Sujet Précédent Sujet Suivant

[Virus] infecté par Trojano-P et Small-APN

Hettar -  
salwa5 Messages postés 7552 Statut Contributeur -
Bonjour !!

Voila, je crois etre infecté par Small-APN ainsi que trojano-p, peut etre meme d'autres...
Merci à ceux qui se pencheront sur mon cas !

Log apres un spybot, un CCleaner et un scan d'Avast!

Logfile of HijackThis v1.99.1
Scan saved at 20:26:49, on 01/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Logiciels\Antivirus-Spyware\Avast!\aswUpdSv.exe
C:\Logiciels\Antivirus-Spyware\Avast!\ashServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\CTHELPER.EXE
C:\LOGICI~1\ANTIVI~1\Avast!\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Logiciels\Gravure\Alcohol 120%\Le Prog\Alcohol 120\StarWind\StarWindService.exe
C:\Logiciels\Antivirus-Spyware\Avast!\ashMaiSv.exe
C:\Logiciels\Antivirus-Spyware\Avast!\ashWebSv.exe
C:\Logiciels\Son\Winamp\Winamp.exe
C:\Logiciels\Antivirus-Spyware\Avast!\ashSimpl.exe
C:\Logiciels\Antivirus-Spyware\Avast!\ashChest.exe
C:\WINDOWS\system32\notepad.exe
C:\Logiciels\Internet\Mozilla Firefox\firefox.exe
C:\Rémy\Fichier d'instalation\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Logiciels\Autres\Adobe Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\LOGICI~1\ANTIVI~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [avast!] C:\LOGICI~1\ANTIVI~1\Avast!\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Logiciels\Autres\Quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P ] C:\WINDOWS\system32\0106.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: TribalWeb.net.lnk = C:\Logiciels\Internet\TribalWeb\tribalweb.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Logiciels\Autres\Adobe Reader\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\LOGICI~1\Autres\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\LOGICI~1\Autres\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E6C0E8F-FAD8-48E9-B4C4-4CDCBB3AC721}: NameServer = 80.10.246.130 80.10.246.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{1E6C0E8F-FAD8-48E9-B4C4-4CDCBB3AC721}: NameServer = 80.10.246.130 80.10.246.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{1E6C0E8F-FAD8-48E9-B4C4-4CDCBB3AC721}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Logiciels\Antivirus-Spyware\Avast!\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Logiciels\Antivirus-Spyware\Avast!\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Logiciels\Antivirus-Spyware\Avast!\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Logiciels\Antivirus-Spyware\Avast!\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Logiciels\Gravure\Alcohol 120%\Le Prog\Alcohol 120\StarWind\StarWindService.exe

J'ai aussi une icone du prog d'Avast! a coté de l'horloge que je n'avais jamais vu auparavant et qui n'est pas "cliquable", en gros, je ne peux faire aucune action a partir de cette icone.
Il dit en infobulle:
Avast! Courrier Electronique [mail.hotmail.com, mb.mx.aol.com, mx1.earthling.com ...]
Les adresses entre [] changent toute les 5 sec environs...

Je suis assez inquiet !

Merci par avance de votre aide !
A voir également:

65 réponses

Précédent
Réponse 41 / 65
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
affiche les fichier cacher comme ceci :

clicker sur demarrer/panneau de configuration/option des dossiers/affichage
Cocher afficher les dossiers cacher
Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Puis fais «Ok» pour valider les changements.
Decocher masquer les extentions dont le type est connues

ensuite va dans demarrer/rechercher et tape:
autosys

a++
0
Réponse 42 / 65
Hettar
 
Toujours rien !

Il est necessaire de redemarer en sans echec ou ca ne changera rien?

Il a peut etre été suprimé par un des progs que tu ma donné plus haut...
Je sais pas ...
0
Réponse 43 / 65
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
aparement le virus est bien caché on va essayé de le trouver avec ce programe

Télécharge gmer : http://www2.gmer.net/gmer.zip
Déconnecte toi d'internet si possible et ferme tous les programmes.
Décompresse le fichier zip et double-clic sur gmer.exe
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clic sur l'onglet "rootkit"
Clic sur Scan
Lorsque le scan est terminé, clic sur "copy"

Ouvre le bloc-note et clic sur le Menu Edition / Coller
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.

a++++
0
Réponse 44 / 65
Hettar
 
Bonjour !!

Le lien que tu as donné ne fonctionne pas.

J'ai trouvé le prog ailleur, j'espere que ca ne pose pas de probleme.
Il s'est bloqué sur un fichier alors je l 'ai arreté (apres plusieur minute sur le meme fichier, celui qui se trouve a la fin du rapport, dans "Registry")
J'en referai un dans l'apres midi si c'est necessaire !
Voila :

GMER 1.0.12.12011 - http://www.gmer.net
Rootkit scan 2007-01-05 12:45:24
Windows 5.1.2600 Service Pack 2

---- System - GMER 1.0.12 ----

SSDT Vax347b.sys ZwClose
SSDT F7A63B3E ZwCreateFile
SSDT Vax347b.sys ZwCreateKey
SSDT Vax347b.sys ZwCreatePagingFile
SSDT F7A645AC ZwEnumerateKey
SSDT F7A64662 ZwEnumerateValueKey
SSDT F7A63A8A ZwOpenFile
SSDT Vax347b.sys ZwOpenKey
SSDT F7A6397E ZwQueryDirectoryFile
SSDT Vax347b.sys ZwQueryKey
SSDT Vax347b.sys ZwQueryValueKey
SSDT Vax347b.sys ZwSetSystemPowerState
SSDT sptd.sys ZwSetValueKey
SSDT F7A64EEE ZwTerminateProcess

---- Devices - GMER 1.0.12 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 86F99EB0
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 86F99EB0
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 86F9AA40
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 86F9AA40
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 86F9AA40
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 86F9AA40
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 86F9AA40
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 86F9AA40
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 86F9AA40
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 86F9AA40
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 86F9AA40
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 86F9AA40
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 86F9AA40
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 86F9AA40
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 86F9AA40
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 86F9AA40
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 86F9AA40
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 86F9AA40
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 86F9AA40
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 86F9AA40
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 86F9AA40
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 86F9AA40
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 86F9AA40
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 86F9AA40
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 86F9AC78
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_NAMED_PIPE 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLOSE 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_READ 86A8CCF8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_WRITE 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_INFORMATION 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_INFORMATION 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_EA 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_EA 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FLUSH_BUFFERS 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_VOLUME_INFORMATION 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_VOLUME_INFORMATION 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DIRECTORY_CONTROL 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_FILE_SYSTEM_CONTROL 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CONTROL 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_INTERNAL_DEVICE_CONTROL 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SHUTDOWN 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_LOCK_CONTROL 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CLEANUP 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_CREATE_MAILSLOT 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_SECURITY 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_SECURITY 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_POWER 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SYSTEM_CONTROL 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_DEVICE_CHANGE 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_QUERY_QUOTA 86AE20E8
Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_SET_QUOTA 86AE20E8
Device \Driver\ntio256 \Device\poofpoof IRP_MJ_CREATE F7A6361E
Device \Driver\ntio256 \Device\poofpoof IRP_MJ_CLOSE F7A6361E
Device \Driver\ntio256 \Device\poofpoof IRP_MJ_DEVICE_CONTROL F7A63528
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA 86AD4F00
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 86AD4F00
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CREATE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_READ 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_WRITE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_FLUSH_BUFFERS 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SHUTDOWN 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_CLEANUP 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_POWER 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_SYSTEM_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume3 IRP_MJ_PNP 86F9AC78
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_NAMED_PIPE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_READ 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_WRITE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FLUSH_BUFFERS 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DIRECTORY_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_FILE_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SHUTDOWN 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_LOCK_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLEANUP 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE_MAILSLOT 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CHANGE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_NAMED_PIPE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_READ 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_WRITE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FLUSH_BUFFERS 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DIRECTORY_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FILE_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SHUTDOWN 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_LOCK_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLEANUP 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_MAILSLOT
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 65
Hettar
 
La suite !

Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CHANGE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_QUERY_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SET_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_NAMED_PIPE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_READ 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_WRITE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FLUSH_BUFFERS 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DIRECTORY_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_FILE_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SHUTDOWN 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_LOCK_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLEANUP 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE_MAILSLOT 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CHANGE 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_QUERY_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SET_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CREATE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CREATE_NAMED_PIPE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CLOSE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_READ 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_WRITE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_QUERY_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SET_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_QUERY_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SET_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_FLUSH_BUFFERS 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_QUERY_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SET_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_DIRECTORY_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_FILE_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SHUTDOWN 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_LOCK_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CLEANUP 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_CREATE_MAILSLOT 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_QUERY_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SET_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_POWER 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_DEVICE_CHANGE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_QUERY_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_SET_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 IRP_MJ_PNP 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_CREATE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_CREATE_NAMED_PIPE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_CLOSE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_READ 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_WRITE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_QUERY_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_SET_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_QUERY_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_SET_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_FLUSH_BUFFERS 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_QUERY_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_SET_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_DIRECTORY_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_FILE_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_INTERNAL_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_SHUTDOWN 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_LOCK_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_CLEANUP 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_CREATE_MAILSLOT 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_QUERY_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_SET_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_POWER 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_DEVICE_CHANGE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_QUERY_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_SET_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c IRP_MJ_PNP 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_CREATE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_CREATE_NAMED_PIPE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_CLOSE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_READ 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_WRITE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_QUERY_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_SET_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_QUERY_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_SET_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_FLUSH_BUFFERS 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_QUERY_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_SET_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_DIRECTORY_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_FILE_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_INTERNAL_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_SHUTDOWN 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_LOCK_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_CLEANUP 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_CREATE_MAILSLOT 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_QUERY_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_SET_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_POWER 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_DEVICE_CHANGE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_QUERY_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_SET_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-18 IRP_MJ_PNP 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_CREATE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_CREATE_NAMED_PIPE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_CLOSE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_READ 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_WRITE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_QUERY_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_SET_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_QUERY_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_SET_EA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_FLUSH_BUFFERS 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_QUERY_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_SET_VOLUME_INFORMATION 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_DIRECTORY_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_FILE_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_INTERNAL_DEVICE_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_SHUTDOWN 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_LOCK_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_CLEANUP 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_CREATE_MAILSLOT 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_QUERY_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_SET_SECURITY 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_POWER 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_SYSTEM_CONTROL 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_DEVICE_CHANGE 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_QUERY_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_SET_QUOTA 86AD5660
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-20 IRP_MJ_PNP 86AD5660
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA 86AD4F00
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 86AD4F00
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_CREATE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_READ 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_WRITE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_FLUSH_BUFFERS 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_SHUTDOWN 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_CLEANUP 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_POWER 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_SYSTEM_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume4 IRP_MJ_PNP 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume5 IRP_MJ_CREATE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume5 IRP_MJ_READ 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume5 IRP_MJ_WRITE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume5 IRP_MJ_FLUSH_BUFFERS 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume5 IRP_MJ_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume5 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume5 IRP_MJ_SHUTDOWN 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume5 IRP_MJ_CLEANUP 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume5 IRP_MJ_POWER 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume5 IRP_MJ_SYSTEM_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume5 IRP_MJ_PNP 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume6 IRP_MJ_CREATE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume6 IRP_MJ_READ 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume6 IRP_MJ_WRITE 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume6 IRP_MJ_FLUSH_BUFFERS 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume6 IRP_MJ_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume6 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume6 IRP_MJ_SHUTDOWN 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume6 IRP_MJ_CLEANUP 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume6 IRP_MJ_POWER 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume6 IRP_MJ_SYSTEM_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\HarddiskVolume6 IRP_MJ_PNP 86F9AC78
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CREATE 86AC00E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLOSE 86AC00E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_DEVICE_CONTROL 86AC00E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_INTERNAL_DEVICE_CONTROL 86AC00E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_CLEANUP 86AC00E8
Device \Driver\NetBT \Device\NetBt_Wins_Export IRP_MJ_PNP 86AC00E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CREATE 86AC00E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLOSE 86AC00E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_DEVICE_CONTROL 86AC00E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_INTERNAL_DEVICE_CONTROL 86AC00E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_CLEANUP 86AC00E8
Device \Driver\NetBT \Device\NetbiosSmb IRP_MJ_PNP 86AC00E8
Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_READ
0
Réponse 46 / 65
Hettar
 
Hem....j'espere ne pas m'etre trompé...

Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CREATE 86F990E8
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_CLOSE 86F990E8
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_READ 86F990E8
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_WRITE 86F990E8
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_FLUSH_BUFFERS 86F990E8
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_DEVICE_CONTROL 86F990E8
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F990E8
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SHUTDOWN 86F990E8
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_POWER 86F990E8
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_SYSTEM_CONTROL 86F990E8
Device \Driver\Disk \Device\Harddisk0\DR0 IRP_MJ_PNP 86F990E8
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_CREATE 86F990E8
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_CLOSE 86F990E8
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_READ 86F990E8
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_WRITE 86F990E8
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_FLUSH_BUFFERS 86F990E8
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_DEVICE_CONTROL 86F990E8
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F990E8
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_SHUTDOWN 86F990E8
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_POWER 86F990E8
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_SYSTEM_CONTROL 86F990E8
Device \Driver\Disk \Device\Harddisk1\DR1 IRP_MJ_PNP 86F990E8
Device \Driver\Disk \Device\Harddisk2\DR2 IRP_MJ_CREATE 86F990E8
Device \Driver\Disk \Device\Harddisk2\DR2 IRP_MJ_CLOSE 86F990E8
Device \Driver\Disk \Device\Harddisk2\DR2 IRP_MJ_READ 86F990E8
Device \Driver\Disk \Device\Harddisk2\DR2 IRP_MJ_WRITE 86F990E8
Device \Driver\Disk \Device\Harddisk2\DR2 IRP_MJ_FLUSH_BUFFERS 86F990E8
Device \Driver\Disk \Device\Harddisk2\DR2 IRP_MJ_DEVICE_CONTROL 86F990E8
Device \Driver\Disk \Device\Harddisk2\DR2 IRP_MJ_INTERNAL_DEVICE_CONTROL 86F990E8
Device \Driver\Disk \Device\Harddisk2\DR2 IRP_MJ_SHUTDOWN 86F990E8
Device \Driver\Disk \Device\Harddisk2\DR2 IRP_MJ_POWER 86F990E8
Device \Driver\Disk \Device\Harddisk2\DR2 IRP_MJ_SYSTEM_CONTROL 86F990E8
Device \Driver\Disk \Device\Harddisk2\DR2 IRP_MJ_PNP 86F990E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_NAMED_PIPE 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLOSE 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ 86BE3030
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_WRITE 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_INFORMATION 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_INFORMATION 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_EA 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_EA 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FLUSH_BUFFERS 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_VOLUME_INFORMATION 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_VOLUME_INFORMATION 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DIRECTORY_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_FILE_SYSTEM_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_INTERNAL_DEVICE_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SHUTDOWN 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_LOCK_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CLEANUP 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_CREATE_MAILSLOT 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_SECURITY 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_SECURITY 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_POWER 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SYSTEM_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_DEVICE_CHANGE 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_QUERY_QUOTA 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_SET_QUOTA 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_PNP 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_NAMED_PIPE 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLOSE 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ 86BE3030
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_WRITE 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_INFORMATION 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_INFORMATION 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_EA 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_EA 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FLUSH_BUFFERS 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_VOLUME_INFORMATION 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_VOLUME_INFORMATION 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DIRECTORY_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_FILE_SYSTEM_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_INTERNAL_DEVICE_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SHUTDOWN 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_LOCK_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CLEANUP 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_CREATE_MAILSLOT 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_SECURITY 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_SECURITY 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_POWER 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SYSTEM_CONTROL 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_DEVICE_CHANGE 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_QUERY_QUOTA 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_SET_QUOTA 85900EB0
Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_PNP 85900EB0
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CREATE 86F9AC78
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_READ 86F9AC78
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_WRITE 86F9AC78
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_FLUSH_BUFFERS 86F9AC78
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_INTERNAL_DEVICE_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SHUTDOWN 86F9AC78
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_CLEANUP 86F9AC78
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_POWER 86F9AC78
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_SYSTEM_CONTROL 86F9AC78
Device \Driver\Ftdisk \Device\FtControl IRP_MJ_PNP 86F9AC78
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CREATE_NAMED_PIPE 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLOSE 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_READ 86BD81B0
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_WRITE 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_INFORMATION 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_INFORMATION 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_FLUSH_BUFFERS 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_VOLUME_INFORMATION 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_DIRECTORY_CONTROL 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_FILE_SYSTEM_CONTROL 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_CLEANUP 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_QUERY_SECURITY 86BE0BA8
Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_SET_SECURITY 86BE0BA8
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE 85901B10
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CLOSE 85901B10
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_READ 86BE0410
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_WRITE 85901B10
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_INFORMATION 85901B10
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_SET_INFORMATION 85901B10
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_VOLUME_INFORMATION 85901B10
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_DIRECTORY_CONTROL 85901B10
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_FILE_SYSTEM_CONTROL 85901B10
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CLEANUP 85901B10
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_CREATE_MAILSLOT 85901B10
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_QUERY_SECURITY 85901B10
Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_SET_SECURITY 85901B10
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_CREATE 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_CREATE_NAMED_PIPE 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_CLOSE 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_READ 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_WRITE 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_QUERY_INFORMATION 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_SET_INFORMATION 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_QUERY_EA 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_SET_EA 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_FLUSH_BUFFERS 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_QUERY_VOLUME_INFORMATION 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_SET_VOLUME_INFORMATION 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_DIRECTORY_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_FILE_SYSTEM_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_DEVICE_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_INTERNAL_DEVICE_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_SHUTDOWN 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_LOCK_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_CLEANUP 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_CREATE_MAILSLOT 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_QUERY_SECURITY 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_SET_SECURITY 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_POWER 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_SYSTEM_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_DEVICE_CHANGE 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_QUERY_QUOTA 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_SET_QUOTA 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1 IRP_MJ_PNP 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_CREATE 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_CREATE_NAMED_PIPE 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_CLOSE 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_READ 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_WRITE 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_QUERY_INFORMATION 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_SET_INFORMATION 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_QUERY_EA 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_SET_EA 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_FLUSH_BUFFERS 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_QUERY_VOLUME_INFORMATION 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_SET_VOLUME_INFORMATION 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_DIRECTORY_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_FILE_SYSTEM_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_INTERNAL_DEVICE_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_SHUTDOWN 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_LOCK_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_CLEANUP 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_CREATE_MAILSLOT 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_QUERY_SECURITY 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_SET_SECURITY 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_POWER 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_SYSTEM_CONTROL 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_DEVICE_CHANGE 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_QUERY_QUOTA 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_SET_QUOTA 86C260C8
Device \Driver\Vax347s \Device\Scsi\Vax347s1Port2Path0Target0Lun0 IRP_MJ_PNP 86C260C8
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer IRP_MJ_READ 86BD7578
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer IRP_MJ_READ 86BD7578
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer IRP_MJ_READ 86BD7578
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer IRP_MJ_READ 86BD7578
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer IRP_MJ_READ 86BD7578
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CREATE 86AC2330
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLOSE 86AC2330
Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ 86CDDB48
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_INFORMATION 86AC2330
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SET_INFORMATION 86AC2330
Device \FileSystem\Cdfs \Cdfs IRP_MJ_QUERY_VOLUME_INFORMATION 86AC2330
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DIRECTORY_CONTROL 86AC2330
Device \FileSystem\Cdfs \Cdfs IRP_MJ_FILE_SYSTEM_CONTROL 86AC2330
Device \FileSystem\Cdfs \Cdfs IRP_MJ_DEVICE_CONTROL 86AC2330
Device \FileSystem\Cdfs \Cdfs IRP_MJ_SHUTDOWN 86AC2330
Device \FileSystem\Cdfs \Cdfs IRP_MJ_LOCK_CONTROL 86AC2330
Device \FileSystem\Cdfs \Cdfs IRP_MJ_CLEANUP 86AC2330
Device \FileSystem\Cdfs \Cdfs IRP_MJ_PNP 86AC2330

---- Modules - GMER 1.0.12 ----

Module _________ F74D5000
Module \??\C:\WINDOWS\system32\ntio256.sys (*** hidden *** ) F7A63000

---- Processes - GMER 1.0.12 ----

Process C:\WINDOWS\system32\protector.exe (*** hidden *** ) 412
Library C:\WINDOWS\system32\protector.exe (*** hidden *** ) @ C:\WINDOWS\system32\protector.exe [412] 0x00400000

---- Services - GMER 1.0.12 ----

Service C:\WINDOWS\system32\ntio256.sys (*** hidden *** ) [AUTO] ntio256 <-- ROOTKIT !!!

---- Registry - GMER 1.0.12 ----

Reg \Registry\MACHINE\SOFTWARE\Classes\Installer\Assemblies\C:|WINDOWS|Microsoft.NET|Framework|v1.1.4322|Microsoft.Vsa.Vb.CodeDOMProcessor.dll@Microsoft.Vsa.Vb.CodeDOMProcessor,Version="7.0.5000.0",PublicKeyToken="b03f5f7f11d50a3a",Culture="neutral",FileVersion="7.10.3052.4" %EmAj?C%k9W7cNB_.[t[Redist_Package>Cd2HfPvUY9]I?,mmJG!9?

---- EOF - GMER 1.0.12 ----
0
Réponse 47 / 65
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
bonjour :) aparement il a detecté quelque chose

Service C:\WINDOWS\system32\ntio256.sys (*** hidden *** )
[AUTO] ntio256 <-- ROOTKIT

donc redemare en mode sans echec cherche et supprime le fichier en gras

C:\WINDOWS\system32\ntio256.sys

a+++
0
Réponse 48 / 65
Hettar
 
Voila qui est fait !
Je ne vois plus l'icone de protection des courrier electronique d'Avast!.

Sinon, voila un screen de la zone de quarantaine d'Avast! mis a jour hier.

http://img319.imageshack.us/img319/7056/sanstitretw3.jpg

Le fichier pskavs.dll s'est fait detecté comme virus hier quand j'ai fais le scan par Panda !

Comme je peux m'assurer que mon pc est propre? Car apparement tout semble aller plutot bien.
0
Réponse 49 / 65
truth-hurts
 
Bonjour,
je ne sais pas du tout si ça un rapport avec votre discussion car je suis nulle en informatiques!!
Je n'arrive plus a ouvrir mon lecteur windows media player (mise à jour) et une fenêtre de mon anti-virus (VirusScan) s'affiche et me dit qu'il y a un virus se detectant en tant que "bo: stack" et qu'il y a débordement de la mémoire tampon!
Je suis vraiment perdue j'ai scanné mon ordi en entier (2 virus trouvé et éliminé), j'ai utilisé Ad-Aware SE personnal pour les fichiers espions .. mais rien n'y fait j'ai toujours le même message!
Est-ce que quelqu'un qui s'y connaît en informatiques pourrait me dire se qu'il faut que je fasse ???
Merci pour votre aide.. et à bientôt!
0
Réponse 50 / 65
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
Bonjour truth hurt le mieu c'est que tu crée ton propre sujet sinon tout va se melangé commence par telecharger hijackthis et colle le resultat sur ton sujet :

http://www.infos-du-net.com/telecharger/HijackThis.html
demo :
http://pageperso.aol.fr/balltrap34/demohijack.htm

mercii :)

hettar colle un nouveau hijack pour voir si tout est ok:)

a++++
0
truth-hurts
 
Merci c ce ke je vais faire!
j'ai créé un sujet
mais alors, c'est quoi ce virus ?? parce ke j'y comprend rien!!
je télécharge le logiciel et je reviens te donner le rapport. Je ne peux malheureusement pas le faire ici je ne suis pas sur mon ordinateur.. mais merci bcp pr ta réponse!
++
0
Réponse 51 / 65
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
oK garde le meme pseudo pour que je puisse repéré ton sujet

a++++
0
Réponse 52 / 65
Hettar
 
Voila voila !

Logfile of HijackThis v1.99.1
Scan saved at 17:37:44, on 05/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Logiciels\Antivirus-Spyware\Avast!\aswUpdSv.exe
C:\Logiciels\Antivirus-Spyware\Avast!\ashServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Logiciels\Gravure\Alcohol 120%\Le Prog\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\CTHELPER.EXE
C:\LOGICI~1\ANTIVI~1\Avast!\ashDisp.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Logiciels\Antivirus-Spyware\Avast!\ashMaiSv.exe
C:\Logiciels\Antivirus-Spyware\Avast!\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Logiciels\Son\Winamp\Winamp.exe
C:\Logiciels\Internet\Mozilla Firefox\firefox.exe
C:\Rémy\Fichier d'instalation\backups\scan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Logiciels\Autres\Adobe Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\LOGICI~1\ANTIVI~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [avast!] C:\LOGICI~1\ANTIVI~1\Avast!\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Logiciels\Autres\Quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678] C:\Program Files\user32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: TribalWeb.net.lnk = C:\Logiciels\Internet\TribalWeb\tribalweb.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Logiciels\Autres\Adobe Reader\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\LOGICI~1\Autres\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\LOGICI~1\Autres\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E6C0E8F-FAD8-48E9-B4C4-4CDCBB3AC721}: NameServer = 80.10.246.130 80.10.246.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{1E6C0E8F-FAD8-48E9-B4C4-4CDCBB3AC721}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Logiciels\Antivirus-Spyware\Avast!\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Logiciels\Antivirus-Spyware\Avast!\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Logiciels\Antivirus-Spyware\Avast!\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Logiciels\Antivirus-Spyware\Avast!\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Logiciels\Gravure\Alcohol 120%\Le Prog\Alcohol 120\StarWind\StarWindService.exe

Esque tu pourrais me conseiller en antivirus/firewall? Parce que bon, Avast! est bien gentil de bloquer le truc, mais s'il ne peut pas l'enlever...

En tout cas je te remercie pour le temps que tu as pris à me repondre.
Je n'ai plus rien de genant, des fichiers en quarantaine qui vont y rester bien sagement :)

J'attend quand meme ton diagnostic du log !
A bientot :)
0
Réponse 53 / 65
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
bonjour :)

fix cette ligne avec hijack

O4 - HKLM\..\Run: [012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678] C:\Program Files\user32.exe

ensuite cherche et supprime le fichier en gras :

C:\Program Files\user32.exe

concernant avast c'est un bon antivirus :) , si tu peu te procuré la version payante c'est encore mieu :)

tu etait infecté par un rootkit et avast c'est un antivirus donc il peu pas effacé les rootkit .

concernant le parefeu je te conseil kerio :)

Kerio (parefeu)

https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html

tuto

http://www.malekal.com/kerio_firewall.php

je te conseil de faire un dernier scan kaspersky pour voir si ton ordi est propre , en cas d'infection colle le resultat ici :)

a++++
0
Réponse 54 / 65
Hettar
 
Merci bien, je vais faire tout ça !

Tcho !
0
Réponse 55 / 65
truth-hurts
 
Merci à tous je vais demander à mon père de s'occuper activement de ça !! O fet, salwa5, kess k1 "rootkit" ?
LOL je sais ça doit te faire rire.. je n'y connais vraiment rien, de plus ce virus n'infecte que mon l'application de mon lecteur windows, esse ke ca pe être un dormant ???
MERCI vraiment et je vais vous donner de mes nouvelles d'ici peut ..lol!!
0
Réponse 56 / 65
salwa5 Messages postés 7552 Statut Contributeur 1 670
 
bonsoir :) en parlant de rookit je m'adressé a hettar ,

je ne sais pas si ton ordi est infecté par un rootkit , j'ai pas assez d'infos il fauderai que tu fasse plusieur scans , hijackthis / kasperky ... ect le mieu c'est que tu crée ton propre sujet , ca sera plus clair pour tout le monde :)

Qu'est-ce qu'un rootkit ?
Le terme rootkit sert à définir un cheval de Troie (ou une technologie) utilisé pour masquer la présence d'un objet malveillant (processus, fichier, clé de registre, port de réseau) à un utilisateur d'ordinateur ou un administrateur.

pour plus d'info regarde ici :)

http://www.dicodunet.com/annuaire/def-968-rootkit.htm

a++
0
Réponse 57 / 65
afideg Messages postés 10970 Statut Contributeur sécurité 602
 
Salut Salwa,

C'est quoi ces deux trucs en Combo au # 29 ? :

2007-01-03 13:12 <REP> d--hs---- C:\Config.Msi
2006-12-31 19:35 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll

Bonne continuation.
Al.
0
Réponse 58 / 65
salwa5 Messages postés 7552 Statut Contributeur 1 670
  
Salut Salwa, 

C'est quoi ces deux trucs en Combo au # 29 ? : 

2007-01-03 13:12 <REP> d--hs---- C:\Config.Msi 
2006-12-31 19:35 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 

Bonne continuation. 
Al.


bonsoir afideg :) franchement je ne sais pas ce que c'est mais il peu les analysé sur le site http://www.virustotal.com/xhtml/virustotal_en.html

a+++
0
Réponse 59 / 65
Hettar
 
-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Friday, January 05, 2007 8:27:33 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 5/01/2007
Enregistrements dans la base antivirus Kaspersky : 241880
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\

Statistiques de l'analyse:
Total d'objets analysés: 80312
Nombre de virus trouvés: 2
Nombre d'objets infectés: 2 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 01:52:43

Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Application Data\Mozilla\Firefox\Profiles\ohl8hfdb.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Application Data\Mozilla\Firefox\Profiles\ohl8hfdb.default\formhistory.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Application Data\Mozilla\Firefox\Profiles\ohl8hfdb.default\history.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Application Data\Mozilla\Firefox\Profiles\ohl8hfdb.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Application Data\Mozilla\Firefox\Profiles\ohl8hfdb.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Application Data\Mozilla\Firefox\Profiles\ohl8hfdb.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Application Data\Mozilla\Firefox\Profiles\ohl8hfdb.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Application Data\ApplicationHistory\CLI.exe.c88dbd71.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Application Data\Mozilla\Firefox\Profiles\ohl8hfdb.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Application Data\Mozilla\Firefox\Profiles\ohl8hfdb.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Application Data\Mozilla\Firefox\Profiles\ohl8hfdb.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Application Data\Mozilla\Firefox\Profiles\ohl8hfdb.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Historique\History.IE5\MSHist012007010520070106\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Temp\Perflib_Perfdata_194.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Temp\Perflib_Perfdata_6c4.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Temp\wahtmltmp00.htm L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Rémy\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Jeux\Warhammer\Dawn of War - Dark Crusade\warnings.log L'objet est verrouillé ignoré
C:\Logiciels\Antivirus-Spyware\Avast!\DATA\aswResp.dat L'objet est verrouillé ignoré
C:\Logiciels\Antivirus-Spyware\Avast!\DATA\Avast4.db L'objet est verrouillé ignoré
C:\Logiciels\Antivirus-Spyware\Avast!\DATA\integ\avast.int L'objet est verrouillé ignoré
C:\Logiciels\Antivirus-Spyware\Avast!\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
C:\Logiciels\Antivirus-Spyware\Avast!\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
C:\Logiciels\Antivirus-Spyware\Avast!\DATA\log\nshield.log L'objet est verrouillé ignoré
C:\Logiciels\Antivirus-Spyware\Avast!\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
C:\Logiciels\Gravure\Alcohol 120%\Le Prog\Alcohol 120\StarWind\logs\starwind.2007-01-05.13-05-07.log L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{4F1C5C9A-1EC1-4AD7-AEA9-83B031BA651E}\RP247\A0036883.sys Infecté : Rootkit.Win32.Agent.cf ignoré
C:\System Volume Information\_restore{4F1C5C9A-1EC1-4AD7-AEA9-83B031BA651E}\RP247\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd1677.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\protector.exe Infecté : Trojan-Proxy.Win32.Wopla.ac ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_604.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
C:\WINDOWS\{00000000-00000000-00000006-00001102-00000004-20021102}.CDF L'objet est verrouillé ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
F:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
G:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
H:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
I:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

Analyse terminée.

Et voila !
0
Réponse 60 / 65
Hettar
 
Si ca peut te faire gagner du temps il a trouvé 2 p'tites betes :

C:\System Volume Information\_restore{4F1C5C9A-1EC1-4AD7-AEA9-83B031BA651E}\RP247\A0036883.sys Infecté : Rootkit.Win32.Agent.cf ignoré

C:\WINDOWS\system32\protector.exe Infecté : Trojan-Proxy.Win32.Wopla.ac ignoré
0

Discussions similaires

Connaît tu les Smiley ? :p
Miss_23 -
Miss_23 -

4 réponses
que veut dire :p
monica -
piratesdescaraibes -

6 réponses
signification du smiley :-P
elocheri -
maiscestgenial -

4 réponses
P/N
cfarles -
cfarles -

6 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses