Sujet Précédent Sujet Suivant

Trojan au démarrage de Windows et d'Internet

Résolu/Fermé
Infodelph - 13 janv. 2008 à 16:42
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 21 janv. 2008 à 11:29
Bonjour,
Quand je démarre Internet, un virus entre dans mon système. Toujours le même : Trojan : TR/Pandes.L.2 Localisé : C:/WINDOWS/system32/drivers/smtpdrv.sys .
Mon antivirus Antivir le détecte, le supprime.
Je suis alors tranquille pour faire ce que bon me semble jusqu'à ce que je redémarre l'ordi puis Internet et là il réapparait...
Quelqu'un aurait-il une idée pour bloquer la porte à ce virus?
Merci d'avance pour votre aide
Delphine
A voir également:

29 réponses

Précédent
  • 1
  • 2
Réponse 21 / 29
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
17 janv. 2008 à 10:04
de rien

bonne continuation et bon surf
0
Réponse 22 / 29
Infodelph Messages postés 43 Date d'inscription jeudi 5 avril 2007 Statut Membre Dernière intervention 28 février 2008 1
17 janv. 2008 à 17:35
jlpjlp Au secourrrrrrrrrrrrrrrrr!!
Le PC réagit bizarrement... J'ai un message d'erreur au démarrage de windows à propos d'AD AWARE le voici :
An unhandled exception occured at 0x1005ED60 in aawservice.exe

Exception Code : 0xc0000005
Client version : 0.734
Attached Debugger : 0

Windows Information :
---------------------
Windows Version : Windows XP (5.1)
Build Number : 2600
Service Pack : 2.0

CPU Information:
----------------
CPU Name : Genuine Intel(R) CPU T2050 @ 1.60GHz
Type : 0
Vendor : GenuineIntel
Family : 6
Extended Family : 0
Model : 14
Extended Model : 0
Stepping : 8

Registry Content:
-----------------
EAX : 0x058a70b8
ECX : 0x03d7f324
EDX : 0x058a70ba
EBX : 0x03d7f308
ESP : 0x03d7f1a4
EBP : 0x00000000
ESI : 0x03d7f2e0
EDI : 0x05825580
EIP : 0x1005ed60

Memory Usage:
-------------
Physical Memory in use : 30%
Total Physical Memory : 1038316 kb
Free Physical Memory : 716976 kb
Total Virtual Memory : 2097024 kb
Free Virtual Memory : 1989588 kb
Max Page file size : 2500812 kb
Current Page file size : 2313720 kb
Free Extended memory : 0kb

Stack Information:
------------------
Total stack size : 3640

Stack Content:
--------------
0c69fe7f 00d74240 058abc10 00d74170 0000000f 058a70ba
00000001 03d7f2e0 03d7f364 1008ccc9 00000000 10064562
03d7f2e0 0c69fe0b 00000013 00d74128 058def20 0000000f
00d74240 058abc10 00d74240 03e2b018 00d74b48 00000000
00d901e8 00000001 00d90178 00d903f8 03e2b228 00000000
03dcfbc0 03dcfbc8 00d90178 00d90378 0000000a 00002000
00000001 00000770 00d99970 00000000 00000001 00000700
00000000 00000000 00000004 000001bc 03df9950 00d90000
00d90178 00000b28 00d903f8 00d90178 00d90178 0101fbd0
00d90388 03d7f1dc 7c9206f0 03d7f2c8 7c91ee18 7c920570
ffffffff 03e2b018 00450d09 00000042 00000000 00000000
0c4988bb 03df9950 03dd0aa0 000001da 03e2b010 00d90168
00000000 00000000 03e2b010 00000210 03e2b018 00450d28
00d90178 00000002 00000001 00000000 00000063 0002d000 c3fcdff0 c34a2a50 e86e539c 99622010 5dd32f22 004522dc
00d90000 00000000 00000208 031877a0 00000000 00000007
03d7f33c 00440000 00000208 00d9d090 00000000 00000000
00000007 00d74a70 013ba6f0 02f07001 00d74128 0000000e
03e2ae08 00d74a64 063d8070 00000001 03d7f66c 1008d311
ffffffff 100113d9 00000000 0c69fcab 00d9d090 7c9ff052
10e9d996 00000000 0000000a 00000013 03d7f73c 058def20
00000000 00080000 00000000 00000800 00000001 00000000
00000080 00004000 10000000 03d7f6b0 00008000 00800000
00010000 013c8f58 7c91ee18 7c920570 0000f123 03d7f414
00d90000 7c920732 00000003 00d90718 00d90000 00d9b978
03d7f3ec 03d7f438 03d7f630 7c91ee18 00400000 00200000
7c920732 7c9206ab 7c9206eb 00000010 00000000 7c9205d4
7ca01e1b 7c9d839c 00d9b990 00000022 7c9d7e30 00000026
7c9ff515 00000000 001608d0 00000001 03d7f484 00d9b2b8
478f743b 00000000 03d7f4c0 478f743b 00000000 0fd6586b
fffffffe 03d7f484 00d9b7a0 00d9b2b8 0045922d 00d9b7a0
00000000 00d9b480 0000005f 004504eb 0048a390 004504bf
0c498eb3 000107d8 00110004 001c000a 0271003b 00000000
00000000 0046beab ffffffff 0fd65b03 03d7f514 00407b48
00d952e0 0047374c 0c498e83 00d95b20 00d95b20 00000001
00000001 00000002 00000002 03d7f6d8 004573f0 0fd65bab
03d7f6d8 7c920945 7c92094e 00d9bda8 00020024 03d7f620
00000002 7c924190 7ffda000 7c911005 03d7f510 00000000
03d7f5e0 7c91ee18 7c920970 7c98e4c0 7c923e6f 7c923e62
00d9bba0 7c9243a1 00000000 0000001e 00000025 0000001c
0000000b 00000011 00000000 0000006c 0000000f 00000002
0020001e 7ffd9c00 00000000 7c920945 7ffd9c00 00000000
0208001e 7ffda000 43000010 0000001e 00000000 00000003
00d9bbbe 00000000 01000002 00d9bba0 439246c3 00000000
00000000 7ffd9c1e 00d9d090 7c9243a1 0000913d 03d7f54c
00000003 03d7f664 7c91ee18 7c811419 00000000 03d7f674
ffffffff 7c811408 7c80df3b 7c80df3f 03d7f664 7c80dea4
00000000 00d9b978 03d7f674 00d9bba0 00000018 00000000
00d90000 03d7f420 7c811401 03d7f6d4 7c91ee18 7c9206f0
ffffffff 7c9206eb 004522dc 00d90000 00000000 00000010
03d7f6c8 00d95a2c 00000000 03d7f678 0044f024 0c69fc5b
03d7f6d4 10085f00 ffffffff 004245f0 03d7f6b0 00000003
00100000 10e9d996 00000003 03d7f73c 00000000 0c498cff
00d9d090 03d7f720 00d9d090 00000007 00000000 00d9a600
00d9b990 00d9bba0 03d7f720 00000007 00d9ae40 00d9b978
00000007 03d7fc20 03d7fc20 0046a361 00000000 00422cd5
00d9d090 03d7f73c 0c498c93 00d9d090 7c911005 03d7ffb0
7c9110ed 00000008 03d7f6e0 00d99d00 00000000 00d90178
00000000 00d9b7a0 0048d39c 002d0044 00d9ae40 007e0041
002e0031 004f004c 00000013 00000017 00000001 00000000
00200065 00d9b468 00000005 00310000 00d9b7a0 00d9b870
002d0030 00380032 0035002d 002e0039 006f006c 7c910067
00000000 000001a3 03d7f790 00150640 00000000 00251f18
7c92393d 00d95b20 6365446c 00000000 00150178 03007265
03d7f7b8 00000000 00d95b20 00251f18 7c92393d 00d9b7a0
00000000 03d7f7d0 00000000 7c9205c8 00166a90 03d7f89c
7c920551 00150778 7c92056d 00166ab8 00166a98 001608e4
00d9b798 00000030 00150178 00d90178 00167350 00000030
00000178 03d7f818 00000000 7c9205c8 00d9b798 03d7f8e4
7c920551 00d907a8 7c92056d 00d9b7a0 00d9b7a0 03d7f9cc
00150000 03d7f848 00000000 7c9205c8 001608c8 03d7f914
03d7f85c 00000000 7c9205c8 00d9b2b0 03d7f928 7c920551
00d907a8 7c92056d 03d7f9cc 00d9b2b8 00d9b7a0 00167350
0001af4d 00000005 00000030 00150178 03d7f8c8 7c91ee18
7c920570 ffffffff 7c92056d 7c921962 7c921993 7c98c080
00d90000 00166ab8 00000038 001608e4 7ffd9000 03d7f8b0
00010000 00000030 03d7f828 7c921978 03d7f914 7c91ee18
7c920570 ffffffff 7c92056d 00450d09 00d90000 00d90000
00450d28 0c498347 00d9b7a0 00d9b2b8 03d7f9cc 0001ee18
00000006 03d7f86c 03d7fa04 03d7f958 7c91ee18 7c920570
ffffffff 7c92056d 00450d09 00d90000 00000000 00450d28
0c49830b 03d7f9cc 03d7f9cc 00d9b7a0 00d9b7a0 03d7f93c
03d7fa04 03d7fa04 004573f0 0fd6584b fffffffe 00450d28
00407484 00d9b2b8 0c49831b 00d9d090 00000000 00d952e0
01450c99 00000000 00d9b060 00000000 001608d0 00000001
03d7f9cc 00d9b7a0 478f743b 00000000 03d7fa08 478f743b
00000000 0fd6586b fffffffe 03d7f9cc 00d9b2b8 00d9b7a0
0045922d 00d9b2b8 00000000 00d9b480 0000005f 004504eb
0048a390 004504bf 0c49807b 000107d8 00110004 001c000a
0271003b 03d7f9ec 03d7fa4c 0046beab ffffffff 0fd65b03
03d7fa5c 00407b48 00d952e0 0047374c 0c49804b 00d9d090
00000011 00000001 00000001 03d7fa24 0000000b 03d7fc20
004573f0 0fd65bab 03d7fc20 0046cc60 ffffffff 0048a390
0000000b 0041e6ad 0c49800b 7c911005 03d7ffb0 0041e6cd
00000025 478f8235 00000000 0000001c 03d7fdb8 00d94eb0
00d90000 03d7fb00 00d9a810 0000001f 00000000 00000007
00000025 0000001c 0000000b 00000011 00000000 0000006c
00000004 00000010 00000000 00000025 0000001c 0000000b
00000011 00000000 0000006c 00000004 00000010 00000000
00000025 0000001c 0000000b 00000011 00000000 0000006c
00000004 03d7fb18 00000000 7c9205c8 00d9a400 03d7fbe4
7c920551 00d90778 7c92056d 00d9d090 00d9a408 7c9110ed
00000025 0000001c 0000000b 00000011 00000000 0000006c
00000004 00000010 00000000 00000025 0000001c 0000000b
00000011 00000000 0000006c 00000004 00000010 00000000
004522dc 00d9aab8 00000028 00000020 03d7fdb8 00000062
7c911005 00421a75 00380030 00310030 00370031 00310020
00d90000 00380032 0033002d 00200037 0020003a 00000000
00010000 00000005 03d7fb28 0c498197 03d7fc14 7c91ee18
7c920570 ffffffff 7c92056d 00450d09 00d90000 00000000
00450d28 0c498647 00d9d090 03d7fdb8 7c9110ed 00478234
03d7fbf8 00478236 03d7ffa4 0c498d63 7c80a027 03d7ffa4
0046f65c 00000000 00424c83 00d9d090 0c49865b 010ffb10
00d9f1d8 00d9d090 0048d498 00d9d090 0048d49c 00d9d120
00d9d09c 00000001 00000000 00153118 00000000 00000000
00d9df70 00000005 00000000 00000000 00000000 7ffda000
763212c0 000000fc 000000f8 00000000 03d7fd0c 7c91ee18
7c928ed0 ffffffff 7c928e74 7c91e8c4 7c928dfa 03d7fd30
00d9f1d8 00d9d090 00000000 00000000 00000000 00000000
00000000 00000000 00000000 00000000 00000000 00000000
00000000 00000000 7ffd9000 00000000 00000000 00000000
00000000 00000000 03d7fcb0 00000000 00000000 7c91ee00
7c928e00 ffffffff 7c928dfa 7c91d625 7c91eacf 03d7fd30
00000001 00010017 00000000 00000000 00000000 00000000
00000000 00000000 81e2d438 00000000 c050369c 86c58f98
0000042e a8144a74 804f1006 804e9643 f7b0e540 c0002940
804eac59 02144ae0 a8144a80 804ea9f9 00000002 a8144ae0
00000001 00000000 a8144aa4 00000000 c0300008 a8144b38
804f114a a8144aa0 00000000 00000000 00a4ffff 86c58da0
00d90000 00000038 00000023 00000023 00000000 00000007
00d9d090 00000000 7c9205c8 00445ba0 010ffad0 7c810659
0000001b 00000200 03d7fffc 00000023 a8144b70 a8144af8
00000000 80682970 a8144b7c 85e12313 806826f7 85e12313
00000000 80548df2 00000216 00045a16 00000000 00000013
00000000 85fe2aa4 85fe28b8 30203a73 85e122d0 85fe28b8
00000043 00000013 00000000 867a30dc 00000013 00000002
85e4a000 a8144bcc 00000002 00000017 00000000 a8144bcc
85e12000 85e12313 a8144b04 62313130 a8144dcc 804e2ed8
80548df8 ffffffff 80548df2 80548e2c 00ff0002 ffffffff
0000002b f6462b40 0000000a a8144bb8 a8144d14 f6390496
00ff0002 ffffffff 0000002b f6462b40 0000000a a8144bd8
00000004 a8144bdc 00000013 00000000 c0000001 0000001f
ffdff540 804dca34 ffffffff 00000246 804dc84d a8144c28
8600e5f0 f7b0e120 8600e78c 804e1be8 8600e660 8600e5f0
804e1c1e 8600e75c 8600e5f0 8600e624 00000000 805856c2
85fe4da0 8600e5f0 7ffd9000 a8144c88 804faee4 00000000
00000005 00000000 00000000 00000000 804f3bcc a8144c60
8600e624 804dce74 806ff427 8600e5f0 a8144d50 00000000
8600e6d8 a8144c01 00000000 85fe4da0 804faec4 00000000
0c498627 00000000 03d7ffdc 0046f89a 00000001 03d7ffec
00445bb4 7c80b683 00d9d090 010ffb10 00d9f1d8 00d9d090
7ffd9000 c0000005 03d7ffc0 03d7edc8

System Activity:
----------------
Process 00000000: [System Process]
Module at 0x00400000: aawservice.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: CEAPI.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7e390000: USER32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x004a0000: PKArchive85u.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x774a0000: ole32.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77bd0000: VERSION.dll
Module at 0x44080000: WININET.dll
Module at 0x00350000: Normaliz.dll
Module at 0x43e00000: iertutil.dll
Module at 0x00360000: Update.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x0ffd0000: rsaenh.dll

Process 00000004: System
Current Memory usage : 216 kb
Memory usage peak : 4340 kb
Current Paged Pool usage : 0 kb
Paged Pool usage peak : 0 kb
Current Non-Paged Pool usage : 0 kb
Non-Paged Pool usage peak : 0 kb
Current Page file usage : 0 kb
Page file usage peak : 0 kb
Page Faults : 8260

Module list
Module at 0x00000000:

Process 00000328: smss.exe
Current Memory usage : 372 kb
Memory usage peak : 652 kb
Current Paged Pool usage : 5 kb
Paged Pool usage peak : 13 kb
Current Non-Paged Pool usage : 0 kb
Non-Paged Pool usage peak : 1 kb
Current Page file usage : 164 kb
Page file usage peak : 1640 kb
Page Faults : 286

Module list
Module at 0x48580000: smss.exe
Module at 0x7c910000: ntdll.dll

Process 00000368: csrss.exe
Current Memory usage : 4056 kb
Memory usage peak : 4068 kb
Current Paged Pool usage : 75 kb
Paged Pool usage peak : 81 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 1616 kb
Page file usage peak : 1620 kb
Page Faults : 1967

Module list
Module at 0x4a680000: csrss.exe
Module at 0x7c910000: ntdll.dll
Module at 0x75ad0000: CSRSRV.dll
Module at 0x75ae0000: basesrv.dll
Module at 0x75af0000: winsrv.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c800000: KERNEL32.dll
Module at 0x7e390000: USER32.dll
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77210000: sxs.dll

Process 00000380: winlogon.exe
Current Memory usage : 10476 kb
Memory usage peak : 68868 kb
Current Paged Pool usage : 50 kb
Paged Pool usage peak : 75 kb
Current Non-Paged Pool usage : 46 kb
Non-Paged Pool usage peak : 48 kb
Current Page file usage : 6408 kb
Page file usage peak : 35564 kb
Page Faults : 19398

Module list
Module at 0x01000000: winlogon.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x7e390000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x758d0000: NDdeApi.dll
Module at 0x758c0000: PROFMAP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x76b60000: REGAPI.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x75900000: MSGINA.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x74730000: ODBC32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77390000: comctl32.dll
Module at 0x20000000: odbcint.dll
Module at 0x776a0000: SHSVCS.dll
Module at 0x76b50000: sfc.dll
Module at 0x76c10000: sfc_os.dll
Module at 0x774a0000: ole32.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x75140000: msctfime.ime
Module at 0x72340000: WINSCARD.DLL
Module at 0x76f00000: WTSAPI32.dll
Module at 0x77210000: sxs.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x76590000: cscdll.dll
Module at 0x758e0000: WlNotify.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x71a60000: MPR.dll
Module at 0x01e50000: WgaLogon.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x765b0000: cscui.dll
Module at 0x01290000: xpsp2res.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll

Process 000003ac: services.exe
Current Memory usage : 3344 kb
Memory usage peak : 3344 kb
Current Paged Pool usage : 22 kb
Paged Pool usage peak : 23 kb
Current Non-Paged Pool usage : 6 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 1912 kb
Page file usage peak : 1912 kb
Page Faults : 980

Module list
Module at 0x01000000: services.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x7e390000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76a20000: SCESRV.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x7dbc0000: umpnpmgr.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x5fb00000: NCObjAPI.DLL
Module at 0x76010000: MSVCP60.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x47260000: AcAdProc.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77fc0000: secur32.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x77b80000: eventlog.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x76f00000: wtsapi32.dll

Process 000003b8: lsass.exe
Current Memory usage : 5204 kb
Memory usage peak : 5216 kb
Current Paged Pool usage : 38 kb
Paged Pool usage peak : 39 kb
Current Non-Paged Pool usage : 7 kb
Non-Paged Pool usage peak : 8 kb
Current Page file usage : 2312 kb
Page file usage peak : 2352 kb
Page Faults : 1483

Module list
Module at 0x01000000: lsass.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x756b0000: LSASRV.dll
Module at 0x71a60000: MPR.dll
Module at 0x7e390000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x743b0000: SAMSRV.dll
Module at 0x76730000: cryptdll.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x20000000: msprivs.dll
Module at 0x71c50000: kerberos.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x74420000: netlogon.dll
Module at 0x76760000: w32time.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x76790000: schannel.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x742e0000: wdigest.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x778e0000: setupapi.dll
Module at 0x74370000: scecli.dll

Process 0000046c: svchost.exe
Current Memory usage : 3736 kb
Memory usage peak : 3736 kb
Current Paged Pool usage : 36 kb
Paged Pool usage peak : 36 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 1616 kb
Page file usage peak : 1620 kb
Page Faults : 980

Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x7e390000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76870000: rpcss.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f00000: WTSAPI32.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll

Process 000004b0: svchost.exe
Current Memory usage : 4152 kb
Memory usage peak : 4160 kb
Current Paged Pool usage : 38 kb
Paged Pool usage peak : 38 kb
Current Non-Paged Pool usage : 14 kb
Non-Paged Pool usage peak : 16 kb
Current Page file usage : 1820 kb
Page file usage peak : 1844 kb
Page Faults : 1159

Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x7e390000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x76870000: rpcss.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll

Process 00000540: MsMpEng.exe
Current Memory usage : 20324 kb
Memory usage peak : 37148 kb
Current Paged Pool usage : 38 kb
Paged Pool usage peak : 41 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 10 kb
Current Page file usage : 17956 kb
Page file usage peak : 35384 kb
Page Faults : 19600

Module list
Module at 0x01000000: MsMpEng.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x78130000: MSVCR80.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x5c800000: MpSvc.dll
Module at 0x7c420000: MSVCP80.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x7e390000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x5b800000: MpClient.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x77fc0000: secur32.dll
Module at 0x6fee0000: netapi32.dll
Module at 0x5a100000: mpengine.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x76d10000: iphlpapi.dll
Module at 0x5e800000: mprtplug.dll
Module at 0x5b090000: uxtheme.dll

Process 00000548: logonui.exe
Current Memory usage : 2092 kb
Memory usage peak : 5080 kb
Current Paged Pool usage : 33 kb
Paged Pool usage peak : 37 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 6 kb
Current Page file usage : 2976 kb
Page file usage peak : 3016 kb
Page Faults : 1850

Module list
Module at 0x01000000: logonui.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7e390000: USER32.dll
Module at 0x77390000: COMCTL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x6c650000: DUSER.dll
Module at 0x76310000: MSIMG32.dll
Module at 0x74bf0000: OLEACC.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x75140000: msctfime.ime
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x73cc0000: shgina.dll
Module at 0x762f0000: WINSTA.dll

Process 0000058c: svchost.exe
Current Memory usage : 6648 kb
Memory usage peak : 7384 kb
Current Paged Pool usage : 46 kb
Paged Pool usage peak : 51 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 12 kb
Current Page file usage : 5700 kb
Page file usage peak : 5724 kb
Page Faults : 3011

Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x7e390000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x776a0000: shsvcs.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x76d30000: dhcpcsvc.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x7db30000: wzcsvc.dll
Module at 0x76e30000: rtutils.dll
Module at 0x76ce0000: WMI.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76f00000: WTSAPI32.dll
Module at 0x6f890000: ESENT.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76b70000: rastls.dll
Module at 0x76610000: CRYPTUI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x44080000: WININET.dll
Module at 0x00e60000: Normaliz.dll
Module at 0x43e00000: iertutil.dll
Module at 0x76cf0000: MPRAPI.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x76e90000: RASAPI32.dll
Module at 0x76e40000: rasman.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x76790000: SCHANNEL.dll
Module at 0x72340000: WinSCard.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x76c90000: raschap.dll
Module at 0x75d30000: mlang.dll
Module at 0x4cc80000: xmlprovi.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x72f80000: WZCSAPI.DLL
Module at 0x77c40000: msv1_0.dll

Process 000005b0: EvtEng.exe
Current Memory usage : 7692 kb
Memory usage peak : 7704 kb
Current Paged Pool usage : 41 kb
Paged Pool usage peak : 42 kb
Current Non-Paged Pool usage : 6 kb
Non-Paged Pool usage peak : 9 kb
Current Page file usage : 3936 kb
Page file usage peak : 4332 kb
Page Faults : 2203

Module list
Module at 0x00400000: EvtEng.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x50740000: PsRegApi.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7e390000: USER32.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x50830000: TraceAPI.DLL
Module at 0x76ac0000: ATL.DLL
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x4dd40000: msado15.dll
Module at 0x768e0000: MSDART.DLL
Module at 0x73ec0000: oledb32.dll
Module at 0x74fb0000: OLEDB32R.DLL
Module at 0x4df00000: msdasql.dll
Module at 0x611e0000: MSDATL3.dll
Module at 0x74730000: ODBC32.dll
Module at 0x00670000: odbcint.dll
Module at 0x00690000: MSDASQLR.DLL
Module at 0x1b5d0000: MSWSTR10.DLL
Module at 0x76080000: comsvcs.dll
Module at 0x750a0000: colbact.DLL
Module at 0x77fc0000: Secur32.dll
Module at 0x75060000: MTXCLU.DLL
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76d50000: CLUSAPI.DLL
Module at 0x75020000: RESUTILS.DLL
Module at 0x76960000: USERENV.dll
Module at 0x4de20000: odbcjt32.dll
Module at 0x1b000000: msjet40.dll
Module at 0x58f60000: odbcji32.dll
Module at 0x1b2c0000: msjter40.dll
Module at 0x1b2d0000: MSJINT40.DLL
Module at 0x6ff40000: odbccp32.dll
Module at 0x73f40000: msadce.dll
Module at 0x063e0000: msadcer.dll
Module at 0x5b090000: uxtheme.dll

Process 00000604: S24EvMon.exe
Current Memory usage : 5724 kb
Memory usage peak : 5724 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 40 kb
Current Non-Paged Pool usage : 8 kb
Non-Paged Pool usage peak : 11 kb
Current Page file usage : 2912 kb
Page file usage peak : 2912 kb
Page Faults : 1471

Module list
Module at 0x00400000: S24EvMon.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7e390000: USER32.dll
Module at 0x50830000: TraceAPI.DLL
Module at 0x50740000: PsRegApi.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76d10000: iphlpapi.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x50490000: LIBEAY32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x50320000: IntStngs.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x73d20000: MFC42.DLL
Module at 0x77bd0000: VERSION.dll
Module at 0x50410000: IWMSPROV.DLL
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x5b090000: uxtheme.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x75570000: netcfgx.dll
Module at 0x76d50000: CLUSAPI.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x75140000: msctfime.ime
Module at 0x76960000: USERENV.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll

Process 0000064c: svchost.exe
Current Memory usage : 2924 kb
Memory usage peak : 2924 kb
Current Paged Pool usage : 29 kb
Paged Pool usage peak : 35 kb
Current Non-Paged Pool usage : 3 kb
Non-Paged Pool usage peak : 3 kb
Current Page file usage : 1208 kb
Page file usage peak : 1228 kb
Page Faults : 765

Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x7e390000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x76710000: dnsrslvr.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll

Process 00000768: svchost.exe
Current Memory usage : 3108 kb
Memory usage peak : 3108 kb
Current Paged Pool usage : 32 kb
Paged Pool usage peak : 35 kb
Current Non-Paged Pool usage : 2 kb
Non-Paged Pool usage peak : 3 kb
Current Page file usage : 1248 kb
Page file usage peak : 1252 kb
Page Faults : 810

Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x7e390000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x74bb0000: lmhsvc.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll

Process 00000778: vsmon.exe
Module at 0x00000000:

Process 000007a8: userinit.exe
Current Memory usage : 3168 kb
Memory usage peak : 3236 kb
Current Paged Pool usage : 32 kb
Paged Pool usage peak : 40 kb
Current Non-Paged Pool usage : 2 kb
Non-Paged Pool usage peak : 3 kb
Current Page file usage : 1100 kb
Page file usage peak : 1124 kb
Page Faults : 883

Module list
Module at 0x01000000: userinit.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x7e390000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77fc0000: Secur32.dll

Process 000007c4: explorer.exe
Current Memory usage : 10860 kb
Memory usage peak : 11520 kb
Current Paged Pool usage : 45 kb
Paged Pool usage peak : 47 kb
Current Non-Paged Pool usage : 6 kb
Non-Paged Pool usage peak : 6 kb
Current Page file usage : 8376 kb
Page file usage peak : 9200 kb
Page Faults : 3346

Module list
Module at 0x01000000: Explorer.EXE
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x75f10000: BROWSEUI.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7e390000: USER32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x774a0000: ole32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77720000: SHDOCVW.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76610000: CRYPTUI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x44080000: WININET.dll
Module at 0x00400000: Normaliz.dll
Module at 0x43e00000: iertutil.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x75140000: msctfime.ime
Module at 0x77b50000: appHelp.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x765b0000: cscui.dll
Module at 0x76590000: CSCDLL.dll
Module at 0x5b950000: themeui.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76310000: MSIMG32.dll
Module at 0x20000000: xpsp2res.dll

Process 00000704: aawservice.exe
Current Memory usage : 12020 kb
Memory usage peak : 80164 kb
Current Paged Pool usage : 66 kb
Paged Pool usage peak : 70 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 4 kb
Current Page file usage : 10504 kb
Page file usage peak : 82088 kb
Page Faults : 38947

Module list
Module at 0x00400000: aawservice.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: CEAPI.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7e390000: USER32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x004a0000: PKArchive85u.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x774a0000: ole32.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77bd0000: VERSION.dll
Module at 0x44080000: WININET.dll
Module at 0x00350000: Normaliz.dll
Module at 0x43e00000: iertutil.dll
Module at 0x00360000: Update.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x0ffd0000: rsaenh.dll

Process 000001b0: AAWTray.exe
Current Memory usage : 2396 kb
Memory usage peak : 2396 kb
Current Paged Pool usage : 29 kb
Paged Pool usage peak : 32 kb
Current Non-Paged Pool usage : 2 kb
Non-Paged Pool usage peak : 2 kb
Current Page file usage : 752 kb
Page file usage peak : 752 kb
Page Faults : 628

Module list
Module at 0x00400000: AAWTray.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x7e390000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76320000: IMM32.DLL
Module at 0x62dc0000: LPK.DLL
Module at 0x753c0000: USP10.dll
Module at 0x77390000: comctl32.dll
Module at 0x58b50000: comctl32.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x75140000: msctfime.ime
Module at 0x774a0000: ole32.dll





Que dois je faire?...
Il y a d'autres bizarreries que je tente de résoudre...
A +... Visiblement notre discussion ne s'arrête pas là...
0
Réponse 23 / 29
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
17 janv. 2008 à 18:44
desisntalle ad aware et reinstalle le pour voir
0
Réponse 24 / 29
Infodelph Messages postés 43 Date d'inscription jeudi 5 avril 2007 Statut Membre Dernière intervention 28 février 2008 1
18 janv. 2008 à 04:03
Bravo! Ça a marché! Le message d'erreur n'est plus!
Merciiii
Del
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 29
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
18 janv. 2008 à 10:16
ok parfait

bon surf cette fois!
0
Réponse 26 / 29
Infodelph Messages postés 43 Date d'inscription jeudi 5 avril 2007 Statut Membre Dernière intervention 28 février 2008 1
18 janv. 2008 à 19:46
Bon... oui c'est encore la même...
Voici mon rapport d,analyse avec AntiVir... 3 virus!
J'ai déjà fait une analyse hier et les avais mis en quarantaire mais les voila de retour...
On dirait qu'on est encore ensemble pour un bout... ;-)
Merci d'avance...




AntiVir PersonalEdition Classic
Report file date: vendredi 18 janvier 2008 12:00

Scanning for 1054433 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: NOM-38AB163A8B7

Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 19:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 18:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 21:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 18:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 20:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 16:46:24
ANTIVIR2.VDF : 7.0.2.0 948736 Bytes 2008-01-15 04:58:10
ANTIVIR3.VDF : 7.0.2.15 191488 Bytes 2008-01-17 08:14:50
AVEWIN32.DLL : 7.6.0.48 3080704 Bytes 2008-01-17 04:58:13
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 16:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 13:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 19:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-01-17 04:58:14
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 13:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 18:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 13:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 17:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 18:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 18:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 15:37:21

Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: vendredi 18 janvier 2008 12:00

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'vsserv.exe' - '1' Module(s) have been scanned
Scan process 'bdss.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'Dot1XCfg.exe' - '1' Module(s) have been scanned
Scan process 'RAMASST.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'TOSCDSPD.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'avgas.exe' - '1' Module(s) have been scanned
Scan process 'bdagent.exe' - '1' Module(s) have been scanned
Scan process 'bdmcon.exe' - '1' Module(s) have been scanned
Scan process 'TPSBattM.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'CFD.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'TPSMain.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'iFrmewrk.exe' - '1' Module(s) have been scanned
Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned
Scan process 'ltmoh.exe' - '1' Module(s) have been scanned
Scan process 'THotkey.exe' - '1' Module(s) have been scanned
Scan process 'TvsTray.exe' - '1' Module(s) have been scanned
Scan process 'SmoothView.exe' - '1' Module(s) have been scanned
Scan process 'DLACTRLW.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'CALMAIN.exe' - '1' Module(s) have been scanned
Scan process 'livesrv.exe' - '1' Module(s) have been scanned
Scan process 'xcommsvr.exe' - '1' Module(s) have been scanned
Scan process 'TAPPSRV.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'scsiaccess.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'DVDRAMSV.exe' - '1' Module(s) have been scanned
Scan process 'CFSvcs.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
61 processes with 61 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '38' files ).


Starting the file scan:

Begin scan in 'C:\' <S3A2422D002FR>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\QooBox\Quarantine\catchme2008-01-14_232446.14.zip
[0] Archive type: ZIP
--> Gnu53.sys
[DETECTION] Contains detection pattern of the worm WORM/Ntech.Z.4
[INFO] The file was moved to '4804ed63.qua'!
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP4\A0001464.sys
[DETECTION] Contains detection pattern of the worm WORM/Ntech.Z.4
[INFO] The file was moved to '47c0ed55.qua'!
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP4\A0001493.sys
[DETECTION] Contains detection pattern of the worm WORM/Ntech.Z.4
[INFO] The file was moved to '47c0ed56.qua'!


End of the scan: vendredi 18 janvier 2008 13:38
Used time: 1:38:45 min

The scan has been done completely.

13298 Scanning directories
349180 Files were scanned
3 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
3 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
349177 Files not concerned
7606 Archives were scanned
7 Warnings
0 Notes
0
Réponse 27 / 29
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
18 janv. 2008 à 20:37
ok ca va etre rapide cette fois normalement!


vire tout ce qui est dans le fichier quarantine ; en allant dans poste de travail puis C puis qoobox

C:\QooBox\Quarantine\catchme2008-01-14_232446.14.zip

___________________________

ensuite pour les fichiers dans system volume information

désactive la restauration système pour purger les virus qui sont dedans
puis redemarre ton ordi
puis réactive là

(dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis paramètre)

_________________________

refais un scan antivir pour verifier

a plus
0
Réponse 28 / 29
Infodelph Messages postés 43 Date d'inscription jeudi 5 avril 2007 Statut Membre Dernière intervention 28 février 2008 1
21 janv. 2008 à 04:12
Merci merci!
Je n'ose plus dire que tout est réglé... Mais pour l'instant plus de problème... Merci!
0
Réponse 29 / 29
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
21 janv. 2008 à 11:29
ok

bonne continuation , si pb tu dis
0