers\pdlndldl.sys

2011/02/25 13:53:44.0937 1112 pdlndldl6 (a0f340dad02b606e2fd7c3341db5b4f2) C:\WINDOWS\System32\drivers\pdlndldl6.sys

2011/02/25 13:53:44.0984 1112 pdlndlpb (5bde95be15200a2bc13588a23e577f73) C:\WINDOWS\System32\drivers\pdlndlpb.sys

2011/02/25 13:53:45.0015 1112 pdlndoem (a973e24ce12da35d545f371dc78f92a0) C:\WINDOWS\System32\drivers\pdlndoem.sys

2011/02/25 13:53:45.0046 1112 pdlndqll (e089d7d2e7ff624a1599d7ef612bbfee) C:\WINDOWS\System32\drivers\pdlndqll.sys

2011/02/25 13:53:45.0093 1112 pdlndsdl (878056d16beb53246da3b15ebcbad822) C:\WINDOWS\System32\drivers\pdlndsdl.sys

2011/02/25 13:53:45.0125 1112 pdlndtdl (7ebfc7dd4c92bab6e1536f0d292258d6) C:\WINDOWS\System32\drivers\pdlndtdl.sys

2011/02/25 13:53:45.0156 1112 pdlnebas (c9c7e60084d498984f14dcf083cf08fb) C:\WINDOWS\System32\drivers\pdlnebas.sys

2011/02/25 13:53:45.0265 1112 pdlnecfg (9da04fff09187195c55eb653971241b8) C:\WINDOWS\System32\drivers\pdlnecfg.sys

2011/02/25 13:53:45.0296 1112 pdlnemap (91bb6e01ae92cd0d3c201ab6aead3262) C:\WINDOWS\System32\drivers\pdlnemap.sys

2011/02/25 13:53:45.0328 1112 pdlnemsg (6d856c0688aa5a328e6672e356809419) C:\WINDOWS\System32\drivers\pdlnemsg.sys

2011/02/25 13:53:45.0359 1112 pdlnepkt (175d655ccef74ff731834ea60f940003) C:\WINDOWS\System32\drivers\pdlnepkt.sys

2011/02/25 13:53:45.0390 1112 pdlnshay (4b41e7ba119d1be7ad7ceb5c422f270d) C:\WINDOWS\System32\drivers\pdlnshay.sys

2011/02/25 13:53:45.0421 1112 pdlnslea (78b6d9e742e13b2a742580f2e39a11b2) C:\WINDOWS\System32\drivers\pdlnslea.sys

2011/02/25 13:53:45.0453 1112 pdlnsv25 (f5c526e39116d568bdacebaa21d60bb9) C:\WINDOWS\System32\drivers\pdlnsv25.sys

2011/02/25 13:53:45.0484 1112 pdlnsx25 (a22c37557c422c3408019b10ecac33e8) C:\WINDOWS\System32\drivers\pdlnsx25.sys

2011/02/25 13:53:45.0609 1112 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

2011/02/25 13:53:45.0703 1112 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

2011/02/25 13:53:45.0796 1112 PMEM (2b85237f904c5bdf7ad386f0ede19bd3) C:\WINDOWS\system32\drivers\PMEMNT.SYS

2011/02/25 13:53:45.0859 1112 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/02/25 13:53:45.0906 1112 psadd (651d3abc1d82d61b6cfb40cb947b3db3) C:\WINDOWS\system32\DRIVERS\psadd.sys

2011/02/25 13:53:46.0015 1112 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/02/25 13:53:46.0046 1112 PxHelp20 (81088114178112618b1c414a65e50f7c) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2011/02/25 13:53:46.0078 1112 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

2011/02/25 13:53:46.0109 1112 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

2011/02/25 13:53:46.0156 1112 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

2011/02/25 13:53:46.0171 1112 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

2011/02/25 13:53:46.0203 1112 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

2011/02/25 13:53:46.0250 1112 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/02/25 13:53:46.0312 1112 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

2011/02/25 13:53:46.0359 1112 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/02/25 13:53:46.0468 1112 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/02/25 13:53:46.0515 1112 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/02/25 13:53:46.0562 1112 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/02/25 13:53:46.0609 1112 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/02/25 13:53:46.0671 1112 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/02/25 13:53:46.0750 1112 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/02/25 13:53:46.0843 1112 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/02/25 13:53:46.0906 1112 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys

2011/02/25 13:53:47.0046 1112 SAVRT (12b6e269ef8ac8ea36122544c8a1b6d8) C:\Program Files\Symantec Client Security\Symantec AntiVirus\savrt.sys

2011/02/25 13:53:47.0093 1112 SAVRTPEL (97e5b6f3f95465e1f59360b59d8ec64e) C:\Program Files\Symantec Client Security\Symantec AntiVirus\Savrtpel.sys

2011/02/25 13:53:47.0187 1112 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/02/25 13:53:47.0281 1112 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

2011/02/25 13:53:47.0328 1112 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

2011/02/25 13:53:47.0406 1112 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

2011/02/25 13:53:47.0468 1112 Shockprf (1310c5e81966e86b2ced7ae8ce3d74f1) C:\WINDOWS\system32\DRIVERS\Apsx86.sys

2011/02/25 13:53:47.0578 1112 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

2011/02/25 13:53:47.0640 1112 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

2011/02/25 13:53:47.0718 1112 Smapint (26341d0dd225d19fd50e0ee3c3c77502) C:\WINDOWS\system32\drivers\Smapint.sys

2011/02/25 13:53:47.0828 1112 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

2011/02/25 13:53:47.0953 1112 SPBBCDrv (677b10906838d3bfb1c07ac9087e4bf7) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

2011/02/25 13:53:48.0078 1112 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2011/02/25 13:53:48.0171 1112 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys

2011/02/25 13:53:48.0171 1112 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505

2011/02/25 13:53:48.0187 1112 sptd - detected Locked file (1)

2011/02/25 13:53:48.0296 1112 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/02/25 13:53:48.0343 1112 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/02/25 13:53:48.0421 1112 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

2011/02/25 13:53:48.0484 1112 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/02/25 13:53:48.0531 1112 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2011/02/25 13:53:48.0671 1112 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

2011/02/25 13:53:48.0703 1112 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

2011/02/25 13:53:48.0750 1112 SYMDNS (99f158d37b42fca00b3f5ab5b3efebb7) C:\WINDOWS\System32\Drivers\SYMDNS.SYS

2011/02/25 13:53:48.0828 1112 SymEvent (de6d1102d55926354171ae4e73936725) C:\Program Files\Symantec\SYMEVENT.SYS

2011/02/25 13:53:48.0875 1112 SYMFW (29ae12db354a89382a43a8fcb6ab0ab5) C:\WINDOWS\System32\Drivers\SYMFW.SYS

2011/02/25 13:53:48.0906 1112 SYMIDS (728d1dff8573b5dd18da536fa733eb11) C:\WINDOWS\System32\Drivers\SYMIDS.SYS

2011/02/25 13:53:49.0015 1112 SYMIDSCO (2133d1f879b280121b0e6a7d34b24a02) C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\SCFIDS~1\20110215.001\symidsco.sys

2011/02/25 13:53:49.0140 1112 SYMNDIS (b1f616c31575da1535c2a7823c112182) C:\WINDOWS\System32\Drivers\SYMNDIS.SYS

2011/02/25 13:53:49.0171 1112 SYMREDRV (6c0a85982f4e0d672b85a2bfb50a24b5) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS

2011/02/25 13:53:49.0234 1112 SYMTDI (cdda3ba3f7d5b63ff9f85cb478c11473) C:\WINDOWS\System32\Drivers\SYMTDI.SYS

2011/02/25 13:53:49.0281 1112 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

2011/02/25 13:53:49.0312 1112 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

2011/02/25 13:53:49.0359 1112 SynTP (58f3288f83a3e8169eeb6a10787c7f2e) C:\WINDOWS\system32\DRIVERS\SynTP.sys

2011/02/25 13:53:49.0484 1112 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/02/25 13:53:49.0562 1112 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/02/25 13:53:49.0625 1112 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/02/25 13:53:49.0687 1112 TDSMAPI (564b337034271b7bddcabfddc91c6b7a) C:\WINDOWS\system32\drivers\TDSMAPI.SYS

2011/02/25 13:53:49.0796 1112 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/02/25 13:53:49.0843 1112 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/02/25 13:53:49.0937 1112 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

2011/02/25 13:53:50.0000 1112 TPDIGIMN (d7a29e343632e2fc5f7ebfc886f12675) C:\WINDOWS\system32\DRIVERS\ApsHM86.sys

2011/02/25 13:53:50.0078 1112 TPHKDRV (8aef2188630f5ecd79ad9abba630630b) C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys

2011/02/25 13:53:50.0125 1112 TPPWRIF (44672de6cea9569c21c4b7a8d2560750) C:\WINDOWS\system32\drivers\Tppwrif.sys

2011/02/25 13:53:50.0187 1112 TSMAPIP (f10f36e20448a5500a5f83f67ee4aad4) C:\WINDOWS\system32\drivers\TSMAPIP.SYS

2011/02/25 13:53:50.0234 1112 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2011/02/25 13:53:50.0296 1112 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

2011/02/25 13:53:50.0406 1112 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2011/02/25 13:53:50.0484 1112 upperdev (15629e4d65f97ab5432d6d9597cf6a33) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

2011/02/25 13:53:50.0578 1112 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

2011/02/25 13:53:50.0625 1112 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2011/02/25 13:53:50.0828 1112 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/02/25 13:53:50.0859 1112 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/02/25 13:53:50.0921 1112 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

2011/02/25 13:53:50.0984 1112 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2011/02/25 13:53:51.0031 1112 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/02/25 13:53:51.0156 1112 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2011/02/25 13:53:51.0203 1112 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

2011/02/25 13:53:51.0234 1112 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2011/02/25 13:53:51.0296 1112 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

2011/02/25 13:53:51.0343 1112 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

2011/02/25 13:53:51.0375 1112 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/02/25 13:53:51.0437 1112 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/02/25 13:53:51.0562 1112 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys

2011/02/25 13:53:51.0640 1112 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys

2011/02/25 13:53:51.0734 1112 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/02/25 13:53:51.0843 1112 winachsf (11ec1afceb5c917ce73d3c301ff4291e) C:\WINDOWS\system32\DRIVERS\hsx_cnxt.sys

2011/02/25 13:53:51.0984 1112 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

2011/02/25 13:53:52.0093 1112 ================================================================================

2011/02/25 13:53:52.0093 1112 Scan finished

2011/02/25 13:53:52.0093 1112 ================================================================================

2011/02/25 13:53:52.0109 1696 Detected object count: 2

2011/02/25 14:03:54.0765 1696 IPSec (bd79926fd2582cacc7835181d67a462d) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/02/25 14:03:54.0781 1696 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ipsec.sys. Real md5: bd79926fd2582cacc7835181d67a462d, Fake md5: 23c74d75e36e7158768dd63d92789a91

2011/02/25 14:03:57.0984 1696 Backup copy found, using it..

2011/02/25 14:03:58.0171 1696 C:\WINDOWS\system32\DRIVERS\ipsec.sys - will be cured after reboot

2011/02/25 14:03:58.0171 1696 Rootkit.Win32.TDSS.tdl3(IPSec) - User select action: Cure

2011/02/25 14:03:58.0187 1696 Locked file(sptd) - User select action: Skip

2011/02/25 14:04:14.0125 4060 Deinitialize success

[Ben13ben]

Ok, je commence par réactiver la restauration système avant de faire les modifs.

Il suffit de la mettre "on" ou faut-il prévoir un reboot entre temps pour avoir un point de restauration ?

 

Pour info, j'ai vérifier l'histoire du Task Scheduler. Je pense que c'est un job livré avec le PC pour passage de ipmcmu, mais j'avais déactivé le Task Scheduler.

 

C'est juste quelques vérif avant de virer les lignes car j'ai besoin que certaines appli continu de fonctionner

Modifié le 25 février 2011 par Ben13ben

[Apollo]

Fais juste ceci:

 

Activation de la Restauration du système

Pour activer la Restauration du système, procédez comme suit : 1. Cliquez sur Démarrer, cliquez avec le bouton droit sur Poste de travail, puis cliquez sur Propriétés.

2. Cliquez sur l'onglet Restauration du système.

3. Désactivez la case à cocher Désactiver la Restauration du système (ou la case à cocher Désactiver la Restauration du système sur tous les lecteurs), puis cliquez sur OK.

 

Si tu as un doute sur Winlogon.exe, fais-le analyser sur virus total et donne le résultat. VirusTotal - Free Online Virus, Malware and URL Scanner

 

Dans le cas d'une infection, on passerait ComboFix avec installation de la console de récupération mais je doute de l'infection de ce fichier.

 

@++

[Ben13ben]

atmgrtok.dll et winlogin.exe sont clean.

Je passe ZHPFix sur le reste.

P2 - FPN: [HKLM] [@funwebproducts.com/Plugin] - (.Unknown owner - No comment.) -- C:\Program Files\FunWebProducts\Installr\2.bin\NPFunWeb.dll (.not file.)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\At1.job

O44 - LFC:[MD5.CEE05C5F59E87D0009BA6FF27E116D19] - 25/02/2011 - 03:21:02 ---A- . (...) -- C:\Log.txt [127436]

O4 - HKLM\..\Run: [ipmcmu] Orphean Key

O4 - HKLM\..\Run: [KernelFaultCheck] Orphean Key

O4 - HKCU\..\Run: [sODCPreLoad] Orphean Key

O4 - HKUS\S-1-5-21-1131716707-3716352279-2570479292-500\..\Run: [sODCPreLoad] Orphean Key

O23 - Service: (ISAMsmt) - Orphean Key

O23 - Service: (TPHDEXLGSVC) - Orphean Key

 

 

Rapport de ZHPFix 1.12.3256 par Nicolas Coolman, Update du 23/02/2011

Fichier d'export Registre : C:\ZHPExportRegistry-25-02-2011-14-49-54.txt

Run by B_Olive_8 at 25/02/2011 14:49:54

Windows XP Professional Service Pack 3 (Build 2600)

Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

Contact : nicolascoolman@yahoo.fr

 

========== Registry Key ==========

P2 - FPN: [HKLM] [@funwebproducts.com/Plugin] - (.Unknown owner - No comment.) -- C:\Program Files\FunWebProducts\Installr\2.bin\NPFunWeb.dll (.not file.) => Registry Key removed successfully

O23 - Service: (ISAMsmt) - Orphean Key => Registry Key removed successfully

O23 - Service: (TPHDEXLGSVC) - Orphean Key => Registry Key removed successfully

 

========== Registry Value ==========

O4 - HKLM\..\Run: [ipmcmu] Orphean Key => Registry key value removed successfully

O4 - HKLM\..\Run: [KernelFaultCheck] Orphean Key => Registry key value removed successfully

O4 - HKCU\..\Run: [sODCPreLoad] Orphean Key => Registry key value removed successfully

O4 - HKUS\S-1-5-21-1131716707-3716352279-2570479292-500\..\Run: [sODCPreLoad] Orphean Key => Registry key value not found

 

========== File ==========

c:\program files\funwebproducts\installr\2.bin\npfunweb.dll => Quarantined and Deleted successfully

c:\windows\tasks\at1.job => Quarantined and Deleted successfully

c:\log.txt => Quarantined and Deleted successfully

 

 

========== Summary ==========

3 : Registry Key

4 : Registry Value

3 : File

 

 

End of the scan

 

 

 

Pour info, le service TPHDEXLGSVC était démarré et a été arrêté par le fix.

Modifié le 25 février 2011 par Ben13ben

[Apollo]

Je voudrais vérifier une chose.

 

1) Télécharge Ad-Remover de C-XX et Enregistre-le sur le bureau.

 

Ad-Remover : Telechargement

 

Ferme toutes les applications ouvertes pour l'installer.

 

Sous XP: Double-clique, (Clic droit/exécuter comme administrateur pour Vista/7) sur l'icône placée sur le bureau.

 

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

 

Clique sur Scanner.

 

 

Le rapport se trouve aussi sous C:\Ad-Report.

Copie/colle-le dans ta réponse stp.

 

-----------------------------------------------------------------------------------------------

 

2) Double-clique pour XP, (Clic droit/exécuter comme administrateur pour Vista/7) sur l'icône Ad-R placée sur le bureau.

 

Si le firewall se manifeste, accorde les autorisations à l'outil pour qu'il puisse travailler.

 

Clique sur Nettoyer.

 

Le bureau va disparaitre, c'est normal!

 

Le rapport se trouve aussi sous C:\Ad-Report Clean.

Copie/colle-le dans ta réponse stp.

 

La page d'accueil sera peut-être changée; il suffit de remettre sa page habituelle via les options internet.

 

@++

[Ben13ben]

======= REPORT FROM AD-REMOVER 2.0.0.2,E | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 21/02/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF

 

C:\Program Files\Ad-Remover\main.exe (SCAN [2]) -> Launched at 15:13:02 on 25/02/2011, Normal boot

 

Microsoft Windows XP Professional Service Pack 3 (X86)

B_Olive_8@BOLIVE8 ( )

 

============== SEARCH ==============

 

 

Folder found: C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default\conduit

 

Key found: HKLM\Software\Classes\CLSID\{601ac3dc-786a-4eb0-bf40-ee3521e70bfb}

Key found: HKLM\Software\Classes\CLSID\{72b3882f-453a-4633-aac9-8c3dced62aff}

Key found: HKLM\Software\Classes\CLSID\{CE7C3CF0-4B15-11D1-ABED-709549C10000}

Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CE7C3CF0-4B15-11D1-ABED-709549C10000}

Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE7C3CF0-4B15-11D1-ABED-709549C10000}

Key found: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

Key found: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}

Key found: HKLM\Software\Classes\Interface\{CE7C3CEF-4B15-11D1-ABED-709549C10000}

Key found: HKLM\Software\Classes\IEHlprObj.IEHlprObj

Key found: HKLM\Software\Classes\IEHlprObj.IEHlprObj.1

Key found: HKLM\Software\Classes\Toolbar.CT1460988

Key found: HKLM\Software\Conduit

Key found: HKCU\Software\Conduit

 

 

============== ADDITIONNAL SCAN ==============

 

**** Mozilla Firefox Version [3.6.11 (en-US)] ****

 

HKLM_MozillaPlugins\@ibm.com/Java142 (x)

HKLM_MozillaPlugins\@ibm.com/Java50 (x)

HKLM_MozillaPlugins\@IBM.com/Java60 (x)

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)

Searchplugins\amazondotcom.xml (hxxp://www.amazon.com/exec/obidos/external-search/)

Searchplugins\answers.xml (hxxp://www.answers.com/main/ntquery)

Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})

Searchplugins\creativecommons.xml (hxxp://search.creativecommons.org/)

Searchplugins\eBay.xml (hxxp://rover.ebay.com/rover/1/711-47294-18009-3/4)

Searchplugins\wikipedia.xml (hxxp://en.wikipedia.org/wiki/Special:Search)

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

 

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default --

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrator\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch

Prefs.js - browser.search.selectedEngine, Google Desktop

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.11

 

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default --

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrator\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch

Prefs.js - browser.search.selectedEngine, Google Desktop

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.11

 

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default --

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrator\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch

Prefs.js - browser.search.selectedEngine, Google Desktop

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.11

 

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default --

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrator\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch

Prefs.js - browser.search.selectedEngine, Google Desktop

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.11

 

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default --

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrator\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch

Prefs.js - browser.search.selectedEngine, Google Desktop

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.11

 

========================================

 

**** Internet Explorer Version [6.0.2900.5512] ****

 

HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Start Page - hxxp://w3.ibm.com/

HKLM_Main|Default_Page_URL - hxxp://w3.ibm.com

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=vAHSqZwAv_BAgX-WxX_GmkFS9ec?q={searchTerms})

HKLM_ElevationPolicy\83accb6e-610d-46d6-b4de-e927ac2ed8bb - C:\Program Files\myBabylon_English\myBabylon_EnglishToolbarHelper.exe (x)

HKLM_Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - "Skype add-on for Internet Explorer" (C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico)

HKLM_Extensions\{B4E30F61-16D9-11D3-85D1-005004229569} - "Web Entry" (C:\lotus\org6\organize\orgie5saveg.ico)

HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\ThinkPad\Bluetooth Software\bt_cold_icon.ico)

HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)

BHO\{CE7C3CF0-4B15-11D1-ABED-709549C10000} - "IEHlprObj Class" (C:\lotus\org6\organize\iehelper.dll)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)

C:\Program Files\Ad-Remover\Backup: 2 File(s)

 

C:\Ad-Report-SCAN[1].txt - 25/02/2011 02:39:49 (7668 Byte(s))

C:\Ad-Report-SCAN[2].txt - 25/02/2011 15:13:05 (1719 Byte(s))

 

End at: 15:13:56, 25/02/2011

 

============== E.O.F ==============

[Ben13ben]

======= REPORT FROM AD-REMOVER 2.0.0.2,E | ONLY XP/VISTA/7 =======

 

Updated by TeamXscript on 21/02/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF

 

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 15:18:22 on 25/02/2011, Normal boot

 

Microsoft Windows XP Professional Service Pack 3 (X86)

B_Olive_8@BOLIVE8 ( )

 

============== ACTION(S) ==============

 

 

Folder deleted: C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default\conduit

 

(!) -- Temporary files deleted.

 

 

Key deleted: HKLM\Software\Classes\CLSID\{601ac3dc-786a-4eb0-bf40-ee3521e70bfb}

Key deleted: HKLM\Software\Classes\CLSID\{72b3882f-453a-4633-aac9-8c3dced62aff}

Key deleted: HKLM\Software\Classes\CLSID\{CE7C3CF0-4B15-11D1-ABED-709549C10000}

Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CE7C3CF0-4B15-11D1-ABED-709549C10000}

Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE7C3CF0-4B15-11D1-ABED-709549C10000}

Key deleted: HKLM\Software\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

Key deleted: HKLM\Software\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}

Key deleted: HKLM\Software\Classes\Interface\{CE7C3CEF-4B15-11D1-ABED-709549C10000}

Key deleted: HKLM\Software\Classes\IEHlprObj.IEHlprObj

Key deleted: HKLM\Software\Classes\IEHlprObj.IEHlprObj.1

Key deleted: HKLM\Software\Classes\Toolbar.CT1460988

Key deleted: HKLM\Software\Conduit

Key deleted: HKCU\Software\Conduit

 

 

============== ADDITIONNAL SCAN ==============

 

**** Mozilla Firefox Version [3.6.11 (en-US)] ****

 

HKLM_MozillaPlugins\@ibm.com/Java142 (x)

HKLM_MozillaPlugins\@ibm.com/Java50 (x)

HKLM_MozillaPlugins\@IBM.com/Java60 (x)

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)

Searchplugins\amazondotcom.xml (hxxp://www.amazon.com/exec/obidos/external-search/)

Searchplugins\answers.xml (hxxp://www.answers.com/main/ntquery)

Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms})

Searchplugins\creativecommons.xml (hxxp://search.creativecommons.org/)

Searchplugins\eBay.xml (hxxp://rover.ebay.com/rover/1/711-47294-18009-3/4)

Searchplugins\wikipedia.xml (hxxp://en.wikipedia.org/wiki/Special:Search)

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

 

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default --

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrator\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch

Prefs.js - browser.search.selectedEngine, Google Desktop

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.11

 

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default --

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrator\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch

Prefs.js - browser.search.selectedEngine, Google Desktop

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.11

 

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default --

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrator\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch

Prefs.js - browser.search.selectedEngine, Google Desktop

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.11

 

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default --

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrator\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch

Prefs.js - browser.search.selectedEngine, Google Desktop

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.11

 

-- C:\Documents and Settings\Administrator\Application Data\Mozilla\FireFox\Profiles\p9mdzysh.default --

Extensions\IBM-cck@firefox-extensions.ibm.com (IBM CCK)

Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\Administrator\\Desktop

Prefs.js - browser.search.defaultenginename, Search the web (Babylon)

Prefs.js - browser.search.defaulturl, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch

Prefs.js - browser.search.selectedEngine, Google Desktop

Prefs.js - browser.startup.homepage, www.google.fr

Prefs.js - browser.startup.homepage_override.mstone, rv:1.9.2.11

 

========================================

 

**** Internet Explorer Version [6.0.2900.5512] ****

 

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=vAHSqZwAv_BAgX-WxX_GmkFS9ec?q={searchTerms})

HKLM_ElevationPolicy\83accb6e-610d-46d6-b4de-e927ac2ed8bb - C:\Program Files\myBabylon_English\myBabylon_EnglishToolbarHelper.exe (x)

HKLM_Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - "Skype add-on for Internet Explorer" (C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico)

HKLM_Extensions\{B4E30F61-16D9-11D3-85D1-005004229569} - "Web Entry" (C:\lotus\org6\organize\orgie5saveg.ico)

HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\ThinkPad\Bluetooth Software\bt_cold_icon.ico)

HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)

 

========================================

 

C:\Program Files\Ad-Remover\Quarantine: 5 File(s)

C:\Program Files\Ad-Remover\Backup: 15 File(s)

 

C:\Ad-Report-CLEAN[1].txt - 25/02/2011 15:18:25 (587 Byte(s))

C:\Ad-Report-SCAN[1].txt - 25/02/2011 02:39:49 (7668 Byte(s))

C:\Ad-Report-SCAN[2].txt - 25/02/2011 15:13:05 (7218 Byte(s))

 

End at: 15:19:17, 25/02/2011

 

============== E.O.F ==============

[Apollo]

Okay,

 

Relance Ad-Remover et clique sur désinstaller.

 

Firefox n'est pas à jour, à corriger.

 

IE6: dangereux!

Installe Explorer 8 , beaucoup plus sécurisé qu'IE6 ou IE7, même si Firefox ou un autre navigateur est utilisé.

 

Après installation d'IE8:

 

Pour éviter des problèmes de compatibilité de certains sites web avec IE8, cliquer sur "Page" (ou outils) au-dessus de la page web puis sur Paramètres d'affichage de compatibilité.

 

Cocher la case "Afficher tous les sites web dans Affichage de compatibilité". Fermer.

 

FAQ IE8

 

Pour Java et d'autres applications, voir ici: Apollo Et Compagnie A vérifier de temps en temps, important!

 

@++

[Ben13ben]

Java refonctionne ainsi que mes applications (il était à la dernière version).

Great!

Merci beaucoup !

 

J'installe IE8 tout de suite, ensuite je passe à Firefox.

 

Concernant les produits Adobe.

Est-ce nécessaire d'avoir Adobe AIR ?

J'ai Acrobat Reader 9.1.3, c'est bon ou faut-il mettre à jour ?

Je vois aussi un Adobe Flash Player 10 ActiveX et Adobe Flash Player 10 Plugin, on en fiat quoi de ça ?