Popups qui apparaissent tout le temps
Forum Sécurité - Virus : Popups qui apparaissent tout le temps
Bon bien voila je suis chez un ami et ya touours des popups qui apparaissent donc bref je suppose que l'ordi est infecté. Voici le log HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 14:01:44, on 2007-12-26
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Miguel\LOCALS~1\Temp\Rar$EX00.328\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.canoe.qc.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
Message édité par quebecois22 le 26-12-2007 à 20:09:28
Intel Core 2 Duo E6600 @ 3.0 GHZ///Asus P5W DH Deluxe///2x1go DDR2 PC5400///Sapphire HD 4870 512 mb///WD 250Gb 7200rpm///
Bonjour,
Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.
Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.
Lorsque le scan est terminé, clique sur Copy.
Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
Répondre à Angeldark
Merci de ta réponse. Alors si je coche seulement Files et Services, le rapport ne donne rien. Cependant, si je coche tout, j'obtiens ceci:
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-12-26 18:02:34
Windows 5.1.2600 Service Pack 1
---- System - GMER 1.0.13 ----
SSDT sptd.sys ZwCreateKey
SSDT F7BBAF1C ZwCreateThread
SSDT sptd.sys ZwEnumerateKey
SSDT sptd.sys ZwEnumerateValueKey
SSDT sptd.sys ZwOpenKey
SSDT F7BBAF08 ZwOpenProcess
SSDT F7BBAF0D ZwOpenThread
SSDT sptd.sys ZwQueryKey
SSDT sptd.sys ZwQueryValueKey
SSDT sptd.sys ZwSetValueKey
SSDT F7BBAF17 ZwTerminateProcess
SSDT F7BBAF12 ZwWriteVirtualMemory
---- Kernel code sections - GMER 1.0.13 ----
.text ntoskrnl.exe!KeInitializeInterrupt + B67 804DA23C 1 Byte [ 06 ]
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 1B0 8050262C 4 Bytes [ B0, 70, 43, F7 ]
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 1E0 8050265C 4 Bytes [ 1C, AF, BB, F7 ]
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 228 805026A4 4 Bytes [ 4E, C8, 43, F7 ]
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 230 805026AC 4 Bytes [ EE, CB, 43, F7 ]
.text ntoskrnl.exe!KeI386Call16BitCStyleFunction + 2E8 80502764 4 Bytes [ 90, 70, 43, F7 ]
.text ...
? C:\WINDOWS\system32\drivers\sptd.sys Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
.text USBPORT.SYS!DllUnload F6FFCF88 5 Bytes JMP 829651B8
? System32\Drivers\au1de96f.SYS Le fichier spécifié est introuvable.
.text ntdll.dll!NtCreateSection 77F65A21 1 Byte [ E9 ]
.text ntdll.dll!NtCreateSection + 2 77F65A23 3 Bytes [ 12, 0D, FA ]
---- User code sections - GMER 1.0.13 ----
.text C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe[1844] kernel32.dll!LoadLibraryA 77E5D961 5 Bytes JMP 00BF5AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe[1896] kernel32.dll!LoadLibraryA 77E5D961 5 Bytes JMP 10005AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.text C:\Documents and Settings\Miguel\Bureau\gmer.exe[3060] ntdll.dll!NtCreateSection 77F65A21 1 Byte [ E9 ]
.text C:\Documents and Settings\Miguel\Bureau\gmer.exe[3060] ntdll.dll!NtCreateSection + 2 77F65A23 3 Bytes [ 12, 0D, FA ]
.text C:\Documents and Settings\Miguel\Bureau\gmer.exe[3060] kernel32.dll!LoadLibraryA 77E5D961 5 Bytes JMP 10005AF0 C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
---- Kernel IAT/EAT - GMER 1.0.13 ----
IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!IoConnectInterrupt] [F744B480] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F744B42C] sptd.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7465AB8] sptd.sys
IAT atapi.sys[ntoskrnl.exe!IoConnectInterrupt] [F744B480] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7437ABA] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F7437C00] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F7437B82] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F743872E] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F7438604] sptd.sys
IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F744AA9A] sptd.sys
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 82B6D1D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 82B6D1D8
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F758F5A4] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [F75926BE] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F7592A5A] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F758F52C] avgntmgr.sys
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CREATE 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLOSE 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_READ 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_WRITE 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_INFORMATION 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_INFORMATION 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_EA 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_EA 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FLUSH_BUFFERS 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_QUERY_VOLUME_INFORMATION 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SET_VOLUME_INFORMATION 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DIRECTORY_CONTROL 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_FILE_SYSTEM_CONTROL 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_DEVICE_CONTROL 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_SHUTDOWN 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_LOCK_CONTROL 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_CLEANUP 829B3398
Device \FileSystem\Fastfat \FatCdrom IRP_MJ_PNP 829B3398
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 828A17F0
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 828A17F0
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 828A17F0
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 828A17F0
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 828A17F0
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 828A17F0
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 828A17F0
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 828A17F0
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 828A17F0
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 828A17F0
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 828A17F0
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 828A17F0
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_CREATE 828DF980
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_CLOSE 828DF980
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 828DF980
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 828DF980
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_POWER 828DF980
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 828DF980
Device \Driver\usbehci \Device\USBPDO-3 IRP_MJ_PNP 828DF980
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 82BDE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 82BDE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 82BDE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 82BDE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 82BDE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82BDE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 82BDE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 82BDE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 82BDE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 82BDE1D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 82BDE1D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 82A3F5B8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 82A3F5B8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 82A3F5B8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 82A3F5B8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 82A3F5B8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 82A3F5B8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A3F5B8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 82A3F5B8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 82A3F5B8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 82A3F5B8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 82A3F5B8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 82A3F5B8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 82A3F5B8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 82A3F5B8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 82A3F5B8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 82A3F5B8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 82A3F5B8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A3F5B8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 82A3F5B8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 82A3F5B8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 82A3F5B8
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 82A3F5B8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CREATE 82A3F5B8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_CLOSE 82A3F5B8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_READ 82A3F5B8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_WRITE 82A3F5B8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_FLUSH_BUFFERS 82A3F5B8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_DEVICE_CONTROL 82A3F5B8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_INTERNAL_DEVICE_CONTROL 82A3F5B8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SHUTDOWN 82A3F5B8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_POWER 82A3F5B8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_SYSTEM_CONTROL 82A3F5B8
Device \Driver\Cdrom \Device\CdRom2 IRP_MJ_PNP 82A3F5B8
Device \Driver\00000042 \Device\0000003d IRP_MJ_POWER [F7445C7E] sptd.sys
Device \Driver\00000042 \Device\0000003d IRP_MJ_SYSTEM_CONTROL [F745F2A2] sptd.sys
Device \Driver\00000042 \Device\0000003d IRP_MJ_PNP [F7460228] sptd.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 828FA980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 828FA980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 828FA980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 828FA980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 828FA980
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 828FA980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 828FA980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 828FA980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 828FA980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 828FA980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 828FA980
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 828FA980
Device \Driver\NetBT \Device\NetBT_Tcpip_{ABA79B3A-053D-4BFC-858E-AE4751527B01} IRP_MJ_CREATE 828FA980
Device \Driver\NetBT \Device\NetBT_Tcpip_{ABA79B3A-053D-4BFC-858E-AE4751527B01} IRP_MJ_CLOSE 828FA980
Device \Driver\NetBT \Device\NetBT_Tcpip_{ABA79B3A-053D-4BFC-858E-AE4751527B01} IRP_MJ_DEVICE_CONTROL 828FA980
Device \Driver\NetBT \Device\NetBT_Tcpip_{ABA79B3A-053D-4BFC-858E-AE4751527B01} IRP_MJ_INTERNAL_DEVICE_CONTROL 828FA980
Device \Driver\NetBT \Device\NetBT_Tcpip_{ABA79B3A-053D-4BFC-858E-AE4751527B01} IRP_MJ_CLEANUP 828FA980
Device \Driver\NetBT \Device\NetBT_Tcpip_{ABA79B3A-053D-4BFC-858E-AE4751527B01} IRP_MJ_PNP 828FA980
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CREATE 828A17F0
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_CLOSE 828A17F0
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_POWER 828A17F0
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_SYSTEM_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBFDO-0 IRP_MJ_PNP 828A17F0
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CREATE 828A17F0
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_CLOSE 828A17F0
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_POWER 828A17F0
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_SYSTEM_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBFDO-1 IRP_MJ_PNP 828A17F0
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CREATE 828A17F0
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_CLOSE 828A17F0
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_POWER 828A17F0
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_SYSTEM_CONTROL 828A17F0
Device \Driver\usbuhci \Device\USBFDO-2 IRP_MJ_PNP 828A17F0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 8295F7E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 8295F7E8
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_CREATE 828DF980
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_CLOSE 828DF980
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_DEVICE_CONTROL 828DF980
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 828DF980
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_POWER 828DF980
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_SYSTEM_CONTROL 828DF980
Device \Driver\usbehci \Device\USBFDO-3 IRP_MJ_PNP 828DF980
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 82BDE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 82BDE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 82BDE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 82BDE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 82BDE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 82BDE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 82BDE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 82BDE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 82BDE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 82BDE1D8
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 82BDE1D8
Device \Driver\au1de96f \Device\Scsi\au1de96f1 IRP_MJ_CREATE 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1 IRP_MJ_CLOSE 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1 IRP_MJ_DEVICE_CONTROL 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1 IRP_MJ_INTERNAL_DEVICE_CONTROL 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1 IRP_MJ_POWER 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1 IRP_MJ_SYSTEM_CONTROL 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1 IRP_MJ_PNP 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1Port2Path0Target0Lun0 IRP_MJ_CREATE 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1Port2Path0Target0Lun0 IRP_MJ_CLOSE 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1Port2Path0Target0Lun0 IRP_MJ_POWER 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 828E5980
Device \Driver\au1de96f \Device\Scsi\au1de96f1Port2Path0Target0Lun0 IRP_MJ_PNP 828E5980
Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_READ 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP 829B3398
Device \FileSystem\Fastfat \Fat IRP_MJ_PNP 829B3398
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [F758F5A4] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [F75926BE] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [F7592A5A] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [F758F52C] avgntmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [F758F52C] avgntmgr.sys
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 82960980
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 82960980
---- EOF - GMER 1.0.13 ----
Intel Core 2 Duo E6600 @ 3.0 GHZ///Asus P5W DH Deluxe///2x1go DDR2 PC5400///Sapphire HD 4870 512 mb///WD 250Gb 7200rpm///
Répondre à quebecois22
Re,
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
! N'utilise pas l'option 2, 3 et 4 sans notre accord !
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
Répondre à Angeldark
Search Navipromo version 3.3.8 commencé le 2007-12-27 à 11:11:46,15
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 11.12.2007 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2800.1106
Système de fichiers : NTFS
Executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***
*** Recherche dossiers dans "C:\Documents and Settings\Miguel\application data" ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun Fichier trouvé
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
* Recherche dans "C:\Documents and Settings\Miguel\local settings\application data" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans C:\WINDOWS\system32 :
* Dans "C:\Documents and Settings\Miguel\local settings\application data" :
3)Recherche Certificats :
Certificat Egroup absent !
4)Recherche fichiers connus :
*** Analyse terminée le 2007-12-27 à 11:12:22,04 ***
Intel Core 2 Duo E6600 @ 3.0 GHZ///Asus P5W DH Deluxe///2x1go DDR2 PC5400///Sapphire HD 4870 512 mb///WD 250Gb 7200rpm///
Répondre à quebecois22
Tu as des pubs sur tous les sites ?
Répondre à Angeldark
Pas necessairement sur Internet. Je peux etre sur le bureau et puis ya un message me disant que mon Registre est corrompu et chaque popup est différent et me réfère chaque fois à différents sites de <<Cleaner>> pour registre. Les,....(un popup apparait au moment que j'écris ceci......)....., sites sont cleaner64.com, registrycleanerxp ou quelque chose comme ca. Bref y'en a un tous les 3 min... :S
Intel Core 2 Duo E6600 @ 3.0 GHZ///Asus P5W DH Deluxe///2x1go DDR2 PC5400///Sapphire HD 4870 512 mb///WD 250Gb 7200rpm///
Répondre à quebecois22
Tu peux faire un screen ?
Répondre à Angeldark
Intel Core 2 Duo E6600 @ 3.0 GHZ///Asus P5W DH Deluxe///2x1go DDR2 PC5400///Sapphire HD 4870 512 mb///WD 250Gb 7200rpm///
Répondre à quebecois22
Désactive le service d'affichage des messages.
Répondre à Angeldark
...Et comment je fais ça.....
Intel Core 2 Duo E6600 @ 3.0 GHZ///Asus P5W DH Deluxe///2x1go DDR2 PC5400///Sapphire HD 4870 512 mb///WD 250Gb 7200rpm///
Répondre à quebecois22
Tu te foules pas...
http://www.commentcamarche.net/faq [...] s-messages
Si je ne t'explique pas, c'est parce qu'une recherche suffit 
Message édité par Angeldark le 27-12-2007 à 18:16:51
Répondre à Angeldark
Lol pardon 
. Disons qu'il est assez tôt au Québec donc la recherche ce matin.. 
. Merci beaucoup pour ton aide quand même, tu fais du bon boulot. 
Intel Core 2 Duo E6600 @ 3.0 GHZ///Asus P5W DH Deluxe///2x1go DDR2 PC5400///Sapphire HD 4870 512 mb///WD 250Gb 7200rpm///
Répondre à quebecois22
Bon surf.
Répondre à Angeldark
Il y a 2328 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
