chantounette

Je viens de faire la manip, mais je n'ai pas C:\Windows\System32\Drivers\ay8n0i2h.SYS Que dois je faire merci

je ne comprend plus rien. Je viens de rallumer en mode normal et tout a marché et le rapport est tout à fait différent : SysProt AntiRootkit v1.0.1.0 by swatkat ******************************************************************************** ********** ******************************************************************************** ********** No Hidden Processes found ******************************************************************************** ********** ******************************************************************************** ********** Kernel Modules: Module Name: sple.sys Service Name: --- Module Base: F8553000 Module End: F8654000 Hidden: Yes Module Name: Service Name: --- Module Base: F8476000 Module End: F848E000 Hidden: Yes Module Name: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Service Name: --- Module Base: F7386000 Module End: F73BE000 Hidden: Yes Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys Service Name: --- Module Base: EE98B000 Module End: EE9A3000 Hidden: Yes Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS Service Name: --- Module Base: F8BF1000 Module End: F8BF3000 Hidden: Yes ******************************************************************************** ********** ******************************************************************************** ********** SSDT: Function Name: ZwClose Address: F84FA818 Driver Base: F84ED000 Driver End: F8513000 Driver Name: d347bus.sys Function Name: ZwCreateFile Address: EF112830 Driver Base: EF0FF000 Driver End: EF17E000 Driver Name: \SystemRoot\system32\drivers\fwdrv.sys Function Name: ZwCreateKey Address: F8CC2F9E Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwCreatePagingFile Address: F84EEA20 Driver Base: F84ED000 Driver End: F8513000 Driver Name: d347bus.sys Function Name: ZwCreateProcess Address: EF112380 Driver Base: EF0FF000 Driver End: EF17E000 Driver Name: \SystemRoot\system32\drivers\fwdrv.sys Function Name: ZwCreateProcessEx Address: EF1122B0 Driver Base: EF0FF000 Driver End: EF17E000 Driver Name: \SystemRoot\system32\drivers\fwdrv.sys Function Name: ZwCreateThread Address: F8CC2F94 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwDeleteKey Address: F8CC2FA3 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwDeleteValueKey Address: F8CC2FAD Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwEnumerateKey Address: F84EF2A8 Driver Base: F84ED000 Driver End: F8513000 Driver Name: d347bus.sys Function Name: ZwEnumerateValueKey Address: F84FA910 Driver Base: F84ED000 Driver End: F8513000 Driver Name: d347bus.sys Function Name: ZwLoadKey Address: F8CC2FB2 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwOpenFile Address: F8514B40 Driver Base: F8513000 Driver End: F853B000 Driver Name: a347bus.sys Function Name: ZwOpenKey Address: F84FA794 Driver Base: F84ED000 Driver End: F8513000 Driver Name: d347bus.sys Function Name: ZwOpenProcess Address: F8CC2F80 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwOpenThread Address: F8CC2F85 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwQueryKey Address: F84EF2C8 Driver Base: F84ED000 Driver End: F8513000 Driver Name: d347bus.sys Function Name: ZwQueryValueKey Address: F84FA866 Driver Base: F84ED000 Driver End: F8513000 Driver Name: d347bus.sys Function Name: ZwReplaceKey Address: F8CC2FBC Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwRestoreKey Address: F8CC2FB7 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwResumeThread Address: EF112630 Driver Base: EF0FF000 Driver End: EF17E000 Driver Name: \SystemRoot\system32\drivers\fwdrv.sys Function Name: ZwSetSystemPowerState Address: F84FA0B0 Driver Base: F84ED000 Driver End: F8513000 Driver Name: d347bus.sys Function Name: ZwSetValueKey Address: F8CC2FA8 Driver Base: 0 Driver End: 0 Driver Name: _unknown_ Function Name: ZwTerminateProcess Address: F8CC2F8F Driver Base: 0 Driver End: 0 Driver Name: _unknown_ ******************************************************************************** ********** ******************************************************************************** ********** No Kernel Hooks found ******************************************************************************** ********** ******************************************************************************** ********** IRP Hooks: Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_CREATE Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_CLOSE Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_READ Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_WRITE Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_QUERY_INFORMATION Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_SET_INFORMATION Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_QUERY_EA Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_SET_EA Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_FLUSH_BUFFERS Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_DIRECTORY_CONTROL Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_DEVICE_CONTROL Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_SHUTDOWN Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_LOCK_CONTROL Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_CLEANUP Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_CREATE_MAILSLOT Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_QUERY_SECURITY Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_SET_SECURITY Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_POWER Jump To: F855BE30 Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_SYSTEM_CONTROL Jump To: F8570514 Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_DEVICE_CHANGE Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_QUERY_QUOTA Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: \Driver\PCI_PNP0610 Hooked IRP: IRP_MJ_SET_QUOTA Jump To: F8597AEA Hooking Module: sple.sys Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_CREATE Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_CLOSE Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_READ Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_WRITE Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_QUERY_INFORMATION Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_SET_INFORMATION Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_QUERY_EA Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_SET_EA Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_FLUSH_BUFFERS Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_DIRECTORY_CONTROL Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_DEVICE_CONTROL Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_SHUTDOWN Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_LOCK_CONTROL Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_CLEANUP Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_CREATE_MAILSLOT Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_QUERY_SECURITY Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_SET_SECURITY Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_POWER Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_SYSTEM_CONTROL Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_DEVICE_CHANGE Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_QUERY_QUOTA Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\a347scsi.sys Hooked IRP: IRP_MJ_SET_QUOTA Jump To: 82A30C98 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_CREATE Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_CLOSE Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_READ Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_WRITE Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_QUERY_INFORMATION Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_SET_INFORMATION Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_QUERY_EA Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_SET_EA Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_FLUSH_BUFFERS Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_DIRECTORY_CONTROL Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_DEVICE_CONTROL Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_SHUTDOWN Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_LOCK_CONTROL Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_CLEANUP Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_CREATE_MAILSLOT Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_QUERY_SECURITY Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_SET_SECURITY Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_POWER Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_SYSTEM_CONTROL Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_DEVICE_CHANGE Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_QUERY_QUOTA Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: Hooked IRP: IRP_MJ_SET_QUOTA Jump To: 82921008 Hooking Module: _unknown_ Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_CREATE Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_CLOSE Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_READ Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_WRITE Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_QUERY_INFORMATION Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_SET_INFORMATION Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_QUERY_EA Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_SET_EA Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_FLUSH_BUFFERS Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_DIRECTORY_CONTROL Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_DEVICE_CONTROL Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_SHUTDOWN Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_LOCK_CONTROL Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_CLEANUP Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_CREATE_MAILSLOT Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_QUERY_SECURITY Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_SET_SECURITY Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_POWER Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_SYSTEM_CONTROL Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_DEVICE_CHANGE Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_QUERY_QUOTA Jump To: F8554000 Hooking Module: sple.sys Hooked Module: \Driver\sptd Hooked IRP: IRP_MJ_SET_QUOTA Jump To: F8554000 Hooking Module: sple.sys Hooked Module: C:\WINDOWS\system32\drivers\fwdrv.sys Hooked IRP: IRP_MJ_READ Jump To: 82A52FB0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbohci.sys Hooked IRP: IRP_MJ_CREATE Jump To: 82B491F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbohci.sys Hooked IRP: IRP_MJ_CLOSE Jump To: 82B491F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbohci.sys Hooked IRP: IRP_MJ_DEVICE_CONTROL Jump To: 82B491F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbohci.sys Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL Jump To: 82B491F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbohci.sys Hooked IRP: IRP_MJ_POWER Jump To: 82B491F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbohci.sys Hooked IRP: IRP_MJ_SYSTEM_CONTROL Jump To: 82B491F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys Hooked IRP: IRP_MJ_CREATE Jump To: 82F5B1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys Hooked IRP: IRP_MJ_READ Jump To: 82F5B1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys Hooked IRP: IRP_MJ_WRITE Jump To: 82F5B1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys Hooked IRP: IRP_MJ_FLUSH_BUFFERS Jump To: 82F5B1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys Hooked IRP: IRP_MJ_DEVICE_CONTROL Jump To: 82F5B1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL Jump To: 82F5B1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys Hooked IRP: IRP_MJ_SHUTDOWN Jump To: 82F5B1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys Hooked IRP: IRP_MJ_CLEANUP Jump To: 82F5B1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys Hooked IRP: IRP_MJ_POWER Jump To: 82F5B1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\ftdisk.sys Hooked IRP: IRP_MJ_SYSTEM_CONTROL Jump To: 82F5B1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\netbt.sys Hooked IRP: IRP_MJ_CREATE Jump To: 824721F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\netbt.sys Hooked IRP: IRP_MJ_CLOSE Jump To: 824721F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\netbt.sys Hooked IRP: IRP_MJ_DEVICE_CONTROL Jump To: 824721F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\netbt.sys Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL Jump To: 824721F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\netbt.sys Hooked IRP: IRP_MJ_CLEANUP Jump To: 824721F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_CREATE Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_CLOSE Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_READ Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_WRITE Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_QUERY_INFORMATION Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_SET_INFORMATION Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_QUERY_EA Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_SET_EA Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_FLUSH_BUFFERS Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_DIRECTORY_CONTROL Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_DEVICE_CONTROL Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_SHUTDOWN Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_LOCK_CONTROL Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_CLEANUP Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_CREATE_MAILSLOT Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_QUERY_SECURITY Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_SET_SECURITY Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_POWER Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_SYSTEM_CONTROL Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_DEVICE_CHANGE Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_QUERY_QUOTA Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\cdrom.sys Hooked IRP: IRP_MJ_SET_QUOTA Jump To: 82BB5848 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_CREATE Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_CLOSE Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_READ Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_WRITE Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_QUERY_INFORMATION Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_SET_INFORMATION Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_QUERY_EA Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_SET_EA Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_FLUSH_BUFFERS Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_DIRECTORY_CONTROL Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_DEVICE_CONTROL Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_SHUTDOWN Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_LOCK_CONTROL Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_CLEANUP Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_CREATE_MAILSLOT Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_QUERY_SECURITY Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_SET_SECURITY Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_POWER Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_SYSTEM_CONTROL Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_DEVICE_CHANGE Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_QUERY_QUOTA Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: \SystemRoot\System32\Drivers\ay8n0i2h.SYS Hooked IRP: IRP_MJ_SET_QUOTA Jump To: 82A015E8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbehci.sys Hooked IRP: IRP_MJ_CREATE Jump To: 82A7F1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbehci.sys Hooked IRP: IRP_MJ_CLOSE Jump To: 82A7F1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbehci.sys Hooked IRP: IRP_MJ_DEVICE_CONTROL Jump To: 82A7F1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbehci.sys Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL Jump To: 82A7F1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbehci.sys Hooked IRP: IRP_MJ_POWER Jump To: 82A7F1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\System32\DRIVERS\usbehci.sys Hooked IRP: IRP_MJ_SYSTEM_CONTROL Jump To: 82A7F1F8 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_CREATE Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_CREATE_NAMED_PIPE Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_CLOSE Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_READ Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_WRITE Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_QUERY_INFORMATION Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_SET_INFORMATION Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_QUERY_EA Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_SET_EA Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_FLUSH_BUFFERS Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_QUERY_VOLUME_INFORMATION Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_SET_VOLUME_INFORMATION Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_DIRECTORY_CONTROL Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_FILE_SYSTEM_CONTROL Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_DEVICE_CONTROL Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_INTERNAL_DEVICE_CONTROL Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_SHUTDOWN Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_LOCK_CONTROL Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_CLEANUP Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_CREATE_MAILSLOT Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_QUERY_SECURITY Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_SET_SECURITY Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_POWER Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_SYSTEM_CONTROL Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_DEVICE_CHANGE Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_QUERY_QUOTA Jump To: 829122A0 Hooking Module: _unknown_ Hooked Module: C:\WINDOWS\system32\drivers\d347prt.sys Hooked IRP: IRP_MJ_SET_QUOTA Jump To: 829122A0 Hooking Module: _unknown_ ******************************************************************************** ********** ******************************************************************************** ********** Ports: Local Address: CHANTAL:1077 Remote Address: WY-IN-F164.GOOGLE.COM:HTTP Type: TCP Process: C:\Program Files\Internet Explorer\iexplore.exe State: ESTABLISHED Local Address: CHANTAL:1075 Remote Address: EY-IN-F113.GOOGLE.COM:HTTP Type: TCP Process: C:\Program Files\Internet Explorer\iexplore.exe State: ESTABLISHED Local Address: CHANTAL:NETBIOS-SSN Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: CHANTAL:1025 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\WINDOWS\system32\alg.exe State: LISTENING Local Address: CHANTAL:MICROSOFT-DS Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: CHANTAL:EPMAP Remote Address: 0.0.0.0:0 Type: TCP Process: C:\WINDOWS\system32\svchost.exe State: LISTENING Local Address: CHANTAL:1900 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: CHANTAL:138 Remote Address: NA Type: UDP Process: System State: NA Local Address: CHANTAL:NETBIOS-NS Remote Address: NA Type: UDP Process: System State: NA Local Address: CHANTAL:123 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: CHANTAL:1900 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: CHANTAL:1068 Remote Address: NA Type: UDP Process: C:\Program Files\Internet Explorer\iexplore.exe State: NA Local Address: CHANTAL:123 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\svchost.exe State: NA Local Address: CHANTAL:9370 Remote Address: NA Type: UDP Process: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe State: NA Local Address: CHANTAL:4500 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\lsass.exe State: NA Local Address: CHANTAL:500 Remote Address: NA Type: UDP Process: C:\WINDOWS\system32\lsass.exe State: NA Local Address: CHANTAL:MICROSOFT-DS Remote Address: NA Type: UDP Process: System State: NA ******************************************************************************** ********** ******************************************************************************** ********** Hidden files/folders: Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\acrosdchevaux34@hotmail.fr\DFSR\Staging\CS{2212A2B8-8EC1-9F8A-A45A-40A239B4BEAD}\01\39-{2212A2B8-8EC1-9F8A-A45A-40A239B4BEAD Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\lilibeachnwn@hotmail.fr\DFSR\Staging\CS{7F18DB84-701A-8CF6-F1D3-3C2EB20691DF}\01\37-{7F18DB84-701A-8CF6-F1D3-3C2EB20691DF}-v Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\01\10-{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\26\11-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\27\12-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\28\13-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\29\14-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\30\15-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\31\16-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\32\17-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\33\18-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\34\19-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\35\20-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\36\36-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\37\37-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\38\38-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\bruce-leboss@hotmail.fr\SharingMetadata\runescapeboss@hotmail.fr\DFSR\Staging\CS{8CA85A88-3ED3-B4C4-F314-B4FC449DC3B6}\39\39-{1B923A35-049C-4D34-A7F0-4EBA3DFEE94E}- Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\chloez3@hotmail.fr\SharingMetadata\chiite-puce@hotmail.fr\DFSR\Staging\CS{BBD2C3A7-1032-7C41-5F4B-9530737CA192}\01\10-{BBD2C3A7-1032-7C41-5F4B-9530737CA192}-v1-{51E Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\misspopo-34@hotmail.fr\SharingMetadata\benburgur@hotmail.fr\DFSR\Staging\CS{D9D7D673-8EE4-2279-6FA5-0CE37233D65F}\01\10-{D9D7D673-8EE4-2279-6FA5-0CE37233D65F}-v1-{B Status: Hidden Object: C:\Documents and Settings\chantounette\Local Settings\Application Data\Microsoft\Messenger\zegrar4@hotmail.com\SharingMetadata\bruce-leboss@hotmail.fr\DFSR\Staging\CS{3AF043BE-51B6-ADDF-8361-8C7844CB7BF9}\01\10-{3AF043BE-51B6-ADDF-8361-8C7844CB7BF9}-v1-{E Status: Hidden Object: C:\Documents and Settings\chantounette\Mes documents\jeu\Adibou Education v3 - 4-7 Ans -Pil 6Cd Crackés 8 Jeux Jaquettes Cd & Dvd Appli Pour Graver & Mode D Emplois By Vin Ké Testé Ok Enjoy\3_Adibou.-.Education.-.Motamo-Pluzoumoin.-.Initiation Lecture Status: Hidden Object: C:\Documents and Settings\chantounette\Mes documents\jeu\Adibou Education v3 - 4-7 Ans -Pil 6Cd Crackés 8 Jeux Jaquettes Cd & Dvd Appli Pour Graver & Mode D Emplois By Vin Ké Testé Ok Enjoy\4_Adibou.-.Education.-.L'Île Volante.-.Sciences & Nature.-. 4 Status: Hidden Object: C:\System Volume Information\MountPointManagerRemoteDatabase Status: Access denied Object: C:\System Volume Information\tracking.log Status: Access denied Object: C:\System Volume Information\_restore{A7F01669-E707-413E-85C9-6105E3B5172C} Status: Access denied

et non, de plus en attendant j'ai vouku essayé mon antivirus avira qui a bien evidement bloqué et maintenant j'ai iexplorer qui bloque. Je suis donc passé en mode sans echec avec prise en charge réseau pour faire sysprot et voila le resultat : SysProt AntiRootkit v1.0.1.0 by swatkat ******************************************************************************** ********** ******************************************************************************** ********** No Hidden Processes found ******************************************************************************** ********** ******************************************************************************** ********** No Hidden Kernel Modules found ******************************************************************************** ********** ******************************************************************************** ********** No SSDT Hooks found ******************************************************************************** ********** ******************************************************************************** ********** No Kernel Hooks found ******************************************************************************** ********** ******************************************************************************** ********** No IRP Hooks found ******************************************************************************** ********** ******************************************************************************** ********** Ports: Local Address: CHANTAL:NETBIOS-SSN Remote Address: 0.0.0.0:0 Type: TCP Process: 4 (PID) State: LISTENING Local Address: CHANTAL:MICROSOFT-DS Remote Address: 0.0.0.0:0 Type: TCP Process: 4 (PID) State: LISTENING Local Address: CHANTAL:EPMAP Remote Address: 0.0.0.0:0 Type: TCP Process: 876 (PID) State: LISTENING Local Address: CHANTAL:138 Remote Address: NA Type: UDP Process: 4 (PID) State: NA Local Address: CHANTAL:NETBIOS-NS Remote Address: NA Type: UDP Process: 4 (PID) State: NA Local Address: CHANTAL:1025 Remote Address: NA Type: UDP Process: 1984 (PID) State: NA Local Address: CHANTAL:MICROSOFT-DS Remote Address: NA Type: UDP Process: 4 (PID) State: NA ******************************************************************************** ********** ******************************************************************************** ********** No hidden files/folders found

Gros probleme, J'ai essayé de faire 2 fois le scan combofix en mode normal, après m'avoir créé la console de recuperation, le scan a commencé et tout s'est figé. Donc obliger d'éteindre ordi par derière. J'ai donc essayé en mode sans echec et la le scan a marché jusqu'au processus 50 et de nouveau tout s'est bloqué. Je n'ai donc aucun rapport..... Que dois-je faire merci

Bonjour Pear Je pense avaoir bien suivi la procedure mais voila ce que j'obtiens Running from: C:\Documents and Settings\chantounette\Bureau\Win32kDiag.exe Log file at : C:\Documents and Settings\chantounette\Bureau\Win32kDiag.txt WARNING: Could not get backup privileges! Searching 'C:\WINDOWS'... Finished!

bonjour Pear, Je viens de faire ce que tu m'as décrit mais je n'ai aucune ligne rouge donc je ne sais pas si je ne me suis pas tromper, voila le rapport : GMER 1.0.15.15087 - http://www.gmer.net Rootkit scan 2009-09-22 17:38:21 Windows 5.1.2600 Service Pack 2 Running: gmer.exe; Driver: C:\DOCUME~1\CHANTO~1\LOCALS~1\Temp\fwtdqpog.sys ---- Modules - GMER 1.0.15 ---- Module spbf.sys F8553000-F8654000 (1052672 bytes) Module a347bus.sys (Plug and Play BIOS Extension/ ) F8513000-F853B000 (163840 bytes) Module d347bus.sys (PnP BIOS Extension/ ) F84ED000-F8513000 (155648 bytes) Module _________ F8476000-F848E000 (98304 bytes) Module d347prt.sys (SCSI miniport/ ) F8B79000-F8B7B000 (8192 bytes) Module a347scsi.sys (SCSI miniport/ ) F8B7B000-F8B7D000 (8192 bytes) Module SISAGPX.sys (SiS NT AGP Filter/Silicon Integrated Systems Corporation) F8905000-F890D000 (32768 bytes) Module BTHidMgr.sys (Bluetooth HID Manager driver/IVT Corporation) F890D000-F8914000 (28672 bytes) Module \SystemRoot\system32\DRIVERS\ati2mtag.sys (ATI Radeon Miniport Driver/ATI Technologies Inc.) F74C7000-F7554000 (577536 bytes) Module \SystemRoot\system32\drivers\sis7012.sys (SiS 7012 Audio Device WDM Driver/Silicon Integrated Systems Corporation) F73C9000-F7490000 (815104 bytes) Module \SystemRoot\System32\DRIVERS\sisnic.sys (SiS PCI Fast Ethernet Adapter Driver/SiS Corporation) F89F5000-F89FD000 (32768 bytes) Module \SystemRoot\System32\DRIVERS\HSF_BSC2.sys (NTRksample driver/Conexant) F7371000-F7382000 (69632 bytes) Module \SystemRoot\System32\DRIVERS\HSF_SOAR.SYS (Soar driver/Conexant) F75D4000-F75DF000 (45056 bytes) Module \SystemRoot\System32\DRIVERS\HSF_SAMP.sys (Rksample WDM driver/Conexant) F75C4000-F75D3000 (61440 bytes) Module \SystemRoot\System32\DRIVERS\HSF_MSFT.sys (WinACHSF driver/Conexant) F72EC000-F7371000 (544768 bytes) Module \SystemRoot\System32\DRIVERS\HSF_AMOS.SYS (AmosNT driver/Conexant) F72C7000-F72EC000 (151552 bytes) Module \SystemRoot\System32\Drivers\ahjtkdo4.SYS F728F000-F72C7000 (229376 bytes) Module \SystemRoot\system32\DRIVERS\L8042Kbd.sys (Logitech PS2 Keyboard Filter Driver./Logitech, Inc.) F8304000-F8308000 (16384 bytes) Module \SystemRoot\System32\Drivers\VcommMgr.sys (Bluetooth VcommMgr driver/IVT Corporation) F7584000-F758E000 (40960 bytes) Module \SystemRoot\system32\DRIVERS\vbtenum.sys F82FC000-F8300000 (16384 bytes) Module \SystemRoot\system32\DRIVERS\blueletaudio.sys (Bluelet Audio Driver/IVT Corporation) F8A7D000-F8A82000 (20480 bytes) Module \SystemRoot\System32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) F8935000-F893A000 (20480 bytes) Module \SystemRoot\system32\DRIVERS\btnetdrv.sys (Bluetooth PAN Network Adapter Driver/IVT Corporation) F7CB3000-F7CB6000 (12288 bytes) Module \SystemRoot\system32\DRIVERS\VComm.sys (Bluetooth Serial Port Driver/IVT Corporation) F8945000-F894D000 (32768 bytes) Module \SystemRoot\system32\drivers\fwdrv.sys EF008000-EF087000 (520192 bytes) Module \SystemRoot\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) F897D000-F8983000 (24576 bytes) Module \SystemRoot\system32\DRIVERS\avipbb.sys (Avira Driver for RootKit Detection/Avira GmbH) EEDB4000-EEDD0000 (114688 bytes) Module \??\C:\Program_Files\Avira\AntiVir_Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) F8BF9000-F8BFB000 (8192 bytes) Module \SystemRoot\system32\drivers\LVUSBSta.sys (USB Statistic Driver/Logitech Inc.) F88D5000-F88DE000 (36864 bytes) Module \SystemRoot\system32\DRIVERS\lvuvc.sys (Logitech USB Video Class Driver/Logitech Inc.) EE944000-EEDB4000 (4653056 bytes) Module \SystemRoot\system32\DRIVERS\lvrs.sys (Logitech Kernel Audio Improvement Filter Driver/Logitech Inc.) EE8AC000-EE944000 (622592 bytes) Module \SystemRoot\System32\ati2dvag.dll (ATI Radeon WindowsNT Display Driver/ATI Technologies Inc.) BF9D5000-BFA18000 (274432 bytes) Module \SystemRoot\System32\ati3d2ag.dll (ati3d2ag.dll/ATI Technologies Inc. ) BFA18000-BFB32000 (1155072 bytes) Module \SystemRoot\System32\ATMFD.DLL (Windows NT OpenType/Type 1 Font Driver/Adobe Systems Incorporated) BFFA0000-BFFE6000 (286720 bytes) Module \SystemRoot\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) EE768000-EE77C000 (81920 bytes) Module \??\C:\WINDOWS\System32\drivers\CDAC15BA.SYS EE538000-EE53B000 (12288 bytes) Module \SystemRoot\System32\DRIVERS\HSF_FALL.sys (Fallback driver/Conexant) EE3AD000-EE3F4000 (290816 bytes) Module \SystemRoot\System32\DRIVERS\HSF_FSKS.sys (FSKsNT driver/Conexant) EE390000-EE3AD000 (118784 bytes) Module \SystemRoot\System32\DRIVERS\HSF_K56K.sys (K56NT driver/Conexant) EE330000-EE390000 (393216 bytes) Module \SystemRoot\System32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) EE6A0000-EE6AA000 (40960 bytes) Module \SystemRoot\System32\DRIVERS\HSF_FAXX.sys (FaxNT driver/Conexant) EE195000-EE1C6000 (200704 bytes) Module \??\C:\WINDOWS\system32\drivers\tmcomm.sys (TrendMicro Common Module/Trend Micro Inc.) EE17D000-EE195000 (98304 bytes) Module \SystemRoot\System32\DRIVERS\HSF_TONE.sys (TonesNT driver/Conexant) EE44C000-EE459000 (53248 bytes) Module \SystemRoot\System32\DRIVERS\HSF_V124.sys (V124NT driver/Conexant) EE105000-EE17D000 (491520 bytes) Module \SystemRoot\system32\DRIVERS\LVPr2Mon.sys F8A0D000-F8A12000 (20480 bytes) Module \??\C:\DOCUME~1\CHANTO~1\LOCALS~1\Temp\fwtdqpog.sys (GMER) ED39B000-ED3B0000 (86016 bytes) ---- Processes - GMER 1.0.15 ---- Process C:\WINDOWS\Explorer.EXE (Explorateur Windows/Microsoft Corporation) 1084 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x009B0000 Library C:\PROGRA~1\SPYBOT~1\SDHelper.dll (SBSD IE Protection/Safer Networking Limited) 0x03B60000 Library C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA (PDF Shell Extension/Adobe Systems, Inc.) 0x04580000 Library C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe PDF Helper for Internet Explorer/Adobe Systems Incorporated) 0x10000000 Library C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll (PDF Shell Extension/Adobe Systems, Inc.) 0x04380000 Library C:\Program Files\WinRAR\rarext.dll 0x029E0000 Library C:\Program Files\Avira\AntiVir Desktop\shlext.dll (AntiVirus context menu/Avira GmbH) 0x043E0000 Library C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes' Anti-Malware/Malwarebytes Corporation) 0x02CE0000 Library C:\Program Files\ABBYY\FineReader 6.0\FECMenu.dll (Windows Explorer context menu handler/ABBYY (BIT Software)) 0x02E60000 Process C:\WINDOWS\system32\wuauclt.exe (Windows Update Automatic Updates/Microsoft Corporation) 1156 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x009E0000 Process C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Video COM Service/Logitech Inc.) 1288 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Video COM Service/Logitech Inc.) 0x00400000 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x003C0000 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVCSCli.dll (Medusa Hardware Enumerator/Logitech Inc.) 0x10000000 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVCSPS.dll 0x00B40000 Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 1384 Library C:\WINDOWS\system32\EBPMON24.DLL (EPSON Bi-directional Monitor/SEIKO EPSON CORPORATION) 0x50400000 Library C:\WINDOWS\system32\mdimon.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x00970000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll (Microsoft® Document Imaging/Microsoft Corporation) 0x00980000 Library C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll (Print Filter Pipeline Proxy/Microsoft Corporation) 0x3F420000 Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_DU18CE.DLL (E_DU18xE/SEIKO EPSON Corporation) 0x68F00000 Library C:\WINDOWS\system32\ECBTEG.DLL (ECBTEG/SEIKO EPSON CORPORATION) 0x10000000 Library C:\WINDOWS\system32\EBPCHP.DLL (EPSON Bidirectional Printer Driver/SEIKO EPSON CORPORATION) 0x00B80000 Library C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_DMAI16.DLL (E_DMAI16/SEIKO EPSON Corporation) 0x01850000 Process C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 1432 Library C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) 0x00400000 Library C:\Program Files\Avira\AntiVir Desktop\schedr.dll (avschdr Dynamic Link Library/Avira GmbH) 0x10000000 Library C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll (Event Logger/Avira GmbH) 0x003D0000 Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00CB0000 Process C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 1532 Library C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) 0x00400000 Library C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll (Event Logger/Avira GmbH) 0x10000000 Library C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll (AVGuard Messages (Deutsch)/Avira GmbH) 0x008F0000 Library C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll 0x00900000 Library C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL (Prefix DLL/Avira GmbH) 0x00D80000 Library C:\Program Files\Avira\AntiVir Desktop\SMTPLIB.DLL (SMTPLIB/Avira GmbH) 0x00DA0000 Library C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL (On-access scan support/Avira GmbH) 0x011D0000 Library C:\Program Files\Avira\AntiVir Desktop\aecore.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01300000 Library C:\Program Files\Avira\AntiVir Desktop\aevdf.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01340000 Library C:\Program Files\Avira\AntiVir Desktop\aescript.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01370000 Library C:\Program Files\Avira\AntiVir Desktop\aescn.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01400000 Library C:\Program Files\Avira\AntiVir Desktop\aerdl.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01430000 Library C:\Program Files\Avira\AntiVir Desktop\aepack.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x014B0000 Library C:\Program Files\Avira\AntiVir Desktop\unacev2.dll (UNACE Dynamic Link Library/ACE Compression Software) 0x01530000 Library C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01590000 Library C:\Program Files\Avira\AntiVir Desktop\aeheur.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x015E0000 Library C:\Program Files\Avira\AntiVir Desktop\aehelp.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x017D0000 Library C:\Program Files\Avira\AntiVir Desktop\aegen.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01820000 Library C:\Program Files\Avira\AntiVir Desktop\aeemu.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01890000 Library C:\Program Files\Avira\AntiVir Desktop\aebb.dll (AntiVir Engine Module for Windows/Avira GmbH) 0x01910000 Library C:\Program Files\Avira\AntiVir Desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x01930000 Process C:\WINDOWS\system32\Ati2evxx.exe 1544 Library C:\WINDOWS\system32\Ati2evxx.exe 0x00400000 Process C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe 1580 Library C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe 0x00400000 Process C:\WINDOWS\System32\drivers\CDAC11BA.EXE (C-Dilla RTS Service/C-Dilla Ltd) 1608 Library C:\WINDOWS\System32\drivers\CDAC11BA.EXE (C-Dilla RTS Service/C-Dilla Ltd) 0x00400000 Process C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Video COM Service/Logitech Inc.) 1688 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Video COM Service/Logitech Inc.) 0x00400000 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVCSCli.dll (Medusa Hardware Enumerator/Logitech Inc.) 0x10000000 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVCSPS.dll 0x006A0000 Process C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech LVPrcSrv Module./Logitech Inc.) 1720 Library C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech LVPrcSrv Module./Logitech Inc.) 0x00400000 Process C:\Program Files\PCOptimizer\PCoptimizerService.exe 1780 Library C:\Program Files\PCOptimizer\PCoptimizerService.exe 0x00400000 Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1880 Library C:\WINDOWS\System32\escwiad.dll (EPSON WIA USD/SEIKO EPSON CORP.) 0x1C300000 Process C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe 2192 Library C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe 0x00400000 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x00A90000 Library C:\Program Files\Fichiers communs\LogiShrd\LComMgr\DevMngr.dll 0x10000000 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVCSCli.dll (Medusa Hardware Enumerator/Logitech Inc.) 0x01140000 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVCSPS.dll 0x00AD0000 Library C:\Program Files\Logitech\QuickCam\EFVal.dll 0x011F0000 Library C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LogiCordless.dll 0x01220000 Library C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LogiCordless4001.dll 0x01DA0000 Library C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll 0x01FD0000 Process C:\Program Files\Logitech\QuickCam\Quickcam.exe 2216 Library C:\Program Files\Logitech\QuickCam\Quickcam.exe 0x00400000 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x00EB0000 Library C:\Program Files\Logitech\QuickCam\LAppRes.dll 0x10000000 Library C:\Program Files\Fichiers communs\LogiShrd\LComMgr\DevMngr.dll 0x00700000 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVCSCli.dll (Medusa Hardware Enumerator/Logitech Inc.) 0x01710000 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVCSPS.dll 0x017A0000 Library C:\Program Files\Logitech\QuickCam\EFVal.dll 0x01E70000 Library C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManagerPS.dll (COCI Manager Proxy Stub/Logitech Inc.) 0x01ED0000 Process C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 2296 Library C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Antivirus System Tray Tool/Avira GmbH) 0x00400000 Library C:\Program Files\Avira\AntiVir Desktop\cclib.dll (Antivirus Control Center Common Library/Avira GmbH) 0x10000000 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x003E0000 Library c:\program files\avira\antivir desktop\ccgen.dll (Control Center General Plugin/Avira GmbH) 0x004D0000 Library c:\program files\avira\antivir desktop\ccgenrc.dll (Control Center General Plugin Resources/Avira GmbH) 0x00BE0000 Library c:\program files\avira\antivir desktop\ccguard.dll (Control Center Guard Plugin/Avira GmbH) 0x00BF0000 Library c:\program files\avira\antivir desktop\ccgrdrc.dll (Control Center Guard Plugin Resources/Avira GmbH) 0x00C50000 Library c:\program files\avira\antivir desktop\avipc.dll (AVIRA IPC Library/Avira GmbH) 0x00C60000 Library c:\program files\avira\antivir desktop\ccupdate.dll (Control Center Updater Plugin/Avira GmbH) 0x00C90000 Library c:\program files\avira\antivir desktop\ccupdrc.dll (Control Center Updater Plugin Resources/Avira GmbH) 0x00CE0000 Library c:\program files\avira\antivir desktop\cclic.dll (Control Center License Plugin/Avira GmbH) 0x00F10000 Library c:\program files\avira\antivir desktop\cclicrc.dll (Control Center License Plugin Resources/Avira GmbH) 0x00F40000 Library c:\program files\avira\antivir desktop\ccmsg.dll (Control Center Message Plugin/Avira GmbH) 0x00F50000 Process C:\WINDOWS\system32\ctfmon.exe (CTF Loader/Microsoft Corporation) 2368 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x009C0000 Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 2532 Library C:\WINDOWS\System32\strmfilt.dll (Stream Filter Library/Microsoft Corporation) 0x5A1F0000 Process C:\Program Files\Messenger\MSMSGS.EXE (Windows Messenger/Microsoft Corporation) 2544 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x00AC0000 Process C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Desktop Messenger/Logitech Inc.) 2576 Library C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Desktop Messenger/Logitech Inc.) 0x00400000 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x00360000 Library C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\backWeb.dll (BackWeb/BackWeb Technologies Inc.) 0x009F0000 Library C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\bwsec.dll (bwsec/BackWeb Technologies Inc.) 0x10000000 Library C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll 0x00330000 Library C:\PROGRA~1\Logitech\DESKTO~1\8876480\811~1.50-\program\EN\ClientRC.dll (BackWeb/BackWeb Technologies Inc.) 0x00DC0000 Library C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll (Logitech Desktop Messenger/Logitech Inc.) 0x010C0000 Library C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\BWfiles.dll (BackWebFiles Module/BackWeb Technologies Inc.) 0x010D0000 Library C:\Program Files\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll (LDMClient Extention for UP synchronization/Logitech) 0x66000000 Process C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (GoogleToolbarNotifier/Google Inc.) 2592 Library C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (GoogleToolbarNotifier/Google Inc.) 0x00400000 Library C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\gtn.dll (GoogleToolbarNotifier/Google Inc.) 0x10000000 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x003E0000 Library C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (GoogleToolbarNotifier/Google Inc.) 0x00C90000 Process C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe (Camera Control Interface/Logitech Inc.) 3048 Library C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe (Camera Control Interface/Logitech Inc.) 0x00400000 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x00A00000 Library C:\Program Files\Fichiers communs\LogiShrd\LComMgr\DevMngr.dll 0x10000000 Library C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManagerPS.dll (COCI Manager Proxy Stub/Logitech Inc.) 0x00FD0000 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVCSCli.dll (Medusa Hardware Enumerator/Logitech Inc.) 0x01000000 Library C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVCSPS.dll 0x01090000 Library C:\Program Files\Logitech\QuickCam\EFVal.dll 0x01520000 Process C:\WINDOWS\system32\wscntfy.exe (Windows Security Center Notification App/Microsoft Corporation) 3172 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x00960000 Process C:\gamer\gmer.exe 4040 Library C:\gamer\gmer.exe 0x00400000 Library C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.) 0x00800000 ---- Services - GMER 1.0.15 ---- Service C:\WINDOWS\system32\DRIVERS\a347bus.sys (Plug and Play BIOS Extension/ ) [bOOT] a347bus Service C:\WINDOWS\System32\Drivers\a347scsi.sys (SCSI miniport/ ) [bOOT] a347scsi Service C:\Program Files\Avira\AntiVir Desktop\sched.exe (Antivirus Scheduler/Avira GmbH) [AUTO] AntiVirSchedulerService Service C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Antivirus On-Access Service/Avira GmbH) [AUTO] AntiVirService Service aswTdi Service [bOOT] atapi Service C:\WINDOWS\system32\Ati2evxx.exe [AUTO] Ati HotKey Poller Service C:\WINDOWS\system32\ati2sgag.exe [AUTO] ATI Smart Service C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Radeon Miniport Driver/ATI Technologies Inc.) [MANUAL] ati2mtag Service Atierecord Service C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira AntiVir Support for Minifilter/Avira GmbH) [sYSTEM] avgio Service C:\WINDOWS\system32\DRIVERS\avgntflt.sys (Avira Minifilter Driver/Avira GmbH) [AUTO] avgntflt Service C:\WINDOWS\system32\DRIVERS\avipbb.sys (Avira Driver for RootKit Detection/Avira GmbH) [sYSTEM] avipbb Service C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys (NTRksample driver/Conexant) [MANUAL] basic2 Service C:\WINDOWS\system32\DRIVERS\blueletaudio.sys (Bluelet Audio Driver/IVT Corporation) [MANUAL] BlueletAudio Service C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [AUTO] BlueSoleil Hid Service Service C:\WINDOWS\system32\DRIVERS\btnetdrv.sys (Bluetooth PAN Network Adapter Driver/IVT Corporation) [MANUAL] BT Service C:\WINDOWS\System32\Drivers\btcusb.sys (Bluetooth USB Device Driver/IVT Corporation) [MANUAL] Btcsrusb Service C:\WINDOWS\system32\DRIVERS\vbtenum.sys [MANUAL] BTHidEnum Service C:\WINDOWS\System32\Drivers\BTHidMgr.sys (Bluetooth HID Manager driver/IVT Corporation) [bOOT] BTHidMgr Service C:\WINDOWS\system32\drivers\BTNetFilter.sys [MANUAL] BTNetFilter Service C:\WINDOWS\System32\drivers\CDAC11BA.EXE (C-Dilla RTS Service/C-Dilla Ltd) [AUTO] C-DillaCdaC11BA Service C:\WINDOWS\System32\drivers\CDAC15BA.SYS [AUTO] CdaC15BA Service C:\WINDOWS\system32\drivers\cmuda.sys (C-Media Audio WDM Driver/C-Media Inc) [MANUAL] cmuda Service C:\WINDOWS\System32\DRIVERS\d347bus.sys (PnP BIOS Extension/ ) [bOOT] d347bus Service C:\WINDOWS\System32\Drivers\d347prt.sys (SCSI miniport/ ) [bOOT] d347prt Service C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys (Fallback driver/Conexant) [AUTO] Fallback Service C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys (Logitech USB Video Class Filter Driver/Logitech Inc.) [MANUAL] FilterService Service C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys (FSKsNT driver/Conexant) [AUTO] Fsks Service C:\WINDOWS\system32\drivers\fwdrv.sys [sYSTEM] fwdrv Service C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (gusvc/Google) [MANUAL] gusvc Service C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys (WinACHSF driver/Conexant) [MANUAL] hsf_msft Service C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys (K56NT driver/Conexant) [AUTO] K56 Service khips Service [AUTO] KPF4 Service C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys (Logitech PS2 Keyboard Filter Driver./Logitech, Inc.) [MANUAL] L8042Kbd Service LHidKe Service C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Video COM Service/Logitech Inc.) [AUTO] LVCOMSer Service C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [MANUAL] LVPr2Mon Service C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech LVPrcSrv Module./Logitech Inc.) [AUTO] LVPrcSrv Service C:\WINDOWS\system32\DRIVERS\lvrs.sys (Logitech Kernel Audio Improvement Filter Driver/Logitech Inc.) [MANUAL] LVRS Service C:\WINDOWS\system32\drivers\LVUSBSta.sys (USB Statistic Driver/Logitech Inc.) [MANUAL] LVUSBSta Service C:\WINDOWS\system32\DRIVERS\lvuvc.sys (Logitech USB Video Class Driver/Logitech Inc.) [MANUAL] LVUVC Service C:\DOCUME~1\CHANTO~1\LOCALS~1\Temp\mbr.sys [MANUAL] mbr Service MSDTC Bridge 3.0.0.0 Service Outlook Service C:\Program Files\PCOptimizer\PCoptimizerService.exe [AUTO] PCO scheduler service Service C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink Service C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys (Rksample WDM driver/Conexant) [MANUAL] Rksample Service [MANUAL] SANDRA Service C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] Secdrv Service ServiceModelEndpoint 3.0.0.0 Service ServiceModelOperation 3.0.0.0 Service ServiceModelService 3.0.0.0 Service C:\WINDOWS\system32\drivers\sis7012.sys (SiS 7012 Audio Device WDM Driver/Silicon Integrated Systems Corporation) [MANUAL] SiS7012 Service C:\WINDOWS\System32\DRIVERS\SISAGPX.sys (SiS NT AGP Filter/Silicon Integrated Systems Corporation) [bOOT] sisagp Service C:\WINDOWS\System32\DRIVERS\sisnic.sys (SiS PCI Fast Ethernet Adapter Driver/SiS Corporation) [MANUAL] SISNIC Service SMSvcHost 3.0.0.0 Service C:\WINDOWS\system32\DRIVERS\pfc027.sys [MANUAL] SoC PC-Camera Service Service C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys (FaxNT driver/Conexant) [AUTO] SoftFax Service C:\WINDOWS\System32\Drivers\sptd.sys [bOOT] sptd Service C:\WINDOWS\System32\Drivers\Capt905c.sys (Universal Serial Bus Camera Driver/Service & Quality Technology.) [MANUAL] SQTECH905C Service C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (AVIRA SnapShot Driver/Avira GmbH) [sYSTEM] ssmdrv Service C:\WINDOWS\system32\DRIVERS\StreamIP.sys (Microsoft IP Test Driver/Microsoft Corporation) [MANUAL] streamip Service C:\WINDOWS\system32\drivers\tmcomm.sys (TrendMicro Common Module/Trend Micro Inc.) [AUTO] tmcomm Service C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys (TonesNT driver/Conexant) [AUTO] Tones Service C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS (TVicHW32 Driver for Windows NT/2000/XP/EnTech Taiwan) [MANUAL] TVICHW32 Service C:\WINDOWS\System32\DRIVERS\HSF_V124.sys (V124NT driver/Conexant) [AUTO] V124 Service C:\WINDOWS\system32\DRIVERS\VComm.sys (Bluetooth Serial Port Driver/IVT Corporation) [MANUAL] VComm Service C:\WINDOWS\System32\Drivers\VcommMgr.sys (Bluetooth VcommMgr driver/IVT Corporation) [MANUAL] VcommMgr Service Windows Workflow Foundation 3.0.0.0 Service Wmi ---- EOF - GMER 1.0.15 ----

Bonjour, Je vous demande de l'aide car je ne sais plus quoi faire. Je n'ai aucun antivirus qui marche ( ils se ferment tous avant la fin du scan) même ceux en ligne. J'ai essayé beaucoup de logiciel comme spybot, malwarebytes, ad aware mais pas de trace de virus pour ceux qui arrive a faire une analyse ou carrement je ne peux pas les faire idem pour findykill qui se ferme à 90% du scanne.J'ai même aujourd'hui des difficultés à demarer mon ordi qui apparement arrive à s'ouvrir que si je déconnecte ma prise ethernet et que je la connecte qu'après.J'ai reussi à faire un rapport hijackthis. Quelqu'un pourrait-il me venir en aide???? Merci Voici le rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:03:18, on 22/09/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16876) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\PCOptimizer\PCoptimizerService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\MSMSGS.EXE C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\chantounette\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll O14 - IERESET.INF: START_PAGE_URL=http://www.unika.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6796.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145428770828 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1158594098843 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://drivers1.free.fr/telecharger.php?id=2&version= O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurate...countHelper.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...5/installer.exe O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.jeuxvideopc.com/jeux-en-ligne/p...ader_v10_fr.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: PCO scheduler service - Unknown owner - C:\Program Files\PCOptimizer\PCoptimizerService.exe O24 - Desktop Component 0: (no name) - http://idata.over-blog.com/0/08/04/72/fresque/requin.jpg -- End of file - 10825 bytes