Virus depuis plus d'une semaine
Fermé
sarah8786
Messages postés
17
Date d'inscription
mardi 14 juin 2011
Statut
Membre
Dernière intervention
14 juin 2011
-
14 juin 2011 à 11:26
Utilisateur anonyme - 25 juil. 2011 à 12:27
Utilisateur anonyme - 25 juil. 2011 à 12:27
Bonjour,
Avast me detecte un virus depuis plus d'une semaine, j'aimerais savoir si vous pouviez m'aider pour l'éliminer.Voici ce qui m'est indiqué: fichier infecté: MBR:\\.\PHYSICALDRIVE0 menace: rootkit: hidden boot.sector.
Ayant dejà eu un virus il y a quelques années, j'ai fait des manip à l'aide des personnes de ce forum donc j'ai sur mon pc hijackthis si ça peut être utile.
Merci par avance,
cordialement,
Sarah
Avast me detecte un virus depuis plus d'une semaine, j'aimerais savoir si vous pouviez m'aider pour l'éliminer.Voici ce qui m'est indiqué: fichier infecté: MBR:\\.\PHYSICALDRIVE0 menace: rootkit: hidden boot.sector.
Ayant dejà eu un virus il y a quelques années, j'ai fait des manip à l'aide des personnes de ce forum donc j'ai sur mon pc hijackthis si ça peut être utile.
Merci par avance,
cordialement,
Sarah
A voir également:
- Virus depuis plus d'une semaine
- Virus mcafee - Accueil - Piratage
- Youtu.be virus - Accueil - Guide virus
- Virus facebook demande d'amis - Accueil - Facebook
- Faux message virus iphone ✓ - Forum Virus
- Faux message virus ordinateur - Accueil - Arnaque
57 réponses
Ben malheureusement j'ai cliqué sur la croix au bout d'une demi-heure et cela ne ferme même pas la page. Mon ordi ne reflechissait même pas. Je refais une tentative en mode sans echec?
Utilisateur anonyme
20 juin 2011 à 16:58
20 juin 2011 à 16:58
▶ Télécharge : Gmer (by Przemyslaw Gmerek) et enregistre-le sur ton bureau
Desactive toutes tes protections le temps du scan de gMer
Pour XP => double clique sur gmer.exe
Pour Vista et 7 => clique droit "executer en tant que...."
▶ clique sur l'onglet rootkit,lances le scan,des lignes rouges vont apparaitre.
▶ Les lignes rouges indiquent la presence d'un rootkit.Postes moi le rapport gmer (cliques sur copy,puis vas dans demarrer ,puis ouvres le bloc note,vas dans edition et cliques sur coller,le rapport gmer va apparaitre,postes moi le)
Desactive toutes tes protections le temps du scan de gMer
Pour XP => double clique sur gmer.exe
Pour Vista et 7 => clique droit "executer en tant que...."
▶ clique sur l'onglet rootkit,lances le scan,des lignes rouges vont apparaitre.
▶ Les lignes rouges indiquent la presence d'un rootkit.Postes moi le rapport gmer (cliques sur copy,puis vas dans demarrer ,puis ouvres le bloc note,vas dans edition et cliques sur coller,le rapport gmer va apparaitre,postes moi le)
voici le rapport gmr:
GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-20 17:55:36
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 TOSHIBA_MK6034GAX rev.AC101A
Running: gmer[1].exe; Driver: C:\DOCUME~1\VINCEN~1\LOCALS~1\Temp\fgdcapog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0xA9C2C202]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xA9C92CB2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwClose [0xA9C506C1]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0xA9C2E81C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0xA9C2E874]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0xA9C2E98A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateKey [0xA9C50075]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0xA9C2E772]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0xA9C2E8C4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0xA9C2E7C6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0xA9C2E938]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0xA9C2C226]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteKey [0xA9C50D87]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteValueKey [0xA9C5103D]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0xA9C2EC0E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xA9C50BF2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xA9C50A5D]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xA9C92D62]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0xA9C2BFF0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0xA9C2C24A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0xA9C2ED82]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0xA9C2CCDA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0xA9C2E84C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0xA9C2E89C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0xA9C2E9B4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenKey [0xA9C503D1]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0xA9C2E79E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0xA9C2EA46]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0xA9C2E904]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0xA9C2E7F4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0xA9C2EB2A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0xA9C2E962]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xA9C92DFA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryKey [0xA9C508D8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0xA9C2CBA0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryValueKey [0xA9C5072A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xA9C9BE48]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwRestoreKey [0xA9C4F6E8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0xA9C2C26E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0xA9C2C292]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0xA9C2C04A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0xA9C2C186]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetValueKey [0xA9C50E8E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0xA9C2C162]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0xA9C2C1AA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0xA9C2C2B6]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA9CA8902]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 2410 80501C48 8 Bytes [1C, E8, C2, A9, 74, E8, C2, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 241C 80501C54 4 Bytes [8A, E9, C2, A9]
.text ntkrnlpa.exe!ZwCallbackReturn + 244C 80501C84 8 Bytes [C4, E8, C2, A9, C6, E7, C2, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 245C 80501C94 4 Bytes [38, E9, C2, A9]
.text ntkrnlpa.exe!ZwCallbackReturn + 254C 80501D84 8 Bytes [4C, E8, C2, A9, 9C, E8, C2, ...]
.text ...
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 5EC 8059B8EC 4 Bytes CALL A9C2D335 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805B1DB4 5 Bytes JMP A9CA42BE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805B8C2C 5 Bytes JMP A9CA5D5C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805C74CC 7 Bytes JMP A9CA8906 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text win32k.sys!EngFreeUserMem + 674 BF809922 5 Bytes JMP A9C2FCCE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSurface + 45 BF813911 5 Bytes JMP A9C2FBDA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngSetLastError + 783B BF824157 5 Bytes JMP A9C2EF60 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + F9C BF828CE9 5 Bytes JMP A9C2FE38 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnmapFontFileFD + 2C50 BF8316DA 5 Bytes JMP A9C30040 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnmapFontFileFD + B8F2 BF83A37C 5 Bytes JMP A9C2FB4A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCopyBits + 5F35 BF857E69 5 Bytes JMP A9C2EFD0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 348C BF866FF4 5 Bytes JMP A9C2F1AC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 3517 BF86707F 5 Bytes JMP A9C2F352 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 3F47 BF867AAF 5 Bytes JMP A9C2EE84 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + AAFC BF86E664 5 Bytes JMP A9C2FC04 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnicodeToMultiByteN + 2ED7 BF871F85 5 Bytes JMP A9C2FF9E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetCurrentCodePage + 411E BF88C9D8 5 Bytes JMP A9C2F32A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngTextOut + 4149 BF8B0CBE 5 Bytes JMP A9C2EE9C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreatePalette + 2DBF BF8C26A3 5 Bytes JMP A9C2FD80 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBltROP + 450 BF8C3048 5 Bytes JMP A9C2F06A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 1517 BF8CB4AA 5 Bytes JMP A9C2F0DA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 1797 BF8CB72A 5 Bytes JMP A9C2F114 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSemaphore + 3B3E BF8ED1B7 5 Bytes JMP A9C2EDB8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 19B2 BF913F1F 5 Bytes JMP A9C2EF1C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 2586 BF914AF3 5 Bytes JMP A9C2F034 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 4EE5 BF917452 5 Bytes JMP A9C2F46C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPlgBlt + 1924 BF945FB0 5 Bytes JMP A9C2FEF6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
? C:\DOCUME~1\VINCEN~1\LOCALS~1\Temp\fgdcapoc.sys Le fichier spécifié est introuvable. !
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\igfxext.exe[116] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\igfxext.exe[116] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[240] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[240] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[240] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Messenger\msmsgs.exe[448] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Messenger\msmsgs.exe[448] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\igfxsrvc.exe[544] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\igfxsrvc.exe[544] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[572] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[572] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Acer\Empowering Technology\admServ.exe[628] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Acer\Empowering Technology\admServ.exe[628] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe[660] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe[660] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\smss.exe[748] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[820] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[820] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[844] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[844] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[888] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[888] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[900] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[900] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE[904] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE[904] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe[1020] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe[1020] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1084] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1084] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe[1104] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe[1104] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[1152] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[1152] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1156] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1156] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Java\jre6\bin\jqs.exe[1228] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Java\jre6\bin\jqs.exe[1228] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1300] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1300] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe[1324] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe[1324] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[1348] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[1348] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1400] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1400] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[1416] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[1416] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1492] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1492] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[1548] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[1548] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1568] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1568] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1664] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1664] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[1840] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[1840] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[1896] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[1896] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1936] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1936] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2100] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2100] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[2156] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[2156] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[2192] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[2192] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe[2252] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe[2252] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe[2328] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe[2328] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2388] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2388] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2616] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2616] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2720] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2720] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[2792] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[2792] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wscntfy.exe[2948] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\wscntfy.exe[2948] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[3144] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[3144] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3156] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3156] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\PCMService.exe[3180] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\PCMService.exe[3180] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe[3228] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe[3228] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\acer\Empowering Technology\ePower\epm-dm.exe[3252] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\acer\Empowering Technology\ePower\epm-dm.exe[3252] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Documents and Settings\Vincent Sarah\Local Settings\Temporary Internet Files\Content.IE5\DOJYVTQA\gmer[1].exe[3276] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Documents and Settings\Vincent Sarah\Local Settings\Temporary Internet Files\Content.IE5\DOJYVTQA\gmer[1].exe[3276] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE[3300] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE[3300] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D854C5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40E59A91 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 40E4D0CD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5DB04 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 40DC466E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F55329 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F5525B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F552C6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F5512C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F5518E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F5538C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F551F0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] ole32.dll!CoCreateInstance 774BF1AC 5 Bytes JMP 40E5DB60 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] ole32.dll!OleLoadFromStream 774E981B 5 Bytes JMP 40F55691 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Acer\Empowering Technology\admtray.exe[3352] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Acer\Empowering Technology\admtray.exe[3352] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[3408] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[3408] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\RTHDCPL.EXE[3440] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\RTHDCPL.EXE[3440] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Acer\Empowering Technology\eRecovery\Monitor.exe[3444] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Acer\Empowering Technology\eRecovery\Monitor.exe[3444] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe[3524] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe[3524] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe[3744] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe[3744] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D854C5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5DB04 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F55329 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F5525B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F552C6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F5512C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F5518E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F5538C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F551F0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\BboxUpdate\BTLiveUpdate.exe[3864] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\BboxUpdate\BTLiveUpdate.exe[3864] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE[3944] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE[3944] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[3960] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[3960] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] kernel32.dll!CreateProcessW 7C802336 5 Bytes CALL 036816B0 C:\WINDOWS\system32\APISlice.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] kernel32.dll!CreateProcessA 7C80236B 5 Bytes CALL 036816B0 C:\WINDOWS\system32\APISlice.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] SHELL32.dll!DragQueryFileW 7CA282C6 5 Bytes CALL 036816B0 C:\WINDOWS\system32\APISlice.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] SHELL32.dll!DragQueryFile 7CA87CAE 5 Bytes CALL 036816B0 C:\WINDOWS\system32\APISlice.dll
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\services.exe[888] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00390002
IAT C:\WINDOWS\system32\services.exe[888] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00390000
IAT C:\Program Files\Internet Explorer\iexplore.exe[3332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [009D1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \Driver\Cdrom \Device\CdRom0 OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Fastfat \Fat OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-20 17:55:36
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 TOSHIBA_MK6034GAX rev.AC101A
Running: gmer[1].exe; Driver: C:\DOCUME~1\VINCEN~1\LOCALS~1\Temp\fgdcapog.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0xA9C2C202]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xA9C92CB2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwClose [0xA9C506C1]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0xA9C2E81C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0xA9C2E874]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0xA9C2E98A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateKey [0xA9C50075]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0xA9C2E772]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0xA9C2E8C4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0xA9C2E7C6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0xA9C2E938]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0xA9C2C226]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteKey [0xA9C50D87]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteValueKey [0xA9C5103D]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0xA9C2EC0E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xA9C50BF2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xA9C50A5D]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xA9C92D62]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0xA9C2BFF0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0xA9C2C24A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0xA9C2ED82]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0xA9C2CCDA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0xA9C2E84C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0xA9C2E89C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0xA9C2E9B4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenKey [0xA9C503D1]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0xA9C2E79E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0xA9C2EA46]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0xA9C2E904]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0xA9C2E7F4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0xA9C2EB2A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0xA9C2E962]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xA9C92DFA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryKey [0xA9C508D8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0xA9C2CBA0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryValueKey [0xA9C5072A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xA9C9BE48]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwRestoreKey [0xA9C4F6E8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0xA9C2C26E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0xA9C2C292]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0xA9C2C04A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0xA9C2C186]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetValueKey [0xA9C50E8E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0xA9C2C162]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0xA9C2C1AA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0xA9C2C2B6]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA9CA8902]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwCallbackReturn + 2410 80501C48 8 Bytes [1C, E8, C2, A9, 74, E8, C2, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 241C 80501C54 4 Bytes [8A, E9, C2, A9]
.text ntkrnlpa.exe!ZwCallbackReturn + 244C 80501C84 8 Bytes [C4, E8, C2, A9, C6, E7, C2, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 245C 80501C94 4 Bytes [38, E9, C2, A9]
.text ntkrnlpa.exe!ZwCallbackReturn + 254C 80501D84 8 Bytes [4C, E8, C2, A9, 9C, E8, C2, ...]
.text ...
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 5EC 8059B8EC 4 Bytes CALL A9C2D335 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805B1DB4 5 Bytes JMP A9CA42BE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805B8C2C 5 Bytes JMP A9CA5D5C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805C74CC 7 Bytes JMP A9CA8906 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.text win32k.sys!EngFreeUserMem + 674 BF809922 5 Bytes JMP A9C2FCCE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSurface + 45 BF813911 5 Bytes JMP A9C2FBDA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngSetLastError + 783B BF824157 5 Bytes JMP A9C2EF60 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateBitmap + F9C BF828CE9 5 Bytes JMP A9C2FE38 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnmapFontFileFD + 2C50 BF8316DA 5 Bytes JMP A9C30040 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnmapFontFileFD + B8F2 BF83A37C 5 Bytes JMP A9C2FB4A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCopyBits + 5F35 BF857E69 5 Bytes JMP A9C2EFD0 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 348C BF866FF4 5 Bytes JMP A9C2F1AC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 3517 BF86707F 5 Bytes JMP A9C2F352 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + 3F47 BF867AAF 5 Bytes JMP A9C2EE84 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!XLATEOBJ_iXlate + AAFC BF86E664 5 Bytes JMP A9C2FC04 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngUnicodeToMultiByteN + 2ED7 BF871F85 5 Bytes JMP A9C2FF9E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngGetCurrentCodePage + 411E BF88C9D8 5 Bytes JMP A9C2F32A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngTextOut + 4149 BF8B0CBE 5 Bytes JMP A9C2EE9C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreatePalette + 2DBF BF8C26A3 5 Bytes JMP A9C2FD80 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngStretchBltROP + 450 BF8C3048 5 Bytes JMP A9C2F06A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 1517 BF8CB4AA 5 Bytes JMP A9C2F0DA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngFillPath + 1797 BF8CB72A 5 Bytes JMP A9C2F114 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngDeleteSemaphore + 3B3E BF8ED1B7 5 Bytes JMP A9C2EDB8 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 19B2 BF913F1F 5 Bytes JMP A9C2EF1C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 2586 BF914AF3 5 Bytes JMP A9C2F034 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngCreateClip + 4EE5 BF917452 5 Bytes JMP A9C2F46C \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
.text win32k.sys!EngPlgBlt + 1924 BF945FB0 5 Bytes JMP A9C2FEF6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software)
? C:\DOCUME~1\VINCEN~1\LOCALS~1\Temp\fgdcapoc.sys Le fichier spécifié est introuvable. !
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\igfxext.exe[116] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\igfxext.exe[116] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[240] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[240] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP }
.text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[240] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Messenger\msmsgs.exe[448] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Messenger\msmsgs.exe[448] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\igfxsrvc.exe[544] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\igfxsrvc.exe[544] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[572] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[572] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Acer\Empowering Technology\admServ.exe[628] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Acer\Empowering Technology\admServ.exe[628] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe[660] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe[660] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\smss.exe[748] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[820] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\csrss.exe[820] KERNEL32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[844] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\winlogon.exe[844] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[888] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\services.exe[888] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[900] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\lsass.exe[900] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE[904] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE[904] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe[1020] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe[1020] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1068] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1068] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1084] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1084] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe[1104] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe[1104] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[1152] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[1152] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1156] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1156] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Java\jre6\bin\jqs.exe[1228] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Java\jre6\bin\jqs.exe[1228] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1300] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\System32\svchost.exe[1300] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe[1324] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe[1324] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[1348] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[1348] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1400] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1400] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[1416] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[1416] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1492] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\EvtEng.exe[1492] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[1548] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\spoolsv.exe[1548] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1568] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1568] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1664] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe[1664] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1772] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1772] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[1840] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\Explorer.EXE[1840] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[1896] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[1896] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1936] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[1936] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2100] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[2100] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[2156] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\svchost.exe[2156] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[2192] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[2192] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe[2252] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe[2252] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe[2328] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe[2328] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2388] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiapsrv.exe[2388] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2616] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\wbem\wmiprvse.exe[2616] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2720] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\OpenOffice.org 3\program\soffice.exe[2720] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[2792] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\System32\alg.exe[2792] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\wscntfy.exe[2948] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\wscntfy.exe[2948] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[3144] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPLpr.exe[3144] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3156] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3156] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\PCMService.exe[3180] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Acer\Acer Arcade\PCMService.exe[3180] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe[3228] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe[3228] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\acer\Empowering Technology\ePower\epm-dm.exe[3252] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\acer\Empowering Technology\ePower\epm-dm.exe[3252] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Documents and Settings\Vincent Sarah\Local Settings\Temporary Internet Files\Content.IE5\DOJYVTQA\gmer[1].exe[3276] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Documents and Settings\Vincent Sarah\Local Settings\Temporary Internet Files\Content.IE5\DOJYVTQA\gmer[1].exe[3276] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE[3300] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE[3300] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D854C5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!SetWindowsHookExW 7E3A820F 5 Bytes JMP 40E59A91 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!CallNextHookEx 7E3AB3C6 5 Bytes JMP 40E4D0CD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5DB04 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!UnhookWindowsHookEx 7E3AD5F3 5 Bytes JMP 40DC466E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F55329 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F5525B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F552C6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F5512C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F5518E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F5538C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F551F0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] ole32.dll!CoCreateInstance 774BF1AC 5 Bytes JMP 40E5DB60 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3332] ole32.dll!OleLoadFromStream 774E981B 5 Bytes JMP 40F55691 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Acer\Empowering Technology\admtray.exe[3352] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Acer\Empowering Technology\admtray.exe[3352] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[3408] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[3408] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\RTHDCPL.EXE[3440] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\RTHDCPL.EXE[3440] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Acer\Empowering Technology\eRecovery\Monitor.exe[3444] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Acer\Empowering Technology\eRecovery\Monitor.exe[3444] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe[3524] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe[3524] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe[3744] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe[3744] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxParamW 7E3A47AB 5 Bytes JMP 40D854C5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!CreateWindowExW 7E3AD0A3 5 Bytes JMP 40E5DB04 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxIndirectParamW 7E3B2072 5 Bytes JMP 40F55329 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxIndirectA 7E3BA082 5 Bytes JMP 40F5525B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxParamA 7E3BB144 5 Bytes JMP 40F552C6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxExW 7E3D0838 5 Bytes JMP 40F5512C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxExA 7E3D085C 5 Bytes JMP 40F5518E C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!DialogBoxIndirectParamA 7E3D6D7D 5 Bytes JMP 40F5538C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3752] USER32.dll!MessageBoxIndirectW 7E3E64D5 5 Bytes JMP 40F551F0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\BboxUpdate\BTLiveUpdate.exe[3864] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\BboxUpdate\BTLiveUpdate.exe[3864] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE[3944] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE[3944] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[3960] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\WINDOWS\system32\ctfmon.exe[3960] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] ntdll.dll!RtlDosSearchPath_U + 186 7C926865 1 Byte [62]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] kernel32.dll!CreateProcessW 7C802336 5 Bytes CALL 036816B0 C:\WINDOWS\system32\APISlice.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] kernel32.dll!CreateProcessA 7C80236B 5 Bytes CALL 036816B0 C:\WINDOWS\system32\APISlice.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] kernel32.dll!GetBinaryTypeW + 80 7C868D8C 1 Byte [62]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] SHELL32.dll!DragQueryFileW 7CA282C6 5 Bytes CALL 036816B0 C:\WINDOWS\system32\APISlice.dll
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4004] SHELL32.dll!DragQueryFile 7CA87CAE 5 Bytes CALL 036816B0 C:\WINDOWS\system32\APISlice.dll
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\WINDOWS\system32\services.exe[888] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00390002
IAT C:\WINDOWS\system32\services.exe[888] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00390000
IAT C:\Program Files\Internet Explorer\iexplore.exe[3332] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [009D1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \Driver\Cdrom \Device\CdRom0 OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)
AttachedDevice \FileSystem\Fastfat \Fat OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
---- EOF - GMER 1.0.15 ----
Utilisateur anonyme
20 juin 2011 à 18:20
20 juin 2011 à 18:20
telecharge ici : Load_Order
Desactive tes protections
une fenetre va s'ouvrir avec une liste
▶ clique sur copy , yes , et encore yes
à la fin Load.txt se mettra sur ton bureau
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il risque d'être trop long)
clic droit dessus , envoyer vers , dossiers compressés
ensuite :
tu m'envoies l'archive comme ceci :
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
Desactive tes protections
une fenetre va s'ouvrir avec une liste
▶ clique sur copy , yes , et encore yes
à la fin Load.txt se mettra sur ton bureau
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il risque d'être trop long)
clic droit dessus , envoyer vers , dossiers compressés
ensuite :
tu m'envoies l'archive comme ceci :
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour,
http://www.cijoint.fr/cjlink.php?file=cj201106/cijzee08uD.zip
Je sais pas si j'ai fait la manip correctement. J'ai mis le dossier zip en lien.
Autrement, lors du démarage de mon ordi, une page c'est ouverte avec des pourcentage de telechargement avec ecrit plusieurs fois: l'entrée sera tronquée. \combofix\StartMenuFolder.cfx. La première unité d'allocation n'est pas valide.
Voila, merci
http://www.cijoint.fr/cjlink.php?file=cj201106/cijzee08uD.zip
Je sais pas si j'ai fait la manip correctement. J'ai mis le dossier zip en lien.
Autrement, lors du démarage de mon ordi, une page c'est ouverte avec des pourcentage de telechargement avec ecrit plusieurs fois: l'entrée sera tronquée. \combofix\StartMenuFolder.cfx. La première unité d'allocation n'est pas valide.
Voila, merci
Au secours, je me suis mise en mode sans echec, lancé load folder et en voulant rallumr mon ordi en mode normal: windows n'a pas pu démarrer car le fichier suivant est manquant ou endommagé: <racine windows>\system32\ntoskrnl.exe.
!!!!
qu'est ce que je fais !???
!!!!
qu'est ce que je fais !???
Bon ben finalement j'ai cliqué sur entrée et ça m'a demarré en mode normal, voici le lien :
http://www.cijoint.fr/cjlink.php?file=cj201106/cijsxLmzPp.zip
merci
http://www.cijoint.fr/cjlink.php?file=cj201106/cijsxLmzPp.zip
merci
Utilisateur anonyme
23 juin 2011 à 19:56
23 juin 2011 à 19:56
clic droit sur le lien => "enregistrer la cible du lien sous..." => le nom de ton chien (^^) , et sur le bureau
Je sais que tu me trouves nouille donc je vais la jouer jusqu'au bout, combofix est sur mon bureau dejà donc je fais juste renommer????
Bonjour,
ok autant pour moi. Donc maintenant c'est fait.
j'attend les instructions pour la suite si on continue.
merci,
ok autant pour moi. Donc maintenant c'est fait.
j'attend les instructions pour la suite si on continue.
merci,
Utilisateur anonyme
Modifié par g3n-h@ckm@n le 27/06/2011 à 14:27
Modifié par g3n-h@ckm@n le 27/06/2011 à 14:27
si tu as bien lu à la fin il est demandé un rapport
¤¤¤¤¤¤¤¤¤¤_g3n-h@ckm@n_developpement_¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤_Pre_scan_¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤_g3n-h@ckm@n_developpement_¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤_Pre_scan_¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
