probleme svchost.exe

[titoine63]

alors j'ai regarder partout, ca fait une journée que je cherche, et rien. donc je poste mon truc:

dans mon gestionnaire de taches, ya 6 svchost.exe et celui qui prend toute mon u.c. a nimporte quel moment (souvent juste apres le démarage) , il fait parti du "SYSTEM" (et pas service local ou service reseaux). j'avais pas de pare feu, j'avais juste avast, et ad-aware. j'ai télécharger zone-alarme ce matin, et il m'a dit direct que svchost voulais se conecter sur internet. le probleme c'est que si je termine ce processus, je peux plus me conecter. donc je suis obligé de l'autoriser, et tous les 5 min, j'ai une alerte de zone alarme, qui me dit que quelqu'un essaye de se connecter a mon ordi. j'en ai marre d'entendre mon ordi ramer pendant 20 minutes, alors j'aimerais bien un peu d'aide! je suis sous xp familial SP 2 , 1Go de ram, bref il devrait bien tourner.. mais la, j'en peux plus... j'ai mis ca ici, car je crois que c'est peut etre un ver., mais j'en ai aucune idée, et mes connaissances en informatique ne sont pas faramineuses... voila pourquoi je fais appel a vous! merci d'avance

[titoine63]

je viens de faire un scan hijackthis , si ca peut vous aider :

 

 

Logfile of HijackThis v1.99.1

Scan saved at 15:10:30, on 11/04/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\DAEMON Tools\daemon.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\Messenger\msmsgs.exe

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Windows Media Player\WMPNetwk.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Wanadoo\GestionnaireInternet.exe

C:\Program Files\Wanadoo\ComComp.exe

C:\PROGRA~1\Wanadoo\Toaster.exe

C:\PROGRA~1\Wanadoo\Inactivity.exe

C:\PROGRA~1\Wanadoo\PollingModule.exe

C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE

C:\Program Files\Wanadoo\Watch.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\2007\ENCWCBAR.DLL

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm

O16 - DPF: Interface Chat Voila - http://chat10.x-echo.com/version6/Applet/vchatsign.cab

O16 - DPF: Interface Chat Wanadoo - http://chat4.x-echo.com/version8/Applet/wchatsign.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1175850351484

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://departenvacances.auto.orange.fr/Com...sCamControl.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{010EA7C5-BE7F-4285-B934-1E9EA522012B}: NameServer = 80.10.246.1 80.10.246.132

O17 - HKLM\System\CS3\Services\Tcpip\..\{010EA7C5-BE7F-4285-B934-1E9EA522012B}: NameServer = 80.10.246.1 80.10.246.132

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Fichiers communs\SC Test Branding 1 Shared\Service\SCTestService1.exe

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

[titoine63]

personne peut m'aider??????? parce que ca commence vraiment a m'enerver d'entendre mon ordi ramer comme un fou.... plizzzzzz help ....

[titoine63]

ca merde toujours... zone alarme a bloqué 250 intrusions depuis hier midi... si c'est normal... j'ai vraiment besoin d'aide....

[titoine63]

up! please

[Thanos]

salut,

 

Télécharge et lance DiagHelp comme montré dans ce tutoriel> http://www.malekal.com/DiagHelp/DiagHelp.php

Ne lance que l'option 1 et poste le rapport stp.Attention: n'oublie pas d'appuyer sur une touche lorsque cela te sera demandé à la fin du rapport Catchme.

[titoine63]

j'ai fait une analyse en ligne avec trend micro, et avec kaspersky, et rien. je vien de faire ce que tu m'as dit et voila le rapport(et merci ) :

 

 

 

C:\WINDOWS\System32/drivers\aswRdr.sys -->15/01/2007 19:26:08

C:\WINDOWS\System32/drivers\aswTdi.sys -->15/01/2007 19:25:24

C:\WINDOWS\System32/drivers\aswmon.sys -->21/12/2006 01:56:13

C:\WINDOWS\System32/drivers\aswmon2.sys -->21/12/2006 01:56:00

C:\WINDOWS\System32/drivers\aavmker4.sys -->21/12/2006 01:51:58

C:\WINDOWS\System32/drivers\wpdusb.sys -->18/10/2006 21:00:00

C:\WINDOWS\System32/drivers\WudfRd.sys -->28/09/2006 20:00:34

 

C:\WINDOWS\System32\wpa.dbl -->12/04/2007 20:21:13

C:\WINDOWS\System32\nvapps.xml -->12/04/2007 20:21:08

C:\WINDOWS\System32\vsconfig.xml -->12/04/2007 20:21:05

C:\WINDOWS\System32\zllictbl.dat -->12/04/2007 20:19:05

C:\WINDOWS\System32\Uninstall.ico -->11/04/2007 14:00:17

C:\WINDOWS\System32\Help.ico -->11/04/2007 14:00:17

C:\WINDOWS\System32\pavas.ico -->11/04/2007 14:00:16

C:\WINDOWS\System32\FNTCACHE.DAT -->05/04/2007 07:19:24

C:\WINDOWS\System32\MRT.exe -->03/04/2007 22:48:52

C:\WINDOWS\System32\perfh00C.dat -->25/03/2007 10:55:32

C:\WINDOWS\System32\perfh009.dat -->25/03/2007 10:55:32

C:\WINDOWS\System32\perfc00C.dat -->25/03/2007 10:55:32

C:\WINDOWS\System32\perfc009.dat -->25/03/2007 10:55:31

C:\WINDOWS\System32\PerfStringBackup.INI -->25/03/2007 10:55:30

C:\WINDOWS\System32\winsrv.dll -->17/03/2007 15:44:47

C:\WINDOWS\System32\SETE.tmp -->15/03/2007 18:16:48

C:\WINDOWS\System32\xpsp3res.dll -->09/03/2007 13:51:20

C:\WINDOWS\System32\vsutil_loc040c.dll -->09/03/2007 00:03:04

C:\WINDOWS\System32\imslsp_install_loc040c.dll -->09/03/2007 00:02:58

C:\WINDOWS\System32\imsinstall_loc040c.dll -->09/03/2007 00:02:58

C:\WINDOWS\System32\vsdatant.sys -->09/03/2007 00:02:10

C:\WINDOWS\System32\zpeng24.dll -->09/03/2007 00:01:42

C:\WINDOWS\System32\zlcommdb.dll -->09/03/2007 00:01:32

C:\WINDOWS\System32\zlcomm.dll -->09/03/2007 00:01:30

C:\WINDOWS\System32\vsxml.dll -->09/03/2007 00:01:30

 

C:\WINDOWS\setupapi.log -->12/04/2007 22:16:16

C:\WINDOWS.log -->12/04/2007 20:21:04

C:\WINDOWS\wiadebug.log -->12/04/2007 20:21:02

C:\WINDOWS\WindowsUpdate.log -->12/04/2007 20:21:01

C:\WINDOWS\wiaservc.log -->12/04/2007 20:20:58

C:\WINDOWS\bootstat.dat -->12/04/2007 20:20:48

C:\WINDOWS\SchedLgU.Txt -->12/04/2007 20:19:43

C:\WINDOWS\spupdsvc.log -->12/04/2007 12:57:39

C:\WINDOWS\ie7_main.log -->12/04/2007 12:53:45

C:\WINDOWS\tsoc.log -->12/04/2007 12:51:05

C:\WINDOWS\ocmsn.log -->12/04/2007 12:51:05

C:\WINDOWS\ocgen.log -->12/04/2007 12:51:05

C:\WINDOWS\ntdtcsetup.log -->12/04/2007 12:51:05

C:\WINDOWS\msgsocm.log -->12/04/2007 12:51:05

C:\WINDOWS\imsins.log -->12/04/2007 12:51:05

 

C:\WINDOWS\amcap.exe |29/01/2005 17:19:31

C:\WINDOWS\CleanDev.exe |29/01/2005 17:19:31

C:\WINDOWS\enddisk32.exe |31/07/2006 18:52:10

C:\WINDOWS\IsUn040c.exe |16/08/2004 19:25:14

C:\WINDOWS\IsUninst.exe |30/12/2004 16:12:05

C:\WINDOWS\ov519cap.exe |29/01/2005 17:19:31

C:\WINDOWS\PATCH.EXE |13/08/2006 14:05:00

C:\WINDOWS\runtsckl.exe |02/11/2005 19:07:12

C:\WINDOWS\slrundll.exe |01/01/1980 01:00:00

C:\WINDOWS\tsc.exe |13/08/2006 15:15:44

C:\WINDOWS\twunk_16.exe |16/08/2004 18:41:16

C:\WINDOWS\twunk_32.exe |16/08/2004 18:41:16

C:\WINDOWS\unin040c.exe |16/04/2005 12:43:47

C:\WINDOWS\uninst.exe |27/12/2005 16:29:54

C:\WINDOWS\UNNeroBackItUp.exe |12/09/2005 16:13:46

C:\WINDOWS\UNNeroMediaHome.exe |12/09/2005 16:13:46

C:\WINDOWS\UNNeroShowTime.exe |12/09/2005 16:13:46

C:\WINDOWS\UNNeroVision.exe |12/09/2005 16:13:46

C:\WINDOWS\UNRecode.exe |12/09/2005 16:13:46

C:\WINDOWS\unvise32qt.exe |30/12/2004 16:19:15

C:\WINDOWS\zllsputility.exe |12/04/2007 20:17:11

C:\WINDOWS\AuHCcup1.dll |23/07/1999 10:53:20

C:\WINDOWS\BPMNT.dll |13/08/2006 15:15:43

C:\WINDOWS\hcextoutput.dll |13/08/2006 15:15:44

C:\WINDOWS\impborl.dll |26/05/2005 15:52:05

C:\WINDOWS\jRegistryKey.dll |30/12/2004 16:20:09

C:\WINDOWS\loadhttp.dll |15/10/2002 15:29:40

C:\WINDOWS\ov519dib.dll |29/01/2005 17:19:31

C:\WINDOWS\patchw32.dll |14/12/2001 14:34:46

C:\WINDOWS\TMUPDATE.DLL |13/08/2006 14:05:01

C:\WINDOWS\twain.dll |16/08/2004 18:41:16

C:\WINDOWS\twain_32.dll |16/08/2004 18:41:16

C:\WINDOWS\UNZIP.DLL |13/08/2006 14:05:01

C:\WINDOWS\vsapi32.dll |13/08/2006 15:15:43

C:\WINDOWS\WRServices.dll |18/11/2005 02:23:21

C:\WINDOWS\zllsputility_loc040c.dll |12/04/2007 20:17:17

C:\WINDOWS\system32\append.exe |16/08/2004 18:39:57

C:\WINDOWS\system32\aswBoot.exe |15/08/2006 12:39:02

C:\WINDOWS\system32\debug.exe |16/08/2004 18:40:04

C:\WINDOWS\system32\dosx.exe |16/08/2004 18:40:08

C:\WINDOWS\system32\dvdplay.exe |23/08/2001 18:47:34

C:\WINDOWS\system32\edlin.exe |16/08/2004 18:40:20

C:\WINDOWS\system32\exe2bin.exe |16/08/2004 18:40:21

C:\WINDOWS\system32\fastopen.exe |16/08/2004 18:40:21

C:\WINDOWS\system32\FTRTSVC.exe |31/07/2006 18:51:18

C:\WINDOWS\system32\IPDETECT.EXE |31/07/2006 18:52:14

C:\WINDOWS\system32\java.exe |10/02/2007 02:36:47

C:\WINDOWS\system32\javaw.exe |10/02/2007 02:36:47

C:\WINDOWS\system32\javaws.exe |10/02/2007 02:36:47

C:\WINDOWS\system32\keystone.exe |30/12/2004 16:13:28

C:\WINDOWS\system32\mem.exe |16/08/2004 18:40:35

C:\WINDOWS\system32\mscdexnt.exe |16/08/2004 18:40:39

C:\WINDOWS\system32\mstdax32.exe |15/08/2006 12:04:04

C:\WINDOWS\system32\NeroCheck.exe |09/07/2001 11:50:42

C:\WINDOWS\system32\nlsfunc.exe |16/08/2004 18:40:48

C:\WINDOWS\system32\nvappbar.exe |30/12/2004 16:13:28

C:\WINDOWS\system32\nvdspsch.exe |30/12/2004 16:13:28

C:\WINDOWS\system32\nvsvc32.exe |01/01/1980 01:00:00

C:\WINDOWS\system32\nvudisp.exe |30/12/2004 16:13:28

C:\WINDOWS\system32\nwiz.exe |30/12/2004 16:13:29

C:\WINDOWS\system32\pxcpya64.exe |20/11/2005 10:50:25

C:\WINDOWS\system32\pxcpyi64.exe |20/11/2005 10:50:25

C:\WINDOWS\system32\pxhpinst.exe |20/11/2005 10:50:24

C:\WINDOWS\system32\pxinsa64.exe |20/11/2005 10:50:24

C:\WINDOWS\system32\pxinsi64.exe |20/11/2005 10:50:25

C:\WINDOWS\system32\redir.exe |16/08/2004 18:41:00

C:\WINDOWS\system32\setver.exe |16/08/2004 18:41:03

C:\WINDOWS\system32\share.exe |16/08/2004 18:41:03

C:\WINDOWS\system32\slrundll.exe |30/12/2004 16:07:12

C:\WINDOWS\system32\slserv.exe |30/12/2004 16:07:12

C:\WINDOWS\system32\unaddrv.exe |31/07/2006 18:52:08

C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 18:47:48

C:\WINDOWS\system32\usrprbda.exe |23/08/2001 18:47:48

C:\WINDOWS\system32\usrshuta.exe |23/08/2001 18:47:48

C:\WINDOWS\system32\ADADIX16.DLL |31/07/2006 18:52:08

C:\WINDOWS\system32\ADADIX2K.DLL |31/07/2006 18:52:08

C:\WINDOWS\system32\adadix32.dll |31/07/2006 18:52:14

C:\WINDOWS\system32\amstream.dll |16/08/2004 18:39:57

C:\WINDOWS\system32\atmfd.dll |16/08/2004 18:39:57

C:\WINDOWS\system32\atmlib.dll |16/08/2004 18:39:57

C:\WINDOWS\system32\CmdLineExt.dll |18/10/2006 17:08:40

C:\WINDOWS\system32\coclassfast.dll |31/07/2006 18:52:10

C:\WINDOWS\system32\compatUI.dll |16/08/2004 18:40:03

C:\WINDOWS\system32\dgrpsetu.dll |16/08/2004 18:55:15

C:\WINDOWS\system32\dgsetup.dll |16/08/2004 18:55:15

C:\WINDOWS\system32\EBPCHP.DLL |30/01/2005 14:18:00

C:\WINDOWS\system32\EBPMON24.DLL |30/01/2005 14:18:00

C:\WINDOWS\system32\ECBTEG.DLL |30/01/2005 14:18:00

C:\WINDOWS\system32\encdec.dll |16/08/2004 18:40:21

C:\WINDOWS\system32\Epcmlib.dll |30/01/2005 14:19:38

C:\WINDOWS\system32\EqnClass.Dll |16/08/2004 18:55:15

C:\WINDOWS\system32\E_DCINST.DLL |30/01/2005 14:18:00

C:\WINDOWS\system32\ffJmpWeb.dll |25/06/2006 11:17:53

C:\WINDOWS\system32\gigagetbho_v10.dll |04/01/2007 23:46:07

C:\WINDOWS\system32\hticons.dll |16/08/2004 19:03:32

C:\WINDOWS\system32\hypertrm.dll |16/08/2004 19:03:05

C:\WINDOWS\system32\iccvid.dll |16/08/2004 18:40:27

C:\WINDOWS\system32\IfHelper.dll |31/07/2006 18:51:20

C:\WINDOWS\system32\imagX7.dll |26/07/2004 17:16:10

C:\WINDOWS\system32\imagXpr7.dll |26/07/2004 17:16:10

C:\WINDOWS\system32\imagXR7.dll |26/07/2004 17:16:10

C:\WINDOWS\system32\imagXRA7.dll |26/07/2004 17:16:10

C:\WINDOWS\system32\impborl.dll |26/05/2005 15:46:28

C:\WINDOWS\system32\imsinstall_loc040c.dll |12/04/2007 20:17:17

C:\WINDOWS\system32\imslsp_install_loc040c.dll |12/04/2007 20:17:17

C:\WINDOWS\system32\Inetwh32.dll |30/12/2004 16:18:46

C:\WINDOWS\system32\ir32_32.dll |07/11/1995 14:46:00

C:\WINDOWS\system32\ir41_qc.dll |22/03/1998 15:34:14

C:\WINDOWS\system32\ir41_qcx.dll |22/03/1998 15:34:14

C:\WINDOWS\system32\ir50_32.dll |17/05/1999 15:12:56

C:\WINDOWS\system32\ir50_lcs.dll |06/11/1997 14:53:30

C:\WINDOWS\system32\ir50_qc.dll |07/10/1998 17:46:18

C:\WINDOWS\system32\ir50_qcx.dll |07/10/1998 17:50:22

C:\WINDOWS\system32\isrdbg32.dll |16/08/2004 19:06:15

C:\WINDOWS\system32\jgaw400.dll |16/08/2004 18:40:31

C:\WINDOWS\system32\jgdw400.dll |16/08/2004 18:40:31

C:\WINDOWS\system32\jgmd400.dll |16/08/2004 18:40:31

C:\WINDOWS\system32\jgpl400.dll |16/08/2004 18:40:31

C:\WINDOWS\system32\jgsd400.dll |16/08/2004 18:40:31

C:\WINDOWS\system32\jgsh400.dll |16/08/2004 18:40:31

C:\WINDOWS\system32\LEXCFI.DLL |21/01/2007 13:20:12

C:\WINDOWS\system32\LEXDRVX.DLL |21/01/2007 13:20:12

C:\WINDOWS\system32\lexlog.dll |21/01/2007 13:20:19

C:\WINDOWS\system32\lfbmp11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\lfbmp13n.dll |27/06/2005 18:51:48

C:\WINDOWS\system32\LFCMP11n.DLL |07/06/2002 04:02:00

C:\WINDOWS\system32\lfcmp13n.dll |27/06/2005 18:51:48

C:\WINDOWS\system32\lfeps11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\lffax11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\lfgif11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\lfgif13n.dll |27/06/2005 18:51:49

C:\WINDOWS\system32\lfpcd11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\lfpcx11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\Lfpng11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\lfpsd11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\lftga11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\lftif11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\lfwmf11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\libeay32.dll |28/04/2005 06:22:34

C:\WINDOWS\system32\libeay32_0.9.6l.dll |12/04/2007 20:16:58

C:\WINDOWS\system32\LMAAP2BJ.DLL |21/01/2007 13:20:10

C:\WINDOWS\system32\LTDIS11n.dll |07/06/2002 04:02:00

C:\WINDOWS\system32\ltdis13n.dll |27/06/2005 18:51:48

C:\WINDOWS\system32\ltefx13n.dll |27/06/2005 18:51:48

C:\WINDOWS\system32\ltfil11n.DLL |07/06/2002 04:02:00

C:\WINDOWS\system32\ltfil13n.dll |27/06/2005 18:51:48

C:\WINDOWS\system32\ltimg11n.dll |07/06/2002 04:02:02

C:\WINDOWS\system32\ltimg13n.dll |27/06/2005 18:51:48

C:\WINDOWS\system32\ltkrn11n.dll |07/06/2002 04:02:02

C:\WINDOWS\system32\ltkrn13n.dll |27/06/2005 18:51:48

C:\WINDOWS\system32\Ltwvc11n.dll |07/06/2002 04:02:02

C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 18:47:06

C:\WINDOWS\system32\MMSwitch.dll |15/11/2002 14:11:26

C:\WINDOWS\system32\msdmo.dll |16/08/2004 18:40:40

C:\WINDOWS\system32\msencode.dll |16/08/2004 18:40:40

C:\WINDOWS\system32\NeroCo.dll |16/02/2005 15:18:04

C:\WINDOWS\system32\nv4_disp.dll |30/12/2004 16:06:53

C:\WINDOWS\system32\nvcod.dll |01/01/1980 01:00:00

C:\WINDOWS\system32\nvcodins.dll |01/01/1980 01:00:00

C:\WINDOWS\system32\nvcpl.dll |01/01/1980 01:00:00

C:\WINDOWS\system32\nview.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvmctray.dll |01/01/1980 01:00:00

C:\WINDOWS\system32\nvnt4cpl.dll |01/01/1980 01:00:00

C:\WINDOWS\system32\nvoglnt.dll |01/01/1980 01:00:00

C:\WINDOWS\system32\nvrsar.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrscs.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrsda.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrsde.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrsel.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrseng.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrses.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrsesm.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrsfi.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrsfr.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrshe.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrshu.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrsit.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrsja.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrsko.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrsnl.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvrsno.dll |30/12/2004 16:13:30

C:\WINDOWS\system32\nvrspl.dll |30/12/2004 16:13:30

C:\WINDOWS\system32\nvrspt.dll |30/12/2004 16:13:30

C:\WINDOWS\system32\nvrsptb.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvrsru.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvrssk.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvrssl.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvrssv.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvrstr.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvrszhc.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvrszht.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvshell.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwddi.dll |01/01/1980 01:00:00

C:\WINDOWS\system32\nvwdmcpl.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwimg.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrsar.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrscs.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrsda.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrsde.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrsel.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrseng.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrses.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrsesm.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrsfi.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrsfr.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrshe.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrshu.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrsit.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrsja.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrsko.dll |30/12/2004 16:13:29

C:\WINDOWS\system32\nvwrsnl.dll |30/12/2004 16:13:30

C:\WINDOWS\system32\nvwrsno.dll |30/12/2004 16:13:30

C:\WINDOWS\system32\nvwrspl.dll |30/12/2004 16:13:30

C:\WINDOWS\system32\nvwrspt.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvwrsptb.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvwrsru.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvwrssk.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvwrssl.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvwrssv.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvwrstr.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvwrszhc.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\nvwrszht.dll |30/12/2004 16:13:31

C:\WINDOWS\system32\ogg.dll |14/12/2002 23:46:02

C:\WINDOWS\system32\oggDS.dll |14/12/2002 23:46:02

C:\WINDOWS\system32\ov519ext.dll |29/01/2005 22:40:49

C:\WINDOWS\system32\ov519usd.dll |29/01/2005 22:40:49

C:\WINDOWS\system32\paqsp.dll |23/08/2001 18:47:16

C:\WINDOWS\system32\PCDLIB32.DLL |07/06/2002 04:02:02

C:\WINDOWS\system32\pncrt.dll |30/12/2004 16:19:00

C:\WINDOWS\system32\pndx5016.dll |30/12/2004 16:19:00

C:\WINDOWS\system32\pndx5032.dll |30/12/2004 16:19:00

C:\WINDOWS\system32\pvmjpg21.dll |12/12/2002 16:33:20

C:\WINDOWS\system32\Px.dll |24/05/2004 16:28:48

C:\WINDOWS\system32\pxafs.dll |12/02/2007 12:22:51

C:\WINDOWS\system32\pxdrv.dll |10/06/2004 02:01:00

C:\WINDOWS\system32\PxMas.dll |24/05/2004 16:26:40

C:\WINDOWS\system32\pxsfs.dll |20/11/2005 10:50:24

C:\WINDOWS\system32\PxWave.dll |24/05/2004 16:26:06

C:\WINDOWS\system32\PXWMA.dll |25/03/2004 11:30:40

C:\WINDOWS\system32\qedwipes.dll |16/08/2004 18:40:58

C:\WINDOWS\system32\qt-dx331.dll |28/04/2005 06:22:38

C:\WINDOWS\system32\rmoc3260.dll |30/12/2004 16:19:01

C:\WINDOWS\system32\roboex32.dll |30/12/2004 16:18:46

C:\WINDOWS\system32\S32EVNT1.DLL |30/12/2004 16:21:52

C:\WINDOWS\system32\sbe.dll |16/08/2004 18:41:02

C:\WINDOWS\system32\slbcsp.dll |16/08/2004 18:41:05

C:\WINDOWS\system32\slbiop.dll |16/08/2004 18:41:05

C:\WINDOWS\system32\slbrccsp.dll |16/08/2004 18:41:05

C:\WINDOWS\system32\slcoinst.dll |30/12/2004 16:07:12

C:\WINDOWS\system32\slextspk.dll |30/12/2004 16:07:12

C:\WINDOWS\system32\SLGen.dll |30/12/2004 16:07:12

C:\WINDOWS\system32\spnike.dll |23/08/2001 18:47:18

C:\WINDOWS\system32\sprio600.dll |23/08/2001 18:47:18

C:\WINDOWS\system32\sprio800.dll |23/08/2001 18:47:18

C:\WINDOWS\system32\spxcoins.dll |16/08/2004 18:55:15

C:\WINDOWS\system32\ssleay32.dll |28/04/2005 06:22:34

C:\WINDOWS\system32\stci.dll |20/11/2005 20:48:02

C:\WINDOWS\system32\tsd32.dll |16/08/2004 18:41:16

C:\WINDOWS\system32\TwnLib4.dll |09/07/2004 09:43:56

C:\WINDOWS\system32\umloader.dll |07/01/2004 02:01:00

C:\WINDOWS\system32\usrcntra.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrcoina.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrdpa.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrdtea.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrlbva.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrv42a.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrv80a.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrvoica.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\usrvpa.dll |23/08/2001 18:47:20

C:\WINDOWS\system32\vidx16.dll |29/01/2005 17:15:37

C:\WINDOWS\system32\vorbis.dll |14/12/2002 23:46:02

C:\WINDOWS\system32\vorbisenc.dll |14/12/2002 22:46:04

C:\WINDOWS\system32\vp6vfw.dll |30/08/2004 14:25:24

C:\WINDOWS\system32\vsdata.dll |12/04/2007 20:16:19

C:\WINDOWS\system32\VSFilter.dll |13/08/2004 00:11:14

C:\WINDOWS\system32\vsinit.dll |12/04/2007 20:16:19

C:\WINDOWS\system32\vsmonapi.dll |12/04/2007 20:16:49

C:\WINDOWS\system32\vspubapi.dll |12/04/2007 20:16:49

C:\WINDOWS\system32\vsregexp.dll |12/04/2007 20:16:58

C:\WINDOWS\system32\vsutil.dll |12/04/2007 20:16:19

C:\WINDOWS\system32\vsutil_loc040c.dll |12/04/2007 20:17:17

C:\WINDOWS\system32\vswmi.dll |12/04/2007 20:16:50

C:\WINDOWS\system32\vsxml.dll |12/04/2007 20:16:49

C:\WINDOWS\system32\VXBLOCK.dll |20/05/2004 02:00:00

C:\WINDOWS\system32\W32n50.dll |31/07/2006 18:51:26

C:\WINDOWS\system32\win87em.dll |16/08/2004 18:41:22

C:\WINDOWS\system32\WooDial2000.dll |29/01/2005 13:39:52

C:\WINDOWS\system32\xvidcore.dll |20/12/2004 12:03:26

C:\WINDOWS\system32\xvidvfw.dll |20/12/2004 12:08:28

C:\WINDOWS\system32\zlcomm.dll |12/04/2007 20:16:56

C:\WINDOWS\system32\zlcommdb.dll |12/04/2007 20:16:56

C:\WINDOWS\system32\zpeng24.dll |12/04/2007 20:16:49

 

Le volume dans le lecteur C s'appelle HDD

Le numéro de série du volume est 9C1D-20C1

 

Répertoire de C:\WINDOWS\system32

 

05/08/2004 15:00 6 144 csrss.exe

1 fichier(s) 6 144 octets

0 Rép(s) 83 016 400 896 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C s'appelle HDD

Le numéro de série du volume est 9C1D-20C1

 

Répertoire de C:\WINDOWS\Downloaded Program Files

 

12/04/2007 22:16 <REP> .

12/04/2007 22:16 <REP> ..

24/08/2006 08:28 141 424 asinst.dll

22/08/2006 09:06 537 asinst.inf

15/11/2001 17:42 325 AxisCamControl.inf

15/11/2001 17:40 221 184 AxisCamControl.ocx

08/11/2001 10:59 192 512 CamCli.dll

16/08/2004 19:08 65 desktop.ini

25/06/2006 13:50 1 793 erma.inf

22/11/2006 23:22 372 736 GAME_UNO1.dll

22/11/2006 20:50 316 GAME_UNO1.INF

14/10/2006 01:16 723 hcImpl.inf

25/10/2006 13:18 385 536 Housecall_ActiveX.dll

18/08/1999 08:54 180 224 ijl11.dll

24/10/2005 18:19 1 665 Interface Chat Voila.osd

02/08/2006 11:24 1 659 Interface Chat Wanadoo.osd

15/09/2004 10:20 740 jinstall-1_5_0.inf

30/01/2007 17:28 902 jinstall-1_5_0_11.inf

08/08/2006 11:45 576 kavwebscan.inf

22/02/2007 23:41 304 544 MessengerStatsPAClient.dll

20/01/2000 16:25 1 162 Microsoft XML Parser for Java.osd

28/02/2007 14:21 130 472 MineSweeper.dll

28/02/2007 14:21 131 472 msgrchkr.dll

08/10/2004 16:01 372 736 MsnPUpld.dll

08/10/2004 16:13 587 MSNPupld.inf

25/11/2005 13:35 63 056 MusicManagerUnInstaller.exe

26/05/2005 04:19 293 muweb.inf

19/06/2002 14:11 117 088 PURen-us.dll

31/05/2002 09:20 117 328 PURfr-fr.dll

15/10/2004 07:59 110 592 PURfr-xx.dll

09/11/2006 15:36 5 019 swflash.inf

29 fichier(s) 2 857 266 octets

 

Total des fichiers listés :

29 fichier(s) 2 857 266 octets

2 Rép(s) 83 016 396 800 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

 

 

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006

http://www.gmer.net

 

scanning hidden processes ...

 

scanning hidden services ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 0

 

Liste des programmes installes

 

Ad-Aware SE Personal

Adobe Flash Player 9 ActiveX

Adobe Help Center 2.0

Adobe Photoshop Elements 4.0

Adobe Photoshop Elements 4.0

Adobe Reader 6.0 - Français

Archiveur WinRAR

Audacity 1.2.4

avast! Antivirus

Correctif pour Windows XP (KB914440)

Correctif Windows XP - KB834707

Correctif Windows XP - KB867282

Correctif Windows XP - KB873333

Correctif Windows XP - KB873339

Correctif Windows XP - KB885250

Correctif Windows XP - KB885835

Correctif Windows XP - KB885836

Correctif Windows XP - KB886185

Correctif Windows XP - KB887472

Correctif Windows XP - KB887742

Correctif Windows XP - KB888113

Correctif Windows XP - KB888302

Correctif Windows XP - KB890047

Correctif Windows XP - KB890175

Correctif Windows XP - KB890859

Correctif Windows XP - KB890923

Correctif Windows XP - KB891781

Correctif Windows XP - KB893066

Correctif Windows XP - KB893086

Désinstallation du logiciel Lexmark

EA SPORTS online 2007

EPSON Logiciel imprimante

EPSON PhotoQuicker3.5

EPSON PRINT Image Framer Tool2.1

EPSON Web-To-Page

ESC66 Guide de référence

ESC66 Guide des logiciels

FEARCombat

FIFA 07

GameSpy Arcade

Gestionnaire Internet

Google Earth

HijackThis 1.99.1

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Format SDK (KB902344)

Hotfix for Windows XP (KB915865)

Hotfix for Windows XP (KB926239)

J2SE Runtime Environment 5.0

J2SE Runtime Environment 5.0 Update 11

Just Cause Demo 1.00.0000

Kaspersky Online Scanner

Lecteur Windows Media 11

Les Indispensables Éducation pour Microsoft Office

Little Fighter 2 v1.9

LNF Manager 2002

Messenger Plus! 3

Messenger Plus! Live

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 French Language Pack

Microsoft .NET Framework 1.1 Hotfix (KB886903)

Microsoft .NET Framework 2.0

Microsoft .NET Framework 2.0

Microsoft .NET Framework 2.0 Language Pack - FRA

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Encarta 2007 - Études

Microsoft Encarta Maths

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Money

Microsoft Motocross Madness 2

Microsoft National Language Support Downlevel APIs

Microsoft Office Professional Edition 2003

Microsoft Office Standard Edition 2003

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Works 7.0

Mise à jour de sécurité pour Lecteur Windows Media (KB911564)

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)

Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)

Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)

Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)

Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)

Mise à jour de sécurité pour Windows XP (KB883939)

Mise à jour de sécurité pour Windows XP (KB890046)

Mise à jour de sécurité pour Windows XP (KB893756)

Mise à jour de sécurité pour Windows XP (KB896358)

Mise à jour de sécurité pour Windows XP (KB896422)

Mise à jour de sécurité pour Windows XP (KB896423)

Mise à jour de sécurité pour Windows XP (KB896424)

Mise à jour de sécurité pour Windows XP (KB896428)

Mise à jour de sécurité pour Windows XP (KB896688)

Mise à jour de sécurité pour Windows XP (KB899587)

Mise à jour de sécurité pour Windows XP (KB899588)

Mise à jour de sécurité pour Windows XP (KB899591)

Mise à jour de sécurité pour Windows XP (KB900725)

Mise à jour de sécurité pour Windows XP (KB901017)

Mise à jour de sécurité pour Windows XP (KB901190)

Mise à jour de sécurité pour Windows XP (KB901214)

Mise à jour de sécurité pour Windows XP (KB902400)

Mise à jour de sécurité pour Windows XP (KB903235)

Mise à jour de sécurité pour Windows XP (KB904706)

Mise à jour de sécurité pour Windows XP (KB905414)

Mise à jour de sécurité pour Windows XP (KB905749)

Mise à jour de sécurité pour Windows XP (KB905915)

Mise à jour de sécurité pour Windows XP (KB908519)

Mise à jour de sécurité pour Windows XP (KB908531)

Mise à jour de sécurité pour Windows XP (KB911280)

Mise à jour de sécurité pour Windows XP (KB911562)

Mise à jour de sécurité pour Windows XP (KB911567)

Mise à jour de sécurité pour Windows XP (KB911927)

Mise à jour de sécurité pour Windows XP (KB912812)

Mise à jour de sécurité pour Windows XP (KB912919)

Mise à jour de sécurité pour Windows XP (KB913446)

Mise à jour de sécurité pour Windows XP (KB913580)

Mise à jour de sécurité pour Windows XP (KB914388)

Mise à jour de sécurité pour Windows XP (KB914389)

Mise à jour de sécurité pour Windows XP (KB916281)

Mise à jour de sécurité pour Windows XP (KB917159)

Mise à jour de sécurité pour Windows XP (KB917344)

Mise à jour de sécurité pour Windows XP (KB917422)

Mise à jour de sécurité pour Windows XP (KB917953)

Mise à jour de sécurité pour Windows XP (KB918118)

Mise à jour de sécurité pour Windows XP (KB918439)

Mise à jour de sécurité pour Windows XP (KB918899)

Mise à jour de sécurité pour Windows XP (KB919007)

Mise à jour de sécurité pour Windows XP (KB920213)

Mise à jour de sécurité pour Windows XP (KB920214)

Mise à jour de sécurité pour Windows XP (KB920670)

Mise à jour de sécurité pour Windows XP (KB920683)

Mise à jour de sécurité pour Windows XP (KB920685)

Mise à jour de sécurité pour Windows XP (KB921398)

Mise à jour de sécurité pour Windows XP (KB921883)

Mise à jour de sécurité pour Windows XP (KB922616)

Mise à jour de sécurité pour Windows XP (KB922760)

Mise à jour de sécurité pour Windows XP (KB922819)

Mise à jour de sécurité pour Windows XP (KB923191)

Mise à jour de sécurité pour Windows XP (KB923414)

Mise à jour de sécurité pour Windows XP (KB923694)

Mise à jour de sécurité pour Windows XP (KB923980)

Mise à jour de sécurité pour Windows XP (KB924191)

Mise à jour de sécurité pour Windows XP (KB924270)

Mise à jour de sécurité pour Windows XP (KB924496)

Mise à jour de sécurité pour Windows XP (KB924667)

Mise à jour de sécurité pour Windows XP (KB925454)

Mise à jour de sécurité pour Windows XP (KB925486)

Mise à jour de sécurité pour Windows XP (KB925902)

Mise à jour de sécurité pour Windows XP (KB926255)

Mise à jour de sécurité pour Windows XP (KB926436)

Mise à jour de sécurité pour Windows XP (KB927779)

Mise à jour de sécurité pour Windows XP (KB927802)

Mise à jour de sécurité pour Windows XP (KB928090)

Mise à jour de sécurité pour Windows XP (KB928255)

Mise à jour de sécurité pour Windows XP (KB928843)

Mise à jour de sécurité pour Windows XP (KB929969)

Mise à jour de sécurité pour Windows XP (KB930178)

Mise à jour de sécurité pour Windows XP (KB931261)

Mise à jour de sécurité pour Windows XP (KB931784)

Mise à jour de sécurité pour Windows XP (KB932168)

Mise à jour Encarta_Les Indispensables Éducation

Mise à jour pour Windows XP (KB894391)

Mise à jour pour Windows XP (KB896727)

Mise à jour pour Windows XP (KB898461)

Mise à jour pour Windows XP (KB900485)

Mise à jour pour Windows XP (KB904942)

Mise à jour pour Windows XP (KB910437)

Mise à jour pour Windows XP (KB916595)

Mise à jour pour Windows XP (KB920872)

Mise à jour pour Windows XP (KB922582)

Mise à jour pour Windows XP (KB929338)

Mise à jour pour Windows XP (KB931836)

Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA

MSXML 4.0 SP2 (KB927978)

MSXML 6.0 Parser (KB927977)

Navigateur Orange

Need for Speed™ Most Wanted

Nero 7 Demo

PhotoFiltre

Poolster 1.1

SAGEM F@st 800-840

SLD Codec Pack

Sonic MyDVD

Sonic RecordNow!

Trust 320 SpaceCam

TuneUp Utilities 2006

Wanadoo

Wanadoo Messager

WebFldrs XP

Winamp (remove only)

Windows Installer 3.1 (KB893803)

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 7

Windows Live Messenger

Windows Media Format 11 runtime

Windows Media Format 11 runtime

Windows Media Player 11

ZoneAlarm

 

 

 

Le volume dans le lecteur C s'appelle HDD

Le numéro de série du volume est 9C1D-20C1

 

Répertoire de C:\Program Files

 

12/04/2007 20:16 <REP> .

12/04/2007 20:16 <REP> ..

20/11/2005 10:54 <REP> Adobe

15/08/2006 12:39 <REP> Alwil Software

30/12/2004 16:11 <REP> AMD

02/03/2006 18:23 <REP> Audacity

04/01/2006 17:06 <REP> BoontyGames

16/08/2004 19:05 <REP> ComPlus Applications

04/01/2007 19:01 <REP> cube_2004_05_22

30/12/2004 16:23 <REP> CyberLink

09/06/2006 14:55 <REP> DAEMON Tools

29/01/2005 17:12 <REP> directx

12/06/2006 08:32 <REP> EA GAMES

26/11/2006 21:22 <REP> EA SPORTS

18/10/2006 16:48 <REP> Eidos

21/01/2007 13:16 <REP> EPSON

12/02/2007 03:20 <REP> ewido anti-spyware 4.0

11/02/2007 18:11 <REP> Fichiers communs

17/02/2007 20:25 <REP> GameSpy Arcade

04/01/2007 23:46 <REP> Giganology

22/02/2006 23:09 <REP> Google

11/04/2007 15:10 <REP> HijackThis

12/04/2007 12:57 <REP> Internet Explorer

27/12/2005 16:30 <REP> J.H.C. SoftWare

10/02/2007 02:36 <REP> Java

13/08/2006 13:20 <REP> Lavasoft

12/04/2007 12:09 <REP> Learning Essentials

21/01/2007 13:20 <REP> Lexmark

21/01/2007 13:20 <REP> Lexmark_HostCD

21/01/2006 12:28 <REP> LittleFighter2

14/01/2006 20:08 <REP> Messenger

27/06/2005 21:55 <REP> Messenger Plus! 3

13/03/2007 17:33 <REP> Messenger Plus! Live

26/12/2006 12:54 <REP> MessengerPlus! 3

24/01/2007 22:03 <REP> Microsoft Etudes

16/08/2004 19:11 <REP> microsoft frontpage

26/04/2006 18:08 <REP> Microsoft Games

22/12/2005 16:21 <REP> Microsoft Money 2005

20/02/2005 12:58 <REP> microsoft office

14/01/2006 20:08 <REP> Microsoft Works

30/12/2004 16:28 <REP> Microsoft.NET

16/08/2004 19:06 <REP> Movie Maker

01/06/2005 21:07 <REP> MSN

16/08/2004 19:03 <REP> MSN Gaming Zone

22/03/2007 18:45 <REP> MSN Messenger

19/11/2006 12:57 <REP> MSXML 4.0

20/11/2005 12:14 <REP> Nero

26/09/2006 18:00 <REP> NetMeeting

16/12/2006 05:21 <REP> Outlook Express

19/03/2006 15:57 <REP> PhotoFiltre

11/05/2006 18:52 <REP> Pro Pinball

30/12/2004 16:19 <REP> QuickTime

30/12/2004 16:19 <REP> Real

21/11/2005 10:01 <REP> RegCleaner

31/07/2006 18:52 <REP> SAGEM

21/02/2007 23:19 <REP> Securitoo

16/08/2004 19:07 <REP> Services en ligne

03/02/2007 22:38 <REP> Shareaza

06/01/2007 00:38 <REP> Sierra

11/02/2007 17:53 <REP> SLD Codec Pack

20/11/2005 22:22 <REP> Softwin

30/12/2004 16:29 <REP> Sonic

12/02/2007 03:18 <REP> Sudoku Ace

20/11/2005 22:06 <REP> TGTSoft

29/01/2005 22:40 <REP> Trust 320 SpaceCam

18/11/2005 22:30 <REP> TuneUp Utilities 2006

20/12/2006 15:11 <REP> VideoLAN

30/12/2004 16:19 <REP> Viewpoint

16/05/2006 17:27 <REP> Virgin Interactive Entertainment

12/04/2007 23:26 <REP> Wanadoo

21/01/2007 12:35 <REP> Wanadoo Messager

12/02/2007 12:40 <REP> Winamp

21/01/2007 12:35 <REP> Windows Media Connect 2

08/12/2006 22:45 <REP> Windows Media Player

16/08/2004 19:03 <REP> Windows NT

18/11/2005 20:55 <REP> WinRAR

16/08/2004 19:11 <REP> xerox

15/01/2006 17:05 <REP> xp-smart

12/04/2007 20:16 <REP> Zone Labs

0 fichier(s) 0 octets

79 Rép(s) 83 015 307 264 octets libres

Le volume dans le lecteur C s'appelle HDD

Le numéro de série du volume est 9C1D-20C1

 

Répertoire de C:\Program Files\fichiers communs

 

11/02/2007 18:11 <REP> .

11/02/2007 18:11 <REP> ..

20/11/2005 10:54 <REP> Adobe

20/11/2005 12:17 <REP> Ahead

18/11/2005 02:06 <REP> AOL

04/01/2006 17:00 <REP> BOONTY Shared

30/12/2004 16:28 <REP> DESIGNER

18/11/2005 23:50 <REP> InstallShield

13/08/2006 14:07 <REP> Java

12/04/2007 12:39 <REP> Microsoft Shared

16/08/2004 19:06 <REP> MSSoap

11/02/2007 18:11 <REP> NSV

30/12/2004 16:19 <REP> Nullsoft

16/08/2004 18:57 <REP> ODBC

30/12/2004 16:24 <REP> Real

13/07/2005 13:13 <REP> SC Test Branding 1 Shared

16/08/2004 19:06 <REP> Services

15/08/2006 11:11 <REP> Softwin

30/12/2004 16:29 <REP> Sonic Shared

16/08/2004 18:56 <REP> SpeechEngines

30/12/2004 16:25 <REP> SureThing Shared

20/11/2005 13:17 <REP> Symantec Shared

16/12/2006 05:21 <REP> System

30/12/2004 16:24 <REP> xing shared

0 fichier(s) 0 octets

24 Rép(s) 83 015 307 264 octets libres

Le volume dans le lecteur C s'appelle HDD

Le numéro de série du volume est 9C1D-20C1

 

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

 

30/12/2004 16:28 <REP> .

30/12/2004 16:28 <REP> ..

30/12/2004 16:28 <REP> 1033

30/12/2004 16:28 <REP> 1036

11/07/2003 11:15 1 292 872 MSONSEXT.DLL

15/07/2003 07:52 35 896 MSOSV.DLL

03/06/1999 13:09 122 937 MSOWS409.DLL

07/03/2001 08:00 127 033 MSOWS40c.DLL

11/07/2003 03:25 80 448 PKMWS.DLL

5 fichier(s) 1 659 186 octets

4 Rép(s) 83 015 307 264 octets libres

Le volume dans le lecteur C s'appelle HDD

Le numéro de série du volume est 9C1D-20C1

 

Répertoire de C:\

 

11/11/2001 00:00 68 096 diff.exe

27/08/2006 14:10 103 424 grep.exe

08/08/2006 20:10 7 680 mmc8.exe

3 fichier(s) 179 200 octets

0 Rép(s) 83 015 307 264 octets libres

c:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe

c:\Documents and Settings\ANTOINE\.housecall6.6\getMac.exe

c:\Documents and Settings\ANTOINE\.housecall6.6\patch.exe

c:\Documents and Settings\ANTOINE\.housecall6.6\tsc.exe

c:\Documents and Settings\ANTOINE\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe

c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\catchme.exe

c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\diff.exe

c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\dumphive.exe

c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\FilesInfoCmd.exe

c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\Fport.exe

c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\grep.exe

c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\LFiles.exe

c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\LISTDLLS.exe

c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\pslist.exe

c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\streams.exe

c:\Documents and Settings\ANTOINE\Bureau\DiagHelp\swreg.exe

c:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\rocky8@hotmail.fr\Sharing Folders\maillou_63@hotmail.com\MsgPlus-363.exe

c:\Documents and Settings\ANTOINE\Local Settings\Temp\AutoRun.exe

c:\Documents and Settings\ANTOINE\Local Settings\Temporary Internet Files\Content.IE5\GXEB01YF\PoolmUp[2]\PoolSetup\PoolSetup.exe

c:\Documents and Settings\ANTOINE\Local Settings\Temporary Internet Files\Content.IE5\V81OSMP5\search[1].exe&meta=

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\shareaza_2.2.3.0.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\antivir_workstation_win7u_en_h.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\audacity-win-1.2.4b.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\guide.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\justcausedemo.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lf2_v19.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\photofiltre.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\Shareaza_2.1.4.0.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\steaminstall.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\sudokuace.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\windows2000-kb823980-x86-fra.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\windowsxp-kb823980-x86-fra.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\xmoto-0.1.16-win32-setup.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\zonealarm_zone_alarm_version_gratuite_7.0.337.000_francais_10494.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\guide_v19\guide.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\bsplayer216.945_clip.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\divx521me98.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\divxinstaller.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\french_translated.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\gdivx1.9.9.5.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\media-player-classic_media_player_classic_6.4.9.0b_9x_me_.exe_francais_11019.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\mp71.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\mpsetup.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\sld.codec.pack.2.2.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\vlc-0.8.6-win32.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\winamp291.exe

c:\Documents and Settings\ANTOINE\Mes documents\docs antoine\physik\lecteur audio-video\winamp532_full.exe

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll

c:\Documents and Settings\ANTOINE\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

 

 

 

et maintenant??

[Thanos]

rien de méchantà première vue..

Fais analyser ce fichier stp > C:\mmc8.exe

 

Clique sur cette adresse => http://www.virustotal.com/flash/index_en.html

 

Tu as une case nommée "Parcourir": tu cliques dessus et une fenêtre s'ouvre=> parcours ton disque dur , et recherche le fichier mmc8.exe que tu trouveras en allant dans le dossier C:\

 

Tu cliques une fois sur le fichier mmc8.exe (il prend une couleur bleue!) puis tu cliques sur "ouvrir" en bas de la fenêtre puis sur "send" .Le scan de ce fichier va débuter.Tu n'as plus qu'à sélectionner puis copier /coller l'analyse .

Note: les fichiers uploadés sont mis en attente, car le virusscan est sollicité! patiente (un message t'indique le temps que ce prendra pour faire analyser)

 

Télécharge gmer : http://www.gmer.net/gmer.zip

Déconnecte toi d'internet si possible et ferme tous les programmes.

Décompresse le fichier zip et double-clic sur gmer.exe

 

Clic sur l'onglet "rootkit" et clic sur Scan

Lorsque le scan est terminé, clic sur "copy"

 

Ouvre le bloc-note et clic sur le Menu Edition / Coller

Le rapport doit alors apparaître.

Enregistre le fichier sur ton bureau et copie/colle le contenu ici.

Modifié le 12 avril 2007 par charles ingals

[titoine63]

Complete scanning result of "mmc8.exe", received in VirusTotal at 04.13.2007, 02:10:16 (CET).

 

Antivirus Version Update Result

AhnLab-V3 2007.4.12.0 04.12.2007 no virus found

AntiVir 7.3.1.50 04.12.2007 no virus found

Authentium 4.93.8 04.12.2007 no virus found

Avast 4.7.936.0 04.11.2007 no virus found

AVG 7.5.0.447 04.12.2007 no virus found

BitDefender 7.2 04.13.2007 no virus found

CAT-QuickHeal 9.00 04.12.2007 no virus found

ClamAV devel-20070312 04.12.2007 no virus found

DrWeb 4.33 04.12.2007 no virus found

eSafe 7.0.15.0 04.12.2007 suspicious Trojan/Worm

eTrust-Vet 30.7.3564 04.13.2007 no virus found

Ewido 4.0 04.12.2007 no virus found

FileAdvisor 1 04.13.2007 no virus found

Fortinet 2.85.0.0 04.12.2007 no virus found

F-Prot 4.3.2.48 04.12.2007 no virus found

F-Secure 6.70.13030.0 04.12.2007 no virus found

Ikarus T3.1.1.5 04.12.2007 no virus found

Kaspersky 4.0.2.24 04.13.2007 no virus found

McAfee 5007 04.12.2007 no virus found

Microsoft 1.2405 04.12.2007 no virus found

NOD32v2 2185 04.13.2007 no virus found

Norman 5.80.02 04.12.2007 no virus found

Panda 9.0.0.4 04.12.2007 Suspicious file

Prevx1 V2 04.13.2007 no virus found

Sophos 4.16.0 04.12.2007 no virus found

Sunbelt 2.2.907.0 04.07.2007 no virus found

Symantec 10 04.13.2007 no virus found

TheHacker 6.1.6.088 04.09.2007 no virus found

VBA32 3.11.3 04.12.2007 no virus found

VirusBuster 4.3.7:9 04.12.2007 no virus found

Webwasher-Gateway 6.0.1 04.12.2007 no virus found

 

voila je passe a la suite

[titoine63]

voila:

 

 

 

 

 

GMER 1.0.12.12086 - http://www.gmer.net

Rootkit scan 2007-04-13 02:58:43

Windows 5.1.2600 Service Pack 2

 

 

---- System - GMER 1.0.12 ----

 

SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort

SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile

SSDT \SystemRoot\System32\vsdatant.sys ZwCreateKey

SSDT \SystemRoot\System32\vsdatant.sys ZwCreatePort

SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess

SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx

SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection

SSDT \SystemRoot\System32\vsdatant.sys ZwCreateWaitablePort

SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile

SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteKey

SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteValueKey

SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject

SSDT sptd.sys ZwEnumerateKey

SSDT sptd.sys ZwEnumerateValueKey

SSDT \SystemRoot\System32\vsdatant.sys ZwLoadKey

SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile

SSDT sptd.sys ZwOpenKey

SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess

SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread

SSDT sptd.sys ZwQueryKey

SSDT sptd.sys ZwQueryValueKey

SSDT \SystemRoot\System32\vsdatant.sys ZwReplaceKey

SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort

SSDT \SystemRoot\System32\vsdatant.sys ZwRestoreKey

SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort

SSDT \SystemRoot\System32\vsdatant.sys ZwSetInformationFile

SSDT \SystemRoot\System32\vsdatant.sys ZwSetValueKey

SSDT \SystemRoot\System32\vsdatant.sys ZwTerminateProcess

 

---- Kernel code sections - GMER 1.0.12 ----

 

.text TUKERNEL.EXE!_abnormal_termination + 104 804E2760 12 Bytes [ F0, F1, 70, F5, 80, 54, 71, ... ]

? C:\WINDOWS\system32\drivers\sptd.sys Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.

? C:\WINDOWS\System32\Drivers\SPTD8285.SYS Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.

? srescan.sys Le fichier spécifié est introuvable.

? C:\WINDOWS\System32\Drivers\dtscsi.sys Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.

? C:\WINDOWS\TEMP\mc21.tmp Le fichier spécifié est introuvable.

.text ntdll.dll!NtClose 7C91D586 5 Bytes JMP 720342BA

.text ntdll.dll!NtCreateProcess 7C91D754 5 Bytes JMP 72034445

.text ntdll.dll!NtCreateProcessEx 7C91D769 5 Bytes JMP 72034329

.text ntdll.dll!NtCreateSection 7C91D793 5 Bytes JMP 720342D8

.text TUKERNEL.EXE!_abnormal_termination + 104 804E2760 12 Bytes [ F0, F1, 70, F5, 80, 54, 71, ... ]

 

---- User code sections - GMER 1.0.12 ----

 

.text C:\WINDOWS\explorer.exe[268] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\explorer.exe[268] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\explorer.exe[268] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[324] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[324] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[324] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[424] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[424] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\Alwil Software\Avast4\ashWebSv.exe[424] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\alg.exe[484] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\alg.exe[484] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\alg.exe[484] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\csrss.exe[540] KERNEL32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\csrss.exe[540] KERNEL32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\winlogon.exe[564] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\winlogon.exe[564] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\services.exe[612] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\services.exe[612] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\lsass.exe[624] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\lsass.exe[624] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\svchost.exe[764] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\svchost.exe[764] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\svchost.exe[824] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\svchost.exe[824] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe[836] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe[836] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\svchost.exe[916] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\svchost.exe[916] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\svchost.exe[916] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\svchost.exe[1040] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\svchost.exe[1040] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\svchost.exe[1040] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1072] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F08001E

.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1072] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1072] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F05001E

.text C:\WINDOWS\system32\spoolsv.exe[1252] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\spoolsv.exe[1252] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\spoolsv.exe[1252] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe[1356] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe[1356] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe[1356] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1408] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1408] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe[1408] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1424] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1424] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\Alwil Software\Avast4\ashServ.exe[1424] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\FTRTSVC.exe[1476] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\FTRTSVC.exe[1476] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\FTRTSVC.exe[1476] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\nvsvc32.exe[1540] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\nvsvc32.exe[1540] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\nvsvc32.exe[1540] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\slserv.exe[1608] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\slserv.exe[1608] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\slserv.exe[1608] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\svchost.exe[1640] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\svchost.exe[1640] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\svchost.exe[1640] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\MSN Messenger\usnsvc.exe[1720] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\MSN Messenger\usnsvc.exe[1720] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\MSN Messenger\usnsvc.exe[1720] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\DAEMON Tools\daemon.exe[2124] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\DAEMON Tools\daemon.exe[2124] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\DAEMON Tools\daemon.exe[2124] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2140] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2140] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[2140] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe[2148] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe[2148] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe[2148] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2192] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F08001E

.text C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2192] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe[2192] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F05001E

.text C:\WINDOWS\system32\ctfmon.exe[2200] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\ctfmon.exe[2200] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\ctfmon.exe[2200] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2208] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2208] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\Windows Media Player\wmpnscfg.exe[2208] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\Messenger\msmsgs.exe[2216] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\Messenger\msmsgs.exe[2216] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\Messenger\msmsgs.exe[2216] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\PROGRA~1\Wanadoo\TaskBarIcon.exe[2296] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\PROGRA~1\Wanadoo\TaskBarIcon.exe[2296] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\PROGRA~1\Wanadoo\TaskBarIcon.exe[2296] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\svchost.exe[2388] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\svchost.exe[2388] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\svchost.exe[2388] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2492] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2492] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\Windows Media Player\wmpnetwk.exe[2492] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\wuauclt.exe[3244] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\wuauclt.exe[3244] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\wuauclt.exe[3244] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\WINDOWS\system32\WISPTIS.EXE[7996] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\WINDOWS\system32\WISPTIS.EXE[7996] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\WINDOWS\system32\WISPTIS.EXE[7996] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!LoadResource 7C809FB5 7 Bytes JMP 27001B60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!FindResourceExW 7C80AC88 7 Bytes JMP 27001AD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!FindResourceW 7C80BBCE 7 Bytes JMP 27001A50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!SizeofResource 7C80BC69 7 Bytes JMP 27001C10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!LockResource 7C80CC97 5 Bytes JMP 27001CC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!CreateEventA 7C8308AD 5 Bytes JMP 27001830 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] kernel32.dll!SetUnhandledExceptionFilter 7C84479D 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\msnmsgr.exe

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] ADVAPI32.dll!CryptDeriveKey 77DBA685 7 Bytes JMP 27001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] ADVAPI32.dll!CryptDecrypt 77DBA7B1 2 Bytes JMP 27001050 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] ADVAPI32.dll!CryptDecrypt + 3 77DBA7B4 4 Bytes [ 24, AF, CC, CC ]

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!PeekMessageW 7E39929B 5 Bytes JMP 270037A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!CreateWindowExW 7E39FC25 5 Bytes JMP 270032B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!SetWindowRgn 7E39FFB2 7 Bytes JMP 27004AF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!CreateDialogParamW 7E3A7D4F 5 Bytes JMP 27004B90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!SetWindowPlacement 7E3AD84C 5 Bytes JMP 27004A10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!MessageBoxIndirectW 7E3E62AB 5 Bytes JMP 27004CF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] USER32.dll!TrackPopupMenuEx 7E3ECD28 5 Bytes JMP 27003F70 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WS2_32.dll!send 719F428A 5 Bytes JMP 27008B80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WS2_32.dll!WSARecv 719F4318 5 Bytes JMP 27008970 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WS2_32.dll!recv 719F615A 5 Bytes JMP 270087E0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WS2_32.dll!WSASend 719F6233 5 Bytes JMP 27008D00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WS2_32.dll!closesocket 719F9639 5 Bytes JMP 27008F10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] SHELL32.dll!Shell_NotifyIconW 7CA31B6A 5 Bytes JMP 27002B00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] ole32.dll!CoInitializeEx 774BEF6B 5 Bytes JMP 27001D20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] ole32.dll!CoRegisterClassObject 774D8720 5 Bytes JMP 27001E20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WININET.dll!InternetCloseHandle 771BE85D 5 Bytes JMP 27007A40 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WININET.dll!HttpOpenRequestA 771C160A 5 Bytes JMP 27007760 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WININET.dll!InternetReadFile 771C5BAA 5 Bytes JMP 270078C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Program Files\MSN Messenger\msnmsgr.exe[8132] WININET.dll!HttpSendRequestA 771C7519 5 Bytes JMP 27007990 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll

.text C:\Documents and Settings\ANTOINE\Bureau\gmer.exe[9480] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A

.text C:\Documents and Settings\ANTOINE\Bureau\gmer.exe[9480] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ]

.text C:\Documents and Settings\ANTOINE\Bureau\gmer.exe[9480] kernel32.dll!CreateFileW 7C810760 6 Bytes JMP 5F040F5A

 

---- Devices - GMER 1.0.12 ----

 

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 87397940

Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 87397940

Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F57208A0] vsdatant.sys

Device \Driver\USBSTOR \Device00009d IRP_MJ_CREATE 871A0718

Device \Driver\USBSTOR \Device00009d IRP_MJ_CLOSE 871A0718

Device \Driver\USBSTOR \Device00009d IRP_MJ_READ 871A0718

Device \Driver\USBSTOR \Device00009d IRP_MJ_WRITE 871A0718

Device \Driver\USBSTOR \Device00009d IRP_MJ_DEVICE_CONTROL 871A0718

Device \Driver\USBSTOR \Device00009d IRP_MJ_INTERNAL_DEVICE_CONTROL 871A0718

Device \Driver\USBSTOR \Device00009d IRP_MJ_POWER 871A0718

Device \Driver\USBSTOR \Device00009d IRP_MJ_SYSTEM_CONTROL 871A0718

Device \Driver\USBSTOR \Device00009d IRP_MJ_PNP 871A0718

Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F57208A0] vsdatant.sys

Device \Driver\USBSTOR \Device0000a1 IRP_MJ_CREATE 871A0718

Device \Driver\USBSTOR \Device0000a1 IRP_MJ_CLOSE 871A0718

Device \Driver\USBSTOR \Device0000a1 IRP_MJ_READ 871A0718

Device \Driver\USBSTOR \Device0000a1 IRP_MJ_WRITE 871A0718

Device \Driver\USBSTOR \Device0000a1 IRP_MJ_DEVICE_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a1 IRP_MJ_INTERNAL_DEVICE_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a1 IRP_MJ_POWER 871A0718

Device \Driver\USBSTOR \Device0000a1 IRP_MJ_SYSTEM_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a1 IRP_MJ_PNP 871A0718

Device \Driver\USBSTOR \Device0000a2 IRP_MJ_CREATE 871A0718

Device \Driver\USBSTOR \Device0000a2 IRP_MJ_CLOSE 871A0718

Device \Driver\USBSTOR \Device0000a2 IRP_MJ_READ 871A0718

Device \Driver\USBSTOR \Device0000a2 IRP_MJ_WRITE 871A0718

Device \Driver\USBSTOR \Device0000a2 IRP_MJ_DEVICE_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a2 IRP_MJ_INTERNAL_DEVICE_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a2 IRP_MJ_POWER 871A0718

Device \Driver\USBSTOR \Device0000a2 IRP_MJ_SYSTEM_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a2 IRP_MJ_PNP 871A0718

Device \Driver\USBSTOR \Device0000a3 IRP_MJ_CREATE 871A0718

Device \Driver\USBSTOR \Device0000a3 IRP_MJ_CLOSE 871A0718

Device \Driver\USBSTOR \Device0000a3 IRP_MJ_READ 871A0718

Device \Driver\USBSTOR \Device0000a3 IRP_MJ_WRITE 871A0718

Device \Driver\USBSTOR \Device0000a3 IRP_MJ_DEVICE_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a3 IRP_MJ_INTERNAL_DEVICE_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a3 IRP_MJ_POWER 871A0718

Device \Driver\USBSTOR \Device0000a3 IRP_MJ_SYSTEM_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a3 IRP_MJ_PNP 871A0718

Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 8739D9C0

Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 8739D9C0

Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 8713B5F0

Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 8713B5F0

Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 8713B5F0

Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 8713B5F0

Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 8713B5F0

Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 8713B5F0

Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 8713B5F0

Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 8713B5F0

Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 8713B5F0

Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 8713B5F0

Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 8713B5F0

Device \Driver\USBSTOR \Device0000a4 IRP_MJ_CREATE 871A0718

Device \Driver\USBSTOR \Device0000a4 IRP_MJ_CLOSE 871A0718

Device \Driver\USBSTOR \Device0000a4 IRP_MJ_READ 871A0718

Device \Driver\USBSTOR \Device0000a4 IRP_MJ_WRITE 871A0718

Device \Driver\USBSTOR \Device0000a4 IRP_MJ_DEVICE_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a4 IRP_MJ_INTERNAL_DEVICE_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a4 IRP_MJ_POWER 871A0718

Device \Driver\USBSTOR \Device0000a4 IRP_MJ_SYSTEM_CONTROL 871A0718

Device \Driver\USBSTOR \Device0000a4 IRP_MJ_PNP 871A0718

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_NAMED_PIPE 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLOSE 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_READ 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_WRITE 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_INFORMATION 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_INFORMATION 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_EA 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_EA 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FLUSH_BUFFERS 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_VOLUME_INFORMATION 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_VOLUME_INFORMATION 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DIRECTORY_CONTROL 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FILE_SYSTEM_CONTROL 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CONTROL 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_INTERNAL_DEVICE_CONTROL 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SHUTDOWN 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_LOCK_CONTROL 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLEANUP 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_MAILSLOT 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_SECURITY 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_SECURITY 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_POWER 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SYSTEM_CONTROL 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CHANGE 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_QUOTA 86FD90E8

Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_QUOTA 86FD90E8

Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 8713B5F0

Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 8713B5F0

Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 8713B5F0

Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 8713B5F0

Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 8713B5F0

Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 8713B5F0

Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 8713B5F0

Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 8713B5F0

Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 8713B5F0

Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 8713B5F0

Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 8713B5F0

Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 8713B5F0

Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSE 8713B5F0

Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_READ 8713B5F0

Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 8713B5F0

Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 8713B5F0

Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 8713B5F0

Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 8713B5F0

Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 8713B5F0

Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 8713B5F0

Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 8713B5F0

Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 8713B5F0

Device \Driver000042 \Device000076 IRP_MJ_POWER [F7707A26] sptd.sys

Device \Driver000042 \Device000076 IRP_MJ_SYSTEM_CONTROL [F771BBD8] sptd.sys

Device \Driver000042 \Device000076 IRP_MJ_PNP [F771454E] sptd.sys

Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 86F5D430

Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 86F5D430

Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 86F5D430

Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 86F5D430

Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 86F5D430

Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 86F5D430

Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 86F5D430

Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 86F5D430

Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 86F5D430

Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 86F5D430

Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 86F5D430

Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 86F5D430

Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F57208A0] vsdatant.sys

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CREATE 87397B78

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CLOSE 87397B78

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_READ 87397B78

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_WRITE 87397B78

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_FLUSH_BUFFERS 87397B78

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SHUTDOWN 87397B78

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_POWER 87397B78

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SYSTEM_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_PNP 87397B78

Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F57208A0] vsdatant.sys

Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_CREATE 87397B78

Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_CLOSE 87397B78

Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_READ 87397B78

Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_WRITE 87397B78

Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_FLUSH_BUFFERS 87397B78

Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_SHUTDOWN 87397B78

Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_POWER 87397B78

Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_SYSTEM_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk1\DR3 IRP_MJ_PNP 87397B78

Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_CREATE 87397B78

Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_CLOSE 87397B78

Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_READ 87397B78

Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_WRITE 87397B78

Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_FLUSH_BUFFERS 87397B78

Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_SHUTDOWN 87397B78

Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_POWER 87397B78

Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_SYSTEM_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 IRP_MJ_PNP 87397B78

Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_CREATE 87397B78

Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_CLOSE 87397B78

Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_READ 87397B78

Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_WRITE 87397B78

Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_FLUSH_BUFFERS 87397B78

Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_SHUTDOWN 87397B78

Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_POWER 87397B78

Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_SYSTEM_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk2\DR4 IRP_MJ_PNP 87397B78

Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_CREATE 87397B78

Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_CLOSE 87397B78

Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_READ 87397B78

Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_WRITE 87397B78

Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_FLUSH_BUFFERS 87397B78

Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_SHUTDOWN 87397B78

Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_POWER 87397B78

Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_SYSTEM_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 IRP_MJ_PNP 87397B78

Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_CREATE 87397B78

Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_CLOSE 87397B78

Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_READ 87397B78

Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_WRITE 87397B78

Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_FLUSH_BUFFERS 87397B78

Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_SHUTDOWN 87397B78

Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_POWER 87397B78

Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_SYSTEM_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk3\DR5 IRP_MJ_PNP 87397B78

Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_CREATE 87397B78

Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_CLOSE 87397B78

Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_READ 87397B78

Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_WRITE 87397B78

Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_FLUSH_BUFFERS 87397B78

Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_SHUTDOWN 87397B78

Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_POWER 87397B78

Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_SYSTEM_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 IRP_MJ_PNP 87397B78

Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_CREATE 87397B78

Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_CLOSE 87397B78

Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_READ 87397B78

Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_WRITE 87397B78

Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_FLUSH_BUFFERS 87397B78

Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_SHUTDOWN 87397B78

Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_POWER 87397B78

Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_SYSTEM_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a IRP_MJ_PNP 87397B78

Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_CREATE 87397B78

Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_CLOSE 87397B78

Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_READ 87397B78

Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_WRITE 87397B78

Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_FLUSH_BUFFERS 87397B78

Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_INTERNAL_DEVICE_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_SHUTDOWN 87397B78

Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_POWER 87397B78

Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_SYSTEM_CONTROL 87397B78

Device \Driver\Disk \Device\Harddisk4\DR6 IRP_MJ_PNP 87397B78

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 86E68CD0

Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [F57208A0] vsdatant.sys

Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [F57208A0] vsdatant.sys

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 86E68CD0

Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 86E68CD0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE_NAMED_PIPE 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLOSE 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_READ 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_WRITE 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_INFORMATION 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_INFORMATION 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_FLUSH_BUFFERS 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_VOLUME_INFORMATION 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_DIRECTORY_CONTROL 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_FILE_SYSTEM_CONTROL 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLEANUP 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_SECURITY 86F2AEB0

Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_SECURITY 86F2AEB0

Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 8739D9C0

Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 8739D9C0

Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 8739D9C0

Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 8739D9C0

Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 8739D9C0

Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 8739D9C0

Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 8739D9C0

Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 8739D9C0

Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 8739D9C0

Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 8739D9C0

Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 8739D9C0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CLOSE 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_READ 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_WRITE 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_INFORMATION 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_SET_INFORMATION 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_VOLUME_INFORMATION 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_DIRECTORY_CONTROL 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_FILE_SYSTEM_CONTROL 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CLEANUP 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE_MAILSLOT 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_SECURITY 8703B2D0

Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_SET_SECURITY 8703B2D0

Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_CREATE 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_CLOSE 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_POWER 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1Port2Path0Target0Lun0 IRP_MJ_PNP 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CREATE 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_CLOSE 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_DEVICE_CONTROL 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_INTERNAL_DEVICE_CONTROL 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_POWER 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_SYSTEM_CONTROL 87025CF0

Device \Driver\dtscsi \Device\Scsi\dtscsi1 IRP_MJ_PNP 87025CF0

Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_READ 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 862A4EB0

Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 862A4EB0

Device \FileSystem\Fastfat \Fat FastIoCheckIfPossible EB0B41F9

Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 87151BB0

Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 87151BB0

 

---- Files - GMER 1.0.12 ----

 

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxx\DFSR\Staging\CS{F9B4F942-1124-FF55-BE59-7274983ADFF2}1\12-{F9B4F942-1124-FF55-BE59-7274983ADFF2}-v1-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxx\DFSR\Staging\CS{AA454480-8490-2B4C-CFF6-E47605999B00}1\13-{AA454480-8490-2B4C-CFF6-E47605999B00}-v1-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxxxxx\DFSR\Staging\CS{AA454480-8490-2B4C-CFF6-E47605999B00}\14\12-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v14-{EC84D4C7-A419-4B08-954F-14D2CABF6A3A}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxxx\DFSR\Staging\CS{AA454480-8490-2B4C-CFF6-E47605999B00}\14\12-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v14-{EC84D4C7-A419-4B08-954F-14D2CABF6A3A}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.2

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxxxxxxx\DFSR\Staging\CS{AA454480-8490-2B4C-CFF6-E47605999B00}\14\12-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v14-{EC84D4C7-A419-4B08-954F-14D2CABF6A3A}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxxxxxx\DFSR\Staging\CS{ED91166C-C1B1-1C4B-6422-435269E614E7}1\10-{ED91166C-C1B1-1C4B-6422-435269E614E7}-v1-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxxxxxxx\DFSR\Staging\CS{ED91166C-C1B1-1C4B-6422-435269E614E7}\21\11-{AF96A77B-98D0-486F-A08C-F45EA1225A24}-v21-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxxxxx\DFSR\Staging\CS{ED91166C-C1B1-1C4B-6422-435269E614E7}\21\11-{AF96A77B-98D0-486F-A08C-F45EA1225A24}-v21-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxxxx\DFSR\Staging\CS{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}1\17-{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}-v1-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v17-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxxxxxxx\DFSR\Staging\CS{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}\12\18-{1F9BB6BF-7DD9-4F23-90C4-A0283977F0A6}-v12-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxxxxxxxx\DFSR\Staging\CS{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}\12\18-{1F9BB6BF-7DD9-4F23-90C4-A0283977F0A6}-v12-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v18-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxxxxxxxxxx\DFSR\Staging\CS{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}\13\19-{1F9BB6BF-7DD9-4F23-90C4-A0283977F0A6}-v13-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1

ADS C:\Documents and Settings\ANTOINE\Local Settings\Application Data\Microsoft\Messenger\les_lensois@hotmail.fr\SharingMetadata\xxxxxxxxxxxxxxx\DFSR\Staging\CS{9C708592-3DE0-C7CE-FCFA-6F46F0D6EEAB}\13\19-{1F9BB6BF-7DD9-4F23-90C4-A0283977F0A6}-v13-{A68E80AC-F929-4E96-B338-CAD0ED482D0A}-v19-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS

 

---- EOF - GMER 1.0.12 ----

 

 

 

 

merci a

encore charles !!!

Modifié le 17 avril 2007 par titoine63