ANTIMALWARE DOCTOR
Fermé
lasource37
Messages postés
225
Date d'inscription
lundi 21 décembre 2009
Statut
Membre
Dernière intervention
19 mai 2015
-
2 mars 2011 à 00:27
Utilisateur anonyme - 6 mars 2011 à 20:57
Utilisateur anonyme - 6 mars 2011 à 20:57
A voir également:
- ANTIMALWARE DOCTOR
- Pc doctor - Télécharger - Optimisation
- Disk doctor - Télécharger - Récupération de données
- Car doctor - Télécharger - Vie quotidienne
- Antimalware - Télécharger - Antivirus & Antimalwares
- Spyware doctor - Télécharger - Antivirus & Antimalwares
222 réponses
Utilisateur anonyme
2 mars 2011 à 11:57
2 mars 2011 à 11:57
bon y a que roguekiller et rstassoc qui tournent
le champ n'est pas large
le champ n'est pas large
lasource37
Messages postés
225
Date d'inscription
lundi 21 décembre 2009
Statut
Membre
Dernière intervention
19 mai 2015
2 mars 2011 à 11:57
2 mars 2011 à 11:57
que dois-je faire?
Utilisateur anonyme
2 mars 2011 à 12:04
2 mars 2011 à 12:04
essaie d'executer ca et force en cliquant tres rapidement , vois s'il fournit un rapport
http://www.cijoint.fr/cjlink.php?file=cj201103/cij87cXh54.zip
http://www.cijoint.fr/cjlink.php?file=cj201103/cij87cXh54.zip
lasource37
Messages postés
225
Date d'inscription
lundi 21 décembre 2009
Statut
Membre
Dernière intervention
19 mai 2015
2 mars 2011 à 12:05
2 mars 2011 à 12:05
[System Process]
System
smss.exe
csrss.exe
wininit.exe
csrss.exe
services.exe
lsass.exe
lsm.exe
svchost.exe
winlogon.exe
nvvsvc.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
audiodg.exe
svchost.exe
svchost.exe
nvvsvc.exe
spoolsv.exe
svchost.exe
AppleMobileDeviceService.exe
BCUService.exe
mDNSResponder.exe
svchost.exe
sppsvc.exe
nvSCPAPISvr.exe
svchost.exe
WLIDSVC.EXE
taskhost.exe
svchost.exe
svchost.exe
SearchIndexer.exe
WLIDSVCM.EXE
rundll32.exe
WmiPrvSE.exe
dwm.exe
explorer.exe
BCU.exe
RtHDVCpl.exe
jusched.exe
SaiVolume.exe
AdobeARM.exe
iTunesHelper.exe
msnmsgr.exe
Steam.exe
StikyNot.exe
wire.exe
ZWC.exe
HUD.exe
soffice.exe
soffice.bin
iPodService.exe
wmpnetwk.exe
svchost.exe
wlcomm.exe
dllhost.exe
SteamService.exe
dbus-daemon.exe
conhost.exe
chrome.exe
chrome.exe
chrome.exe
vlc.exe
SearchProtocolHost.exe
SearchFilterHost.exe
dllhost.exe
dllhost.exe
newsecureapp70700.exe
System
smss.exe
csrss.exe
wininit.exe
csrss.exe
services.exe
lsass.exe
lsm.exe
svchost.exe
winlogon.exe
nvvsvc.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
audiodg.exe
svchost.exe
svchost.exe
nvvsvc.exe
spoolsv.exe
svchost.exe
AppleMobileDeviceService.exe
BCUService.exe
mDNSResponder.exe
svchost.exe
sppsvc.exe
nvSCPAPISvr.exe
svchost.exe
WLIDSVC.EXE
taskhost.exe
svchost.exe
svchost.exe
SearchIndexer.exe
WLIDSVCM.EXE
rundll32.exe
WmiPrvSE.exe
dwm.exe
explorer.exe
BCU.exe
RtHDVCpl.exe
jusched.exe
SaiVolume.exe
AdobeARM.exe
iTunesHelper.exe
msnmsgr.exe
Steam.exe
StikyNot.exe
wire.exe
ZWC.exe
HUD.exe
soffice.exe
soffice.bin
iPodService.exe
wmpnetwk.exe
svchost.exe
wlcomm.exe
dllhost.exe
SteamService.exe
dbus-daemon.exe
conhost.exe
chrome.exe
chrome.exe
chrome.exe
vlc.exe
SearchProtocolHost.exe
SearchFilterHost.exe
dllhost.exe
dllhost.exe
newsecureapp70700.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
2 mars 2011 à 12:09
2 mars 2011 à 12:09
Télécharge SysProt (De Swatkat) sur ton bureau :
http://www.clubic.com/telecharger-fiche72180-sysprot-antirootkit.html
> ! Déconnecte toi, ferme toutes tes applications le temps de la manipe !
> ! Désactive tes défenses ( anti-virus ,anti-spyware,...) le temps de la manipe !
> Double clique sur SysProt.exe afin de le lancer.
> Clique sur l'onglet "log"
> Coche toutes les cases présentes dans l'encadré "Write to log" .
> Puis clique sur le bouton en bas à droite [Create Log] .
> Le scan démarre , laisse travailler l'outil ( même si il semble avoir planté ...)
> Au bout d'un moment, une fenêtre va apparaitre : laisse bien "Scan all drives " coché et clique sur [Start] .
> Patiente de nouveau ... attends le message de fin indiquant la creation du rapport et clique sur "OK"
===> Ferme SysProt, et copie/colle le contenu du rapport ( SysProtLog.txt ) qui a été sauvegardé sur ton bureau dans ta prochaine réponse.
http://www.clubic.com/telecharger-fiche72180-sysprot-antirootkit.html
> ! Déconnecte toi, ferme toutes tes applications le temps de la manipe !
> ! Désactive tes défenses ( anti-virus ,anti-spyware,...) le temps de la manipe !
> Double clique sur SysProt.exe afin de le lancer.
> Clique sur l'onglet "log"
> Coche toutes les cases présentes dans l'encadré "Write to log" .
> Puis clique sur le bouton en bas à droite [Create Log] .
> Le scan démarre , laisse travailler l'outil ( même si il semble avoir planté ...)
> Au bout d'un moment, une fenêtre va apparaitre : laisse bien "Scan all drives " coché et clique sur [Start] .
> Patiente de nouveau ... attends le message de fin indiquant la creation du rapport et clique sur "OK"
===> Ferme SysProt, et copie/colle le contenu du rapport ( SysProtLog.txt ) qui a été sauvegardé sur ton bureau dans ta prochaine réponse.
Utilisateur anonyme
2 mars 2011 à 12:13
2 mars 2011 à 12:13
mets celui-ci a cote de combofix non renommé donc combofix.exe , et force avec celui-ci :
http://www.cijoint.fr/cjlink.php?file=cj201103/cijrYvJslP.zip
http://www.cijoint.fr/cjlink.php?file=cj201103/cijrYvJslP.zip
lasource37
Messages postés
225
Date d'inscription
lundi 21 décembre 2009
Statut
Membre
Dernière intervention
19 mai 2015
2 mars 2011 à 12:19
2 mars 2011 à 12:19
SysProt AntiRootkit v1.0.1.0
by swatkat
******************************************************************************************
******************************************************************************************
No Processes found
******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \??\C:\Users\Home\Desktop\SysProt\SysProtDrv.sys
Service Name: SysProtDrv.sys
Module Base: 9A1C1000
Module End: 9A1CC000
Hidden: No
Module Name: C:\Windows\system32\ntkrnlpa.exe
Service Name: ---
Module Base: 8324A000
Module End: 8365A000
Hidden: No
Module Name: C:\Windows\system32\halmacpi.dll
Service Name: ---
Module Base: 83213000
Module End: 8324A000
Hidden: No
Module Name: C:\Windows\system32\kdcom.dll
Service Name: ---
Module Base: 80B97000
Module End: 80B9F000
Hidden: No
Module Name: C:\Windows\system32\mcupdate_GenuineIntel.dll
Service Name: ---
Module Base: 8BC35000
Module End: 8BCAD000
Hidden: No
Module Name: C:\Windows\system32\PSHED.dll
Service Name: ---
Module Base: 8BCAD000
Module End: 8BCBE000
Hidden: No
Module Name: C:\Windows\system32\BOOTVID.dll
Service Name: ---
Module Base: 8BCBE000
Module End: 8BCC6000
Hidden: No
Module Name: C:\Windows\system32\CLFS.SYS
Service Name: CLFS
Module Base: 8BCC6000
Module End: 8BD08000
Hidden: No
Module Name: C:\Windows\system32\CI.dll
Service Name: ---
Module Base: 8BD08000
Module End: 8BDB3000
Hidden: No
Module Name: C:\Windows\system32\drivers\Wdf01000.sys
Service Name: Wdf01000
Module Base: 8BE1E000
Module End: 8BE8F000
Hidden: No
Module Name: C:\Windows\system32\drivers\WDFLDR.SYS
Service Name: ---
Module Base: 8BE8F000
Module End: 8BE9D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ACPI.sys
Service Name: ACPI
Module Base: 8BE9D000
Module End: 8BEE5000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\WMILIB.SYS
Service Name: ---
Module Base: 8BEE5000
Module End: 8BEEE000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\msisadrv.sys
Service Name: msisadrv
Module Base: 8BEEE000
Module End: 8BEF6000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pci.sys
Service Name: pci
Module Base: 8BEF6000
Module End: 8BF20000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\vdrvroot.sys
Service Name: vdrvroot
Module Base: 8BF20000
Module End: 8BF2B000
Hidden: No
Module Name: C:\Windows\System32\drivers\partmgr.sys
Service Name: partmgr
Module Base: 8BF2B000
Module End: 8BF3C000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\volmgr.sys
Service Name: volmgr
Module Base: 8BF3C000
Module End: 8BF4C000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pciide.sys
Service Name: pciide
Module Base: 8BF97000
Module End: 8BF9E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\PCIIDEX.SYS
Service Name: ---
Module Base: 8BF9E000
Module End: 8BFAC000
Hidden: No
Module Name: C:\Windows\System32\drivers\mountmgr.sys
Service Name: mountmgr
Module Base: 8BFAC000
Module End: 8BFC2000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\atapi.sys
Service Name: atapi
Module Base: 8BFC2000
Module End: 8BFCB000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ataport.SYS
Service Name: ---
Module Base: 8BFCB000
Module End: 8BFEE000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\jraid.sys
Service Name: JRAID
Module Base: 8BE00000
Module End: 8BE1B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\SCSIPORT.SYS
Service Name: ---
Module Base: 8BDB3000
Module End: 8BDD9000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\amdxata.sys
Service Name: amdxata
Module Base: 8BFEE000
Module End: 8BFF7000
Hidden: No
Module Name: C:\Windows\system32\drivers\fltmgr.sys
Service Name: FltMgr
Module Base: 8BC00000
Module End: 8BC34000
Hidden: No
Module Name: C:\Windows\system32\drivers\fileinfo.sys
Service Name: FileInfo
Module Base: 8BDD9000
Module End: 8BDEA000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Ntfs.sys
Service Name: ---
Module Base: 8C018000
Module End: 8C147000
Hidden: No
Module Name: C:\Windows\System32\Drivers\msrpc.sys
Service Name: ---
Module Base: 8C147000
Module End: 8C172000
Hidden: No
Module Name: C:\Windows\System32\Drivers\ksecdd.sys
Service Name: KSecDD
Module Base: 8C172000
Module End: 8C185000
Hidden: No
Module Name: C:\Windows\System32\Drivers\cng.sys
Service Name: CNG
Module Base: 8C185000
Module End: 8C1E2000
Hidden: No
Module Name: C:\Windows\System32\drivers\pcw.sys
Service Name: pcw
Module Base: 8C1E2000
Module End: 8C1F0000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Fs_Rec.sys
Service Name: ---
Module Base: 8C1F0000
Module End: 8C1F9000
Hidden: No
Module Name: C:\Windows\system32\drivers\ndis.sys
Service Name: NDIS
Module Base: 8C21A000
Module End: 8C2D1000
Hidden: No
Module Name: C:\Windows\system32\drivers\NETIO.SYS
Service Name: ---
Module Base: 8C2D1000
Module End: 8C30F000
Hidden: No
Module Name: C:\Windows\System32\Drivers\ksecpkg.sys
Service Name: KSecPkg
Module Base: 8C30F000
Module End: 8C334000
Hidden: No
Module Name: C:\Windows\System32\drivers\tcpip.sys
Service Name: Tcpip
Module Base: 8C411000
Module End: 8C55A000
Hidden: No
Module Name: C:\Windows\System32\drivers\fwpkclnt.sys
Service Name: ---
Module Base: 8C55A000
Module End: 8C58B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\vmstorfl.sys
Service Name: storflt
Module Base: 8C58B000
Module End: 8C594000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\volsnap.sys
Service Name: volsnap
Module Base: 8C594000
Module End: 8C5D3000
Hidden: No
Module Name: C:\Windows\System32\Drivers\spldr.sys
Service Name: ---
Module Base: 8C5D3000
Module End: 8C5DB000
Hidden: No
Module Name: C:\Windows\System32\drivers\rdyboost.sys
Service Name: rdyboost
Module Base: 8C334000
Module End: 8C361000
Hidden: No
Module Name: C:\Windows\System32\Drivers\mup.sys
Service Name: Mup
Module Base: 8C5DB000
Module End: 8C5EB000
Hidden: No
Module Name: C:\Windows\System32\drivers\hwpolicy.sys
Service Name: hwpolicy
Module Base: 8C5EB000
Module End: 8C5F3000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\fvevol.sys
Service Name: fvevol
Module Base: 8C361000
Module End: 8C393000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\disk.sys
Service Name: Disk
Module Base: 8C400000
Module End: 8C411000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\CLASSPNP.SYS
Service Name: ---
Module Base: 8C393000
Module End: 8C3B8000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\cdrom.sys
Service Name: cdrom
Module Base: 8C3DD000
Module End: 8C3FC000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Null.SYS
Service Name: ---
Module Base: 8C200000
Module End: 8C207000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Beep.SYS
Service Name: ---
Module Base: 8C207000
Module End: 8C20E000
Hidden: No
Module Name: C:\Windows\System32\drivers\vga.sys
Service Name: vga
Module Base: 8C20E000
Module End: 8C21A000
Hidden: No
Module Name: C:\Windows\System32\drivers\VIDEOPRT.SYS
Service Name: ---
Module Base: 9121A000
Module End: 9123B000
Hidden: No
Module Name: C:\Windows\System32\drivers\watchdog.sys
Service Name: ---
Module Base: 9123B000
Module End: 91248000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\RDPCDD.sys
Service Name: RDPCDD
Module Base: 91248000
Module End: 91250000
Hidden: No
Module Name: C:\Windows\system32\drivers\rdpencdd.sys
Service Name: RDPENCDD
Module Base: 91250000
Module End: 91258000
Hidden: No
Module Name: C:\Windows\system32\drivers\rdprefmp.sys
Service Name: RDPREFMP
Module Base: 91258000
Module End: 91260000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Msfs.SYS
Service Name: ---
Module Base: 91260000
Module End: 9126B000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Npfs.SYS
Service Name: ---
Module Base: 9126B000
Module End: 91279000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\tdx.sys
Service Name: tdx
Module Base: 91279000
Module End: 91290000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\TDI.SYS
Service Name: ---
Module Base: 91290000
Module End: 9129B000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\netbt.sys
Service Name: NetBT
Module Base: 9129B000
Module End: 912CD000
Hidden: No
Module Name: C:\Windows\system32\drivers\afd.sys
Service Name: AFD
Module Base: 912CD000
Module End: 91327000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\wfplwf.sys
Service Name: WfpLwf
Module Base: 91327000
Module End: 9132E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pacer.sys
Service Name: Psched
Module Base: 9132E000
Module End: 9134D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\netbios.sys
Service Name: NetBIOS
Module Base: 9134D000
Module End: 9135B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\serial.sys
Service Name: Serial
Module Base: 9135B000
Module End: 91375000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\wanarp.sys
Service Name: WANARP
Module Base: 91375000
Module End: 91388000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\termdd.sys
Service Name: TermDD
Module Base: 91388000
Module End: 91398000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rdbss.sys
Service Name: rdbss
Module Base: 91398000
Module End: 913D9000
Hidden: No
Module Name: C:\Windows\system32\drivers\nsiproxy.sys
Service Name: nsiproxy
Module Base: 913D9000
Module End: 913E3000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mssmbios.sys
Service Name: mssmbios
Module Base: 913E3000
Module End: 913ED000
Hidden: No
Module Name: C:\Windows\System32\drivers\discache.sys
Service Name: discache
Module Base: 913ED000
Module End: 913F9000
Hidden: No
Module Name: C:\Windows\system32\drivers\csc.sys
Service Name: CSC
Module Base: 91835000
Module End: 91899000
Hidden: No
Module Name: C:\Windows\System32\Drivers\dfsc.sys
Service Name: DfsC
Module Base: 91899000
Module End: 918B1000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\blbdrive.sys
Service Name: blbdrive
Module Base: 918B1000
Module End: 918BF000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\tunnel.sys
Service Name: tunnel
Module Base: 918BF000
Module End: 918E0000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\intelppm.sys
Service Name: intelppm
Module Base: 918E0000
Module End: 918F2000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvlddmkm.sys
Service Name: nvlddmkm
Module Base: 92435000
Module End: 92D46000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvBridge.kmd
Service Name: ---
Module Base: 92D46000
Module End: 92D48000
Hidden: No
Module Name: C:\Windows\System32\drivers\dxgkrnl.sys
Service Name: DXGKrnl
Module Base: 92D48000
Module End: 92DFF000
Hidden: No
Module Name: C:\Windows\System32\drivers\dxgmms1.sys
Service Name: ---
Module Base: 918F2000
Module End: 9192B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HDAudBus.sys
Service Name: HDAudBus
Module Base: 92400000
Module End: 9241F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbuhci.sys
Service Name: usbuhci
Module Base: 9241F000
Module End: 9242A000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\USBPORT.SYS
Service Name: ---
Module Base: 9192B000
Module End: 91976000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbehci.sys
Service Name: usbehci
Module Base: 91976000
Module End: 91985000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\Rt86win7.sys
Service Name: RTL8167
Module Base: 91985000
Module End: 919B6000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\serenum.sys
Service Name: Serenum
Module Base: 9242A000
Module End: 92434000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\parport.sys
Service Name: Parport
Module Base: 919B6000
Module End: 919CE000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
Service Name: GEARAspiWDM
Module Base: 919CE000
Module End: 919D4000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\CompositeBus.sys
Service Name: CompositeBus
Module Base: 919D4000
Module End: 919E1000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\AgileVpn.sys
Service Name: RasAgileVpn
Module Base: 919E1000
Module End: 919F3000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rasl2tp.sys
Service Name: Rasl2tp
Module Base: 91800000
Module End: 91818000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndistapi.sys
Service Name: NdisTapi
Module Base: 91818000
Module End: 91823000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndiswan.sys
Service Name: NdisWan
Module Base: 96624000
Module End: 96646000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\raspppoe.sys
Service Name: RasPppoe
Module Base: 96646000
Module End: 9665E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\raspptp.sys
Service Name: PptpMiniport
Module Base: 9665E000
Module End: 96675000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rassstp.sys
Service Name: RasSstp
Module Base: 96675000
Module End: 9668C000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ESLvnic.sys
Service Name: ESLvnic1
Module Base: 9668C000
Module End: 96695000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rdpbus.sys
Service Name: rdpbus
Module Base: 96695000
Module End: 9669F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\kbdclass.sys
Service Name: kbdclass
Module Base: 9669F000
Module End: 966AC000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mouclass.sys
Service Name: mouclass
Module Base: 966AC000
Module End: 966B9000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\swenum.sys
Service Name: swenum
Module Base: 966B9000
Module End: 966BB000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ks.sys
Service Name: ---
Module Base: 966BB000
Module End: 966EF000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\umbus.sys
Service Name: umbus
Module Base: 966EF000
Module End: 966FD000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbhub.sys
Service Name: usbhub
Module Base: 966FD000
Module End: 96741000
Hidden: No
Module Name: C:\Windows\System32\Drivers\NDProxy.SYS
Service Name: ---
Module Base: 96741000
Module End: 96752000
Hidden: No
Module Name: C:\Windows\system32\drivers\nvhda32v.sys
Service Name: NVHDA
Module Base: 96752000
Module End: 96765000
Hidden: No
Module Name: C:\Windows\system32\drivers\portcls.sys
Service Name: ---
Module Base: 96765000
Module End: 96794000
Hidden: No
Module Name: C:\Windows\system32\drivers\drmk.sys
Service Name: ---
Module Base: 96794000
Module End: 967AD000
Hidden: No
Module Name: C:\Windows\system32\drivers\RTKVHDA.sys
Service Name: IntcAzAudAddService
Module Base: 81E36000
Module End: 820D6000
Hidden: No
Module Name: C:\Windows\System32\drivers\Dxapi.sys
Service Name: ---
Module Base: 820D6000
Module End: 820E0000
Hidden: No
Module Name: C:\Windows\System32\Drivers\crashdmp.sys
Service Name: ---
Module Base: 820E0000
Module End: 820ED000
Hidden: No
Module Name: \SystemRoot\System32\Drivers\dump_dumpata.sys
Service Name: ---
Module Base: 820ED000
Module End: 820F8000
Hidden: Yes
Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys
Service Name: ---
Module Base: 820F8000
Module End: 82101000
Hidden: Yes
Module Name: \SystemRoot\System32\Drivers\dump_dumpfve.sys
Service Name: ---
Module Base: 82101000
Module End: 82112000
Hidden: Yes
Module Name: C:\Windows\system32\DRIVERS\monitor.sys
Service Name: monitor
Module Base: 82112000
Module End: 8211D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbccgp.sys
Service Name: usbccgp
Module Base: 8211D000
Module End: 82134000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\USBD.SYS
Service Name: ---
Module Base: 82134000
Module End: 82136000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\hidusb.sys
Service Name: HidUsb
Module Base: 82136000
Module End: 82141000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HIDCLASS.SYS
Service Name: ---
Module Base: 82141000
Module End: 82154000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HIDPARSE.SYS
Service Name: ---
Module Base: 82154000
Module End: 8215B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\kbdhid.sys
Service Name: kbdhid
Module Base: 8215B000
Module End: 82167000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\SaiK0728.sys
Service Name: SaiK0728
Module Base: 82167000
Module End: 82185000
Hidden: No
Module Name: C:\Windows\system32\drivers\luafv.sys
Service Name: luafv
Module Base: 82185000
Module End: 821A0000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\WlanUZAG.sys
Service Name: SA760V32
Module Base: 9143B000
Module End: 91515000
Hidden: No
Module Name: C:\Windows\system32\drivers\WudfPf.sys
Service Name: WudfPf
Module Base: 91515000
Module End: 9152F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\lltdio.sys
Service Name: lltdio
Module Base: 9152F000
Module End: 9153F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nwifi.sys
Service Name: NativeWifiP
Module Base: 9153F000
Module End: 91585000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndisuio.sys
Service Name: Ndisuio
Module Base: 91585000
Module End: 91595000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rspndr.sys
Service Name: rspndr
Module Base: 91595000
Module End: 915A8000
Hidden: No
Module Name: C:\Windows\system32\drivers\HTTP.sys
Service Name: HTTP
Module Base: 9A013000
Module End: 9A098000
Hidden: No
Module Name: C:\Windows\system32\drivers\usbaudio.sys
Service Name: usbaudio
Module Base: 9A098000
Module End: 9A0AC000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\bowser.sys
Service Name: bowser
Module Base: 9A0AC000
Module End: 9A0C5000
Hidden: No
Module Name: C:\Windows\System32\drivers\mpsdrv.sys
Service Name: mpsdrv
Module Base: 9A0C5000
Module End: 9A0D7000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb.sys
Service Name: mrxsmb
Module Base: 9A0D7000
Module End: 9A0FA000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Service Name: mrxsmb10
Module Base: 9A0FA000
Module End: 9A135000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Service Name: mrxsmb20
Module Base: 9A135000
Module End: 9A150000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\parvdm.sys
Service Name: Parvdm
Module Base: 9A150000
Module End: 9A157000
Hidden: No
Module Name: \??\C:\Windows\system32\drivers\ESLWireACD.sys
Service Name: ESLWireAC
Module Base: 9FA12000
Module End: 9FADF000
Hidden: No
Module Name: C:\Windows\system32\drivers\peauth.sys
Service Name: PEAUTH
Module Base: 9FADF000
Module End: 9FB76000
Hidden: No
Module Name: C:\Windows\System32\Drivers\secdrv.SYS
Service Name: ---
Module Base: 9FB76000
Module End: 9FB80000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srvnet.sys
Service Name: srvnet
Module Base: 9FB80000
Module End: 9FBA1000
Hidden: No
Module Name: C:\Windows\system32\drivers\spsys.sys
Service Name: ---
Module Base: 9A157000
Module End: 9A1C1000
Hidden: No
Module Name: C:\Windows\System32\drivers\tcpipreg.sys
Service Name: tcpipreg
Module Base: 9FBA1000
Module End: 9FBAE000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srv2.sys
Service Name: srv2
Module Base: 9FBAE000
Module End: 9FBFD000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srv.sys
Service Name: srv
Module Base: 915A8000
Module End: 915F9000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mouhid.sys
Service Name: mouhid
Module Base: 9FA00000
Module End: 9FA0B000
Hidden: No
******************************************************************************************
******************************************************************************************
No SSDT Hooks found
******************************************************************************************
******************************************************************************************
No Kernel Hooks found
******************************************************************************************
******************************************************************************************
No IRP Hooks found
******************************************************************************************
******************************************************************************************
Ports:
Local Address: HOME-PC:49519
Remote Address: LIVEBOX-98F0:49153
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:49518
Remote Address: LIVEBOX-98F0:49153
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:49514
Remote Address: 193.41.200.136:HTTP
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:ICSLAP
Remote Address: LIVEBOX-98F0:3271
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:ICSLAP
Remote Address: LIVEBOX-98F0:3270
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:ICSLAP
Remote Address: LIVEBOX-98F0:MSFT-GC-SSL
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:ICSLAP
Remote Address: LIVEBOX-98F0:MSFT-GC
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:NETBIOS-SSN
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: HOME-PC:49168
Remote Address: LOCALHOST:27015
Type: TCP
Process: 4020 (PID)
State: ESTABLISHED
Local Address: HOME-PC:27015
Remote Address: LOCALHOST:49168
Type: TCP
Process: 1544 (PID)
State: ESTABLISHED
Local Address: HOME-PC:27015
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1544 (PID)
State: LISTENING
Local Address: HOME-PC:5354
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1600 (PID)
State: LISTENING
Local Address: HOME-PC:49158
Remote Address: 0.0.0.0:0
Type: TCP
Process: 536 (PID)
State: LISTENING
Local Address: HOME-PC:49156
Remote Address: 0.0.0.0:0
Type: TCP
Process: 2248 (PID)
State: LISTENING
Local Address: HOME-PC:49155
Remote Address: 0.0.0.0:0
Type: TCP
Process: 516 (PID)
State: LISTENING
Local Address: HOME-PC:49154
Remote Address: 0.0.0.0:0
Type: TCP
Process: 924 (PID)
State: LISTENING
Local Address: HOME-PC:49153
Remote Address: 0.0.0.0:0
Type: TCP
Process: 844 (PID)
State: LISTENING
Local Address: HOME-PC:49152
Remote Address: 0.0.0.0:0
Type: TCP
Process: 468 (PID)
State: LISTENING
Local Address: HOME-PC:10243
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: HOME-PC:WSD
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: HOME-PC:ICSLAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: HOME-PC:RTSP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 2628 (PID)
State: LISTENING
Local Address: HOME-PC:MICROSOFT-DS
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: HOME-PC:EPMAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 788 (PID)
State: LISTENING
Local Address: HOME-PC:56430
Remote Address: NA
Type: UDP
Process: 924 (PID)
State: NA
Local Address: HOME-PC:56165
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:5353
Remote Address: NA
Type: UDP
Process: 1600 (PID)
State: NA
Local Address: HOME-PC:SSDP
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:138
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA
Local Address: HOME-PC:NETBIOS-NS
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA
Local Address: HOME-PC:59670
Remote Address: NA
Type: UDP
Process: 4020 (PID)
State: NA
Local Address: HOME-PC:59669
Remote Address: NA
Type: UDP
Process: 4020 (PID)
State: NA
Local Address: HOME-PC:56166
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:49686
Remote Address: NA
Type: UDP
Process: 4012 (PID)
State: NA
Local Address: HOME-PC:49153
Remote Address: NA
Type: UDP
Process: 1544 (PID)
State: NA
Local Address: HOME-PC:49152
Remote Address: NA
Type: UDP
Process: 1544 (PID)
State: NA
Local Address: HOME-PC:SSDP
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:62162
Remote Address: NA
Type: UDP
Process: 1052 (PID)
State: NA
Local Address: HOME-PC:59671
Remote Address: NA
Type: UDP
Process: 1052 (PID)
State: NA
Local Address: HOME-PC:49156
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:49154
Remote Address: NA
Type: UDP
Process: 1600 (PID)
State: NA
Local Address: HOME-PC:LLMNR
Remote Address: NA
Type: UDP
Process: 1200 (PID)
State: NA
Local Address: HOME-PC:5005
Remote Address: NA
Type: UDP
Process: 2628 (PID)
State: NA
Local Address: HOME-PC:5004
Remote Address: NA
Type: UDP
Process: 2628 (PID)
State: NA
Local Address: HOME-PC:IPSEC-MSFT
Remote Address: NA
Type: UDP
Process: 924 (PID)
State: NA
Local Address: HOME-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1052 (PID)
State: NA
Local Address: HOME-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1052 (PID)
State: NA
Local Address: HOME-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:TEREDO
Remote Address: NA
Type: UDP
Process: 924 (PID)
State: NA
Local Address: HOME-PC:500
Remote Address: NA
Type: UDP
Process: 924 (PID)
State: NA
******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: E:\System Volume Information\tracking.log
Status: Access denied
Object: C:\System Volume Information\Chkdsk
Status: Access denied
Object: C:\System Volume Information\MountPointManagerRemoteDatabase
Status: Access denied
Object: C:\System Volume Information\SPP
Status: Access denied
Object: C:\System Volume Information\Syscache.hve
Status: Access denied
Object: C:\System Volume Information\Syscache.hve.LOG1
Status: Access denied
Object: C:\System Volume Information\Syscache.hve.LOG2
Status: Access denied
Object: C:\System Volume Information\tracking.log
Status: Access denied
Object: C:\System Volume Information\Windows Backup
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\SPPMetadataCache
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup
Status: Access denied
Object: C:\System Volume Information\{242b0324-427b-11e0-8402-00ff01000001}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\System Volume Information\{9a9454a4-4477-11e0-b589-00ff01000001}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\System Volume Information\{9a9454a8-4477-11e0-b589-00ff01000001}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\System Volume Information\{9a9454ad-4477-11e0-b589-00ff01000001}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\System Volume Information\{fbd35fb7-3ce2-11e0-8a3f-00ff01000001}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\namespace
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\pq
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\sm
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\temp
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession7.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
Status: Access denied
by swatkat
******************************************************************************************
******************************************************************************************
No Processes found
******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \??\C:\Users\Home\Desktop\SysProt\SysProtDrv.sys
Service Name: SysProtDrv.sys
Module Base: 9A1C1000
Module End: 9A1CC000
Hidden: No
Module Name: C:\Windows\system32\ntkrnlpa.exe
Service Name: ---
Module Base: 8324A000
Module End: 8365A000
Hidden: No
Module Name: C:\Windows\system32\halmacpi.dll
Service Name: ---
Module Base: 83213000
Module End: 8324A000
Hidden: No
Module Name: C:\Windows\system32\kdcom.dll
Service Name: ---
Module Base: 80B97000
Module End: 80B9F000
Hidden: No
Module Name: C:\Windows\system32\mcupdate_GenuineIntel.dll
Service Name: ---
Module Base: 8BC35000
Module End: 8BCAD000
Hidden: No
Module Name: C:\Windows\system32\PSHED.dll
Service Name: ---
Module Base: 8BCAD000
Module End: 8BCBE000
Hidden: No
Module Name: C:\Windows\system32\BOOTVID.dll
Service Name: ---
Module Base: 8BCBE000
Module End: 8BCC6000
Hidden: No
Module Name: C:\Windows\system32\CLFS.SYS
Service Name: CLFS
Module Base: 8BCC6000
Module End: 8BD08000
Hidden: No
Module Name: C:\Windows\system32\CI.dll
Service Name: ---
Module Base: 8BD08000
Module End: 8BDB3000
Hidden: No
Module Name: C:\Windows\system32\drivers\Wdf01000.sys
Service Name: Wdf01000
Module Base: 8BE1E000
Module End: 8BE8F000
Hidden: No
Module Name: C:\Windows\system32\drivers\WDFLDR.SYS
Service Name: ---
Module Base: 8BE8F000
Module End: 8BE9D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ACPI.sys
Service Name: ACPI
Module Base: 8BE9D000
Module End: 8BEE5000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\WMILIB.SYS
Service Name: ---
Module Base: 8BEE5000
Module End: 8BEEE000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\msisadrv.sys
Service Name: msisadrv
Module Base: 8BEEE000
Module End: 8BEF6000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pci.sys
Service Name: pci
Module Base: 8BEF6000
Module End: 8BF20000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\vdrvroot.sys
Service Name: vdrvroot
Module Base: 8BF20000
Module End: 8BF2B000
Hidden: No
Module Name: C:\Windows\System32\drivers\partmgr.sys
Service Name: partmgr
Module Base: 8BF2B000
Module End: 8BF3C000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\volmgr.sys
Service Name: volmgr
Module Base: 8BF3C000
Module End: 8BF4C000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pciide.sys
Service Name: pciide
Module Base: 8BF97000
Module End: 8BF9E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\PCIIDEX.SYS
Service Name: ---
Module Base: 8BF9E000
Module End: 8BFAC000
Hidden: No
Module Name: C:\Windows\System32\drivers\mountmgr.sys
Service Name: mountmgr
Module Base: 8BFAC000
Module End: 8BFC2000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\atapi.sys
Service Name: atapi
Module Base: 8BFC2000
Module End: 8BFCB000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ataport.SYS
Service Name: ---
Module Base: 8BFCB000
Module End: 8BFEE000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\jraid.sys
Service Name: JRAID
Module Base: 8BE00000
Module End: 8BE1B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\SCSIPORT.SYS
Service Name: ---
Module Base: 8BDB3000
Module End: 8BDD9000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\amdxata.sys
Service Name: amdxata
Module Base: 8BFEE000
Module End: 8BFF7000
Hidden: No
Module Name: C:\Windows\system32\drivers\fltmgr.sys
Service Name: FltMgr
Module Base: 8BC00000
Module End: 8BC34000
Hidden: No
Module Name: C:\Windows\system32\drivers\fileinfo.sys
Service Name: FileInfo
Module Base: 8BDD9000
Module End: 8BDEA000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Ntfs.sys
Service Name: ---
Module Base: 8C018000
Module End: 8C147000
Hidden: No
Module Name: C:\Windows\System32\Drivers\msrpc.sys
Service Name: ---
Module Base: 8C147000
Module End: 8C172000
Hidden: No
Module Name: C:\Windows\System32\Drivers\ksecdd.sys
Service Name: KSecDD
Module Base: 8C172000
Module End: 8C185000
Hidden: No
Module Name: C:\Windows\System32\Drivers\cng.sys
Service Name: CNG
Module Base: 8C185000
Module End: 8C1E2000
Hidden: No
Module Name: C:\Windows\System32\drivers\pcw.sys
Service Name: pcw
Module Base: 8C1E2000
Module End: 8C1F0000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Fs_Rec.sys
Service Name: ---
Module Base: 8C1F0000
Module End: 8C1F9000
Hidden: No
Module Name: C:\Windows\system32\drivers\ndis.sys
Service Name: NDIS
Module Base: 8C21A000
Module End: 8C2D1000
Hidden: No
Module Name: C:\Windows\system32\drivers\NETIO.SYS
Service Name: ---
Module Base: 8C2D1000
Module End: 8C30F000
Hidden: No
Module Name: C:\Windows\System32\Drivers\ksecpkg.sys
Service Name: KSecPkg
Module Base: 8C30F000
Module End: 8C334000
Hidden: No
Module Name: C:\Windows\System32\drivers\tcpip.sys
Service Name: Tcpip
Module Base: 8C411000
Module End: 8C55A000
Hidden: No
Module Name: C:\Windows\System32\drivers\fwpkclnt.sys
Service Name: ---
Module Base: 8C55A000
Module End: 8C58B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\vmstorfl.sys
Service Name: storflt
Module Base: 8C58B000
Module End: 8C594000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\volsnap.sys
Service Name: volsnap
Module Base: 8C594000
Module End: 8C5D3000
Hidden: No
Module Name: C:\Windows\System32\Drivers\spldr.sys
Service Name: ---
Module Base: 8C5D3000
Module End: 8C5DB000
Hidden: No
Module Name: C:\Windows\System32\drivers\rdyboost.sys
Service Name: rdyboost
Module Base: 8C334000
Module End: 8C361000
Hidden: No
Module Name: C:\Windows\System32\Drivers\mup.sys
Service Name: Mup
Module Base: 8C5DB000
Module End: 8C5EB000
Hidden: No
Module Name: C:\Windows\System32\drivers\hwpolicy.sys
Service Name: hwpolicy
Module Base: 8C5EB000
Module End: 8C5F3000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\fvevol.sys
Service Name: fvevol
Module Base: 8C361000
Module End: 8C393000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\disk.sys
Service Name: Disk
Module Base: 8C400000
Module End: 8C411000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\CLASSPNP.SYS
Service Name: ---
Module Base: 8C393000
Module End: 8C3B8000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\cdrom.sys
Service Name: cdrom
Module Base: 8C3DD000
Module End: 8C3FC000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Null.SYS
Service Name: ---
Module Base: 8C200000
Module End: 8C207000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Beep.SYS
Service Name: ---
Module Base: 8C207000
Module End: 8C20E000
Hidden: No
Module Name: C:\Windows\System32\drivers\vga.sys
Service Name: vga
Module Base: 8C20E000
Module End: 8C21A000
Hidden: No
Module Name: C:\Windows\System32\drivers\VIDEOPRT.SYS
Service Name: ---
Module Base: 9121A000
Module End: 9123B000
Hidden: No
Module Name: C:\Windows\System32\drivers\watchdog.sys
Service Name: ---
Module Base: 9123B000
Module End: 91248000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\RDPCDD.sys
Service Name: RDPCDD
Module Base: 91248000
Module End: 91250000
Hidden: No
Module Name: C:\Windows\system32\drivers\rdpencdd.sys
Service Name: RDPENCDD
Module Base: 91250000
Module End: 91258000
Hidden: No
Module Name: C:\Windows\system32\drivers\rdprefmp.sys
Service Name: RDPREFMP
Module Base: 91258000
Module End: 91260000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Msfs.SYS
Service Name: ---
Module Base: 91260000
Module End: 9126B000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Npfs.SYS
Service Name: ---
Module Base: 9126B000
Module End: 91279000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\tdx.sys
Service Name: tdx
Module Base: 91279000
Module End: 91290000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\TDI.SYS
Service Name: ---
Module Base: 91290000
Module End: 9129B000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\netbt.sys
Service Name: NetBT
Module Base: 9129B000
Module End: 912CD000
Hidden: No
Module Name: C:\Windows\system32\drivers\afd.sys
Service Name: AFD
Module Base: 912CD000
Module End: 91327000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\wfplwf.sys
Service Name: WfpLwf
Module Base: 91327000
Module End: 9132E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pacer.sys
Service Name: Psched
Module Base: 9132E000
Module End: 9134D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\netbios.sys
Service Name: NetBIOS
Module Base: 9134D000
Module End: 9135B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\serial.sys
Service Name: Serial
Module Base: 9135B000
Module End: 91375000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\wanarp.sys
Service Name: WANARP
Module Base: 91375000
Module End: 91388000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\termdd.sys
Service Name: TermDD
Module Base: 91388000
Module End: 91398000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rdbss.sys
Service Name: rdbss
Module Base: 91398000
Module End: 913D9000
Hidden: No
Module Name: C:\Windows\system32\drivers\nsiproxy.sys
Service Name: nsiproxy
Module Base: 913D9000
Module End: 913E3000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mssmbios.sys
Service Name: mssmbios
Module Base: 913E3000
Module End: 913ED000
Hidden: No
Module Name: C:\Windows\System32\drivers\discache.sys
Service Name: discache
Module Base: 913ED000
Module End: 913F9000
Hidden: No
Module Name: C:\Windows\system32\drivers\csc.sys
Service Name: CSC
Module Base: 91835000
Module End: 91899000
Hidden: No
Module Name: C:\Windows\System32\Drivers\dfsc.sys
Service Name: DfsC
Module Base: 91899000
Module End: 918B1000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\blbdrive.sys
Service Name: blbdrive
Module Base: 918B1000
Module End: 918BF000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\tunnel.sys
Service Name: tunnel
Module Base: 918BF000
Module End: 918E0000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\intelppm.sys
Service Name: intelppm
Module Base: 918E0000
Module End: 918F2000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvlddmkm.sys
Service Name: nvlddmkm
Module Base: 92435000
Module End: 92D46000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvBridge.kmd
Service Name: ---
Module Base: 92D46000
Module End: 92D48000
Hidden: No
Module Name: C:\Windows\System32\drivers\dxgkrnl.sys
Service Name: DXGKrnl
Module Base: 92D48000
Module End: 92DFF000
Hidden: No
Module Name: C:\Windows\System32\drivers\dxgmms1.sys
Service Name: ---
Module Base: 918F2000
Module End: 9192B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HDAudBus.sys
Service Name: HDAudBus
Module Base: 92400000
Module End: 9241F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbuhci.sys
Service Name: usbuhci
Module Base: 9241F000
Module End: 9242A000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\USBPORT.SYS
Service Name: ---
Module Base: 9192B000
Module End: 91976000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbehci.sys
Service Name: usbehci
Module Base: 91976000
Module End: 91985000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\Rt86win7.sys
Service Name: RTL8167
Module Base: 91985000
Module End: 919B6000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\serenum.sys
Service Name: Serenum
Module Base: 9242A000
Module End: 92434000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\parport.sys
Service Name: Parport
Module Base: 919B6000
Module End: 919CE000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
Service Name: GEARAspiWDM
Module Base: 919CE000
Module End: 919D4000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\CompositeBus.sys
Service Name: CompositeBus
Module Base: 919D4000
Module End: 919E1000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\AgileVpn.sys
Service Name: RasAgileVpn
Module Base: 919E1000
Module End: 919F3000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rasl2tp.sys
Service Name: Rasl2tp
Module Base: 91800000
Module End: 91818000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndistapi.sys
Service Name: NdisTapi
Module Base: 91818000
Module End: 91823000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndiswan.sys
Service Name: NdisWan
Module Base: 96624000
Module End: 96646000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\raspppoe.sys
Service Name: RasPppoe
Module Base: 96646000
Module End: 9665E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\raspptp.sys
Service Name: PptpMiniport
Module Base: 9665E000
Module End: 96675000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rassstp.sys
Service Name: RasSstp
Module Base: 96675000
Module End: 9668C000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ESLvnic.sys
Service Name: ESLvnic1
Module Base: 9668C000
Module End: 96695000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rdpbus.sys
Service Name: rdpbus
Module Base: 96695000
Module End: 9669F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\kbdclass.sys
Service Name: kbdclass
Module Base: 9669F000
Module End: 966AC000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mouclass.sys
Service Name: mouclass
Module Base: 966AC000
Module End: 966B9000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\swenum.sys
Service Name: swenum
Module Base: 966B9000
Module End: 966BB000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ks.sys
Service Name: ---
Module Base: 966BB000
Module End: 966EF000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\umbus.sys
Service Name: umbus
Module Base: 966EF000
Module End: 966FD000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbhub.sys
Service Name: usbhub
Module Base: 966FD000
Module End: 96741000
Hidden: No
Module Name: C:\Windows\System32\Drivers\NDProxy.SYS
Service Name: ---
Module Base: 96741000
Module End: 96752000
Hidden: No
Module Name: C:\Windows\system32\drivers\nvhda32v.sys
Service Name: NVHDA
Module Base: 96752000
Module End: 96765000
Hidden: No
Module Name: C:\Windows\system32\drivers\portcls.sys
Service Name: ---
Module Base: 96765000
Module End: 96794000
Hidden: No
Module Name: C:\Windows\system32\drivers\drmk.sys
Service Name: ---
Module Base: 96794000
Module End: 967AD000
Hidden: No
Module Name: C:\Windows\system32\drivers\RTKVHDA.sys
Service Name: IntcAzAudAddService
Module Base: 81E36000
Module End: 820D6000
Hidden: No
Module Name: C:\Windows\System32\drivers\Dxapi.sys
Service Name: ---
Module Base: 820D6000
Module End: 820E0000
Hidden: No
Module Name: C:\Windows\System32\Drivers\crashdmp.sys
Service Name: ---
Module Base: 820E0000
Module End: 820ED000
Hidden: No
Module Name: \SystemRoot\System32\Drivers\dump_dumpata.sys
Service Name: ---
Module Base: 820ED000
Module End: 820F8000
Hidden: Yes
Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys
Service Name: ---
Module Base: 820F8000
Module End: 82101000
Hidden: Yes
Module Name: \SystemRoot\System32\Drivers\dump_dumpfve.sys
Service Name: ---
Module Base: 82101000
Module End: 82112000
Hidden: Yes
Module Name: C:\Windows\system32\DRIVERS\monitor.sys
Service Name: monitor
Module Base: 82112000
Module End: 8211D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbccgp.sys
Service Name: usbccgp
Module Base: 8211D000
Module End: 82134000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\USBD.SYS
Service Name: ---
Module Base: 82134000
Module End: 82136000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\hidusb.sys
Service Name: HidUsb
Module Base: 82136000
Module End: 82141000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HIDCLASS.SYS
Service Name: ---
Module Base: 82141000
Module End: 82154000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HIDPARSE.SYS
Service Name: ---
Module Base: 82154000
Module End: 8215B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\kbdhid.sys
Service Name: kbdhid
Module Base: 8215B000
Module End: 82167000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\SaiK0728.sys
Service Name: SaiK0728
Module Base: 82167000
Module End: 82185000
Hidden: No
Module Name: C:\Windows\system32\drivers\luafv.sys
Service Name: luafv
Module Base: 82185000
Module End: 821A0000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\WlanUZAG.sys
Service Name: SA760V32
Module Base: 9143B000
Module End: 91515000
Hidden: No
Module Name: C:\Windows\system32\drivers\WudfPf.sys
Service Name: WudfPf
Module Base: 91515000
Module End: 9152F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\lltdio.sys
Service Name: lltdio
Module Base: 9152F000
Module End: 9153F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nwifi.sys
Service Name: NativeWifiP
Module Base: 9153F000
Module End: 91585000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndisuio.sys
Service Name: Ndisuio
Module Base: 91585000
Module End: 91595000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rspndr.sys
Service Name: rspndr
Module Base: 91595000
Module End: 915A8000
Hidden: No
Module Name: C:\Windows\system32\drivers\HTTP.sys
Service Name: HTTP
Module Base: 9A013000
Module End: 9A098000
Hidden: No
Module Name: C:\Windows\system32\drivers\usbaudio.sys
Service Name: usbaudio
Module Base: 9A098000
Module End: 9A0AC000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\bowser.sys
Service Name: bowser
Module Base: 9A0AC000
Module End: 9A0C5000
Hidden: No
Module Name: C:\Windows\System32\drivers\mpsdrv.sys
Service Name: mpsdrv
Module Base: 9A0C5000
Module End: 9A0D7000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb.sys
Service Name: mrxsmb
Module Base: 9A0D7000
Module End: 9A0FA000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Service Name: mrxsmb10
Module Base: 9A0FA000
Module End: 9A135000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Service Name: mrxsmb20
Module Base: 9A135000
Module End: 9A150000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\parvdm.sys
Service Name: Parvdm
Module Base: 9A150000
Module End: 9A157000
Hidden: No
Module Name: \??\C:\Windows\system32\drivers\ESLWireACD.sys
Service Name: ESLWireAC
Module Base: 9FA12000
Module End: 9FADF000
Hidden: No
Module Name: C:\Windows\system32\drivers\peauth.sys
Service Name: PEAUTH
Module Base: 9FADF000
Module End: 9FB76000
Hidden: No
Module Name: C:\Windows\System32\Drivers\secdrv.SYS
Service Name: ---
Module Base: 9FB76000
Module End: 9FB80000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srvnet.sys
Service Name: srvnet
Module Base: 9FB80000
Module End: 9FBA1000
Hidden: No
Module Name: C:\Windows\system32\drivers\spsys.sys
Service Name: ---
Module Base: 9A157000
Module End: 9A1C1000
Hidden: No
Module Name: C:\Windows\System32\drivers\tcpipreg.sys
Service Name: tcpipreg
Module Base: 9FBA1000
Module End: 9FBAE000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srv2.sys
Service Name: srv2
Module Base: 9FBAE000
Module End: 9FBFD000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srv.sys
Service Name: srv
Module Base: 915A8000
Module End: 915F9000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mouhid.sys
Service Name: mouhid
Module Base: 9FA00000
Module End: 9FA0B000
Hidden: No
******************************************************************************************
******************************************************************************************
No SSDT Hooks found
******************************************************************************************
******************************************************************************************
No Kernel Hooks found
******************************************************************************************
******************************************************************************************
No IRP Hooks found
******************************************************************************************
******************************************************************************************
Ports:
Local Address: HOME-PC:49519
Remote Address: LIVEBOX-98F0:49153
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:49518
Remote Address: LIVEBOX-98F0:49153
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:49514
Remote Address: 193.41.200.136:HTTP
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:ICSLAP
Remote Address: LIVEBOX-98F0:3271
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:ICSLAP
Remote Address: LIVEBOX-98F0:3270
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:ICSLAP
Remote Address: LIVEBOX-98F0:MSFT-GC-SSL
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:ICSLAP
Remote Address: LIVEBOX-98F0:MSFT-GC
Type: TCP
Process: 0 (PID)
State: TIME_WAIT
Local Address: HOME-PC:NETBIOS-SSN
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: HOME-PC:49168
Remote Address: LOCALHOST:27015
Type: TCP
Process: 4020 (PID)
State: ESTABLISHED
Local Address: HOME-PC:27015
Remote Address: LOCALHOST:49168
Type: TCP
Process: 1544 (PID)
State: ESTABLISHED
Local Address: HOME-PC:27015
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1544 (PID)
State: LISTENING
Local Address: HOME-PC:5354
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1600 (PID)
State: LISTENING
Local Address: HOME-PC:49158
Remote Address: 0.0.0.0:0
Type: TCP
Process: 536 (PID)
State: LISTENING
Local Address: HOME-PC:49156
Remote Address: 0.0.0.0:0
Type: TCP
Process: 2248 (PID)
State: LISTENING
Local Address: HOME-PC:49155
Remote Address: 0.0.0.0:0
Type: TCP
Process: 516 (PID)
State: LISTENING
Local Address: HOME-PC:49154
Remote Address: 0.0.0.0:0
Type: TCP
Process: 924 (PID)
State: LISTENING
Local Address: HOME-PC:49153
Remote Address: 0.0.0.0:0
Type: TCP
Process: 844 (PID)
State: LISTENING
Local Address: HOME-PC:49152
Remote Address: 0.0.0.0:0
Type: TCP
Process: 468 (PID)
State: LISTENING
Local Address: HOME-PC:10243
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: HOME-PC:WSD
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: HOME-PC:ICSLAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: HOME-PC:RTSP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 2628 (PID)
State: LISTENING
Local Address: HOME-PC:MICROSOFT-DS
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: HOME-PC:EPMAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 788 (PID)
State: LISTENING
Local Address: HOME-PC:56430
Remote Address: NA
Type: UDP
Process: 924 (PID)
State: NA
Local Address: HOME-PC:56165
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:5353
Remote Address: NA
Type: UDP
Process: 1600 (PID)
State: NA
Local Address: HOME-PC:SSDP
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:138
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA
Local Address: HOME-PC:NETBIOS-NS
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA
Local Address: HOME-PC:59670
Remote Address: NA
Type: UDP
Process: 4020 (PID)
State: NA
Local Address: HOME-PC:59669
Remote Address: NA
Type: UDP
Process: 4020 (PID)
State: NA
Local Address: HOME-PC:56166
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:49686
Remote Address: NA
Type: UDP
Process: 4012 (PID)
State: NA
Local Address: HOME-PC:49153
Remote Address: NA
Type: UDP
Process: 1544 (PID)
State: NA
Local Address: HOME-PC:49152
Remote Address: NA
Type: UDP
Process: 1544 (PID)
State: NA
Local Address: HOME-PC:SSDP
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:62162
Remote Address: NA
Type: UDP
Process: 1052 (PID)
State: NA
Local Address: HOME-PC:59671
Remote Address: NA
Type: UDP
Process: 1052 (PID)
State: NA
Local Address: HOME-PC:49156
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:49154
Remote Address: NA
Type: UDP
Process: 1600 (PID)
State: NA
Local Address: HOME-PC:LLMNR
Remote Address: NA
Type: UDP
Process: 1200 (PID)
State: NA
Local Address: HOME-PC:5005
Remote Address: NA
Type: UDP
Process: 2628 (PID)
State: NA
Local Address: HOME-PC:5004
Remote Address: NA
Type: UDP
Process: 2628 (PID)
State: NA
Local Address: HOME-PC:IPSEC-MSFT
Remote Address: NA
Type: UDP
Process: 924 (PID)
State: NA
Local Address: HOME-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1052 (PID)
State: NA
Local Address: HOME-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1052 (PID)
State: NA
Local Address: HOME-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1728 (PID)
State: NA
Local Address: HOME-PC:TEREDO
Remote Address: NA
Type: UDP
Process: 924 (PID)
State: NA
Local Address: HOME-PC:500
Remote Address: NA
Type: UDP
Process: 924 (PID)
State: NA
******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: E:\System Volume Information\tracking.log
Status: Access denied
Object: C:\System Volume Information\Chkdsk
Status: Access denied
Object: C:\System Volume Information\MountPointManagerRemoteDatabase
Status: Access denied
Object: C:\System Volume Information\SPP
Status: Access denied
Object: C:\System Volume Information\Syscache.hve
Status: Access denied
Object: C:\System Volume Information\Syscache.hve.LOG1
Status: Access denied
Object: C:\System Volume Information\Syscache.hve.LOG2
Status: Access denied
Object: C:\System Volume Information\tracking.log
Status: Access denied
Object: C:\System Volume Information\Windows Backup
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\SPPMetadataCache
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup
Status: Access denied
Object: C:\System Volume Information\{242b0324-427b-11e0-8402-00ff01000001}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\System Volume Information\{9a9454a4-4477-11e0-b589-00ff01000001}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\System Volume Information\{9a9454a8-4477-11e0-b589-00ff01000001}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\System Volume Information\{9a9454ad-4477-11e0-b589-00ff01000001}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\System Volume Information\{fbd35fb7-3ce2-11e0-8a3f-00ff01000001}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\namespace
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\pq
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\sm
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\temp
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession7.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
Status: Access denied
lasource37
Messages postés
225
Date d'inscription
lundi 21 décembre 2009
Statut
Membre
Dernière intervention
19 mai 2015
2 mars 2011 à 12:20
2 mars 2011 à 12:20
Combofix ne marche toujours pas toujours la meme chose.
Utilisateur anonyme
2 mars 2011 à 12:23
2 mars 2011 à 12:23
voyons voir ce que donne ceci :
https://forums.commentcamarche.net/forum/affich-21044049-antimalware-doctor?page=6#132
https://forums.commentcamarche.net/forum/affich-21044049-antimalware-doctor?page=6#132
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
2 mars 2011 à 12:24
2 mars 2011 à 12:24
gen regarde syspro
on a une piste
3 hidden
on a une piste
3 hidden
Lyonnais92
Messages postés
25159
Date d'inscription
vendredi 23 juin 2006
Statut
Contributeur sécurité
Dernière intervention
16 septembre 2016
1 536
2 mars 2011 à 12:48
2 mars 2011 à 12:48
Bonjour,
je crains une fausse piste avec Sysprot :
https://community.norton.com/forums/question-hidden-drivers-using-sysprotexe
https://www.greatis.com/appdata/n/_/_sysdir__drivers_dump_dumpfve.sys.htm
https://www.greatis.com/appdata/n/d/dump_atapi.sys.htm
@+
je crains une fausse piste avec Sysprot :
https://community.norton.com/forums/question-hidden-drivers-using-sysprotexe
https://www.greatis.com/appdata/n/_/_sysdir__drivers_dump_dumpfve.sys.htm
https://www.greatis.com/appdata/n/d/dump_atapi.sys.htm
@+
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
2 mars 2011 à 12:51
2 mars 2011 à 12:51
arf
bonjour lyonnais
j'aime pas quand tu parles ainsi
je chechais justement à interpréter le rapport...
on va passer au cdlive oltpe alors, sauf si tu as une brillante idée
bonjour lyonnais
j'aime pas quand tu parles ainsi
je chechais justement à interpréter le rapport...
on va passer au cdlive oltpe alors, sauf si tu as une brillante idée
lasource37
Messages postés
225
Date d'inscription
lundi 21 décembre 2009
Statut
Membre
Dernière intervention
19 mai 2015
2 mars 2011 à 12:27
2 mars 2011 à 12:27
gen sa ne marche pas ce qui tu viens de me dire.
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
2 mars 2011 à 12:30
2 mars 2011 à 12:30
Télécharge SEAF ( de C__XX ) sur ton bureau :
ici http://www.teamxscript.org/SEAFTelechargement.html
* Double clique sur "SEAF.exe" ( clique droit et "Exécuter en tant qu'administrateur" pour Vista / 7 ) pour lancer l'outil.
* Dans l'encardré blanc " Entrez ci dessous...." copie/colle ceci :
atapi.sys
* Au niveau des " options des fichiers ", fait les réglages suivant :
> A "Calculer le checksum" , choisis : MD5
> Coche la case devant " Info. supplémentaire ".
> Coche la case devant " Afficher les ADS "
* Au niveau des " options du registre " :
> coche " chercher également dans le registre "
( ne touche à aucun autre réglage )
* Clique sur " Lancer la recherche " et laisse travailler l'outil ...
( cela peut-être plus ou moins long suivant les cas ).
--> Une fois terminé, une fenêtre avec un log .txt va s'afficher. Enregistre ce rapport de façon à le retrouver facilement ( sur le bureau par exemple ). Sinon il sera en outre sauvegardé à la racine de ton disque dur ( ici > C:\SEAFLog.txt )
ici http://www.teamxscript.org/SEAFTelechargement.html
* Double clique sur "SEAF.exe" ( clique droit et "Exécuter en tant qu'administrateur" pour Vista / 7 ) pour lancer l'outil.
* Dans l'encardré blanc " Entrez ci dessous...." copie/colle ceci :
atapi.sys
* Au niveau des " options des fichiers ", fait les réglages suivant :
> A "Calculer le checksum" , choisis : MD5
> Coche la case devant " Info. supplémentaire ".
> Coche la case devant " Afficher les ADS "
* Au niveau des " options du registre " :
> coche " chercher également dans le registre "
( ne touche à aucun autre réglage )
* Clique sur " Lancer la recherche " et laisse travailler l'outil ...
( cela peut-être plus ou moins long suivant les cas ).
--> Une fois terminé, une fenêtre avec un log .txt va s'afficher. Enregistre ce rapport de façon à le retrouver facilement ( sur le bureau par exemple ). Sinon il sera en outre sauvegardé à la racine de ton disque dur ( ici > C:\SEAFLog.txt )
lasource37
Messages postés
225
Date d'inscription
lundi 21 décembre 2009
Statut
Membre
Dernière intervention
19 mai 2015
2 mars 2011 à 12:34
2 mars 2011 à 12:34
1. ========================= SEAF 1.0.1.0 - C_XX
2.
3. Commencé à: 12:33:17 le 02/03/2011
4.
5. Valeur(s) recherchée(s):
6. atapi.sys
7.
8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès
9.
10. (!) --- Calcul du Hash "MD5"
11. (!) --- Informations supplémentaires
12. (!) --- Affichage des ADS
13. (!) --- Recherche registre
14.
15. ====== Fichier(s) ======
16.
17.
18. "C:\Windows\System32\drivers\atapi.sys" [ ARCHIVE | 22 Ko ]
19. TC: 14/07/2009,00:11:15 | TM: 14/07/2009,02:26:15 | DA: 14/07/2009,00:11:15
20.
21. Hash MD5: 338C86357871C167A96AB976519BF59E
22.
23. CompanyName: Microsoft Corporation
24. ProductName: Microsoft® Windows® Operating System
25. InternalName: atapi.sys
26. OriginalFileName: atapi.sys
27. LegalCopyright: © Microsoft Corporation. All rights reserved.
28. ProductVersion: 6.1.7600.16385
29. FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
30.
31. =========================
32.
33.
34. "C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys" [ ARCHIVE | 22 Ko ]
35. TC: 14/07/2009,00:11:15 | TM: 14/07/2009,02:26:15 | DA: 14/07/2009,00:11:15
36.
37. Hash MD5: 338C86357871C167A96AB976519BF59E
38.
39. CompanyName: Microsoft Corporation
40. ProductName: Microsoft® Windows® Operating System
41. InternalName: atapi.sys
42. OriginalFileName: atapi.sys
43. LegalCopyright: © Microsoft Corporation. All rights reserved.
44. ProductVersion: 6.1.7600.16385
45. FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
46.
47. =========================
48.
49.
50. "C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys" [ ARCHIVE | 22 Ko ]
51. TC: 14/07/2009,00:11:15 | TM: 14/07/2009,02:26:15 | DA: 14/07/2009,00:11:15
52.
53. Hash MD5: 338C86357871C167A96AB976519BF59E
54.
55. CompanyName: Microsoft Corporation
56. ProductName: Microsoft® Windows® Operating System
57. InternalName: atapi.sys
58. OriginalFileName: atapi.sys
59. LegalCopyright: © Microsoft Corporation. All rights reserved.
60. ProductVersion: 6.1.7600.16385
61. FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
62.
63. =========================
64.
65.
66.
67. ====== Entrée(s) du registre ======
68.
69.
70. [HKLM\Software\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Resolvers]
71. "SystemBinariesList"="win32k.sys:winlogon.exe:EXPLORER.EXE:CSRSS.Exe:dwm.exe:logon.scr:logonui.exe:lsass.exe:lsm.exe:ntkrpamp.exe:ntoskrnl.exe:RUNDLL32.EXE:services.exe:sppsvc.exe:smss.exe:spoolsv.exe:svchost.exe:taskeng.exe:WinInit.exe:WISPTIS.EXE:dllhost.exe:dllhst3g.exe:cscript.exe:mmc.exe:msiexec.exe:upnpcont.exe:wscript.exe:WUDFHost.exe:dfsvc.exe:dfsvc.exe:fdbs.exe:ntfsbs.exe:memdiag.exe:NETFXSBS10.exe:applaunch.exe:aspnet_compiler.exe:aspnet_regbrowsers.exe:aspnet_regiis.exe:aspnet_regsql.exe:aspnet_state.exe:aspnet_wp.exe:caspol.exe:csc.exe:CVTRES.EXE:dfsvc.exe:dw20.exe:IEExec.exe:ilasm.exe:InstallUtil.exe:jsc.exe:MSBuild.exe:mscorsvw.exe:ngen.exe:RegAsm.exe::RegSvcs.exe:vbc.exe:TrustedInstaller.exe:Aurora.scr:AutoChk.Exe:AUTOFMT.EXE:CHKDSK.EXE:CHKNTFS.EXE:consent.exe:PnPUnattend.exe:PnPutil.exe:RacAgent.exe:fsquirt.exe:Uninst.exe:updateWmc.exe:wmdc.exe:wmdsync.exe:mofcomp.exe:ScrCons.exe:smi2smir.exe:unsecapp.exe:wbemtest.exe:winmgmt.exe:wmic.exe:bfsvc.exe:Twunk_16.exe:Twunk_32.exe:wuauclt.exe:wsqmcons.exe:sapisvr.exe:WinSAT.exe:p2phost.exe:SearchProtocolHost.exe:WerFault.exe:drvinst.exe:ehshell.exe:UI0Detect.exe:ehtray.exe:HelpPane.exe:mrt.exe:SearchFilterHost.exe:mobsync.exe:Narrator.exe:SLUI.exe:taskmgr.exe:PresentationSettings.exe:vds.exe:sdclt.exe:irftp.exe:DFDWiz.exe:SndVol.exe:makecab.exe:msfeedssync.exe:unregmp2.exe:DeviceProperties.exe:rstrui.exe:MdRes.exe:netsh.exe:printui.exe:mcupdate.exe:4mmdat.sys:61883.sys:ACPI.sys:amdk7.sys:amdk8.sys:ASYNCMAC.SYS:atapi.sys:AVC.SYS:cdfs.sys:cdrom.sys:circlass.sys:cmbatt.sys:crusoe.sys:CSC.Sys:dc21x4vm.sys:disk.sys:dot4.sys:dot4usb.sys:drmkaud.sys:ecache.sys:fdc.sys:floppy.sys:hdaudbus.sys:HDAudio.sys:HIDBTH.SYS:HIDIR.SYS:i8042prt.sys:intelppm.sys:irenum.SYS:IRSIR.SYS:kbdclass.sys:kbdhid.sys:LOOP.SYS:mf.sys:monitor.sys:mouclass.sys:mouhid.sys:msisadrv.sys:msiscsi.sys:NDISWAN.SYS:nsiproxy.sys:ohci1394.sys:pci.sys:pciide.sys:powerfil.sys:processr.sys:rasl2tp.sys:raspppoe.sys:RASPPTP.SYS:RDPCDD.SYS:rfcomm.sys:sbp2port.sys:sdbus.sys:serenum.sys:serial.sys:sermouse.sys:sffdisk.sys:sffp_mmc.sys:smbios.sys:swenum.sys:tdx.sys:termdd.sys:tpm.sys:tunmp.sys:tunnel.sys:umbus.sys:update.sys:usb8023.sys:USBAudio.sys:USBCCGP.SYS:usbcir.sys:USBEHCI.sys:usbhub.sys:USBOHCI.sys:usbprint.sys:USBUHCI.sys:viac7.sys:wacompen.sys:wceusbsh.sys:winusb.sys:ws2ifsl.sys:xnacc.sys" (REG_EXPAND_SZ)
72.
73. [HKLM\Software\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles]
74. "%SystemPath%\system32\DRIVERS\atapi.sys"="1" (REG_DWORD)
75.
76. [HKLM\System\ControlSet001\services\atapi]
77. "ImagePath"="system32\DRIVERS\atapi.sys" (REG_EXPAND_SZ)
78.
79. [HKLM\System\ControlSet002\services\atapi]
80. "ImagePath"="system32\DRIVERS\atapi.sys" (REG_EXPAND_SZ)
81.
82. [HKLM\System\CurrentControlSet\services\atapi]
83. "ImagePath"="system32\DRIVERS\atapi.sys" (REG_EXPAND_SZ)
84.
85. =========================
86.
87. Fin à: 12:34:17 le 02/03/2011
88. 399894 Éléments analysés
89.
90. =========================
91. E.O.F
2.
3. Commencé à: 12:33:17 le 02/03/2011
4.
5. Valeur(s) recherchée(s):
6. atapi.sys
7.
8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès
9.
10. (!) --- Calcul du Hash "MD5"
11. (!) --- Informations supplémentaires
12. (!) --- Affichage des ADS
13. (!) --- Recherche registre
14.
15. ====== Fichier(s) ======
16.
17.
18. "C:\Windows\System32\drivers\atapi.sys" [ ARCHIVE | 22 Ko ]
19. TC: 14/07/2009,00:11:15 | TM: 14/07/2009,02:26:15 | DA: 14/07/2009,00:11:15
20.
21. Hash MD5: 338C86357871C167A96AB976519BF59E
22.
23. CompanyName: Microsoft Corporation
24. ProductName: Microsoft® Windows® Operating System
25. InternalName: atapi.sys
26. OriginalFileName: atapi.sys
27. LegalCopyright: © Microsoft Corporation. All rights reserved.
28. ProductVersion: 6.1.7600.16385
29. FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
30.
31. =========================
32.
33.
34. "C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys" [ ARCHIVE | 22 Ko ]
35. TC: 14/07/2009,00:11:15 | TM: 14/07/2009,02:26:15 | DA: 14/07/2009,00:11:15
36.
37. Hash MD5: 338C86357871C167A96AB976519BF59E
38.
39. CompanyName: Microsoft Corporation
40. ProductName: Microsoft® Windows® Operating System
41. InternalName: atapi.sys
42. OriginalFileName: atapi.sys
43. LegalCopyright: © Microsoft Corporation. All rights reserved.
44. ProductVersion: 6.1.7600.16385
45. FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
46.
47. =========================
48.
49.
50. "C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys" [ ARCHIVE | 22 Ko ]
51. TC: 14/07/2009,00:11:15 | TM: 14/07/2009,02:26:15 | DA: 14/07/2009,00:11:15
52.
53. Hash MD5: 338C86357871C167A96AB976519BF59E
54.
55. CompanyName: Microsoft Corporation
56. ProductName: Microsoft® Windows® Operating System
57. InternalName: atapi.sys
58. OriginalFileName: atapi.sys
59. LegalCopyright: © Microsoft Corporation. All rights reserved.
60. ProductVersion: 6.1.7600.16385
61. FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
62.
63. =========================
64.
65.
66.
67. ====== Entrée(s) du registre ======
68.
69.
70. [HKLM\Software\Microsoft\Windows\CurrentVersion\Diagnostics\Performance\Resolvers]
71. "SystemBinariesList"="win32k.sys:winlogon.exe:EXPLORER.EXE:CSRSS.Exe:dwm.exe:logon.scr:logonui.exe:lsass.exe:lsm.exe:ntkrpamp.exe:ntoskrnl.exe:RUNDLL32.EXE:services.exe:sppsvc.exe:smss.exe:spoolsv.exe:svchost.exe:taskeng.exe:WinInit.exe:WISPTIS.EXE:dllhost.exe:dllhst3g.exe:cscript.exe:mmc.exe:msiexec.exe:upnpcont.exe:wscript.exe:WUDFHost.exe:dfsvc.exe:dfsvc.exe:fdbs.exe:ntfsbs.exe:memdiag.exe:NETFXSBS10.exe:applaunch.exe:aspnet_compiler.exe:aspnet_regbrowsers.exe:aspnet_regiis.exe:aspnet_regsql.exe:aspnet_state.exe:aspnet_wp.exe:caspol.exe:csc.exe:CVTRES.EXE:dfsvc.exe:dw20.exe:IEExec.exe:ilasm.exe:InstallUtil.exe:jsc.exe:MSBuild.exe:mscorsvw.exe:ngen.exe:RegAsm.exe::RegSvcs.exe:vbc.exe:TrustedInstaller.exe:Aurora.scr:AutoChk.Exe:AUTOFMT.EXE:CHKDSK.EXE:CHKNTFS.EXE:consent.exe:PnPUnattend.exe:PnPutil.exe:RacAgent.exe:fsquirt.exe:Uninst.exe:updateWmc.exe:wmdc.exe:wmdsync.exe:mofcomp.exe:ScrCons.exe:smi2smir.exe:unsecapp.exe:wbemtest.exe:winmgmt.exe:wmic.exe:bfsvc.exe:Twunk_16.exe:Twunk_32.exe:wuauclt.exe:wsqmcons.exe:sapisvr.exe:WinSAT.exe:p2phost.exe:SearchProtocolHost.exe:WerFault.exe:drvinst.exe:ehshell.exe:UI0Detect.exe:ehtray.exe:HelpPane.exe:mrt.exe:SearchFilterHost.exe:mobsync.exe:Narrator.exe:SLUI.exe:taskmgr.exe:PresentationSettings.exe:vds.exe:sdclt.exe:irftp.exe:DFDWiz.exe:SndVol.exe:makecab.exe:msfeedssync.exe:unregmp2.exe:DeviceProperties.exe:rstrui.exe:MdRes.exe:netsh.exe:printui.exe:mcupdate.exe:4mmdat.sys:61883.sys:ACPI.sys:amdk7.sys:amdk8.sys:ASYNCMAC.SYS:atapi.sys:AVC.SYS:cdfs.sys:cdrom.sys:circlass.sys:cmbatt.sys:crusoe.sys:CSC.Sys:dc21x4vm.sys:disk.sys:dot4.sys:dot4usb.sys:drmkaud.sys:ecache.sys:fdc.sys:floppy.sys:hdaudbus.sys:HDAudio.sys:HIDBTH.SYS:HIDIR.SYS:i8042prt.sys:intelppm.sys:irenum.SYS:IRSIR.SYS:kbdclass.sys:kbdhid.sys:LOOP.SYS:mf.sys:monitor.sys:mouclass.sys:mouhid.sys:msisadrv.sys:msiscsi.sys:NDISWAN.SYS:nsiproxy.sys:ohci1394.sys:pci.sys:pciide.sys:powerfil.sys:processr.sys:rasl2tp.sys:raspppoe.sys:RASPPTP.SYS:RDPCDD.SYS:rfcomm.sys:sbp2port.sys:sdbus.sys:serenum.sys:serial.sys:sermouse.sys:sffdisk.sys:sffp_mmc.sys:smbios.sys:swenum.sys:tdx.sys:termdd.sys:tpm.sys:tunmp.sys:tunnel.sys:umbus.sys:update.sys:usb8023.sys:USBAudio.sys:USBCCGP.SYS:usbcir.sys:USBEHCI.sys:usbhub.sys:USBOHCI.sys:usbprint.sys:USBUHCI.sys:viac7.sys:wacompen.sys:wceusbsh.sys:winusb.sys:ws2ifsl.sys:xnacc.sys" (REG_EXPAND_SZ)
72.
73. [HKLM\Software\Microsoft\Windows\CurrentVersion\Setup\PnpLockdownFiles]
74. "%SystemPath%\system32\DRIVERS\atapi.sys"="1" (REG_DWORD)
75.
76. [HKLM\System\ControlSet001\services\atapi]
77. "ImagePath"="system32\DRIVERS\atapi.sys" (REG_EXPAND_SZ)
78.
79. [HKLM\System\ControlSet002\services\atapi]
80. "ImagePath"="system32\DRIVERS\atapi.sys" (REG_EXPAND_SZ)
81.
82. [HKLM\System\CurrentControlSet\services\atapi]
83. "ImagePath"="system32\DRIVERS\atapi.sys" (REG_EXPAND_SZ)
84.
85. =========================
86.
87. Fin à: 12:34:17 le 02/03/2011
88. 399894 Éléments analysés
89.
90. =========================
91. E.O.F
Utilisateur anonyme
2 mars 2011 à 12:51
2 mars 2011 à 12:51
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
2 mars 2011 à 12:52
2 mars 2011 à 12:52
lasource37
Messages postés
225
Date d'inscription
lundi 21 décembre 2009
Statut
Membre
Dernière intervention
19 mai 2015
Modifié par lasource37 le 2/03/2011 à 12:53
Modifié par lasource37 le 2/03/2011 à 12:53
je ne comprend pas? je dois faire quoi?
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
2 mars 2011 à 12:53
2 mars 2011 à 12:53
on cause entre nous pour tenter de trouver un angle d'attaque
lasource37
Messages postés
225
Date d'inscription
lundi 21 décembre 2009
Statut
Membre
Dernière intervention
19 mai 2015
2 mars 2011 à 12:54
2 mars 2011 à 12:54
ah d'accord je reste connecté dite moi quand c'est pour moi merci ^^
Utilisateur anonyme
2 mars 2011 à 12:57
2 mars 2011 à 12:57
regarde sanitycheck :
https://www.resplendence.com/downloads
https://www.resplendence.com/downloads
moment de grace
Messages postés
29042
Date d'inscription
samedi 6 décembre 2008
Statut
Contributeur sécurité
Dernière intervention
18 juillet 2013
2 274
2 mars 2011 à 12:59
2 mars 2011 à 12:59
lasource37
Messages postés
225
Date d'inscription
lundi 21 décembre 2009
Statut
Membre
Dernière intervention
19 mai 2015
Modifié par lasource37 le 2/03/2011 à 13:00
Modifié par lasource37 le 2/03/2011 à 13:00
Sa va prendre un peut de temps sa fait presque 100mo, 24mn de dl