Je crois que mon pc est infecté !!!
Résolu/Fermé
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
-
19 nov. 2008 à 20:15
jorginho67 Messages postés 14716 Date d'inscription mardi 11 septembre 2007 Statut Contributeur sécurité Dernière intervention 11 février 2011 - 2 déc. 2008 à 20:38
jorginho67 Messages postés 14716 Date d'inscription mardi 11 septembre 2007 Statut Contributeur sécurité Dernière intervention 11 février 2011 - 2 déc. 2008 à 20:38
A voir également:
- Je crois que mon pc est infecté !!!
- Mon pc rame que faire - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Plus de son sur mon pc - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
45 réponses
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
19 nov. 2008 à 20:17
19 nov. 2008 à 20:17
Salut !
pourtant j'ai avast comme anti virus mouais.... y'a mieux en gratuit...
Voyons ça...
• Télécharge Hijackthis
Hijackthis (HJT) est un outil de diagnostic pour voir si tout va bien avec ton pc....
Ø Enregistre HJTInstall.exe sur ton bureau
Ø Double-clique sur HJTInstall.exe pour lancer le programme
*. Par défaut, il s'installera là C:\Program Files\Trend Micro\HijackThis
*. Accepte la license en cliquant sur le bouton "I Accept"
Ø Choisis l'option "Do a system scan and save a log file"
*. Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
*. Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
Ø Colle le rapport que tu viens de copier sur ce forum
pourtant j'ai avast comme anti virus mouais.... y'a mieux en gratuit...
Voyons ça...
• Télécharge Hijackthis
Hijackthis (HJT) est un outil de diagnostic pour voir si tout va bien avec ton pc....
Ø Enregistre HJTInstall.exe sur ton bureau
Ø Double-clique sur HJTInstall.exe pour lancer le programme
*. Par défaut, il s'installera là C:\Program Files\Trend Micro\HijackThis
*. Accepte la license en cliquant sur le bouton "I Accept"
Ø Choisis l'option "Do a system scan and save a log file"
*. Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
*. Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport
Ø Colle le rapport que tu viens de copier sur ce forum
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
19 nov. 2008 à 21:00
19 nov. 2008 à 21:00
C'est quand que j'ai mon rapport HJT ???
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
19 nov. 2008 à 21:52
19 nov. 2008 à 21:52
Yo6440, c'est bon, j'ai vu le rapport.
Fait ce qui suit, tu as toutes les explications ici :
Télécharge SmitfraudFix
Utilitaire de S!Ri: Moe et balltrap34
Installe le à la racine de C : tuto d'utilisation
Double clique sur l'exe pour le décompresser et lancer le fix.
Utilisation option 1 Recherche :
Double clique sur smitfraudfix.cmd
Sélectionne 1 pour créer un rapport des fichiers responsables de l'infection.
Ne fais rien d'autre sans notre avis
Copie/colle le RAPPORT sur ta prochaine réponse sur ce post stp.
Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Fait ce qui suit, tu as toutes les explications ici :
Télécharge SmitfraudFix
Utilitaire de S!Ri: Moe et balltrap34
Installe le à la racine de C : tuto d'utilisation
Double clique sur l'exe pour le décompresser et lancer le fix.
Utilisation option 1 Recherche :
Double clique sur smitfraudfix.cmd
Sélectionne 1 pour créer un rapport des fichiers responsables de l'infection.
Ne fais rien d'autre sans notre avis
Copie/colle le RAPPORT sur ta prochaine réponse sur ce post stp.
Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
20 nov. 2008 à 06:12
20 nov. 2008 à 06:12
merci pour ton aide !!!! j'essaierai ce soir et je te tiens au courant
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
20 nov. 2008 à 18:41
20 nov. 2008 à 18:41
est ce que tu as reçu mon rapport de ce matin !!!
Prends https://www.hugedomains.com/domain_profile.cfm?d=antimalwares&e=com
Bon courage
Edith
Bon courage
Edith
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
20 nov. 2008 à 12:45
20 nov. 2008 à 12:45
merci edith !!!! j'essaye d'abord la methode de jorginho67 pour eviter de m'embrouiller car je debute en informatique !!! aplus
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
21 nov. 2008 à 11:36
21 nov. 2008 à 11:36
Yo, réponds a la suite stp... ( en bas, pas au milieu des autres posts... )
On continue !
Option 2
Redémarre en mode sans échec :
Pour cela, tapotes la touche F8 (Si F8 ne marche pas utilise la touche F5).
dès le début de l’allumage du pc sans t’arrêter.
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
comment demarrer en mode sans echec en images
-------------------------------------------------------------------------------
Double clique sur smitfraudfix.cmd
Cette fois choisit l’option 2 !!
répond oui (o) à tout
Une fois le nettoyage terminé, SmitFraudfix ouvre le rapport de nettoyage sur le bloc-note.
Redémarre l'ordinateur en mode normal (comme d'habitude),
Sur le bureau doit se trouver le rapport enregistré (sinon il est sur le Poste de Travail / Disque C / rapport.txt)
Refais un log Hitjackthis et poste les <gras>deux rapports s'il te plait !</gras>
On continue !
Option 2
Redémarre en mode sans échec :
Pour cela, tapotes la touche F8 (Si F8 ne marche pas utilise la touche F5).
dès le début de l’allumage du pc sans t’arrêter.
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
comment demarrer en mode sans echec en images
-------------------------------------------------------------------------------
Double clique sur smitfraudfix.cmd
Cette fois choisit l’option 2 !!
répond oui (o) à tout
Une fois le nettoyage terminé, SmitFraudfix ouvre le rapport de nettoyage sur le bloc-note.
Redémarre l'ordinateur en mode normal (comme d'habitude),
Sur le bureau doit se trouver le rapport enregistré (sinon il est sur le Poste de Travail / Disque C / rapport.txt)
Refais un log Hitjackthis et poste les <gras>deux rapports s'il te plait !</gras>
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
21 nov. 2008 à 20:00
21 nov. 2008 à 20:00
bonsoir !! desolSmitFraudFix v2.375
Rapport fait à 19:47:57,53, 21/11/2008
Executé à partir de C:\Documents and Settings\a\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"="STS"
[HKEY_CLASSES_ROOT\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"="STS"
[HKEY_CLASSES_ROOT\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Fin
é je n'etais pas la de la journée ! travail oblige je t'envoie mon rapport en mode sans echec
Rapport fait à 19:47:57,53, 21/11/2008
Executé à partir de C:\Documents and Settings\a\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"="STS"
[HKEY_CLASSES_ROOT\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"="STS"
[HKEY_CLASSES_ROOT\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Fin
é je n'etais pas la de la journée ! travail oblige je t'envoie mon rapport en mode sans echec
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
21 nov. 2008 à 20:09
21 nov. 2008 à 20:09
deusieme rapport enSmitFraudFix v2.375
Rapport fait à 20:01:12,57, 21/11/2008
Executé à partir de C:\Documents and Settings\a\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"="STS"
[HKEY_CLASSES_ROOT\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 10.0.0.138
Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 80.10.246.130
DNS Server Search Order: 81.253.149.10
HKLM\SYSTEM\CCS\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer=80.10.246.130 81.253.149.10
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS1\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer=80.10.246.130 81.253.149.10
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"="STS"
[HKEY_CLASSES_ROOT\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Fin
mode normal !
Rapport fait à 20:01:12,57, 21/11/2008
Executé à partir de C:\Documents and Settings\a\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"="STS"
[HKEY_CLASSES_ROOT\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 10.0.0.138
Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 80.10.246.130
DNS Server Search Order: 81.253.149.10
HKLM\SYSTEM\CCS\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer=80.10.246.130 81.253.149.10
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS1\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer=80.10.246.130 81.253.149.10
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"="STS"
[HKEY_CLASSES_ROOT\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}\InProcServer32]
@="c:\windows\system32\bakorigi.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Fin
mode normal !
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
21 nov. 2008 à 20:52
21 nov. 2008 à 20:52
Refais moi un log HJT tout frais stp...
Ø Relance Hijackthis en double cliquant sur son raccourci sur le Bureau.
Choisis l'option "Do a system scan and save a log file"
Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
Clique sur "Edition" ->> "Sélectionner tout", puis sur "Edition" ->> Copier" pour copier tout le contenu du rapport ici
Ø Relance Hijackthis en double cliquant sur son raccourci sur le Bureau.
Choisis l'option "Do a system scan and save a log file"
Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
Clique sur "Edition" ->> "Sélectionner tout", puis sur "Edition" ->> Copier" pour copier tout le contenu du rapport ici
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:58:58, on 21/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Documents and Settings\a\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {468c6a26-c4b3-42b1-85d8-c6c01cbf2438} - C:\WINDOWS\system32\volosejo.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s
O4 - HKLM\..\Run: [98f7cc16] rundll32.exe "C:\WINDOWS\system32\hamehalu.dll",b
O4 - HKLM\..\Run: [CPM9bc4ff8a] Rundll32.exe "c:\windows\system32\bakorigi.dll",a
O4 - HKUS\S-1-5-19\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer = 80.10.246.130 81.253.149.10
O20 - AppInit_DLLs: C:\WINDOWS\system32\fareruta.dll boskhw.dll c:\windows\system32\bakorigi.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\bakorigi.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\bakorigi.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
Scan saved at 20:58:58, on 21/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Documents and Settings\a\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {468c6a26-c4b3-42b1-85d8-c6c01cbf2438} - C:\WINDOWS\system32\volosejo.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s
O4 - HKLM\..\Run: [98f7cc16] rundll32.exe "C:\WINDOWS\system32\hamehalu.dll",b
O4 - HKLM\..\Run: [CPM9bc4ff8a] Rundll32.exe "c:\windows\system32\bakorigi.dll",a
O4 - HKUS\S-1-5-19\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer = 80.10.246.130 81.253.149.10
O20 - AppInit_DLLs: C:\WINDOWS\system32\fareruta.dll boskhw.dll c:\windows\system32\bakorigi.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\bakorigi.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\bakorigi.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
25 nov. 2008 à 22:10
25 nov. 2008 à 22:10
--------------------\\ Lop S&D 4.2.4-9c XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 1500MHz )
BIOS : Award Medallion BIOS v6.0
USER : a ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1290 [VPS 081124-0] 4.8.1290 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:39 Go (Free:19 Go)
D:\ (Local Disk) - NTFS - Total:72 Go (Free:53 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 25/11/2008|21:51 )
--------------------\\ Listing des dossiers dans APPLIC~1
[24/10/2008|05:13] C:\DOCUME~1\a\APPLIC~1\Adobe
[24/10/2008|05:13] C:\DOCUME~1\a\APPLIC~1\AdobeUM
[20/10/2008|18:45] C:\DOCUME~1\a\APPLIC~1\AlauxSoft
[12/10/2008|21:44] C:\DOCUME~1\a\APPLIC~1\Apple Computer
[27/10/2008|08:40] C:\DOCUME~1\a\APPLIC~1\EoRezo
[14/11/2008|06:15] C:\DOCUME~1\a\APPLIC~1\Google
[08/10/2008|12:15] C:\DOCUME~1\a\APPLIC~1\Identities
[08/10/2008|12:27] C:\DOCUME~1\a\APPLIC~1\Macromedia
[19/11/2008|21:28] C:\DOCUME~1\a\APPLIC~1\Malwarebytes
[14/11/2008|06:40] C:\DOCUME~1\a\APPLIC~1\Microsoft
[31/10/2008|21:57] C:\DOCUME~1\a\APPLIC~1\OpenOffice.org
[01/11/2008|05:38] C:\DOCUME~1\a\APPLIC~1\OpenOffice.org2
[27/10/2008|08:34] C:\DOCUME~1\a\APPLIC~1\OtakuSoftware
[08/10/2008|12:31] C:\DOCUME~1\a\APPLIC~1\Sun
[08/10/2008|15:14] C:\DOCUME~1\a\APPLIC~1\Symantec
[08/10/2008|15:09] C:\DOCUME~1\a\APPLIC~1\vlc
[27/08/2004|18:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[27/08/2004|19:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[28/08/2004|16:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[27/08/2004|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[28/08/2004|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[12/10/2008|18:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[18/10/2008|05:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[12/10/2008|18:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[12/10/2008|18:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[23/11/2008|09:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[19/11/2008|21:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes
[16/11/2008|19:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[05/11/2008|06:08] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\NexonUS
[25/11/2008|06:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\PrevxCSI
[18/11/2008|22:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Symantec
[19/11/2008|20:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[27/08/2004|18:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/10/2008|11:34] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[27/08/2004|18:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/10/2008|11:34] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[27/08/2004|18:25] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/10/2008|11:34] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/11/2008 07:24][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[25/11/2008 06:45][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[18/10/2008|05:15] C:\Program Files\Adobe
[11/10/2008|21:04] C:\Program Files\AGI
[28/08/2004|08:08] C:\Program Files\Alcohol Soft
[19/11/2008|04:00] C:\Program Files\Alwil Software
[12/10/2008|18:47] C:\Program Files\Apple Software Update
[17/10/2008|19:04] C:\Program Files\CCleaner
[25/10/2008|16:11] C:\Program Files\City Interactive
[27/08/2004|19:18] C:\Program Files\C-Media
[27/08/2004|19:29] C:\Program Files\DivX
[24/11/2008|20:59] C:\Program Files\eChanblard
[25/11/2008|06:48] C:\Program Files\eMule
[29/10/2008|19:40] C:\Program Files\Fichiers communs
[14/10/2008|18:03] C:\Program Files\Google
[23/11/2008|20:30] C:\Program Files\InstallShield Installation Information
[13/11/2008|22:44] C:\Program Files\Internet Explorer
[12/10/2008|18:49] C:\Program Files\iPod
[12/10/2008|18:50] C:\Program Files\iTunes
[08/10/2008|12:47] C:\Program Files\Java
[31/10/2008|21:48] C:\Program Files\JRE
[23/11/2008|09:08] C:\Program Files\Lavasoft
[18/11/2008|21:51] C:\Program Files\Logitech
[22/11/2008|12:17] C:\Program Files\Malwarebytes' Anti-Malware
[08/10/2008|11:29] C:\Program Files\Messenger
[08/10/2008|15:32] C:\Program Files\Microsoft ActiveSync
[27/08/2004|18:28] C:\Program Files\microsoft frontpage
[09/10/2008|04:33] C:\Program Files\Microsoft Office
[08/10/2008|11:31] C:\Program Files\Movie Maker
[09/10/2008|04:33] C:\Program Files\MSECache
[31/10/2008|00:12] C:\Program Files\MSN
[27/08/2004|18:16] C:\Program Files\MSN Gaming Zone
[08/10/2008|21:25] C:\Program Files\MSN Messenger
[08/10/2008|11:31] C:\Program Files\NetMeeting
[28/08/2004|16:39] C:\Program Files\Norton SystemWorks
[08/10/2008|11:29] C:\Program Files\Online Services
[01/11/2008|05:51] C:\Program Files\OpenOffice.org 2.4
[31/10/2008|21:48] C:\Program Files\OpenOffice.org 3
[08/10/2008|11:31] C:\Program Files\Outlook Express
[20/11/2008|20:23] C:\Program Files\QUAD Utilities
[08/10/2008|21:04] C:\Program Files\Securitoo
[27/08/2004|18:22] C:\Program Files\Services en ligne
[19/11/2008|20:42] C:\Program Files\Spyware Doctor
[18/11/2008|22:02] C:\Program Files\Symantec
[08/10/2008|15:23] C:\Program Files\SymNetDrv
[23/11/2008|20:30] C:\Program Files\Thomson
[19/11/2008|20:48] C:\Program Files\Trend Micro
[27/08/2004|18:53] C:\Program Files\Uninstall Information
[08/10/2008|15:08] C:\Program Files\VideoLAN
[25/11/2008|21:49] C:\Program Files\Wanadoo
[08/10/2008|11:34] C:\Program Files\Windows Media Player
[08/10/2008|11:28] C:\Program Files\Windows NT
[08/10/2008|11:32] C:\Program Files\WindowsUpdate
[09/10/2008|04:37] C:\Program Files\WinRAR
[27/08/2004|18:28] C:\Program Files\xerox
[27/08/2004|19:29] C:\Program Files\XviD
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[24/10/2008|05:13] C:\Program Files\Fichiers communs\Adobe
[30/10/2008|09:47] C:\Program Files\Fichiers communs\Apple
[23/11/2008|20:29] C:\Program Files\Fichiers communs\InstallShield
[08/10/2008|12:30] C:\Program Files\Fichiers communs\Java
[18/11/2008|21:51] C:\Program Files\Fichiers communs\Logitech
[09/10/2008|04:33] C:\Program Files\Fichiers communs\Microsoft Shared
[27/08/2004|18:19] C:\Program Files\Fichiers communs\MSSoap
[27/08/2004|19:07] C:\Program Files\Fichiers communs\ODBC
[27/08/2004|18:20] C:\Program Files\Fichiers communs\Services
[27/08/2004|19:07] C:\Program Files\Fichiers communs\SpeechEngines
[18/11/2008|22:03] C:\Program Files\Fichiers communs\Symantec Shared
[08/10/2008|11:31] C:\Program Files\Fichiers communs\System
[23/11/2008|09:07] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 44 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\a\Cookies\a@advertising[1].txt
C:\DOCUME~1\a\Cookies\a@banner.cotedazurpalace[2].txt
C:\DOCUME~1\a\Cookies\a@cotedazurpalace[1].txt
C:\DOCUME~1\a\Cookies\a@www.cotedazurpalace[1].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-25 22:04:34
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 14
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:4][D:4]-> C:\DOCUME~1\a\LOCALS~1\Temp
[F:56][D:0]-> C:\DOCUME~1\a\Cookies
[F:1722][D:4]-> C:\DOCUME~1\a\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 25/11/2008|22:08 - Option : [1]
--------------------\\ Fin du rapport a 22:08:59
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 1500MHz )
BIOS : Award Medallion BIOS v6.0
USER : a ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1290 [VPS 081124-0] 4.8.1290 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:39 Go (Free:19 Go)
D:\ (Local Disk) - NTFS - Total:72 Go (Free:53 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( 25/11/2008|21:51 )
--------------------\\ Listing des dossiers dans APPLIC~1
[24/10/2008|05:13] C:\DOCUME~1\a\APPLIC~1\Adobe
[24/10/2008|05:13] C:\DOCUME~1\a\APPLIC~1\AdobeUM
[20/10/2008|18:45] C:\DOCUME~1\a\APPLIC~1\AlauxSoft
[12/10/2008|21:44] C:\DOCUME~1\a\APPLIC~1\Apple Computer
[27/10/2008|08:40] C:\DOCUME~1\a\APPLIC~1\EoRezo
[14/11/2008|06:15] C:\DOCUME~1\a\APPLIC~1\Google
[08/10/2008|12:15] C:\DOCUME~1\a\APPLIC~1\Identities
[08/10/2008|12:27] C:\DOCUME~1\a\APPLIC~1\Macromedia
[19/11/2008|21:28] C:\DOCUME~1\a\APPLIC~1\Malwarebytes
[14/11/2008|06:40] C:\DOCUME~1\a\APPLIC~1\Microsoft
[31/10/2008|21:57] C:\DOCUME~1\a\APPLIC~1\OpenOffice.org
[01/11/2008|05:38] C:\DOCUME~1\a\APPLIC~1\OpenOffice.org2
[27/10/2008|08:34] C:\DOCUME~1\a\APPLIC~1\OtakuSoftware
[08/10/2008|12:31] C:\DOCUME~1\a\APPLIC~1\Sun
[08/10/2008|15:14] C:\DOCUME~1\a\APPLIC~1\Symantec
[08/10/2008|15:09] C:\DOCUME~1\a\APPLIC~1\vlc
[27/08/2004|18:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[27/08/2004|19:11] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[28/08/2004|16:38] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
[27/08/2004|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[28/08/2004|16:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[12/10/2008|18:50] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[18/10/2008|05:15] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Adobe
[12/10/2008|18:45] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple
[12/10/2008|18:49] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Apple Computer
[23/11/2008|09:10] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Lavasoft
[19/11/2008|21:28] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Malwarebytes
[16/11/2008|19:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft
[05/11/2008|06:08] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\NexonUS
[25/11/2008|06:00] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\PrevxCSI
[18/11/2008|22:02] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Symantec
[19/11/2008|20:36] C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
[27/08/2004|18:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[08/10/2008|11:34] C:\DOCUME~1\DEFAUL~1.WIN\APPLIC~1\Microsoft
[27/08/2004|18:25] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[08/10/2008|11:34] C:\DOCUME~1\LOCALS~1.AUT\APPLIC~1\Microsoft
[27/08/2004|18:25] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[08/10/2008|11:34] C:\DOCUME~1\NETWOR~1.AUT\APPLIC~1\Microsoft
--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks
[24/11/2008 07:24][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[25/11/2008 06:45][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/08/2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing des dossiers dans C:\Program Files
[18/10/2008|05:15] C:\Program Files\Adobe
[11/10/2008|21:04] C:\Program Files\AGI
[28/08/2004|08:08] C:\Program Files\Alcohol Soft
[19/11/2008|04:00] C:\Program Files\Alwil Software
[12/10/2008|18:47] C:\Program Files\Apple Software Update
[17/10/2008|19:04] C:\Program Files\CCleaner
[25/10/2008|16:11] C:\Program Files\City Interactive
[27/08/2004|19:18] C:\Program Files\C-Media
[27/08/2004|19:29] C:\Program Files\DivX
[24/11/2008|20:59] C:\Program Files\eChanblard
[25/11/2008|06:48] C:\Program Files\eMule
[29/10/2008|19:40] C:\Program Files\Fichiers communs
[14/10/2008|18:03] C:\Program Files\Google
[23/11/2008|20:30] C:\Program Files\InstallShield Installation Information
[13/11/2008|22:44] C:\Program Files\Internet Explorer
[12/10/2008|18:49] C:\Program Files\iPod
[12/10/2008|18:50] C:\Program Files\iTunes
[08/10/2008|12:47] C:\Program Files\Java
[31/10/2008|21:48] C:\Program Files\JRE
[23/11/2008|09:08] C:\Program Files\Lavasoft
[18/11/2008|21:51] C:\Program Files\Logitech
[22/11/2008|12:17] C:\Program Files\Malwarebytes' Anti-Malware
[08/10/2008|11:29] C:\Program Files\Messenger
[08/10/2008|15:32] C:\Program Files\Microsoft ActiveSync
[27/08/2004|18:28] C:\Program Files\microsoft frontpage
[09/10/2008|04:33] C:\Program Files\Microsoft Office
[08/10/2008|11:31] C:\Program Files\Movie Maker
[09/10/2008|04:33] C:\Program Files\MSECache
[31/10/2008|00:12] C:\Program Files\MSN
[27/08/2004|18:16] C:\Program Files\MSN Gaming Zone
[08/10/2008|21:25] C:\Program Files\MSN Messenger
[08/10/2008|11:31] C:\Program Files\NetMeeting
[28/08/2004|16:39] C:\Program Files\Norton SystemWorks
[08/10/2008|11:29] C:\Program Files\Online Services
[01/11/2008|05:51] C:\Program Files\OpenOffice.org 2.4
[31/10/2008|21:48] C:\Program Files\OpenOffice.org 3
[08/10/2008|11:31] C:\Program Files\Outlook Express
[20/11/2008|20:23] C:\Program Files\QUAD Utilities
[08/10/2008|21:04] C:\Program Files\Securitoo
[27/08/2004|18:22] C:\Program Files\Services en ligne
[19/11/2008|20:42] C:\Program Files\Spyware Doctor
[18/11/2008|22:02] C:\Program Files\Symantec
[08/10/2008|15:23] C:\Program Files\SymNetDrv
[23/11/2008|20:30] C:\Program Files\Thomson
[19/11/2008|20:48] C:\Program Files\Trend Micro
[27/08/2004|18:53] C:\Program Files\Uninstall Information
[08/10/2008|15:08] C:\Program Files\VideoLAN
[25/11/2008|21:49] C:\Program Files\Wanadoo
[08/10/2008|11:34] C:\Program Files\Windows Media Player
[08/10/2008|11:28] C:\Program Files\Windows NT
[08/10/2008|11:32] C:\Program Files\WindowsUpdate
[09/10/2008|04:37] C:\Program Files\WinRAR
[27/08/2004|18:28] C:\Program Files\xerox
[27/08/2004|19:29] C:\Program Files\XviD
--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs
[24/10/2008|05:13] C:\Program Files\Fichiers communs\Adobe
[30/10/2008|09:47] C:\Program Files\Fichiers communs\Apple
[23/11/2008|20:29] C:\Program Files\Fichiers communs\InstallShield
[08/10/2008|12:30] C:\Program Files\Fichiers communs\Java
[18/11/2008|21:51] C:\Program Files\Fichiers communs\Logitech
[09/10/2008|04:33] C:\Program Files\Fichiers communs\Microsoft Shared
[27/08/2004|18:19] C:\Program Files\Fichiers communs\MSSoap
[27/08/2004|19:07] C:\Program Files\Fichiers communs\ODBC
[27/08/2004|18:20] C:\Program Files\Fichiers communs\Services
[27/08/2004|19:07] C:\Program Files\Fichiers communs\SpeechEngines
[18/11/2008|22:03] C:\Program Files\Fichiers communs\Symantec Shared
[08/10/2008|11:31] C:\Program Files\Fichiers communs\System
[23/11/2008|09:07] C:\Program Files\Fichiers communs\Wise Installation Wizard
--------------------\\ Process
( 44 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\DOCUME~1\a\Cookies\a@advertising[1].txt
C:\DOCUME~1\a\Cookies\a@banner.cotedazurpalace[2].txt
C:\DOCUME~1\a\Cookies\a@cotedazurpalace[1].txt
C:\DOCUME~1\a\Cookies\a@www.cotedazurpalace[1].txt
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-25 22:04:34
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 14
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:4][D:4]-> C:\DOCUME~1\a\LOCALS~1\Temp
[F:56][D:0]-> C:\DOCUME~1\a\Cookies
[F:1722][D:4]-> C:\DOCUME~1\a\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 25/11/2008|22:08 - Option : [1]
--------------------\\ Fin du rapport a 22:08:59
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
21 nov. 2008 à 21:06
21 nov. 2008 à 21:06
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
comment demarrer en mode sans echec en images
Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
Choisis ton compte.
Déroule la liste des instructions ci-dessous :
* Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
Tuto d'instalation et de mise en oeuvre
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
comment demarrer en mode sans echec en images
Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
Choisis ton compte.
Déroule la liste des instructions ci-dessous :
* Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
* Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum
Tuto d'instalation et de mise en oeuvre
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
22 nov. 2008 à 05:15
22 nov. 2008 à 05:15
SDFix: Version 1.116
Run by a on 22/11/2008 at 04:59
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
No Trojan Files Found
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Run by a on 22/11/2008 at 04:59
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
No Trojan Files Found
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
22 nov. 2008 à 05:21
22 nov. 2008 à 05:21
ds!!! de ne pas avoir repodu plus tot mais je me suis pris la téte avec la manip que tu mas demandé de faire tout d'abord je nai pas trouvé "run this bat" mais rub this cmd" j'ai donc double cliqué dessus ensuite il ma proposé "y" ou "n" jai donc cliqué sur "y" et deux messages derreur se sont affiché jai qund meme continué la manip et voila le rapport que jai trouvé dans "c" sfix et rapport tx !! j'espere que ça ira pour toi sinon je recommencerai ! au fait merci pour ton aide
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
22 nov. 2008 à 09:46
22 nov. 2008 à 09:46
Hummmmm...
Ton xp est légal ? ( Juste pour info, pas pour te faire la morale )
Sauvegarde ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
Clic droit sur le bureau => nouveau doccument => doccument texte et copi/colle ces instructions que tu porras consulter pour faire la manip' correctement !
* Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau.
S'il manque le fichier COMCTL32.OCX, tu pourras le télécharger ici
C'est un bon scan passif que tu peux garder avec lequel tu pourras effectuer un nettoyage hebdomadaire, sans oublier de faire une mise à jour manuelle avant d'exécuter l’analyse .
A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celle-ci.
* Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.
Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware soient cochées.
MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :
* Dans l'onglet analyse, vérifie que "Exécuter un examen RAPIDE" soit coché et clique sur le bouton Rechercher pour démarrer l'analyse.
MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.
A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.
* Si des malwares ont été détectés, leur liste s'affiche.
Coche tous les éléments détectés par Malwarebytes' Anti-Malware puis clique sur Supprimer la sélection afin d'éradiquer les malwares détectés.
/!\ (a faire impérativement sous peine de recommencer le scan) /!\ , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
Ferme MBAM en cliquant sur Quitter.
Poste le rapport dans ta réponse
Tutoriel
Ton xp est légal ? ( Juste pour info, pas pour te faire la morale )
Sauvegarde ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
Clic droit sur le bureau => nouveau doccument => doccument texte et copi/colle ces instructions que tu porras consulter pour faire la manip' correctement !
* Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau.
S'il manque le fichier COMCTL32.OCX, tu pourras le télécharger ici
C'est un bon scan passif que tu peux garder avec lequel tu pourras effectuer un nettoyage hebdomadaire, sans oublier de faire une mise à jour manuelle avant d'exécuter l’analyse .
A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celle-ci.
* Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.
Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware soient cochées.
MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :
* Dans l'onglet analyse, vérifie que "Exécuter un examen RAPIDE" soit coché et clique sur le bouton Rechercher pour démarrer l'analyse.
MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.
A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.
* Si des malwares ont été détectés, leur liste s'affiche.
Coche tous les éléments détectés par Malwarebytes' Anti-Malware puis clique sur Supprimer la sélection afin d'éradiquer les malwares détectés.
/!\ (a faire impérativement sous peine de recommencer le scan) /!\ , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
Ferme MBAM en cliquant sur Quitter.
Poste le rapport dans ta réponse
Tutoriel
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
22 nov. 2008 à 09:52
22 nov. 2008 à 09:52
dsl !! je crois que non
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
22 nov. 2008 à 12:31
22 nov. 2008 à 12:31
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1415
Windows 5.1.2600 Service Pack 2
22/11/2008 12:27:43
mbam-log-2008-11-22 (12-27-43).txt
Type de recherche: Examen rapide
Eléments examinés: 53155
Temps écoulé: 3 minute(s), 51 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\yeyanido.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\fatenuva.dll (Trojan.BHO) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\98f7cc16 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm9bc4ff8a (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\moriyojopi (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: c:\windows\system32\fatenuva.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: system32\fatenuva.dll -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\ruzamako.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\okamazur.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yeyanido.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\odinayey.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\fatenuva.dll (Trojan.BHO) -> Delete on reboot.
Version de la base de données: 1415
Windows 5.1.2600 Service Pack 2
22/11/2008 12:27:43
mbam-log-2008-11-22 (12-27-43).txt
Type de recherche: Examen rapide
Eléments examinés: 53155
Temps écoulé: 3 minute(s), 51 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\yeyanido.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\fatenuva.dll (Trojan.BHO) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\98f7cc16 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm9bc4ff8a (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\moriyojopi (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: c:\windows\system32\fatenuva.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: system32\fatenuva.dll -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\ruzamako.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\okamazur.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yeyanido.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\odinayey.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\fatenuva.dll (Trojan.BHO) -> Delete on reboot.
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
22 nov. 2008 à 09:56
22 nov. 2008 à 09:56
C'est ce qui me semblais aussi...
Bon, pas grave, juste que tu ne peux faire certaines Mises a jour, ce qui veux dire que tu auras toujours des soucis.
En effet, les MàJ sont faites pour corriger les failles de sécurité découvertes dans les OS, Navigateurs etc...
On va essayer de nettoyer au mieux.
Poste le rapport de MBAM stp
Bon, pas grave, juste que tu ne peux faire certaines Mises a jour, ce qui veux dire que tu auras toujours des soucis.
En effet, les MàJ sont faites pour corriger les failles de sécurité découvertes dans les OS, Navigateurs etc...
On va essayer de nettoyer au mieux.
Poste le rapport de MBAM stp
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
22 nov. 2008 à 14:12
22 nov. 2008 à 14:12
Le pc a redémarré ?
Si non, redémarre le et reposte moi un nouveau HJT stp.
Si non, redémarre le et reposte moi un nouveau HJT stp.
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
22 nov. 2008 à 15:02
22 nov. 2008 à 15:02
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1412
Windows 5.1.2600 Service Pack 2
19/11/2008 21:36:37
mbam-log-2008-11-19 (21-36-21).txt
Type de recherche: Examen rapide
Eléments examinés: 53452
Temps écoulé: 5 minute(s), 59 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 18
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 19
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\khfGXQkh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nixcayif.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\boskhw.dll (Trojan.Vundo) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f1aef25-3e39-43cc-8605-361e2cb6bcea} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4f1aef25-3e39-43cc-8605-361e2cb6bcea} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ead78a3e-3995-4b93-8f51-6c0e1850b238} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ead78a3e-3995-4b93-8f51-6c0e1850b238} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{468c6a26-c4b3-42b1-85d8-c6c01cbf2438} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{468c6a26-c4b3-42b1-85d8-c6c01cbf2438} (Trojan.BHO.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4f1aef25-3e39-43cc-8605-361e2cb6bcea} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ead78a3e-3995-4b93-8f51-6c0e1850b238} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d8cadfe4-81e7-4424-887f-dc661b79eaff} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d8cadfe4-81e7-4424-887f-dc661b79eaff} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\IST (Trojan.ISTBar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc3550p (Rootkit.Agent) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\98f7cc16 (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\91902481372954921253985789570363 (Rogue.Antivirus 2009) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\moriyojopi (Trojan.Agent) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\khfgxqkh -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\khfgxqkh -> No action taken.
Dossier(s) infecté(s):
C:\Program Files\Antivirus 2009 (Rogue.Antivirus 2009) -> No action taken.
C:\Documents and Settings\a\Menu Démarrer\Antivirus 2009 (Rogue.Antivirus2008) -> No action taken.
Fichier(s) infecté(s):
C:\WINDOWS\system32\khfGXQkh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hkQXGfhk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hkQXGfhk.ini2 (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\boskhw.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nixcayif.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fiyacxin.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\config\33034578.Evt (Rootkit.Agent.H) -> No action taken.
C:\WINDOWS\system32\volosejo.dll (Trojan.BHO.H) -> No action taken.
C:\WINDOWS\system32\jKaBUkjI.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\svrlbw.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\yaehtlol.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\lyqtlnov.dll (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\a\Local Settings\Temporary Internet Files\Content.IE5\SPYNS16J\index[1] (Trojan.Vundo) -> No action taken.
C:\Program Files\Antivirus 2009\av2009.exe (Rogue.Antivirus 2009) -> No action taken.
C:\Documents and Settings\a\Menu Démarrer\Antivirus 2009\Antivirus 2009.lnk (Rogue.Antivirus2008) -> No action taken.
C:\Documents and Settings\a\Menu Démarrer\Antivirus 2009\Uninstall Antivirus 2009.lnk (Rogue.Antivirus2008) -> No action taken.
C:\Documents and Settings\a\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk (Rogue.Antivirus2008) -> No action taken.
C:\WINDOWS\system32\nunoloje.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ieupdates.exe.tmp (Adware.Agent) -> No action taken.
Version de la base de données: 1412
Windows 5.1.2600 Service Pack 2
19/11/2008 21:36:37
mbam-log-2008-11-19 (21-36-21).txt
Type de recherche: Examen rapide
Eléments examinés: 53452
Temps écoulé: 5 minute(s), 59 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 18
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 19
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\khfGXQkh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nixcayif.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\boskhw.dll (Trojan.Vundo) -> No action taken.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f1aef25-3e39-43cc-8605-361e2cb6bcea} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4f1aef25-3e39-43cc-8605-361e2cb6bcea} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ead78a3e-3995-4b93-8f51-6c0e1850b238} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ead78a3e-3995-4b93-8f51-6c0e1850b238} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{468c6a26-c4b3-42b1-85d8-c6c01cbf2438} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{468c6a26-c4b3-42b1-85d8-c6c01cbf2438} (Trojan.BHO.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4f1aef25-3e39-43cc-8605-361e2cb6bcea} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ead78a3e-3995-4b93-8f51-6c0e1850b238} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d8cadfe4-81e7-4424-887f-dc661b79eaff} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d8cadfe4-81e7-4424-887f-dc661b79eaff} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\IST (Trojan.ISTBar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc3550p (Rootkit.Agent) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\98f7cc16 (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\91902481372954921253985789570363 (Rogue.Antivirus 2009) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\moriyojopi (Trojan.Agent) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\khfgxqkh -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\khfgxqkh -> No action taken.
Dossier(s) infecté(s):
C:\Program Files\Antivirus 2009 (Rogue.Antivirus 2009) -> No action taken.
C:\Documents and Settings\a\Menu Démarrer\Antivirus 2009 (Rogue.Antivirus2008) -> No action taken.
Fichier(s) infecté(s):
C:\WINDOWS\system32\khfGXQkh.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hkQXGfhk.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hkQXGfhk.ini2 (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\boskhw.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\nixcayif.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fiyacxin.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\config\33034578.Evt (Rootkit.Agent.H) -> No action taken.
C:\WINDOWS\system32\volosejo.dll (Trojan.BHO.H) -> No action taken.
C:\WINDOWS\system32\jKaBUkjI.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\svrlbw.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\yaehtlol.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\lyqtlnov.dll (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\a\Local Settings\Temporary Internet Files\Content.IE5\SPYNS16J\index[1] (Trojan.Vundo) -> No action taken.
C:\Program Files\Antivirus 2009\av2009.exe (Rogue.Antivirus 2009) -> No action taken.
C:\Documents and Settings\a\Menu Démarrer\Antivirus 2009\Antivirus 2009.lnk (Rogue.Antivirus2008) -> No action taken.
C:\Documents and Settings\a\Menu Démarrer\Antivirus 2009\Uninstall Antivirus 2009.lnk (Rogue.Antivirus2008) -> No action taken.
C:\Documents and Settings\a\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk (Rogue.Antivirus2008) -> No action taken.
C:\WINDOWS\system32\nunoloje.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ieupdates.exe.tmp (Adware.Agent) -> No action taken.
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
22 nov. 2008 à 15:40
22 nov. 2008 à 15:40
Ce rapport date du 19/11/2008 21:36:37
Il ne m'interesse pas...
Je voudrais un nouveau rapport HJT
Ø Relance Hijackthis en double cliquant sur son raccourci sur le Bureau.
Choisis l'option "Do a system scan and save a log file"
Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
Clique sur "Edition" ->> "Sélectionner tout", puis sur "Edition" ->> Copier" pour copier tout le contenu du rapport ici
Il ne m'interesse pas...
Je voudrais un nouveau rapport HJT
Ø Relance Hijackthis en double cliquant sur son raccourci sur le Bureau.
Choisis l'option "Do a system scan and save a log file"
Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
Clique sur "Edition" ->> "Sélectionner tout", puis sur "Edition" ->> Copier" pour copier tout le contenu du rapport ici
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
22 nov. 2008 à 19:37
22 nov. 2008 à 19:37
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:35:00, on 22/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\system32\LVComsX.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {468c6a26-c4b3-42b1-85d8-c6c01cbf2438} - C:\WINDOWS\system32\volosejo.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s
O4 - HKLM\..\Run: [98f7cc16] rundll32.exe "C:\WINDOWS\system32\woyobizi.dll",b
O4 - HKLM\..\Run: [CPM9bc4ff8a] Rundll32.exe "c:\windows\system32\futakoze.dll",a
O4 - HKUS\S-1-5-19\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer = 80.10.246.130 81.253.149.10
O20 - AppInit_DLLs: C:\WINDOWS\system32\fareruta.dll boskhw.dll c:\windows\system32\futakoze.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\futakoze.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\futakoze.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
Scan saved at 19:35:00, on 22/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\system32\LVComsX.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {468c6a26-c4b3-42b1-85d8-c6c01cbf2438} - C:\WINDOWS\system32\volosejo.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s
O4 - HKLM\..\Run: [98f7cc16] rundll32.exe "C:\WINDOWS\system32\woyobizi.dll",b
O4 - HKLM\..\Run: [CPM9bc4ff8a] Rundll32.exe "c:\windows\system32\futakoze.dll",a
O4 - HKUS\S-1-5-19\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer = 80.10.246.130 81.253.149.10
O20 - AppInit_DLLs: C:\WINDOWS\system32\fareruta.dll boskhw.dll c:\windows\system32\futakoze.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\futakoze.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\futakoze.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
23 nov. 2008 à 07:28
23 nov. 2008 à 07:28
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1415
Windows 5.1.2600 Service Pack 2
23/11/2008 07:26:53
mbam-log-2008-11-23 (07-26-53).txt
Type de recherche: Examen rapide
Eléments examinés: 54015
Temps écoulé: 5 minute(s), 51 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm9bc4ff8a (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\moriyojopi (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\~.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
Version de la base de données: 1415
Windows 5.1.2600 Service Pack 2
23/11/2008 07:26:53
mbam-log-2008-11-23 (07-26-53).txt
Type de recherche: Examen rapide
Eléments examinés: 54015
Temps écoulé: 5 minute(s), 51 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm9bc4ff8a (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\moriyojopi (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\~.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
23 nov. 2008 à 07:31
23 nov. 2008 à 07:31
je tenvoie un nouveau rapport ! j'avais bien tout suuprimé la premiere fois par contre sur cette analyse il ne m'en a detedté que 8 contre une vingtaine la derniere fois !
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
23 nov. 2008 à 09:30
23 nov. 2008 à 09:30
An unhandled exception occured at 0x003910C3 in aawservice.exe
Exception Code : 0xc0000005
Client version : 0.853
Attached Debugger : 0
Windows Information :
---------------------
Windows Version : Windows XP (5.1)
Build Number : 2600
Service Pack : 2.0
CPU Information:
----------------
CPU Name : Intel(R) Pentium(R) 4 CPU 1500MHz
Type : 0
Vendor : GenuineIntel
Family : 15
Extended Family : 0
Model : 0
Extended Model : 0
Stepping : 10
Registry Content:
-----------------
EAX : 0x000041cb
ECX : 0x00000000
EDX : 0x003540f8
EBX : 0x00000000
ESP : 0x00c9ff84
EBP : 0x00c9ffb4
ESI : 0x00354108
EDI : 0x003540f8
EIP : 0x003910c3
Memory Usage:
-------------
Physical Memory in use : 79%
Total Physical Memory : 523808 kb
Free Physical Memory : 106860 kb
Total Virtual Memory : 2097024 kb
Free Virtual Memory : 1850416 kb
Max Page file size : 1280044 kb
Current Page file size : 782240 kb
Free Extended memory : 0kb
Stack Information:
------------------
Total stack size : 88
Stack Content:
--------------
0039764f 00000000 00000000 00353588 00000000 003540f8
00c9ff88 00c9fba8 00c9ffdc 0039c440 0039e1f0 ffffffff
00c9ffec 7c80b50b 00000006 00000000 00000000 00353588
7ffdd000 c0000005 00c9ffc0 00c9fba8
System Activity:
----------------
Process 00000000: [System Process]
Module at 0x00400000: aawservice.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: CEAPI.dll
Module at 0x77aa0000: WININET.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x774a0000: ole32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x004a0000: PKArchive85u.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77bd0000: VERSION.dll
Module at 0x76960000: USERENV.dll
Module at 0x00390000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x71b50000: SAMLIB.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x5b090000: uxtheme.dll
Process 00000004: System
Current Memory usage : 232 kb
Memory usage peak : 2084 kb
Current Paged Pool usage : 0 kb
Paged Pool usage peak : 0 kb
Current Non-Paged Pool usage : 0 kb
Non-Paged Pool usage peak : 0 kb
Current Page file usage : 0 kb
Page file usage peak : 0 kb
Page Faults : 5614
Module list
Module at 0x00000000:
Process 000001c8: smss.exe
Current Memory usage : 384 kb
Memory usage peak : 672 kb
Current Paged Pool usage : 5 kb
Paged Pool usage peak : 13 kb
Current Non-Paged Pool usage : 0 kb
Non-Paged Pool usage peak : 1 kb
Current Page file usage : 164 kb
Page file usage peak : 1640 kb
Page Faults : 290
Module list
Module at 0x48580000: smss.exe
Module at 0x7c910000: ntdll.dll
Process 00000200: csrss.exe
Current Memory usage : 3524 kb
Memory usage peak : 3636 kb
Current Paged Pool usage : 52 kb
Paged Pool usage peak : 55 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 1452 kb
Page file usage peak : 2800 kb
Page Faults : 3138
Module list
Module at 0x4a680000: csrss.exe
Module at 0x7c910000: ntdll.dll
Module at 0x75ad0000: CSRSRV.dll
Module at 0x75ae0000: basesrv.dll
Module at 0x75af0000: winsrv.dll
Module at 0x77d10000: USER32.dll
Module at 0x7c800000: KERNEL32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77210000: sxs.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77bd0000: VERSION.dll
Process 00000218: winlogon.exe
Current Memory usage : 5300 kb
Memory usage peak : 12184 kb
Current Paged Pool usage : 65 kb
Paged Pool usage peak : 69 kb
Current Non-Paged Pool usage : 48 kb
Non-Paged Pool usage peak : 51 kb
Current Page file usage : 6640 kb
Page file usage peak : 8008 kb
Page Faults : 8268
Module list
Module at 0x01000000: winlogon.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x758d0000: NDdeApi.dll
Module at 0x758c0000: PROFMAP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x76b60000: REGAPI.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x75900000: MSGINA.dll
Module at 0x74730000: ODBC32.dll
Module at 0x20000000: odbcint.dll
Module at 0x776a0000: SHSVCS.dll
Module at 0x76b50000: sfc.dll
Module at 0x76c10000: sfc_os.dll
Module at 0x774a0000: ole32.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x72340000: WINSCARD.DLL
Module at 0x76f00000: WTSAPI32.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x76590000: cscdll.dll
Module at 0x758e0000: WlNotify.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x71a60000: MPR.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77210000: sxs.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x765b0000: cscui.dll
Module at 0x01510000: xpsp2res.dll
Module at 0x72c70000: wdmaud.drv
Module at 0x72c60000: msacm32.drv
Module at 0x77bb0000: MSACM32.dll
Module at 0x77ba0000: midimap.dll
Module at 0x77000000: COMRes.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77aa0000: wininet.dll
Process 00000248: services.exe
Current Memory usage : 5308 kb
Memory usage peak : 5428 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 41 kb
Current Non-Paged Pool usage : 8 kb
Non-Paged Pool usage peak : 9 kb
Current Page file usage : 2168 kb
Page file usage peak : 2472 kb
Page Faults : 2565
Module list
Module at 0x01000000: services.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76a20000: SCESRV.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75840000: umpnpmgr.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x5fb00000: NCObjAPI.DLL
Module at 0x76010000: MSVCP60.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77fc0000: secur32.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77b80000: eventlog.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f00000: wtsapi32.dll
Process 00000254: lsass.exe
Current Memory usage : 1452 kb
Memory usage peak : 6404 kb
Current Paged Pool usage : 43 kb
Paged Pool usage peak : 45 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 13 kb
Current Page file usage : 3952 kb
Page file usage peak : 4084 kb
Page Faults : 4208
Module list
Module at 0x01000000: lsass.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x756b0000: LSASRV.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x743b0000: SAMSRV.dll
Module at 0x76730000: cryptdll.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x71a60000: MPR.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x20000000: msprivs.dll
Module at 0x71c50000: kerberos.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x74420000: netlogon.dll
Module at 0x76760000: w32time.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x76790000: schannel.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x742e0000: wdigest.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x74370000: scecli.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x74340000: ipsecsvc.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75dd0000: oakley.DLL
Module at 0x742d0000: WINIPSEC.DLL
Module at 0x74300000: pstorsvc.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x74320000: psbase.dll
Module at 0x68100000: dssenh.dll
Process 000002f4: svchost.exe
Current Memory usage : 4756 kb
Memory usage peak : 4856 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 41 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 3104 kb
Page file usage peak : 23376 kb
Page Faults : 2012
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76870000: rpcss.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x766a0000: termsrv.dll
Module at 0x74ee0000: ICAAPI.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75080000: mstlsapi.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76b60000: REGAPI.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77b50000: Apphelp.dll
Process 00000324: svchost.exe
Current Memory usage : 4312 kb
Memory usage peak : 4396 kb
Current Paged Pool usage : 38 kb
Paged Pool usage peak : 39 kb
Current Non-Paged Pool usage : 14 kb
Non-Paged Pool usage peak : 15 kb
Current Page file usage : 1924 kb
Page file usage peak : 2060 kb
Page Faults : 2147
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76870000: rpcss.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Process 0000036c: svchost.exe
Current Memory usage : 18468 kb
Memory usage peak : 22324 kb
Current Paged Pool usage : 114 kb
Paged Pool usage peak : 122 kb
Current Non-Paged Pool usage : 59 kb
Non-Paged Pool usage peak : 65 kb
Current Page file usage : 11788 kb
Page file usage peak : 18132 kb
Page Faults : 12712
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x776a0000: shsvcs.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76d30000: dhcpcsvc.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x775e0000: wzcsvc.dll
Module at 0x76e30000: rtutils.dll
Module at 0x76ce0000: WMI.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76f00000: WTSAPI32.dll
Module at 0x6f890000: ESENT.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76b70000: rastls.dll
Module at 0x76610000: CRYPTUI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x77aa0000: WININET.dll
Module at 0x76cf0000: MPRAPI.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x76e90000: RASAPI32.dll
Module at 0x76e40000: rasman.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x76790000: SCHANNEL.dll
Module at 0x72340000: WinSCard.dll
Module at 0x76c90000: raschap.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x76b10000: schedsvc.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x74ec0000: MSIDLE.DLL
Module at 0x70da0000: audiosrv.dll
Module at 0x772d0000: wkssvc.dll
Module at 0x60ac0000: qmgr.dll
Module at 0x71a60000: MPR.dll
Module at 0x76720000: SHFOLDER.dll
Module at 0x4d5e0000: WINHTTP.dll
Module at 0x776d0000: es.dll
Module at 0x74ef0000: ersvc.dll
Module at 0x74f00000: dmserver.dll
Module at 0x76cc0000: cryptsvc.dll
Module at 0x752c0000: certcli.dll
Module at 0x74eb0000: pchsvc.dll
Module at 0x68d40000: hidserv.dll
Module at 0x68d50000: HID.DLL
Module at 0x77cd0000: netman.dll
Module at 0x76390000: netshell.dll
Module at 0x76bb0000: credui.dll
Module at 0x72f80000: WZCSAPI.DLL
Module at 0x75000000: srvsvc.dll
Module at 0x75110000: srsvc.dll
Module at 0x74a40000: POWRPROF.dll
Module at 0x72240000: sens.dll
Module at 0x73c70000: seclogon.dll
Module at 0x77210000: SXS.DLL
Module at 0x74fe0000: trkwks.dll
Module at 0x76760000: w32time.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x4f0b0000: wmisvc.dll
Module at 0x75350000: VSSAPI.DLL
Module at 0x76d90000: browser.dll
Module at 0x4c190000: wscsvc.dll
Module at 0x7d200000: msi.dll
Module at 0x75200000: wbemcomn.dll
Module at 0x76250000: wbemcore.dll
Module at 0x75280000: esscli.dll
Module at 0x75610000: FastProx.dll
Module at 0x76080000: comsvcs.dll
Module at 0x75060000: MTXCLU.DLL
Module at 0x71a10000: WSOCK32.dll
Module at 0x750a0000: colbact.DLL
Module at 0x76d50000: CLUSAPI.DLL
Module at 0x75020000: RESUTILS.DLL
Module at 0x74f90000: wmiutils.dll
Module at 0x75170000: repdrvfs.dll
Module at 0x59ad0000: wmiprvsd.dll
Module at 0x5fb00000: NCObjAPI.DLL
Module at 0x75300000: wbemess.dll
Module at 0x66890000: ipnathlp.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x76df0000: upnp.dll
Module at 0x74e70000: SSDPAPI.dll
Module at 0x5fad0000: ncprov.dll
Module at 0x75570000: netcfgx.dll
Module at 0x723d0000: rasmans.dll
Module at 0x742d0000: WINIPSEC.DLL
Module at 0x73330000: tapisrv.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x76f70000: rasadhlp.dll
Module at 0x75880000: rastapi.dll
Module at 0x57f70000: unimdm.tsp
Module at 0x71f70000: uniplat.dll
Module at 0x57ff0000: kmddsp.tsp
Module at 0x57fd0000: ndptsp.tsp
Module at 0x58000000: ipconf.tsp
Module at 0x58020000: h323.tsp
Module at 0x58010000: hidphone.tsp
Module at 0x721b0000: rasppp.dll
Module at 0x72400000: ntlsapi.dll
Module at 0x71c50000: kerberos.dll
Module at 0x76730000: cryptdll.dll
Module at 0x754c0000: RASDLG.dll
Module at 0x70000000: catsrvut.dll
Module at 0x61d60000: MfcSubs.dll
Module at 0x750c0000: Cabinet.dll
Module at 0x77170000: urlmon.dll
Module at 0x700c0000: catsrv.dll
Process 000003c4: svchost.exe
Current Memory usage : 3808 kb
Memory usage peak : 3896 kb
Current Paged Pool usage : 33 kb
Paged Pool usage peak : 35 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 8 kb
Current Page file usage : 1544 kb
Page file usage peak : 1680 kb
Page Faults : 2056
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76710000: dnsrslvr.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76cf0000: MPRAPI.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76e30000: rtutils.dll
Module at 0x778e0000: SETUPAPI.dll
Process 00000430: svchost.exe
Current Memory usage : 4548 kb
Memory usage peak : 4640 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 40 kb
Current Non-Paged Pool usage : 6 kb
Non-Paged Pool usage peak : 12 kb
Current Page file usage : 1928 kb
Page file usage peak : 2016 kb
Page Faults : 2081
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x74bb0000: lmhsvc.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x5a9f0000: webclnt.dll
Module at 0x77aa0000: WININET.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77170000: urlmon.dll
Module at 0x71a10000: wsock32.dll
Module at 0x76820000: regsvc.dll
Module at 0x76840000: ssdpsrv.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x71990000: mswsock.dll
Module at 0x719d0000: wshtcpip.dll
Process 0000048c: aswUpdSv.exe
Current Memory usage : 224 kb
Memory usage peak : 1692 kb
Current Paged Pool usage : 17 kb
Paged Pool usage peak : 26 kb
Current Non-Paged Pool usage : 1 kb
Non-Paged Pool usage peak : 1 kb
Current Page file usage : 452 kb
Page file usage peak : 592 kb
Page Faults : 500
Module list
Module at 0x00400000: aswUpdSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64080000: aswCmnB.dll
Process 000004bc: ashServ.exe
Current Memory usage : 16656 kb
Memory usage peak : 101528 kb
Current Paged Pool usage : 80 kb
Paged Pool usage peak : 89 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 12 kb
Current Page file usage : 24376 kb
Page file usage peak : 62304 kb
Page Faults : 88141
Module list
Module at 0x00400000: ashServ.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x64580000: aswAux.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x64800000: ashTask.dll
Module at 0x774a0000: ole32.dll
Module at 0x64400000: aswInteg.dll
Module at 0x64a00000: aswIdle.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77390000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f00000: Wtsapi32.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x65380000: AhResMai.dll
Module at 0x65880000: ahResMes.dll
Module at 0x65980000: AhResNS.dll
Module at 0x65280000: AhResOut.dll
Module at 0x658c0000: ahResP2P.dll
Module at 0x65180000: AhResStd.dll
Module at 0x65a00000: AhResWS.dll
Module at 0x64880000: ashSSqlt.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77000000: COMRes.dll
Module at 0x741e0000: ICMP.DLL
Module at 0x76d10000: iphlpapi.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f60000: winrnr.dll
Module at 0x5ead0000: perfos.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x66000000: aswRes.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76ba0000: psapi.dll
Process 00000560: explorer.exe
Current Memory usage : 19384 kb
Memory usage peak : 21448 kb
Current Paged Pool usage : 63 kb
Paged Pool usage peak : 87 kb
Current Non-Paged Pool usage : 11 kb
Non-Paged Pool usage peak : 17 kb
Current Page file usage : 10568 kb
Page file usage peak : 13028 kb
Page Faults : 21092
Module list
Module at 0x01000000: Explorer.EXE
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x75f10000: BROWSEUI.dll
Module at 0x77720000: SHDOCVW.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76610000: CRYPTUI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x77aa0000: WININET.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x76960000: USERENV.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x71b50000: SAMLIB.dll
Module at 0x77b50000: appHelp.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x765b0000: cscui.dll
Module at 0x76590000: CSCDLL.dll
Module at 0x5b950000: themeui.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76310000: MSIMG32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76920000: LINKINFO.dll
Module at 0x76930000: ntshrui.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77170000: urlmon.dll
Module at 0x76390000: NETSHELL.dll
Module at 0x76e30000: rtutils.dll
Module at 0x76bb0000: credui.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x7d200000: msi.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x74aa0000: webcheck.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x76540000: stobject.dll
Module at 0x74a60000: BatMeter.dll
Module at 0x74a40000: POWRPROF.dll
Module at 0x76f00000: WTSAPI32.dll
Module at 0x72c70000: wdmaud.drv
Module at 0x72c60000: msacm32.drv
Module at 0x77ba0000: midimap.dll
Module at 0x014f0000: Inactivity.dll
Module at 0x76e90000: RASAPI32.dll
Module at 0x76e40000: rasman.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x71a60000: MPR.dll
Module at 0x75ef0000: drprov.dll
Module at 0x71b70000: ntlanman.dll
Module at 0x71c30000: NETUI0.dll
Module at 0x71bf0000: NETUI1.dll
Module at 0x71be0000: NETRAP.dll
Module at 0x75f00000: davclnt.dll
Module at 0x77210000: SXS.DLL
Module at 0x01710000: shdoclc.dll
Module at 0x00db0000: browselc.dll
Module at 0x00b60000: AcroIEHelper.dll
Module at 0x00d90000: LQCUI2.dll
Module at 0x6c650000: DUSER.dll
Module at 0x75d30000: MLANG.dll
Module at 0x00cf0000: mbamext.dll
Module at 0x00d40000: rarext.dll
Module at 0x64f00000: ashShell.dll
Process 0000065c: spoolsv.exe
Current Memory usage : 4472 kb
Memory usage peak : 4560 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 43 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 3100 kb
Page file usage peak : 3324 kb
Page Faults : 2027
Module list
Module at 0x01000000: spoolsv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x74240000: SPOOLSS.DLL
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x75b40000: localspl.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76c10000: sfc_os.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x72f50000: winspool.drv
Module at 0x6fee0000: netapi32.dll
Module at 0x741f0000: cnbjmon.dll
Module at 0x741d0000: pjlmon.dll
Module at 0x72370000: tcpmon.dll
Module at 0x72360000: usbmon.dll
Module at 0x71990000: mswsock.dll
Module at 0x76f60000: winrnr.dll
Module at 0x75ea0000: win32spl.dll
Module at 0x71be0000: NETRAP.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x74260000: inetpp.dll
Module at 0x20000000: xpsp2res.dll
Process 000006a8: ashDisp.exe
Current Memory usage : 1904 kb
Memory usage peak : 5192 kb
Current Paged Pool usage : 41 kb
Paged Pool usage peak : 43 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2668 kb
Page file usage peak : 2732 kb
Page Faults : 5555
Module list
Module at 0x00400000: ashDisp.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77390000: COMCTL32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x66100000: Lang.dll
Module at 0x7c140000: MFC71.DLL
Module at 0x65400000: ahruimai.dll
Module at 0x64b00000: ashUInt.dll
Module at 0x64c80000: XT1922.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x65900000: ahruimes.dll
Module at 0x659c0000: ahruins.dll
Module at 0x65300000: ahruiout.dll
Module at 0x621f0000: MAPI32.dll
Module at 0x65940000: ahruip2p.dll
Module at 0x65200000: ahruistd.dll
Module at 0x65a40000: ahruiws.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x77fc0000: Secur32.dll
Process 00000724: soffice.exe
Current Memory usage : 10056 kb
Memory usage peak : 10144 kb
Current Paged Pool usage : 36 kb
Paged Pool usage peak : 42 kb
Current Non-Paged Pool usage : 2 kb
Non-Paged Pool usage peak : 3 kb
Current Page file usage : 992 kb
Page file usage peak : 1328 kb
Page Faults : 3312
Module list
Module at 0x00400000: soffice.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x78520000: MSVCR90.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 0000074c: soffice.bin
Current Memory usage : 25776 kb
Memory usage peak : 25864 kb
Current Paged Pool usage : 96 kb
Paged Pool usage peak : 96 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 11 kb
Current Page file usage : 5540 kb
Page file usage peak : 5604 kb
Page Faults : 7394
Module list
Module at 0x00400000: soffice.bin
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x60100000: sal3.dll
Module at 0x5c0e0000: uwinapi.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x78520000: MSVCR90.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x71a60000: MPR.dll
Module at 0x774a0000: ole32.dll
Module at 0x5e6e0000: sofficeapp.dll
Module at 0x65980000: comphelp4MSC.dll
Module at 0x656c0000: cppuhelper3MSC.dll
Module at 0x600e0000: salhelper3MSC.dll
Module at 0x65740000: cppu3.dll
Module at 0x5e470000: stlport_vc7145.dll
Module at 0x5c630000: ucbhelper4MSC.dll
Module at 0x5bc20000: vos3MSC.dll
Module at 0x636f0000: i18nisolang1MSC.dll
Module at 0x5eed0000: sfxmi.dll
Module at 0x63c90000: fwemi.dll
Module at 0x63c30000: fwimi.dll
Module at 0x5c170000: utlmi.dll
Module at 0x5c730000: tlmi.dll
Module at 0x67820000: basegfxmi.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x5bc50000: vclmi.dll
Module at 0x5e620000: sotmi.dll
Module at 0x628b0000: icuuc36.dll
Module at 0x62b00000: icudt36l.dll
Module at 0x76310000: MSIMG32.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x76320000: IMM32.dll
Module at 0x5e090000: svlmi.dll
Module at 0x5ddc0000: svtmi.dll
Module at 0x5c7c0000: tkmi.dll
Module at 0x63540000: i18nutilMSC.dll
Module at 0x62330000: jvmfwk3.dll
Module at 0x61f50000: libxml2.dll
Module at 0x5ff20000: sbmi.dll
Module at 0x5b6c0000: xcrmi.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x60080000: saxmi.dll
Module at 0x624b0000: jmi_g.dll
Module at 0x62360000: jvmaccess3MSC.dll
Module at 0x77390000: comctl32.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x61860000: msci_uno.dll
Module at 0x66380000: bootstrap.uno.dll
Module at 0x607e0000: reg3.dll
Module at 0x5e2e0000: store3.dll
Module at 0x5c2c0000: unsafe_uno_uno.dll
Module at 0x60ac0000: purpenvhelper3MSC.dll
Module at 0x65800000: configmgr2.uno.dll
Module at 0x5e310000: stocservices.uno.dll
Module at 0x5cb70000: sysmgr1.uno.dll
Module at 0x600a0000: sax.uno.dll
Module at 0x61c70000: localebe1.uno.dll
Module at 0x677a0000: behelper.uno.dll
Module at 0x5c6a0000: ucb1.dll
Module at 0x63a20000: fwlmi.dll
Module at 0x5c500000: ucpfile1.dll
Module at 0x63a50000: fwkmi.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x615f0000: oleautobridge.uno.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x643d0000: emsermi.dll
Process 000007ac: AppleMobileDeviceService.exe
Current Memory usage : 2888 kb
Memory usage peak : 2976 kb
Current Paged Pool usage : 28 kb
Paged Pool usage peak : 31 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2004 kb
Page file usage peak : 2068 kb
Page Faults : 1463
Module list
Module at 0x00400000: AppleMobileDeviceService.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x5b090000: uxtheme.dll
Process 000007d4: FTRTSVC.exe
Current Memory usage : 2460 kb
Memory usage peak : 2548 kb
Current Paged Pool usage : 27 kb
Paged Pool usage peak : 31 kb
Current Non-Paged Pool usage : 2 kb
Non-Paged Pool usage peak : 3 kb
Current Page file usage : 832 kb
Page file usage peak : 1244 kb
Page Faults : 1387
Module list
Module at 0x00400000: FTRTSVC.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x10000000: IfHelper.dll
Module at 0x77be0000: MSVCRT.dll
Module at 0x73d20000: MFC42.DLL
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x003e0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 00000104: svchost.exe
Current Memory usage : 4544 kb
Memory usage peak : 4640 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 40 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2748 kb
Page file usage peak : 2856 kb
Page Faults : 1940
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x75a00000: wiaservc.dll
Module at 0x74a50000: CFGMGR32.dll
Module at 0x778e0000: setupapi.DLL
Module at 0x73a80000: mscms.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x5a7b0000: wiavusd.dll
Module at 0x4eb80000: gdiplus.dll
Module at 0x76720000: SHFOLDER.dll
Module at 0x71ca0000: actxprxy.dll
Process 00000390: ashMaiSv.exe
Current Memory usage : 2192 kb
Memory usage peak : 38676 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 75 kb
Current Non-Paged Pool usage : 125 kb
Non-Paged Pool usage peak : 126 kb
Current Page file usage : 2580 kb
Page file usage peak : 19432 kb
Page Faults : 53928
Module list
Module at 0x00400000: ashMaiSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x65380000: AhResMai.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x66100000: Lang.dll
Module at 0x7c140000: MFC71.DLL
Module at 0x66500000: langmai.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x76ba0000: PSAPI.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Process 00000464: ashWebSv.exe
Current Memory usage : 12528 kb
Memory usage peak : 38620 kb
Current Paged Pool usage : 72 kb
Paged Pool usage peak : 79 kb
Current Non-Paged Pool usage : 36 kb
Non-Paged Pool usage peak : 50 kb
Current Page file usage : 20900 kb
Page file usage peak : 22872 kb
Page Faults : 36788
Module list
Module at 0x00400000: ashWebSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x64500000: ashBase.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x76ba0000: PSAPI.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x71ef0000: security.dll
Module at 0x77fc0000: SECUR32.dll
Module at 0x68300000: ashWsFtr.dll
Module at 0x65a00000: AhResWs.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 0000027c: GestionnaireInternet.exe
Current Memory usage : 11664 kb
Memory usage peak : 11736 kb
Current Paged Pool usage : 46 kb
Paged Pool usage peak : 48 kb
Current Non-Paged Pool usage : 16 kb
Non-Paged Pool usage peak : 17 kb
Current Page file usage : 4688 kb
Page file usage peak : 4752 kb
Page Faults : 12437
Module list
Module at 0x00400000: GestionnaireInternet.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: OutilsFT.dll
Module at 0x5f400000: MFC42.DLL
Module at 0x77be0000: MSVCRT.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x00320000: StyleIHM.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x75ba0000: MSVFW32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x009b0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x00cc0000: WooIHMF.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x00f40000: ResourceStyle.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x01600000: ALERTC~1.DLL
Module at 0x20000000: xpsp2res.dll
Module at 0x77210000: SXS.DLL
Module at 0x00db0000: DetectComponent.dll
Module at 0x02050000: Inactivity.dll
Module at 0x02060000: SynchroDll.dll
Module at 0x77aa0000: WININET.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77170000: urlmon.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76e90000: RASAPI32.DLL
Module at 0x76e40000: rasman.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x76e30000: rtutils.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x76960000: USERENV.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f70000: rasadhlp.dll
Process 00000848: alg.exe
Current Memory usage : 3648 kb
Memory usage peak : 3736 kb
Current Paged Pool usage : 36 kb
Paged Pool usage peak : 37 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 6 kb
Current Page file usage : 1260 kb
Page file usage peak : 1492 kb
Page Faults : 1705
Module list
Module at 0x01000000: alg.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x71990000: MSWSOCK.DLL
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Process 00000910: ComComp.exe
Current Memory usage : 8228 kb
Memory usage peak : 8304 kb
Current Paged Pool usage : 44 kb
Paged Pool usage peak : 47 kb
Current Non-Paged Pool usage : 6 kb
Non-Paged Pool usage peak : 8 kb
Current Page file usage : 3048 kb
Page file usage peak : 3112 kb
Page Faults : 13130
Module list
Module at 0x00400000: ComComp.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: OutilsFT.dll
Module at 0x5f400000: MFC42.DLL
Module at 0x77be0000: MSVCRT.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x00320000: WLANManager.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x00340000: IfHelper.dll
Module at 0x00350000: W32N50.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x5b090000: uxtheme.dll
Module at 0x003d0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Exception Code : 0xc0000005
Client version : 0.853
Attached Debugger : 0
Windows Information :
---------------------
Windows Version : Windows XP (5.1)
Build Number : 2600
Service Pack : 2.0
CPU Information:
----------------
CPU Name : Intel(R) Pentium(R) 4 CPU 1500MHz
Type : 0
Vendor : GenuineIntel
Family : 15
Extended Family : 0
Model : 0
Extended Model : 0
Stepping : 10
Registry Content:
-----------------
EAX : 0x000041cb
ECX : 0x00000000
EDX : 0x003540f8
EBX : 0x00000000
ESP : 0x00c9ff84
EBP : 0x00c9ffb4
ESI : 0x00354108
EDI : 0x003540f8
EIP : 0x003910c3
Memory Usage:
-------------
Physical Memory in use : 79%
Total Physical Memory : 523808 kb
Free Physical Memory : 106860 kb
Total Virtual Memory : 2097024 kb
Free Virtual Memory : 1850416 kb
Max Page file size : 1280044 kb
Current Page file size : 782240 kb
Free Extended memory : 0kb
Stack Information:
------------------
Total stack size : 88
Stack Content:
--------------
0039764f 00000000 00000000 00353588 00000000 003540f8
00c9ff88 00c9fba8 00c9ffdc 0039c440 0039e1f0 ffffffff
00c9ffec 7c80b50b 00000006 00000000 00000000 00353588
7ffdd000 c0000005 00c9ffc0 00c9fba8
System Activity:
----------------
Process 00000000: [System Process]
Module at 0x00400000: aawservice.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: CEAPI.dll
Module at 0x77aa0000: WININET.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x774a0000: ole32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x004a0000: PKArchive85u.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77bd0000: VERSION.dll
Module at 0x76960000: USERENV.dll
Module at 0x00390000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x71b50000: SAMLIB.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x5b090000: uxtheme.dll
Process 00000004: System
Current Memory usage : 232 kb
Memory usage peak : 2084 kb
Current Paged Pool usage : 0 kb
Paged Pool usage peak : 0 kb
Current Non-Paged Pool usage : 0 kb
Non-Paged Pool usage peak : 0 kb
Current Page file usage : 0 kb
Page file usage peak : 0 kb
Page Faults : 5614
Module list
Module at 0x00000000:
Process 000001c8: smss.exe
Current Memory usage : 384 kb
Memory usage peak : 672 kb
Current Paged Pool usage : 5 kb
Paged Pool usage peak : 13 kb
Current Non-Paged Pool usage : 0 kb
Non-Paged Pool usage peak : 1 kb
Current Page file usage : 164 kb
Page file usage peak : 1640 kb
Page Faults : 290
Module list
Module at 0x48580000: smss.exe
Module at 0x7c910000: ntdll.dll
Process 00000200: csrss.exe
Current Memory usage : 3524 kb
Memory usage peak : 3636 kb
Current Paged Pool usage : 52 kb
Paged Pool usage peak : 55 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 1452 kb
Page file usage peak : 2800 kb
Page Faults : 3138
Module list
Module at 0x4a680000: csrss.exe
Module at 0x7c910000: ntdll.dll
Module at 0x75ad0000: CSRSRV.dll
Module at 0x75ae0000: basesrv.dll
Module at 0x75af0000: winsrv.dll
Module at 0x77d10000: USER32.dll
Module at 0x7c800000: KERNEL32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77210000: sxs.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77bd0000: VERSION.dll
Process 00000218: winlogon.exe
Current Memory usage : 5300 kb
Memory usage peak : 12184 kb
Current Paged Pool usage : 65 kb
Paged Pool usage peak : 69 kb
Current Non-Paged Pool usage : 48 kb
Non-Paged Pool usage peak : 51 kb
Current Page file usage : 6640 kb
Page file usage peak : 8008 kb
Page Faults : 8268
Module list
Module at 0x01000000: winlogon.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x758d0000: NDdeApi.dll
Module at 0x758c0000: PROFMAP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x76b60000: REGAPI.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x75900000: MSGINA.dll
Module at 0x74730000: ODBC32.dll
Module at 0x20000000: odbcint.dll
Module at 0x776a0000: SHSVCS.dll
Module at 0x76b50000: sfc.dll
Module at 0x76c10000: sfc_os.dll
Module at 0x774a0000: ole32.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x72340000: WINSCARD.DLL
Module at 0x76f00000: WTSAPI32.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x76590000: cscdll.dll
Module at 0x758e0000: WlNotify.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x71a60000: MPR.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77210000: sxs.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x765b0000: cscui.dll
Module at 0x01510000: xpsp2res.dll
Module at 0x72c70000: wdmaud.drv
Module at 0x72c60000: msacm32.drv
Module at 0x77bb0000: MSACM32.dll
Module at 0x77ba0000: midimap.dll
Module at 0x77000000: COMRes.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77aa0000: wininet.dll
Process 00000248: services.exe
Current Memory usage : 5308 kb
Memory usage peak : 5428 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 41 kb
Current Non-Paged Pool usage : 8 kb
Non-Paged Pool usage peak : 9 kb
Current Page file usage : 2168 kb
Page file usage peak : 2472 kb
Page Faults : 2565
Module list
Module at 0x01000000: services.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76a20000: SCESRV.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75840000: umpnpmgr.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x5fb00000: NCObjAPI.DLL
Module at 0x76010000: MSVCP60.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77fc0000: secur32.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77b80000: eventlog.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f00000: wtsapi32.dll
Process 00000254: lsass.exe
Current Memory usage : 1452 kb
Memory usage peak : 6404 kb
Current Paged Pool usage : 43 kb
Paged Pool usage peak : 45 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 13 kb
Current Page file usage : 3952 kb
Page file usage peak : 4084 kb
Page Faults : 4208
Module list
Module at 0x01000000: lsass.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x756b0000: LSASRV.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x743b0000: SAMSRV.dll
Module at 0x76730000: cryptdll.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x71a60000: MPR.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x20000000: msprivs.dll
Module at 0x71c50000: kerberos.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x74420000: netlogon.dll
Module at 0x76760000: w32time.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x76790000: schannel.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x742e0000: wdigest.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x74370000: scecli.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x74340000: ipsecsvc.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75dd0000: oakley.DLL
Module at 0x742d0000: WINIPSEC.DLL
Module at 0x74300000: pstorsvc.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x74320000: psbase.dll
Module at 0x68100000: dssenh.dll
Process 000002f4: svchost.exe
Current Memory usage : 4756 kb
Memory usage peak : 4856 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 41 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 3104 kb
Page file usage peak : 23376 kb
Page Faults : 2012
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76870000: rpcss.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x766a0000: termsrv.dll
Module at 0x74ee0000: ICAAPI.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75080000: mstlsapi.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76b60000: REGAPI.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77b50000: Apphelp.dll
Process 00000324: svchost.exe
Current Memory usage : 4312 kb
Memory usage peak : 4396 kb
Current Paged Pool usage : 38 kb
Paged Pool usage peak : 39 kb
Current Non-Paged Pool usage : 14 kb
Non-Paged Pool usage peak : 15 kb
Current Page file usage : 1924 kb
Page file usage peak : 2060 kb
Page Faults : 2147
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76870000: rpcss.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Process 0000036c: svchost.exe
Current Memory usage : 18468 kb
Memory usage peak : 22324 kb
Current Paged Pool usage : 114 kb
Paged Pool usage peak : 122 kb
Current Non-Paged Pool usage : 59 kb
Non-Paged Pool usage peak : 65 kb
Current Page file usage : 11788 kb
Page file usage peak : 18132 kb
Page Faults : 12712
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x776a0000: shsvcs.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76d30000: dhcpcsvc.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x775e0000: wzcsvc.dll
Module at 0x76e30000: rtutils.dll
Module at 0x76ce0000: WMI.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76f00000: WTSAPI32.dll
Module at 0x6f890000: ESENT.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76b70000: rastls.dll
Module at 0x76610000: CRYPTUI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x77aa0000: WININET.dll
Module at 0x76cf0000: MPRAPI.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x76e90000: RASAPI32.dll
Module at 0x76e40000: rasman.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x76790000: SCHANNEL.dll
Module at 0x72340000: WinSCard.dll
Module at 0x76c90000: raschap.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x76b10000: schedsvc.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x74ec0000: MSIDLE.DLL
Module at 0x70da0000: audiosrv.dll
Module at 0x772d0000: wkssvc.dll
Module at 0x60ac0000: qmgr.dll
Module at 0x71a60000: MPR.dll
Module at 0x76720000: SHFOLDER.dll
Module at 0x4d5e0000: WINHTTP.dll
Module at 0x776d0000: es.dll
Module at 0x74ef0000: ersvc.dll
Module at 0x74f00000: dmserver.dll
Module at 0x76cc0000: cryptsvc.dll
Module at 0x752c0000: certcli.dll
Module at 0x74eb0000: pchsvc.dll
Module at 0x68d40000: hidserv.dll
Module at 0x68d50000: HID.DLL
Module at 0x77cd0000: netman.dll
Module at 0x76390000: netshell.dll
Module at 0x76bb0000: credui.dll
Module at 0x72f80000: WZCSAPI.DLL
Module at 0x75000000: srvsvc.dll
Module at 0x75110000: srsvc.dll
Module at 0x74a40000: POWRPROF.dll
Module at 0x72240000: sens.dll
Module at 0x73c70000: seclogon.dll
Module at 0x77210000: SXS.DLL
Module at 0x74fe0000: trkwks.dll
Module at 0x76760000: w32time.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x4f0b0000: wmisvc.dll
Module at 0x75350000: VSSAPI.DLL
Module at 0x76d90000: browser.dll
Module at 0x4c190000: wscsvc.dll
Module at 0x7d200000: msi.dll
Module at 0x75200000: wbemcomn.dll
Module at 0x76250000: wbemcore.dll
Module at 0x75280000: esscli.dll
Module at 0x75610000: FastProx.dll
Module at 0x76080000: comsvcs.dll
Module at 0x75060000: MTXCLU.DLL
Module at 0x71a10000: WSOCK32.dll
Module at 0x750a0000: colbact.DLL
Module at 0x76d50000: CLUSAPI.DLL
Module at 0x75020000: RESUTILS.DLL
Module at 0x74f90000: wmiutils.dll
Module at 0x75170000: repdrvfs.dll
Module at 0x59ad0000: wmiprvsd.dll
Module at 0x5fb00000: NCObjAPI.DLL
Module at 0x75300000: wbemess.dll
Module at 0x66890000: ipnathlp.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x76df0000: upnp.dll
Module at 0x74e70000: SSDPAPI.dll
Module at 0x5fad0000: ncprov.dll
Module at 0x75570000: netcfgx.dll
Module at 0x723d0000: rasmans.dll
Module at 0x742d0000: WINIPSEC.DLL
Module at 0x73330000: tapisrv.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x76f70000: rasadhlp.dll
Module at 0x75880000: rastapi.dll
Module at 0x57f70000: unimdm.tsp
Module at 0x71f70000: uniplat.dll
Module at 0x57ff0000: kmddsp.tsp
Module at 0x57fd0000: ndptsp.tsp
Module at 0x58000000: ipconf.tsp
Module at 0x58020000: h323.tsp
Module at 0x58010000: hidphone.tsp
Module at 0x721b0000: rasppp.dll
Module at 0x72400000: ntlsapi.dll
Module at 0x71c50000: kerberos.dll
Module at 0x76730000: cryptdll.dll
Module at 0x754c0000: RASDLG.dll
Module at 0x70000000: catsrvut.dll
Module at 0x61d60000: MfcSubs.dll
Module at 0x750c0000: Cabinet.dll
Module at 0x77170000: urlmon.dll
Module at 0x700c0000: catsrv.dll
Process 000003c4: svchost.exe
Current Memory usage : 3808 kb
Memory usage peak : 3896 kb
Current Paged Pool usage : 33 kb
Paged Pool usage peak : 35 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 8 kb
Current Page file usage : 1544 kb
Page file usage peak : 1680 kb
Page Faults : 2056
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76710000: dnsrslvr.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76cf0000: MPRAPI.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76e30000: rtutils.dll
Module at 0x778e0000: SETUPAPI.dll
Process 00000430: svchost.exe
Current Memory usage : 4548 kb
Memory usage peak : 4640 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 40 kb
Current Non-Paged Pool usage : 6 kb
Non-Paged Pool usage peak : 12 kb
Current Page file usage : 1928 kb
Page file usage peak : 2016 kb
Page Faults : 2081
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x74bb0000: lmhsvc.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x5a9f0000: webclnt.dll
Module at 0x77aa0000: WININET.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77170000: urlmon.dll
Module at 0x71a10000: wsock32.dll
Module at 0x76820000: regsvc.dll
Module at 0x76840000: ssdpsrv.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x71990000: mswsock.dll
Module at 0x719d0000: wshtcpip.dll
Process 0000048c: aswUpdSv.exe
Current Memory usage : 224 kb
Memory usage peak : 1692 kb
Current Paged Pool usage : 17 kb
Paged Pool usage peak : 26 kb
Current Non-Paged Pool usage : 1 kb
Non-Paged Pool usage peak : 1 kb
Current Page file usage : 452 kb
Page file usage peak : 592 kb
Page Faults : 500
Module list
Module at 0x00400000: aswUpdSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64080000: aswCmnB.dll
Process 000004bc: ashServ.exe
Current Memory usage : 16656 kb
Memory usage peak : 101528 kb
Current Paged Pool usage : 80 kb
Paged Pool usage peak : 89 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 12 kb
Current Page file usage : 24376 kb
Page file usage peak : 62304 kb
Page Faults : 88141
Module list
Module at 0x00400000: ashServ.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x64580000: aswAux.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x64800000: ashTask.dll
Module at 0x774a0000: ole32.dll
Module at 0x64400000: aswInteg.dll
Module at 0x64a00000: aswIdle.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77390000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f00000: Wtsapi32.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x65380000: AhResMai.dll
Module at 0x65880000: ahResMes.dll
Module at 0x65980000: AhResNS.dll
Module at 0x65280000: AhResOut.dll
Module at 0x658c0000: ahResP2P.dll
Module at 0x65180000: AhResStd.dll
Module at 0x65a00000: AhResWS.dll
Module at 0x64880000: ashSSqlt.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77000000: COMRes.dll
Module at 0x741e0000: ICMP.DLL
Module at 0x76d10000: iphlpapi.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f60000: winrnr.dll
Module at 0x5ead0000: perfos.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x66000000: aswRes.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76ba0000: psapi.dll
Process 00000560: explorer.exe
Current Memory usage : 19384 kb
Memory usage peak : 21448 kb
Current Paged Pool usage : 63 kb
Paged Pool usage peak : 87 kb
Current Non-Paged Pool usage : 11 kb
Non-Paged Pool usage peak : 17 kb
Current Page file usage : 10568 kb
Page file usage peak : 13028 kb
Page Faults : 21092
Module list
Module at 0x01000000: Explorer.EXE
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x75f10000: BROWSEUI.dll
Module at 0x77720000: SHDOCVW.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76610000: CRYPTUI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x77aa0000: WININET.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x76960000: USERENV.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x71b50000: SAMLIB.dll
Module at 0x77b50000: appHelp.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x765b0000: cscui.dll
Module at 0x76590000: CSCDLL.dll
Module at 0x5b950000: themeui.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76310000: MSIMG32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76920000: LINKINFO.dll
Module at 0x76930000: ntshrui.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77170000: urlmon.dll
Module at 0x76390000: NETSHELL.dll
Module at 0x76e30000: rtutils.dll
Module at 0x76bb0000: credui.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x7d200000: msi.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x74aa0000: webcheck.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x76540000: stobject.dll
Module at 0x74a60000: BatMeter.dll
Module at 0x74a40000: POWRPROF.dll
Module at 0x76f00000: WTSAPI32.dll
Module at 0x72c70000: wdmaud.drv
Module at 0x72c60000: msacm32.drv
Module at 0x77ba0000: midimap.dll
Module at 0x014f0000: Inactivity.dll
Module at 0x76e90000: RASAPI32.dll
Module at 0x76e40000: rasman.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x71a60000: MPR.dll
Module at 0x75ef0000: drprov.dll
Module at 0x71b70000: ntlanman.dll
Module at 0x71c30000: NETUI0.dll
Module at 0x71bf0000: NETUI1.dll
Module at 0x71be0000: NETRAP.dll
Module at 0x75f00000: davclnt.dll
Module at 0x77210000: SXS.DLL
Module at 0x01710000: shdoclc.dll
Module at 0x00db0000: browselc.dll
Module at 0x00b60000: AcroIEHelper.dll
Module at 0x00d90000: LQCUI2.dll
Module at 0x6c650000: DUSER.dll
Module at 0x75d30000: MLANG.dll
Module at 0x00cf0000: mbamext.dll
Module at 0x00d40000: rarext.dll
Module at 0x64f00000: ashShell.dll
Process 0000065c: spoolsv.exe
Current Memory usage : 4472 kb
Memory usage peak : 4560 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 43 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 3100 kb
Page file usage peak : 3324 kb
Page Faults : 2027
Module list
Module at 0x01000000: spoolsv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x74240000: SPOOLSS.DLL
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x75b40000: localspl.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76c10000: sfc_os.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x72f50000: winspool.drv
Module at 0x6fee0000: netapi32.dll
Module at 0x741f0000: cnbjmon.dll
Module at 0x741d0000: pjlmon.dll
Module at 0x72370000: tcpmon.dll
Module at 0x72360000: usbmon.dll
Module at 0x71990000: mswsock.dll
Module at 0x76f60000: winrnr.dll
Module at 0x75ea0000: win32spl.dll
Module at 0x71be0000: NETRAP.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x74260000: inetpp.dll
Module at 0x20000000: xpsp2res.dll
Process 000006a8: ashDisp.exe
Current Memory usage : 1904 kb
Memory usage peak : 5192 kb
Current Paged Pool usage : 41 kb
Paged Pool usage peak : 43 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2668 kb
Page file usage peak : 2732 kb
Page Faults : 5555
Module list
Module at 0x00400000: ashDisp.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77390000: COMCTL32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x66100000: Lang.dll
Module at 0x7c140000: MFC71.DLL
Module at 0x65400000: ahruimai.dll
Module at 0x64b00000: ashUInt.dll
Module at 0x64c80000: XT1922.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x65900000: ahruimes.dll
Module at 0x659c0000: ahruins.dll
Module at 0x65300000: ahruiout.dll
Module at 0x621f0000: MAPI32.dll
Module at 0x65940000: ahruip2p.dll
Module at 0x65200000: ahruistd.dll
Module at 0x65a40000: ahruiws.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x77fc0000: Secur32.dll
Process 00000724: soffice.exe
Current Memory usage : 10056 kb
Memory usage peak : 10144 kb
Current Paged Pool usage : 36 kb
Paged Pool usage peak : 42 kb
Current Non-Paged Pool usage : 2 kb
Non-Paged Pool usage peak : 3 kb
Current Page file usage : 992 kb
Page file usage peak : 1328 kb
Page Faults : 3312
Module list
Module at 0x00400000: soffice.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x78520000: MSVCR90.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 0000074c: soffice.bin
Current Memory usage : 25776 kb
Memory usage peak : 25864 kb
Current Paged Pool usage : 96 kb
Paged Pool usage peak : 96 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 11 kb
Current Page file usage : 5540 kb
Page file usage peak : 5604 kb
Page Faults : 7394
Module list
Module at 0x00400000: soffice.bin
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x60100000: sal3.dll
Module at 0x5c0e0000: uwinapi.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x78520000: MSVCR90.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x71a60000: MPR.dll
Module at 0x774a0000: ole32.dll
Module at 0x5e6e0000: sofficeapp.dll
Module at 0x65980000: comphelp4MSC.dll
Module at 0x656c0000: cppuhelper3MSC.dll
Module at 0x600e0000: salhelper3MSC.dll
Module at 0x65740000: cppu3.dll
Module at 0x5e470000: stlport_vc7145.dll
Module at 0x5c630000: ucbhelper4MSC.dll
Module at 0x5bc20000: vos3MSC.dll
Module at 0x636f0000: i18nisolang1MSC.dll
Module at 0x5eed0000: sfxmi.dll
Module at 0x63c90000: fwemi.dll
Module at 0x63c30000: fwimi.dll
Module at 0x5c170000: utlmi.dll
Module at 0x5c730000: tlmi.dll
Module at 0x67820000: basegfxmi.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x5bc50000: vclmi.dll
Module at 0x5e620000: sotmi.dll
Module at 0x628b0000: icuuc36.dll
Module at 0x62b00000: icudt36l.dll
Module at 0x76310000: MSIMG32.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x76320000: IMM32.dll
Module at 0x5e090000: svlmi.dll
Module at 0x5ddc0000: svtmi.dll
Module at 0x5c7c0000: tkmi.dll
Module at 0x63540000: i18nutilMSC.dll
Module at 0x62330000: jvmfwk3.dll
Module at 0x61f50000: libxml2.dll
Module at 0x5ff20000: sbmi.dll
Module at 0x5b6c0000: xcrmi.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x60080000: saxmi.dll
Module at 0x624b0000: jmi_g.dll
Module at 0x62360000: jvmaccess3MSC.dll
Module at 0x77390000: comctl32.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x61860000: msci_uno.dll
Module at 0x66380000: bootstrap.uno.dll
Module at 0x607e0000: reg3.dll
Module at 0x5e2e0000: store3.dll
Module at 0x5c2c0000: unsafe_uno_uno.dll
Module at 0x60ac0000: purpenvhelper3MSC.dll
Module at 0x65800000: configmgr2.uno.dll
Module at 0x5e310000: stocservices.uno.dll
Module at 0x5cb70000: sysmgr1.uno.dll
Module at 0x600a0000: sax.uno.dll
Module at 0x61c70000: localebe1.uno.dll
Module at 0x677a0000: behelper.uno.dll
Module at 0x5c6a0000: ucb1.dll
Module at 0x63a20000: fwlmi.dll
Module at 0x5c500000: ucpfile1.dll
Module at 0x63a50000: fwkmi.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x615f0000: oleautobridge.uno.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x643d0000: emsermi.dll
Process 000007ac: AppleMobileDeviceService.exe
Current Memory usage : 2888 kb
Memory usage peak : 2976 kb
Current Paged Pool usage : 28 kb
Paged Pool usage peak : 31 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2004 kb
Page file usage peak : 2068 kb
Page Faults : 1463
Module list
Module at 0x00400000: AppleMobileDeviceService.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x5b090000: uxtheme.dll
Process 000007d4: FTRTSVC.exe
Current Memory usage : 2460 kb
Memory usage peak : 2548 kb
Current Paged Pool usage : 27 kb
Paged Pool usage peak : 31 kb
Current Non-Paged Pool usage : 2 kb
Non-Paged Pool usage peak : 3 kb
Current Page file usage : 832 kb
Page file usage peak : 1244 kb
Page Faults : 1387
Module list
Module at 0x00400000: FTRTSVC.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x10000000: IfHelper.dll
Module at 0x77be0000: MSVCRT.dll
Module at 0x73d20000: MFC42.DLL
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x003e0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 00000104: svchost.exe
Current Memory usage : 4544 kb
Memory usage peak : 4640 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 40 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2748 kb
Page file usage peak : 2856 kb
Page Faults : 1940
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x75a00000: wiaservc.dll
Module at 0x74a50000: CFGMGR32.dll
Module at 0x778e0000: setupapi.DLL
Module at 0x73a80000: mscms.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x5a7b0000: wiavusd.dll
Module at 0x4eb80000: gdiplus.dll
Module at 0x76720000: SHFOLDER.dll
Module at 0x71ca0000: actxprxy.dll
Process 00000390: ashMaiSv.exe
Current Memory usage : 2192 kb
Memory usage peak : 38676 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 75 kb
Current Non-Paged Pool usage : 125 kb
Non-Paged Pool usage peak : 126 kb
Current Page file usage : 2580 kb
Page file usage peak : 19432 kb
Page Faults : 53928
Module list
Module at 0x00400000: ashMaiSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x65380000: AhResMai.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x66100000: Lang.dll
Module at 0x7c140000: MFC71.DLL
Module at 0x66500000: langmai.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x76ba0000: PSAPI.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Process 00000464: ashWebSv.exe
Current Memory usage : 12528 kb
Memory usage peak : 38620 kb
Current Paged Pool usage : 72 kb
Paged Pool usage peak : 79 kb
Current Non-Paged Pool usage : 36 kb
Non-Paged Pool usage peak : 50 kb
Current Page file usage : 20900 kb
Page file usage peak : 22872 kb
Page Faults : 36788
Module list
Module at 0x00400000: ashWebSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x64500000: ashBase.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x76ba0000: PSAPI.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x71ef0000: security.dll
Module at 0x77fc0000: SECUR32.dll
Module at 0x68300000: ashWsFtr.dll
Module at 0x65a00000: AhResWs.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 0000027c: GestionnaireInternet.exe
Current Memory usage : 11664 kb
Memory usage peak : 11736 kb
Current Paged Pool usage : 46 kb
Paged Pool usage peak : 48 kb
Current Non-Paged Pool usage : 16 kb
Non-Paged Pool usage peak : 17 kb
Current Page file usage : 4688 kb
Page file usage peak : 4752 kb
Page Faults : 12437
Module list
Module at 0x00400000: GestionnaireInternet.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: OutilsFT.dll
Module at 0x5f400000: MFC42.DLL
Module at 0x77be0000: MSVCRT.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x00320000: StyleIHM.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x75ba0000: MSVFW32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x009b0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x00cc0000: WooIHMF.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x00f40000: ResourceStyle.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x01600000: ALERTC~1.DLL
Module at 0x20000000: xpsp2res.dll
Module at 0x77210000: SXS.DLL
Module at 0x00db0000: DetectComponent.dll
Module at 0x02050000: Inactivity.dll
Module at 0x02060000: SynchroDll.dll
Module at 0x77aa0000: WININET.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77170000: urlmon.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76e90000: RASAPI32.DLL
Module at 0x76e40000: rasman.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x76e30000: rtutils.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x76960000: USERENV.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f70000: rasadhlp.dll
Process 00000848: alg.exe
Current Memory usage : 3648 kb
Memory usage peak : 3736 kb
Current Paged Pool usage : 36 kb
Paged Pool usage peak : 37 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 6 kb
Current Page file usage : 1260 kb
Page file usage peak : 1492 kb
Page Faults : 1705
Module list
Module at 0x01000000: alg.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x71990000: MSWSOCK.DLL
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Process 00000910: ComComp.exe
Current Memory usage : 8228 kb
Memory usage peak : 8304 kb
Current Paged Pool usage : 44 kb
Paged Pool usage peak : 47 kb
Current Non-Paged Pool usage : 6 kb
Non-Paged Pool usage peak : 8 kb
Current Page file usage : 3048 kb
Page file usage peak : 3112 kb
Page Faults : 13130
Module list
Module at 0x00400000: ComComp.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: OutilsFT.dll
Module at 0x5f400000: MFC42.DLL
Module at 0x77be0000: MSVCRT.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x00320000: WLANManager.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x00340000: IfHelper.dll
Module at 0x00350000: W32N50.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x5b090000: uxtheme.dll
Module at 0x003d0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
23 nov. 2008 à 09:30
23 nov. 2008 à 09:30
An unhandled exception occured at 0x003910C3 in aawservice.exe
Exception Code : 0xc0000005
Client version : 0.853
Attached Debugger : 0
Windows Information :
---------------------
Windows Version : Windows XP (5.1)
Build Number : 2600
Service Pack : 2.0
CPU Information:
----------------
CPU Name : Intel(R) Pentium(R) 4 CPU 1500MHz
Type : 0
Vendor : GenuineIntel
Family : 15
Extended Family : 0
Model : 0
Extended Model : 0
Stepping : 10
Registry Content:
-----------------
EAX : 0x000041cb
ECX : 0x00000000
EDX : 0x003540f8
EBX : 0x00000000
ESP : 0x00c9ff84
EBP : 0x00c9ffb4
ESI : 0x00354108
EDI : 0x003540f8
EIP : 0x003910c3
Memory Usage:
-------------
Physical Memory in use : 79%
Total Physical Memory : 523808 kb
Free Physical Memory : 106860 kb
Total Virtual Memory : 2097024 kb
Free Virtual Memory : 1850416 kb
Max Page file size : 1280044 kb
Current Page file size : 782240 kb
Free Extended memory : 0kb
Stack Information:
------------------
Total stack size : 88
Stack Content:
--------------
0039764f 00000000 00000000 00353588 00000000 003540f8
00c9ff88 00c9fba8 00c9ffdc 0039c440 0039e1f0 ffffffff
00c9ffec 7c80b50b 00000006 00000000 00000000 00353588
7ffdd000 c0000005 00c9ffc0 00c9fba8
System Activity:
----------------
Process 00000000: [System Process]
Module at 0x00400000: aawservice.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: CEAPI.dll
Module at 0x77aa0000: WININET.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x774a0000: ole32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x004a0000: PKArchive85u.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77bd0000: VERSION.dll
Module at 0x76960000: USERENV.dll
Module at 0x00390000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x71b50000: SAMLIB.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x5b090000: uxtheme.dll
Process 00000004: System
Current Memory usage : 232 kb
Memory usage peak : 2084 kb
Current Paged Pool usage : 0 kb
Paged Pool usage peak : 0 kb
Current Non-Paged Pool usage : 0 kb
Non-Paged Pool usage peak : 0 kb
Current Page file usage : 0 kb
Page file usage peak : 0 kb
Page Faults : 5614
Module list
Module at 0x00000000:
Process 000001c8: smss.exe
Current Memory usage : 384 kb
Memory usage peak : 672 kb
Current Paged Pool usage : 5 kb
Paged Pool usage peak : 13 kb
Current Non-Paged Pool usage : 0 kb
Non-Paged Pool usage peak : 1 kb
Current Page file usage : 164 kb
Page file usage peak : 1640 kb
Page Faults : 290
Module list
Module at 0x48580000: smss.exe
Module at 0x7c910000: ntdll.dll
Process 00000200: csrss.exe
Current Memory usage : 3524 kb
Memory usage peak : 3636 kb
Current Paged Pool usage : 52 kb
Paged Pool usage peak : 55 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 1452 kb
Page file usage peak : 2800 kb
Page Faults : 3138
Module list
Module at 0x4a680000: csrss.exe
Module at 0x7c910000: ntdll.dll
Module at 0x75ad0000: CSRSRV.dll
Module at 0x75ae0000: basesrv.dll
Module at 0x75af0000: winsrv.dll
Module at 0x77d10000: USER32.dll
Module at 0x7c800000: KERNEL32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77210000: sxs.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77bd0000: VERSION.dll
Process 00000218: winlogon.exe
Current Memory usage : 5300 kb
Memory usage peak : 12184 kb
Current Paged Pool usage : 65 kb
Paged Pool usage peak : 69 kb
Current Non-Paged Pool usage : 48 kb
Non-Paged Pool usage peak : 51 kb
Current Page file usage : 6640 kb
Page file usage peak : 8008 kb
Page Faults : 8268
Module list
Module at 0x01000000: winlogon.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x758d0000: NDdeApi.dll
Module at 0x758c0000: PROFMAP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x76b60000: REGAPI.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x75900000: MSGINA.dll
Module at 0x74730000: ODBC32.dll
Module at 0x20000000: odbcint.dll
Module at 0x776a0000: SHSVCS.dll
Module at 0x76b50000: sfc.dll
Module at 0x76c10000: sfc_os.dll
Module at 0x774a0000: ole32.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x72340000: WINSCARD.DLL
Module at 0x76f00000: WTSAPI32.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x76590000: cscdll.dll
Module at 0x758e0000: WlNotify.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x71a60000: MPR.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77210000: sxs.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x765b0000: cscui.dll
Module at 0x01510000: xpsp2res.dll
Module at 0x72c70000: wdmaud.drv
Module at 0x72c60000: msacm32.drv
Module at 0x77bb0000: MSACM32.dll
Module at 0x77ba0000: midimap.dll
Module at 0x77000000: COMRes.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77aa0000: wininet.dll
Process 00000248: services.exe
Current Memory usage : 5308 kb
Memory usage peak : 5428 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 41 kb
Current Non-Paged Pool usage : 8 kb
Non-Paged Pool usage peak : 9 kb
Current Page file usage : 2168 kb
Page file usage peak : 2472 kb
Page Faults : 2565
Module list
Module at 0x01000000: services.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76a20000: SCESRV.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75840000: umpnpmgr.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x5fb00000: NCObjAPI.DLL
Module at 0x76010000: MSVCP60.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77fc0000: secur32.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77b80000: eventlog.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f00000: wtsapi32.dll
Process 00000254: lsass.exe
Current Memory usage : 1452 kb
Memory usage peak : 6404 kb
Current Paged Pool usage : 43 kb
Paged Pool usage peak : 45 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 13 kb
Current Page file usage : 3952 kb
Page file usage peak : 4084 kb
Page Faults : 4208
Module list
Module at 0x01000000: lsass.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x756b0000: LSASRV.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x743b0000: SAMSRV.dll
Module at 0x76730000: cryptdll.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x71a60000: MPR.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x20000000: msprivs.dll
Module at 0x71c50000: kerberos.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x74420000: netlogon.dll
Module at 0x76760000: w32time.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x76790000: schannel.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x742e0000: wdigest.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x74370000: scecli.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x74340000: ipsecsvc.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75dd0000: oakley.DLL
Module at 0x742d0000: WINIPSEC.DLL
Module at 0x74300000: pstorsvc.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x74320000: psbase.dll
Module at 0x68100000: dssenh.dll
Process 000002f4: svchost.exe
Current Memory usage : 4756 kb
Memory usage peak : 4856 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 41 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 3104 kb
Page file usage peak : 23376 kb
Page Faults : 2012
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76870000: rpcss.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x766a0000: termsrv.dll
Module at 0x74ee0000: ICAAPI.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75080000: mstlsapi.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76b60000: REGAPI.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77b50000: Apphelp.dll
Process 00000324: svchost.exe
Current Memory usage : 4312 kb
Memory usage peak : 4396 kb
Current Paged Pool usage : 38 kb
Paged Pool usage peak : 39 kb
Current Non-Paged Pool usage : 14 kb
Non-Paged Pool usage peak : 15 kb
Current Page file usage : 1924 kb
Page file usage peak : 2060 kb
Page Faults : 2147
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76870000: rpcss.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Process 0000036c: svchost.exe
Current Memory usage : 18468 kb
Memory usage peak : 22324 kb
Current Paged Pool usage : 114 kb
Paged Pool usage peak : 122 kb
Current Non-Paged Pool usage : 59 kb
Non-Paged Pool usage peak : 65 kb
Current Page file usage : 11788 kb
Page file usage peak : 18132 kb
Page Faults : 12712
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x776a0000: shsvcs.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76d30000: dhcpcsvc.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x775e0000: wzcsvc.dll
Module at 0x76e30000: rtutils.dll
Module at 0x76ce0000: WMI.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76f00000: WTSAPI32.dll
Module at 0x6f890000: ESENT.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76b70000: rastls.dll
Module at 0x76610000: CRYPTUI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x77aa0000: WININET.dll
Module at 0x76cf0000: MPRAPI.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x76e90000: RASAPI32.dll
Module at 0x76e40000: rasman.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x76790000: SCHANNEL.dll
Module at 0x72340000: WinSCard.dll
Module at 0x76c90000: raschap.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x76b10000: schedsvc.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x74ec0000: MSIDLE.DLL
Module at 0x70da0000: audiosrv.dll
Module at 0x772d0000: wkssvc.dll
Module at 0x60ac0000: qmgr.dll
Module at 0x71a60000: MPR.dll
Module at 0x76720000: SHFOLDER.dll
Module at 0x4d5e0000: WINHTTP.dll
Module at 0x776d0000: es.dll
Module at 0x74ef0000: ersvc.dll
Module at 0x74f00000: dmserver.dll
Module at 0x76cc0000: cryptsvc.dll
Module at 0x752c0000: certcli.dll
Module at 0x74eb0000: pchsvc.dll
Module at 0x68d40000: hidserv.dll
Module at 0x68d50000: HID.DLL
Module at 0x77cd0000: netman.dll
Module at 0x76390000: netshell.dll
Module at 0x76bb0000: credui.dll
Module at 0x72f80000: WZCSAPI.DLL
Module at 0x75000000: srvsvc.dll
Module at 0x75110000: srsvc.dll
Module at 0x74a40000: POWRPROF.dll
Module at 0x72240000: sens.dll
Module at 0x73c70000: seclogon.dll
Module at 0x77210000: SXS.DLL
Module at 0x74fe0000: trkwks.dll
Module at 0x76760000: w32time.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x4f0b0000: wmisvc.dll
Module at 0x75350000: VSSAPI.DLL
Module at 0x76d90000: browser.dll
Module at 0x4c190000: wscsvc.dll
Module at 0x7d200000: msi.dll
Module at 0x75200000: wbemcomn.dll
Module at 0x76250000: wbemcore.dll
Module at 0x75280000: esscli.dll
Module at 0x75610000: FastProx.dll
Module at 0x76080000: comsvcs.dll
Module at 0x75060000: MTXCLU.DLL
Module at 0x71a10000: WSOCK32.dll
Module at 0x750a0000: colbact.DLL
Module at 0x76d50000: CLUSAPI.DLL
Module at 0x75020000: RESUTILS.DLL
Module at 0x74f90000: wmiutils.dll
Module at 0x75170000: repdrvfs.dll
Module at 0x59ad0000: wmiprvsd.dll
Module at 0x5fb00000: NCObjAPI.DLL
Module at 0x75300000: wbemess.dll
Module at 0x66890000: ipnathlp.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x76df0000: upnp.dll
Module at 0x74e70000: SSDPAPI.dll
Module at 0x5fad0000: ncprov.dll
Module at 0x75570000: netcfgx.dll
Module at 0x723d0000: rasmans.dll
Module at 0x742d0000: WINIPSEC.DLL
Module at 0x73330000: tapisrv.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x76f70000: rasadhlp.dll
Module at 0x75880000: rastapi.dll
Module at 0x57f70000: unimdm.tsp
Module at 0x71f70000: uniplat.dll
Module at 0x57ff0000: kmddsp.tsp
Module at 0x57fd0000: ndptsp.tsp
Module at 0x58000000: ipconf.tsp
Module at 0x58020000: h323.tsp
Module at 0x58010000: hidphone.tsp
Module at 0x721b0000: rasppp.dll
Module at 0x72400000: ntlsapi.dll
Module at 0x71c50000: kerberos.dll
Module at 0x76730000: cryptdll.dll
Module at 0x754c0000: RASDLG.dll
Module at 0x70000000: catsrvut.dll
Module at 0x61d60000: MfcSubs.dll
Module at 0x750c0000: Cabinet.dll
Module at 0x77170000: urlmon.dll
Module at 0x700c0000: catsrv.dll
Process 000003c4: svchost.exe
Current Memory usage : 3808 kb
Memory usage peak : 3896 kb
Current Paged Pool usage : 33 kb
Paged Pool usage peak : 35 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 8 kb
Current Page file usage : 1544 kb
Page file usage peak : 1680 kb
Page Faults : 2056
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76710000: dnsrslvr.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76cf0000: MPRAPI.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76e30000: rtutils.dll
Module at 0x778e0000: SETUPAPI.dll
Process 00000430: svchost.exe
Current Memory usage : 4548 kb
Memory usage peak : 4640 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 40 kb
Current Non-Paged Pool usage : 6 kb
Non-Paged Pool usage peak : 12 kb
Current Page file usage : 1928 kb
Page file usage peak : 2016 kb
Page Faults : 2081
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x74bb0000: lmhsvc.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x5a9f0000: webclnt.dll
Module at 0x77aa0000: WININET.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77170000: urlmon.dll
Module at 0x71a10000: wsock32.dll
Module at 0x76820000: regsvc.dll
Module at 0x76840000: ssdpsrv.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x71990000: mswsock.dll
Module at 0x719d0000: wshtcpip.dll
Process 0000048c: aswUpdSv.exe
Current Memory usage : 224 kb
Memory usage peak : 1692 kb
Current Paged Pool usage : 17 kb
Paged Pool usage peak : 26 kb
Current Non-Paged Pool usage : 1 kb
Non-Paged Pool usage peak : 1 kb
Current Page file usage : 452 kb
Page file usage peak : 592 kb
Page Faults : 500
Module list
Module at 0x00400000: aswUpdSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64080000: aswCmnB.dll
Process 000004bc: ashServ.exe
Current Memory usage : 16656 kb
Memory usage peak : 101528 kb
Current Paged Pool usage : 80 kb
Paged Pool usage peak : 89 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 12 kb
Current Page file usage : 24376 kb
Page file usage peak : 62304 kb
Page Faults : 88141
Module list
Module at 0x00400000: ashServ.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x64580000: aswAux.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x64800000: ashTask.dll
Module at 0x774a0000: ole32.dll
Module at 0x64400000: aswInteg.dll
Module at 0x64a00000: aswIdle.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77390000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f00000: Wtsapi32.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x65380000: AhResMai.dll
Module at 0x65880000: ahResMes.dll
Module at 0x65980000: AhResNS.dll
Module at 0x65280000: AhResOut.dll
Module at 0x658c0000: ahResP2P.dll
Module at 0x65180000: AhResStd.dll
Module at 0x65a00000: AhResWS.dll
Module at 0x64880000: ashSSqlt.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77000000: COMRes.dll
Module at 0x741e0000: ICMP.DLL
Module at 0x76d10000: iphlpapi.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f60000: winrnr.dll
Module at 0x5ead0000: perfos.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x66000000: aswRes.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76ba0000: psapi.dll
Process 00000560: explorer.exe
Current Memory usage : 19384 kb
Memory usage peak : 21448 kb
Current Paged Pool usage : 63 kb
Paged Pool usage peak : 87 kb
Current Non-Paged Pool usage : 11 kb
Non-Paged Pool usage peak : 17 kb
Current Page file usage : 10568 kb
Page file usage peak : 13028 kb
Page Faults : 21092
Module list
Module at 0x01000000: Explorer.EXE
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x75f10000: BROWSEUI.dll
Module at 0x77720000: SHDOCVW.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76610000: CRYPTUI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x77aa0000: WININET.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x76960000: USERENV.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x71b50000: SAMLIB.dll
Module at 0x77b50000: appHelp.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x765b0000: cscui.dll
Module at 0x76590000: CSCDLL.dll
Module at 0x5b950000: themeui.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76310000: MSIMG32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76920000: LINKINFO.dll
Module at 0x76930000: ntshrui.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77170000: urlmon.dll
Module at 0x76390000: NETSHELL.dll
Module at 0x76e30000: rtutils.dll
Module at 0x76bb0000: credui.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x7d200000: msi.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x74aa0000: webcheck.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x76540000: stobject.dll
Module at 0x74a60000: BatMeter.dll
Module at 0x74a40000: POWRPROF.dll
Module at 0x76f00000: WTSAPI32.dll
Module at 0x72c70000: wdmaud.drv
Module at 0x72c60000: msacm32.drv
Module at 0x77ba0000: midimap.dll
Module at 0x014f0000: Inactivity.dll
Module at 0x76e90000: RASAPI32.dll
Module at 0x76e40000: rasman.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x71a60000: MPR.dll
Module at 0x75ef0000: drprov.dll
Module at 0x71b70000: ntlanman.dll
Module at 0x71c30000: NETUI0.dll
Module at 0x71bf0000: NETUI1.dll
Module at 0x71be0000: NETRAP.dll
Module at 0x75f00000: davclnt.dll
Module at 0x77210000: SXS.DLL
Module at 0x01710000: shdoclc.dll
Module at 0x00db0000: browselc.dll
Module at 0x00b60000: AcroIEHelper.dll
Module at 0x00d90000: LQCUI2.dll
Module at 0x6c650000: DUSER.dll
Module at 0x75d30000: MLANG.dll
Module at 0x00cf0000: mbamext.dll
Module at 0x00d40000: rarext.dll
Module at 0x64f00000: ashShell.dll
Process 0000065c: spoolsv.exe
Current Memory usage : 4472 kb
Memory usage peak : 4560 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 43 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 3100 kb
Page file usage peak : 3324 kb
Page Faults : 2027
Module list
Module at 0x01000000: spoolsv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x74240000: SPOOLSS.DLL
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x75b40000: localspl.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76c10000: sfc_os.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x72f50000: winspool.drv
Module at 0x6fee0000: netapi32.dll
Module at 0x741f0000: cnbjmon.dll
Module at 0x741d0000: pjlmon.dll
Module at 0x72370000: tcpmon.dll
Module at 0x72360000: usbmon.dll
Module at 0x71990000: mswsock.dll
Module at 0x76f60000: winrnr.dll
Module at 0x75ea0000: win32spl.dll
Module at 0x71be0000: NETRAP.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x74260000: inetpp.dll
Module at 0x20000000: xpsp2res.dll
Process 000006a8: ashDisp.exe
Current Memory usage : 1904 kb
Memory usage peak : 5192 kb
Current Paged Pool usage : 41 kb
Paged Pool usage peak : 43 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2668 kb
Page file usage peak : 2732 kb
Page Faults : 5555
Module list
Module at 0x00400000: ashDisp.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77390000: COMCTL32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x66100000: Lang.dll
Module at 0x7c140000: MFC71.DLL
Module at 0x65400000: ahruimai.dll
Module at 0x64b00000: ashUInt.dll
Module at 0x64c80000: XT1922.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x65900000: ahruimes.dll
Module at 0x659c0000: ahruins.dll
Module at 0x65300000: ahruiout.dll
Module at 0x621f0000: MAPI32.dll
Module at 0x65940000: ahruip2p.dll
Module at 0x65200000: ahruistd.dll
Module at 0x65a40000: ahruiws.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x77fc0000: Secur32.dll
Process 00000724: soffice.exe
Current Memory usage : 10056 kb
Memory usage peak : 10144 kb
Current Paged Pool usage : 36 kb
Paged Pool usage peak : 42 kb
Current Non-Paged Pool usage : 2 kb
Non-Paged Pool usage peak : 3 kb
Current Page file usage : 992 kb
Page file usage peak : 1328 kb
Page Faults : 3312
Module list
Module at 0x00400000: soffice.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x78520000: MSVCR90.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 0000074c: soffice.bin
Current Memory usage : 25776 kb
Memory usage peak : 25864 kb
Current Paged Pool usage : 96 kb
Paged Pool usage peak : 96 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 11 kb
Current Page file usage : 5540 kb
Page file usage peak : 5604 kb
Page Faults : 7394
Module list
Module at 0x00400000: soffice.bin
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x60100000: sal3.dll
Module at 0x5c0e0000: uwinapi.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x78520000: MSVCR90.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x71a60000: MPR.dll
Module at 0x774a0000: ole32.dll
Module at 0x5e6e0000: sofficeapp.dll
Module at 0x65980000: comphelp4MSC.dll
Module at 0x656c0000: cppuhelper3MSC.dll
Module at 0x600e0000: salhelper3MSC.dll
Module at 0x65740000: cppu3.dll
Module at 0x5e470000: stlport_vc7145.dll
Module at 0x5c630000: ucbhelper4MSC.dll
Module at 0x5bc20000: vos3MSC.dll
Module at 0x636f0000: i18nisolang1MSC.dll
Module at 0x5eed0000: sfxmi.dll
Module at 0x63c90000: fwemi.dll
Module at 0x63c30000: fwimi.dll
Module at 0x5c170000: utlmi.dll
Module at 0x5c730000: tlmi.dll
Module at 0x67820000: basegfxmi.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x5bc50000: vclmi.dll
Module at 0x5e620000: sotmi.dll
Module at 0x628b0000: icuuc36.dll
Module at 0x62b00000: icudt36l.dll
Module at 0x76310000: MSIMG32.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x76320000: IMM32.dll
Module at 0x5e090000: svlmi.dll
Module at 0x5ddc0000: svtmi.dll
Module at 0x5c7c0000: tkmi.dll
Module at 0x63540000: i18nutilMSC.dll
Module at 0x62330000: jvmfwk3.dll
Module at 0x61f50000: libxml2.dll
Module at 0x5ff20000: sbmi.dll
Module at 0x5b6c0000: xcrmi.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x60080000: saxmi.dll
Module at 0x624b0000: jmi_g.dll
Module at 0x62360000: jvmaccess3MSC.dll
Module at 0x77390000: comctl32.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x61860000: msci_uno.dll
Module at 0x66380000: bootstrap.uno.dll
Module at 0x607e0000: reg3.dll
Module at 0x5e2e0000: store3.dll
Module at 0x5c2c0000: unsafe_uno_uno.dll
Module at 0x60ac0000: purpenvhelper3MSC.dll
Module at 0x65800000: configmgr2.uno.dll
Module at 0x5e310000: stocservices.uno.dll
Module at 0x5cb70000: sysmgr1.uno.dll
Module at 0x600a0000: sax.uno.dll
Module at 0x61c70000: localebe1.uno.dll
Module at 0x677a0000: behelper.uno.dll
Module at 0x5c6a0000: ucb1.dll
Module at 0x63a20000: fwlmi.dll
Module at 0x5c500000: ucpfile1.dll
Module at 0x63a50000: fwkmi.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x615f0000: oleautobridge.uno.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x643d0000: emsermi.dll
Process 000007ac: AppleMobileDeviceService.exe
Current Memory usage : 2888 kb
Memory usage peak : 2976 kb
Current Paged Pool usage : 28 kb
Paged Pool usage peak : 31 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2004 kb
Page file usage peak : 2068 kb
Page Faults : 1463
Module list
Module at 0x00400000: AppleMobileDeviceService.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x5b090000: uxtheme.dll
Process 000007d4: FTRTSVC.exe
Current Memory usage : 2460 kb
Memory usage peak : 2548 kb
Current Paged Pool usage : 27 kb
Paged Pool usage peak : 31 kb
Current Non-Paged Pool usage : 2 kb
Non-Paged Pool usage peak : 3 kb
Current Page file usage : 832 kb
Page file usage peak : 1244 kb
Page Faults : 1387
Module list
Module at 0x00400000: FTRTSVC.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x10000000: IfHelper.dll
Module at 0x77be0000: MSVCRT.dll
Module at 0x73d20000: MFC42.DLL
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x003e0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 00000104: svchost.exe
Current Memory usage : 4544 kb
Memory usage peak : 4640 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 40 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2748 kb
Page file usage peak : 2856 kb
Page Faults : 1940
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x75a00000: wiaservc.dll
Module at 0x74a50000: CFGMGR32.dll
Module at 0x778e0000: setupapi.DLL
Module at 0x73a80000: mscms.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x5a7b0000: wiavusd.dll
Module at 0x4eb80000: gdiplus.dll
Module at 0x76720000: SHFOLDER.dll
Module at 0x71ca0000: actxprxy.dll
Process 00000390: ashMaiSv.exe
Current Memory usage : 2192 kb
Memory usage peak : 38676 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 75 kb
Current Non-Paged Pool usage : 125 kb
Non-Paged Pool usage peak : 126 kb
Current Page file usage : 2580 kb
Page file usage peak : 19432 kb
Page Faults : 53928
Module list
Module at 0x00400000: ashMaiSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x65380000: AhResMai.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x66100000: Lang.dll
Module at 0x7c140000: MFC71.DLL
Module at 0x66500000: langmai.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x76ba0000: PSAPI.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Process 00000464: ashWebSv.exe
Current Memory usage : 12528 kb
Memory usage peak : 38620 kb
Current Paged Pool usage : 72 kb
Paged Pool usage peak : 79 kb
Current Non-Paged Pool usage : 36 kb
Non-Paged Pool usage peak : 50 kb
Current Page file usage : 20900 kb
Page file usage peak : 22872 kb
Page Faults : 36788
Module list
Module at 0x00400000: ashWebSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x64500000: ashBase.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x76ba0000: PSAPI.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x71ef0000: security.dll
Module at 0x77fc0000: SECUR32.dll
Module at 0x68300000: ashWsFtr.dll
Module at 0x65a00000: AhResWs.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 0000027c: GestionnaireInternet.exe
Current Memory usage : 11664 kb
Memory usage peak : 11736 kb
Current Paged Pool usage : 46 kb
Paged Pool usage peak : 48 kb
Current Non-Paged Pool usage : 16 kb
Non-Paged Pool usage peak : 17 kb
Current Page file usage : 4688 kb
Page file usage peak : 4752 kb
Page Faults : 12437
Module list
Module at 0x00400000: GestionnaireInternet.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: OutilsFT.dll
Module at 0x5f400000: MFC42.DLL
Module at 0x77be0000: MSVCRT.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x00320000: StyleIHM.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x75ba0000: MSVFW32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x009b0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x00cc0000: WooIHMF.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x00f40000: ResourceStyle.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x01600000: ALERTC~1.DLL
Module at 0x20000000: xpsp2res.dll
Module at 0x77210000: SXS.DLL
Module at 0x00db0000: DetectComponent.dll
Module at 0x02050000: Inactivity.dll
Module at 0x02060000: SynchroDll.dll
Module at 0x77aa0000: WININET.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77170000: urlmon.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76e90000: RASAPI32.DLL
Module at 0x76e40000: rasman.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x76e30000: rtutils.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x76960000: USERENV.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f70000: rasadhlp.dll
Process 00000848: alg.exe
Current Memory usage : 3648 kb
Memory usage peak : 3736 kb
Current Paged Pool usage : 36 kb
Paged Pool usage peak : 37 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 6 kb
Current Page file usage : 1260 kb
Page file usage peak : 1492 kb
Page Faults : 1705
Module list
Module at 0x01000000: alg.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x71990000: MSWSOCK.DLL
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Process 00000910: ComComp.exe
Current Memory usage : 8228 kb
Memory usage peak : 8304 kb
Current Paged Pool usage : 44 kb
Paged Pool usage peak : 47 kb
Current Non-Paged Pool usage : 6 kb
Non-Paged Pool usage peak : 8 kb
Current Page file usage : 3048 kb
Page file usage peak : 3112 kb
Page Faults : 13130
Module list
Module at 0x00400000: ComComp.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: OutilsFT.dll
Module at 0x5f400000: MFC42.DLL
Module at 0x77be0000: MSVCRT.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x00320000: WLANManager.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x00340000: IfHelper.dll
Module at 0x00350000: W32N50.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x5b090000: uxtheme.dll
Module at 0x003d0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Exception Code : 0xc0000005
Client version : 0.853
Attached Debugger : 0
Windows Information :
---------------------
Windows Version : Windows XP (5.1)
Build Number : 2600
Service Pack : 2.0
CPU Information:
----------------
CPU Name : Intel(R) Pentium(R) 4 CPU 1500MHz
Type : 0
Vendor : GenuineIntel
Family : 15
Extended Family : 0
Model : 0
Extended Model : 0
Stepping : 10
Registry Content:
-----------------
EAX : 0x000041cb
ECX : 0x00000000
EDX : 0x003540f8
EBX : 0x00000000
ESP : 0x00c9ff84
EBP : 0x00c9ffb4
ESI : 0x00354108
EDI : 0x003540f8
EIP : 0x003910c3
Memory Usage:
-------------
Physical Memory in use : 79%
Total Physical Memory : 523808 kb
Free Physical Memory : 106860 kb
Total Virtual Memory : 2097024 kb
Free Virtual Memory : 1850416 kb
Max Page file size : 1280044 kb
Current Page file size : 782240 kb
Free Extended memory : 0kb
Stack Information:
------------------
Total stack size : 88
Stack Content:
--------------
0039764f 00000000 00000000 00353588 00000000 003540f8
00c9ff88 00c9fba8 00c9ffdc 0039c440 0039e1f0 ffffffff
00c9ffec 7c80b50b 00000006 00000000 00000000 00353588
7ffdd000 c0000005 00c9ffc0 00c9fba8
System Activity:
----------------
Process 00000000: [System Process]
Module at 0x00400000: aawservice.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: CEAPI.dll
Module at 0x77aa0000: WININET.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x774a0000: ole32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x004a0000: PKArchive85u.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77bd0000: VERSION.dll
Module at 0x76960000: USERENV.dll
Module at 0x00390000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x71b50000: SAMLIB.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x5b090000: uxtheme.dll
Process 00000004: System
Current Memory usage : 232 kb
Memory usage peak : 2084 kb
Current Paged Pool usage : 0 kb
Paged Pool usage peak : 0 kb
Current Non-Paged Pool usage : 0 kb
Non-Paged Pool usage peak : 0 kb
Current Page file usage : 0 kb
Page file usage peak : 0 kb
Page Faults : 5614
Module list
Module at 0x00000000:
Process 000001c8: smss.exe
Current Memory usage : 384 kb
Memory usage peak : 672 kb
Current Paged Pool usage : 5 kb
Paged Pool usage peak : 13 kb
Current Non-Paged Pool usage : 0 kb
Non-Paged Pool usage peak : 1 kb
Current Page file usage : 164 kb
Page file usage peak : 1640 kb
Page Faults : 290
Module list
Module at 0x48580000: smss.exe
Module at 0x7c910000: ntdll.dll
Process 00000200: csrss.exe
Current Memory usage : 3524 kb
Memory usage peak : 3636 kb
Current Paged Pool usage : 52 kb
Paged Pool usage peak : 55 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 1452 kb
Page file usage peak : 2800 kb
Page Faults : 3138
Module list
Module at 0x4a680000: csrss.exe
Module at 0x7c910000: ntdll.dll
Module at 0x75ad0000: CSRSRV.dll
Module at 0x75ae0000: basesrv.dll
Module at 0x75af0000: winsrv.dll
Module at 0x77d10000: USER32.dll
Module at 0x7c800000: KERNEL32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77210000: sxs.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77bd0000: VERSION.dll
Process 00000218: winlogon.exe
Current Memory usage : 5300 kb
Memory usage peak : 12184 kb
Current Paged Pool usage : 65 kb
Paged Pool usage peak : 69 kb
Current Non-Paged Pool usage : 48 kb
Non-Paged Pool usage peak : 51 kb
Current Page file usage : 6640 kb
Page file usage peak : 8008 kb
Page Faults : 8268
Module list
Module at 0x01000000: winlogon.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x758d0000: NDdeApi.dll
Module at 0x758c0000: PROFMAP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x76b60000: REGAPI.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x75900000: MSGINA.dll
Module at 0x74730000: ODBC32.dll
Module at 0x20000000: odbcint.dll
Module at 0x776a0000: SHSVCS.dll
Module at 0x76b50000: sfc.dll
Module at 0x76c10000: sfc_os.dll
Module at 0x774a0000: ole32.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x72340000: WINSCARD.DLL
Module at 0x76f00000: WTSAPI32.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x76590000: cscdll.dll
Module at 0x758e0000: WlNotify.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x71a60000: MPR.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77210000: sxs.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x765b0000: cscui.dll
Module at 0x01510000: xpsp2res.dll
Module at 0x72c70000: wdmaud.drv
Module at 0x72c60000: msacm32.drv
Module at 0x77bb0000: MSACM32.dll
Module at 0x77ba0000: midimap.dll
Module at 0x77000000: COMRes.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77aa0000: wininet.dll
Process 00000248: services.exe
Current Memory usage : 5308 kb
Memory usage peak : 5428 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 41 kb
Current Non-Paged Pool usage : 8 kb
Non-Paged Pool usage peak : 9 kb
Current Page file usage : 2168 kb
Page file usage peak : 2472 kb
Page Faults : 2565
Module list
Module at 0x01000000: services.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76960000: USERENV.dll
Module at 0x76a20000: SCESRV.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75840000: umpnpmgr.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x5fb00000: NCObjAPI.DLL
Module at 0x76010000: MSVCP60.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77fc0000: secur32.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x77b80000: eventlog.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f00000: wtsapi32.dll
Process 00000254: lsass.exe
Current Memory usage : 1452 kb
Memory usage peak : 6404 kb
Current Paged Pool usage : 43 kb
Paged Pool usage peak : 45 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 13 kb
Current Page file usage : 3952 kb
Page file usage peak : 4084 kb
Page Faults : 4208
Module list
Module at 0x01000000: lsass.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x756b0000: LSASRV.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x743b0000: SAMSRV.dll
Module at 0x76730000: cryptdll.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x71a60000: MPR.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x20000000: msprivs.dll
Module at 0x71c50000: kerberos.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x74420000: netlogon.dll
Module at 0x76760000: w32time.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x76790000: schannel.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x742e0000: wdigest.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x74370000: scecli.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x74340000: ipsecsvc.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75dd0000: oakley.DLL
Module at 0x742d0000: WINIPSEC.DLL
Module at 0x74300000: pstorsvc.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x74320000: psbase.dll
Module at 0x68100000: dssenh.dll
Process 000002f4: svchost.exe
Current Memory usage : 4756 kb
Memory usage peak : 4856 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 41 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 3104 kb
Page file usage peak : 23376 kb
Page Faults : 2012
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76870000: rpcss.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x766a0000: termsrv.dll
Module at 0x74ee0000: ICAAPI.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x75080000: mstlsapi.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76b60000: REGAPI.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x77b50000: Apphelp.dll
Process 00000324: svchost.exe
Current Memory usage : 4312 kb
Memory usage peak : 4396 kb
Current Paged Pool usage : 38 kb
Paged Pool usage peak : 39 kb
Current Non-Paged Pool usage : 14 kb
Non-Paged Pool usage peak : 15 kb
Current Page file usage : 1924 kb
Page file usage peak : 2060 kb
Page Faults : 2147
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76870000: rpcss.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Process 0000036c: svchost.exe
Current Memory usage : 18468 kb
Memory usage peak : 22324 kb
Current Paged Pool usage : 114 kb
Paged Pool usage peak : 122 kb
Current Non-Paged Pool usage : 59 kb
Non-Paged Pool usage peak : 65 kb
Current Page file usage : 11788 kb
Page file usage peak : 18132 kb
Page Faults : 12712
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x776a0000: shsvcs.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76d30000: dhcpcsvc.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x775e0000: wzcsvc.dll
Module at 0x76e30000: rtutils.dll
Module at 0x76ce0000: WMI.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76f00000: WTSAPI32.dll
Module at 0x6f890000: ESENT.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76b70000: rastls.dll
Module at 0x76610000: CRYPTUI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x77aa0000: WININET.dll
Module at 0x76cf0000: MPRAPI.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x76e90000: RASAPI32.dll
Module at 0x76e40000: rasman.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x76790000: SCHANNEL.dll
Module at 0x72340000: WinSCard.dll
Module at 0x76c90000: raschap.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x76b10000: schedsvc.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x74ec0000: MSIDLE.DLL
Module at 0x70da0000: audiosrv.dll
Module at 0x772d0000: wkssvc.dll
Module at 0x60ac0000: qmgr.dll
Module at 0x71a60000: MPR.dll
Module at 0x76720000: SHFOLDER.dll
Module at 0x4d5e0000: WINHTTP.dll
Module at 0x776d0000: es.dll
Module at 0x74ef0000: ersvc.dll
Module at 0x74f00000: dmserver.dll
Module at 0x76cc0000: cryptsvc.dll
Module at 0x752c0000: certcli.dll
Module at 0x74eb0000: pchsvc.dll
Module at 0x68d40000: hidserv.dll
Module at 0x68d50000: HID.DLL
Module at 0x77cd0000: netman.dll
Module at 0x76390000: netshell.dll
Module at 0x76bb0000: credui.dll
Module at 0x72f80000: WZCSAPI.DLL
Module at 0x75000000: srvsvc.dll
Module at 0x75110000: srsvc.dll
Module at 0x74a40000: POWRPROF.dll
Module at 0x72240000: sens.dll
Module at 0x73c70000: seclogon.dll
Module at 0x77210000: SXS.DLL
Module at 0x74fe0000: trkwks.dll
Module at 0x76760000: w32time.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x4f0b0000: wmisvc.dll
Module at 0x75350000: VSSAPI.DLL
Module at 0x76d90000: browser.dll
Module at 0x4c190000: wscsvc.dll
Module at 0x7d200000: msi.dll
Module at 0x75200000: wbemcomn.dll
Module at 0x76250000: wbemcore.dll
Module at 0x75280000: esscli.dll
Module at 0x75610000: FastProx.dll
Module at 0x76080000: comsvcs.dll
Module at 0x75060000: MTXCLU.DLL
Module at 0x71a10000: WSOCK32.dll
Module at 0x750a0000: colbact.DLL
Module at 0x76d50000: CLUSAPI.DLL
Module at 0x75020000: RESUTILS.DLL
Module at 0x74f90000: wmiutils.dll
Module at 0x75170000: repdrvfs.dll
Module at 0x59ad0000: wmiprvsd.dll
Module at 0x5fb00000: NCObjAPI.DLL
Module at 0x75300000: wbemess.dll
Module at 0x66890000: ipnathlp.dll
Module at 0x77680000: AUTHZ.dll
Module at 0x76df0000: upnp.dll
Module at 0x74e70000: SSDPAPI.dll
Module at 0x5fad0000: ncprov.dll
Module at 0x75570000: netcfgx.dll
Module at 0x723d0000: rasmans.dll
Module at 0x742d0000: WINIPSEC.DLL
Module at 0x73330000: tapisrv.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x76f70000: rasadhlp.dll
Module at 0x75880000: rastapi.dll
Module at 0x57f70000: unimdm.tsp
Module at 0x71f70000: uniplat.dll
Module at 0x57ff0000: kmddsp.tsp
Module at 0x57fd0000: ndptsp.tsp
Module at 0x58000000: ipconf.tsp
Module at 0x58020000: h323.tsp
Module at 0x58010000: hidphone.tsp
Module at 0x721b0000: rasppp.dll
Module at 0x72400000: ntlsapi.dll
Module at 0x71c50000: kerberos.dll
Module at 0x76730000: cryptdll.dll
Module at 0x754c0000: RASDLG.dll
Module at 0x70000000: catsrvut.dll
Module at 0x61d60000: MfcSubs.dll
Module at 0x750c0000: Cabinet.dll
Module at 0x77170000: urlmon.dll
Module at 0x700c0000: catsrv.dll
Process 000003c4: svchost.exe
Current Memory usage : 3808 kb
Memory usage peak : 3896 kb
Current Paged Pool usage : 33 kb
Paged Pool usage peak : 35 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 8 kb
Current Page file usage : 1544 kb
Page file usage peak : 1680 kb
Page Faults : 2056
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76710000: dnsrslvr.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76cf0000: MPRAPI.dll
Module at 0x77c90000: ACTIVEDS.dll
Module at 0x76dc0000: adsldpc.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x76e30000: rtutils.dll
Module at 0x778e0000: SETUPAPI.dll
Process 00000430: svchost.exe
Current Memory usage : 4548 kb
Memory usage peak : 4640 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 40 kb
Current Non-Paged Pool usage : 6 kb
Non-Paged Pool usage peak : 12 kb
Current Page file usage : 1928 kb
Page file usage peak : 2016 kb
Page Faults : 2081
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x74bb0000: lmhsvc.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x5a9f0000: webclnt.dll
Module at 0x77aa0000: WININET.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77170000: urlmon.dll
Module at 0x71a10000: wsock32.dll
Module at 0x76820000: regsvc.dll
Module at 0x76840000: ssdpsrv.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x71990000: mswsock.dll
Module at 0x719d0000: wshtcpip.dll
Process 0000048c: aswUpdSv.exe
Current Memory usage : 224 kb
Memory usage peak : 1692 kb
Current Paged Pool usage : 17 kb
Paged Pool usage peak : 26 kb
Current Non-Paged Pool usage : 1 kb
Non-Paged Pool usage peak : 1 kb
Current Page file usage : 452 kb
Page file usage peak : 592 kb
Page Faults : 500
Module list
Module at 0x00400000: aswUpdSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64080000: aswCmnB.dll
Process 000004bc: ashServ.exe
Current Memory usage : 16656 kb
Memory usage peak : 101528 kb
Current Paged Pool usage : 80 kb
Paged Pool usage peak : 89 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 12 kb
Current Page file usage : 24376 kb
Page file usage peak : 62304 kb
Page Faults : 88141
Module list
Module at 0x00400000: ashServ.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x64580000: aswAux.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x64800000: ashTask.dll
Module at 0x774a0000: ole32.dll
Module at 0x64400000: aswInteg.dll
Module at 0x64a00000: aswIdle.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77390000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f00000: Wtsapi32.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x65380000: AhResMai.dll
Module at 0x65880000: ahResMes.dll
Module at 0x65980000: AhResNS.dll
Module at 0x65280000: AhResOut.dll
Module at 0x658c0000: ahResP2P.dll
Module at 0x65180000: AhResStd.dll
Module at 0x65a00000: AhResWS.dll
Module at 0x64880000: ashSSqlt.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77000000: COMRes.dll
Module at 0x741e0000: ICMP.DLL
Module at 0x76d10000: iphlpapi.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f60000: winrnr.dll
Module at 0x5ead0000: perfos.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x66000000: aswRes.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76ba0000: psapi.dll
Process 00000560: explorer.exe
Current Memory usage : 19384 kb
Memory usage peak : 21448 kb
Current Paged Pool usage : 63 kb
Paged Pool usage peak : 87 kb
Current Non-Paged Pool usage : 11 kb
Non-Paged Pool usage peak : 17 kb
Current Page file usage : 10568 kb
Page file usage peak : 13028 kb
Page Faults : 21092
Module list
Module at 0x01000000: Explorer.EXE
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x75f10000: BROWSEUI.dll
Module at 0x77720000: SHDOCVW.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76610000: CRYPTUI.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x77aa0000: WININET.dll
Module at 0x76f10000: WLDAP32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x76960000: USERENV.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x71b50000: SAMLIB.dll
Module at 0x77b50000: appHelp.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x765b0000: cscui.dll
Module at 0x76590000: CSCDLL.dll
Module at 0x5b950000: themeui.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76310000: MSIMG32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76920000: LINKINFO.dll
Module at 0x76930000: ntshrui.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77170000: urlmon.dll
Module at 0x76390000: NETSHELL.dll
Module at 0x76e30000: rtutils.dll
Module at 0x76bb0000: credui.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x7d200000: msi.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x762f0000: WINSTA.dll
Module at 0x74aa0000: webcheck.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x76540000: stobject.dll
Module at 0x74a60000: BatMeter.dll
Module at 0x74a40000: POWRPROF.dll
Module at 0x76f00000: WTSAPI32.dll
Module at 0x72c70000: wdmaud.drv
Module at 0x72c60000: msacm32.drv
Module at 0x77ba0000: midimap.dll
Module at 0x014f0000: Inactivity.dll
Module at 0x76e90000: RASAPI32.dll
Module at 0x76e40000: rasman.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x71a60000: MPR.dll
Module at 0x75ef0000: drprov.dll
Module at 0x71b70000: ntlanman.dll
Module at 0x71c30000: NETUI0.dll
Module at 0x71bf0000: NETUI1.dll
Module at 0x71be0000: NETRAP.dll
Module at 0x75f00000: davclnt.dll
Module at 0x77210000: SXS.DLL
Module at 0x01710000: shdoclc.dll
Module at 0x00db0000: browselc.dll
Module at 0x00b60000: AcroIEHelper.dll
Module at 0x00d90000: LQCUI2.dll
Module at 0x6c650000: DUSER.dll
Module at 0x75d30000: MLANG.dll
Module at 0x00cf0000: mbamext.dll
Module at 0x00d40000: rarext.dll
Module at 0x64f00000: ashShell.dll
Process 0000065c: spoolsv.exe
Current Memory usage : 4472 kb
Memory usage peak : 4560 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 43 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 7 kb
Current Page file usage : 3100 kb
Page file usage peak : 3324 kb
Page Faults : 2027
Module list
Module at 0x01000000: spoolsv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x74240000: SPOOLSS.DLL
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x75b40000: localspl.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x76c10000: sfc_os.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x72f50000: winspool.drv
Module at 0x6fee0000: netapi32.dll
Module at 0x741f0000: cnbjmon.dll
Module at 0x741d0000: pjlmon.dll
Module at 0x72370000: tcpmon.dll
Module at 0x72360000: usbmon.dll
Module at 0x71990000: mswsock.dll
Module at 0x76f60000: winrnr.dll
Module at 0x75ea0000: win32spl.dll
Module at 0x71be0000: NETRAP.dll
Module at 0x76740000: NTDSAPI.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x74260000: inetpp.dll
Module at 0x20000000: xpsp2res.dll
Process 000006a8: ashDisp.exe
Current Memory usage : 1904 kb
Memory usage peak : 5192 kb
Current Paged Pool usage : 41 kb
Paged Pool usage peak : 43 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2668 kb
Page file usage peak : 2732 kb
Page Faults : 5555
Module list
Module at 0x00400000: ashDisp.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77390000: COMCTL32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x66100000: Lang.dll
Module at 0x7c140000: MFC71.DLL
Module at 0x65400000: ahruimai.dll
Module at 0x64b00000: ashUInt.dll
Module at 0x64c80000: XT1922.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x65900000: ahruimes.dll
Module at 0x659c0000: ahruins.dll
Module at 0x65300000: ahruiout.dll
Module at 0x621f0000: MAPI32.dll
Module at 0x65940000: ahruip2p.dll
Module at 0x65200000: ahruistd.dll
Module at 0x65a40000: ahruiws.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x77fc0000: Secur32.dll
Process 00000724: soffice.exe
Current Memory usage : 10056 kb
Memory usage peak : 10144 kb
Current Paged Pool usage : 36 kb
Paged Pool usage peak : 42 kb
Current Non-Paged Pool usage : 2 kb
Non-Paged Pool usage peak : 3 kb
Current Page file usage : 992 kb
Page file usage peak : 1328 kb
Page Faults : 3312
Module list
Module at 0x00400000: soffice.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x78520000: MSVCR90.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 0000074c: soffice.bin
Current Memory usage : 25776 kb
Memory usage peak : 25864 kb
Current Paged Pool usage : 96 kb
Paged Pool usage peak : 96 kb
Current Non-Paged Pool usage : 9 kb
Non-Paged Pool usage peak : 11 kb
Current Page file usage : 5540 kb
Page file usage peak : 5604 kb
Page Faults : 7394
Module list
Module at 0x00400000: soffice.bin
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x60100000: sal3.dll
Module at 0x5c0e0000: uwinapi.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x78520000: MSVCR90.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x71a60000: MPR.dll
Module at 0x774a0000: ole32.dll
Module at 0x5e6e0000: sofficeapp.dll
Module at 0x65980000: comphelp4MSC.dll
Module at 0x656c0000: cppuhelper3MSC.dll
Module at 0x600e0000: salhelper3MSC.dll
Module at 0x65740000: cppu3.dll
Module at 0x5e470000: stlport_vc7145.dll
Module at 0x5c630000: ucbhelper4MSC.dll
Module at 0x5bc20000: vos3MSC.dll
Module at 0x636f0000: i18nisolang1MSC.dll
Module at 0x5eed0000: sfxmi.dll
Module at 0x63c90000: fwemi.dll
Module at 0x63c30000: fwimi.dll
Module at 0x5c170000: utlmi.dll
Module at 0x5c730000: tlmi.dll
Module at 0x67820000: basegfxmi.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x5bc50000: vclmi.dll
Module at 0x5e620000: sotmi.dll
Module at 0x628b0000: icuuc36.dll
Module at 0x62b00000: icudt36l.dll
Module at 0x76310000: MSIMG32.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x76320000: IMM32.dll
Module at 0x5e090000: svlmi.dll
Module at 0x5ddc0000: svtmi.dll
Module at 0x5c7c0000: tkmi.dll
Module at 0x63540000: i18nutilMSC.dll
Module at 0x62330000: jvmfwk3.dll
Module at 0x61f50000: libxml2.dll
Module at 0x5ff20000: sbmi.dll
Module at 0x5b6c0000: xcrmi.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x60080000: saxmi.dll
Module at 0x624b0000: jmi_g.dll
Module at 0x62360000: jvmaccess3MSC.dll
Module at 0x77390000: comctl32.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x76ba0000: PSAPI.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x61860000: msci_uno.dll
Module at 0x66380000: bootstrap.uno.dll
Module at 0x607e0000: reg3.dll
Module at 0x5e2e0000: store3.dll
Module at 0x5c2c0000: unsafe_uno_uno.dll
Module at 0x60ac0000: purpenvhelper3MSC.dll
Module at 0x65800000: configmgr2.uno.dll
Module at 0x5e310000: stocservices.uno.dll
Module at 0x5cb70000: sysmgr1.uno.dll
Module at 0x600a0000: sax.uno.dll
Module at 0x61c70000: localebe1.uno.dll
Module at 0x677a0000: behelper.uno.dll
Module at 0x5c6a0000: ucb1.dll
Module at 0x63a20000: fwlmi.dll
Module at 0x5c500000: ucpfile1.dll
Module at 0x63a50000: fwkmi.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x615f0000: oleautobridge.uno.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x643d0000: emsermi.dll
Process 000007ac: AppleMobileDeviceService.exe
Current Memory usage : 2888 kb
Memory usage peak : 2976 kb
Current Paged Pool usage : 28 kb
Paged Pool usage peak : 31 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2004 kb
Page file usage peak : 2068 kb
Page Faults : 1463
Module list
Module at 0x00400000: AppleMobileDeviceService.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x778e0000: SETUPAPI.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x5b090000: uxtheme.dll
Process 000007d4: FTRTSVC.exe
Current Memory usage : 2460 kb
Memory usage peak : 2548 kb
Current Paged Pool usage : 27 kb
Paged Pool usage peak : 31 kb
Current Non-Paged Pool usage : 2 kb
Non-Paged Pool usage peak : 3 kb
Current Page file usage : 832 kb
Page file usage peak : 1244 kb
Page Faults : 1387
Module list
Module at 0x00400000: FTRTSVC.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x10000000: IfHelper.dll
Module at 0x77be0000: MSVCRT.dll
Module at 0x73d20000: MFC42.DLL
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x003e0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x774a0000: ole32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 00000104: svchost.exe
Current Memory usage : 4544 kb
Memory usage peak : 4640 kb
Current Paged Pool usage : 40 kb
Paged Pool usage peak : 40 kb
Current Non-Paged Pool usage : 4 kb
Non-Paged Pool usage peak : 5 kb
Current Page file usage : 2748 kb
Page file usage peak : 2856 kb
Page Faults : 1940
Module list
Module at 0x01000000: svchost.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x774a0000: ole32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x75a00000: wiaservc.dll
Module at 0x74a50000: CFGMGR32.dll
Module at 0x778e0000: setupapi.DLL
Module at 0x73a80000: mscms.dll
Module at 0x72f50000: WINSPOOL.DRV
Module at 0x762f0000: WINSTA.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x76be0000: WINTRUST.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x76c40000: IMAGEHLP.dll
Module at 0x5a7b0000: wiavusd.dll
Module at 0x4eb80000: gdiplus.dll
Module at 0x76720000: SHFOLDER.dll
Module at 0x71ca0000: actxprxy.dll
Process 00000390: ashMaiSv.exe
Current Memory usage : 2192 kb
Memory usage peak : 38676 kb
Current Paged Pool usage : 39 kb
Paged Pool usage peak : 75 kb
Current Non-Paged Pool usage : 125 kb
Non-Paged Pool usage peak : 126 kb
Current Page file usage : 2580 kb
Page file usage peak : 19432 kb
Page Faults : 53928
Module list
Module at 0x00400000: ashMaiSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x64500000: ashBase.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x65380000: AhResMai.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x71990000: mswsock.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f60000: winrnr.dll
Module at 0x76f70000: rasadhlp.dll
Module at 0x66100000: Lang.dll
Module at 0x7c140000: MFC71.DLL
Module at 0x66500000: langmai.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x76ba0000: PSAPI.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Process 00000464: ashWebSv.exe
Current Memory usage : 12528 kb
Memory usage peak : 38620 kb
Current Paged Pool usage : 72 kb
Paged Pool usage peak : 79 kb
Current Non-Paged Pool usage : 36 kb
Non-Paged Pool usage peak : 50 kb
Current Page file usage : 20900 kb
Page file usage peak : 22872 kb
Page Faults : 36788
Module list
Module at 0x00400000: ashWebSv.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x64500000: ashBase.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x7c3a0000: MSVCP71.dll
Module at 0x7c340000: MSVCR71.dll
Module at 0x64000000: aswCmnOS.dll
Module at 0x64080000: aswCmnB.dll
Module at 0x64100000: aswCmnS.dll
Module at 0x65000000: Aavm4h.dll
Module at 0x65100000: AavmRpch.dll
Module at 0x64800000: ashTask.dll
Module at 0x64580000: aswAux.dll
Module at 0x774a0000: ole32.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x5d3f0000: dbghelp.dll
Module at 0x66080000: Base.dll
Module at 0x64280000: aswEngin.dll
Module at 0x64200000: aswScan.dll
Module at 0x76ba0000: PSAPI.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x71ef0000: security.dll
Module at 0x77fc0000: SECUR32.dll
Module at 0x68300000: ashWsFtr.dll
Module at 0x65a00000: AhResWs.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Process 0000027c: GestionnaireInternet.exe
Current Memory usage : 11664 kb
Memory usage peak : 11736 kb
Current Paged Pool usage : 46 kb
Paged Pool usage peak : 48 kb
Current Non-Paged Pool usage : 16 kb
Non-Paged Pool usage peak : 17 kb
Current Page file usage : 4688 kb
Page file usage peak : 4752 kb
Page Faults : 12437
Module list
Module at 0x00400000: GestionnaireInternet.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: OutilsFT.dll
Module at 0x5f400000: MFC42.DLL
Module at 0x77be0000: MSVCRT.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x00320000: StyleIHM.dll
Module at 0x76ae0000: WINMM.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x75ba0000: MSVFW32.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x009b0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x5b090000: uxtheme.dll
Module at 0x00cc0000: WooIHMF.dll
Module at 0x77b50000: Apphelp.dll
Module at 0x00f40000: ResourceStyle.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x01600000: ALERTC~1.DLL
Module at 0x20000000: xpsp2res.dll
Module at 0x77210000: SXS.DLL
Module at 0x00db0000: DetectComponent.dll
Module at 0x02050000: Inactivity.dll
Module at 0x02060000: SynchroDll.dll
Module at 0x77aa0000: WININET.dll
Module at 0x779e0000: CRYPT32.dll
Module at 0x77a80000: MSASN1.dll
Module at 0x77fc0000: Secur32.dll
Module at 0x77170000: urlmon.dll
Module at 0x71990000: mswsock.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Module at 0x76e90000: RASAPI32.DLL
Module at 0x76e40000: rasman.dll
Module at 0x6fee0000: NETAPI32.dll
Module at 0x76e60000: TAPI32.dll
Module at 0x76e30000: rtutils.dll
Module at 0x77c40000: msv1_0.dll
Module at 0x76d10000: iphlpapi.dll
Module at 0x76960000: USERENV.dll
Module at 0x0ffd0000: rsaenh.dll
Module at 0x76ed0000: DNSAPI.dll
Module at 0x76f70000: rasadhlp.dll
Process 00000848: alg.exe
Current Memory usage : 3648 kb
Memory usage peak : 3736 kb
Current Paged Pool usage : 36 kb
Paged Pool usage peak : 37 kb
Current Non-Paged Pool usage : 5 kb
Non-Paged Pool usage peak : 6 kb
Current Page file usage : 1260 kb
Page file usage peak : 1492 kb
Page Faults : 1705
Module list
Module at 0x01000000: alg.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x77be0000: msvcrt.dll
Module at 0x76ac0000: ATL.DLL
Module at 0x77d10000: USER32.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x71990000: MSWSOCK.DLL
Module at 0x5cea0000: ShimEng.dll
Module at 0x595b0000: AcGenral.DLL
Module at 0x76ae0000: WINMM.dll
Module at 0x77bb0000: MSACM32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x7c9d0000: SHELL32.dll
Module at 0x77f40000: SHLWAPI.dll
Module at 0x76960000: USERENV.dll
Module at 0x5b090000: UxTheme.dll
Module at 0x10000000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x58b50000: COMCTL32.dll
Module at 0x77390000: comctl32.dll
Module at 0x77650000: NTMARTA.DLL
Module at 0x76f10000: WLDAP32.dll
Module at 0x71b50000: SAMLIB.dll
Module at 0x76f80000: CLBCATQ.DLL
Module at 0x77000000: COMRes.dll
Module at 0x20000000: xpsp2res.dll
Module at 0x62e40000: hnetcfg.dll
Module at 0x719d0000: wshtcpip.dll
Process 00000910: ComComp.exe
Current Memory usage : 8228 kb
Memory usage peak : 8304 kb
Current Paged Pool usage : 44 kb
Paged Pool usage peak : 47 kb
Current Non-Paged Pool usage : 6 kb
Non-Paged Pool usage peak : 8 kb
Current Page file usage : 3048 kb
Page file usage peak : 3112 kb
Page Faults : 13130
Module list
Module at 0x00400000: ComComp.exe
Module at 0x7c910000: ntdll.dll
Module at 0x7c800000: kernel32.dll
Module at 0x10000000: OutilsFT.dll
Module at 0x5f400000: MFC42.DLL
Module at 0x77be0000: MSVCRT.dll
Module at 0x77ef0000: GDI32.dll
Module at 0x77d10000: USER32.dll
Module at 0x00320000: WLANManager.dll
Module at 0x77da0000: ADVAPI32.dll
Module at 0x77e50000: RPCRT4.dll
Module at 0x76010000: MSVCP60.dll
Module at 0x00340000: IfHelper.dll
Module at 0x00350000: W32N50.dll
Module at 0x71a10000: WSOCK32.dll
Module at 0x719f0000: WS2_32.dll
Module at 0x719e0000: WS2HELP.dll
Module at 0x774a0000: ole32.dll
Module at 0x770e0000: OLEAUT32.dll
Module at 0x77bd0000: VERSION.dll
Module at 0x61d70000: MFC42LOC.DLL
Module at 0x5b090000: uxtheme.dll
Module at 0x003d0000: fareruta.dll
Module at 0x76340000: comdlg32.dll
Module at 0x77f40000: SHLWAPI.dll
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
22 nov. 2008 à 19:58
22 nov. 2008 à 19:58
Bon, tu es encore infecté car tu n'as pas supprimé ce que t'a trouvé MBAM (Malwarebytes' Anti-Malware)
Refais le tourner en prenant soin de supprimer ce qu'il te trouve ( comme expliqué sur les indications )
* Dans l'onglet analyse, vérifie que "Exécuter un examen RAPIDE" soit coché et clique sur le bouton Rechercher pour démarrer l'analyse.
MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.
A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.
* Si des malwares ont été détectés, leur liste s'affiche.
/!\ (A FAIRE IMPERATIVEMENT SOUS PEINE DE RECOMMENCER) /!\
Coche tous les éléments détectés par Malwarebytes' Anti-Malware puis clique sur Supprimer la sélection afin d'éradiquer les malwares détectés.
MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
Ferme MBAM en cliquant sur Quitter.
Poste le rapport dans ta réponse
Tutoriel
Refais le tourner en prenant soin de supprimer ce qu'il te trouve ( comme expliqué sur les indications )
* Dans l'onglet analyse, vérifie que "Exécuter un examen RAPIDE" soit coché et clique sur le bouton Rechercher pour démarrer l'analyse.
MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.
A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.
* Si des malwares ont été détectés, leur liste s'affiche.
/!\ (A FAIRE IMPERATIVEMENT SOUS PEINE DE RECOMMENCER) /!\
Coche tous les éléments détectés par Malwarebytes' Anti-Malware puis clique sur Supprimer la sélection afin d'éradiquer les malwares détectés.
MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)
Ferme MBAM en cliquant sur Quitter.
Poste le rapport dans ta réponse
Tutoriel
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
23 nov. 2008 à 09:57
23 nov. 2008 à 09:57
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1415
Windows 5.1.2600 Service Pack 2
23/11/2008 09:55:11
mbam-log-2008-11-23 (09-55-11).txt
Type de recherche: Examen rapide
Eléments examinés: 52744
Temps écoulé: 3 minute(s), 56 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\moriyojopi (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Version de la base de données: 1415
Windows 5.1.2600 Service Pack 2
23/11/2008 09:55:11
mbam-log-2008-11-23 (09-55-11).txt
Type de recherche: Examen rapide
Eléments examinés: 52744
Temps écoulé: 3 minute(s), 56 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\moriyojopi (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
23 nov. 2008 à 11:08
23 nov. 2008 à 11:08
Se serais bien de faire ce que je demande et rien d'autre...
C'est quoi l'autre " pavé " que tu m'as posté ?
Je ne te l'avais pas demandé...
Si tu aimes passer du temps a attendre des rapports inutiles, libre a toi....
Bon, maintenant, il me faut un HJT tout neuf, on dirait qu'on arrive au bout...
C'est quoi l'autre " pavé " que tu m'as posté ?
Je ne te l'avais pas demandé...
Si tu aimes passer du temps a attendre des rapports inutiles, libre a toi....
Bon, maintenant, il me faut un HJT tout neuf, on dirait qu'on arrive au bout...
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
23 nov. 2008 à 12:48
23 nov. 2008 à 12:48
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:44:06, on 23/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {468c6a26-c4b3-42b1-85d8-c6c01cbf2438} - C:\WINDOWS\system32\volosejo.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s
O4 - HKUS\S-1-5-19\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer = 81.253.149.9 80.10.246.132
O20 - AppInit_DLLs: C:\WINDOWS\system32\fareruta.dll boskhw.dll c:\windows\system32\futakoze.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
Scan saved at 12:44:06, on 23/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {468c6a26-c4b3-42b1-85d8-c6c01cbf2438} - C:\WINDOWS\system32\volosejo.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s
O4 - HKUS\S-1-5-19\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer = 81.253.149.9 80.10.246.132
O20 - AppInit_DLLs: C:\WINDOWS\system32\fareruta.dll boskhw.dll c:\windows\system32\futakoze.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
23 nov. 2008 à 20:16
23 nov. 2008 à 20:16
j'ai pas de nouvelles c'est normal ?
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
23 nov. 2008 à 20:29
23 nov. 2008 à 20:29
Comment se porte le pc ?
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
23 nov. 2008 à 20:42
23 nov. 2008 à 20:42
c'est vrai qu'il reagi mieu ! il y a des fenetre pub qui apparaissent de temps en temps sinon c mieu !ya t'il autre chose a faire ou est ce que c la fin de mon calvaire
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
23 nov. 2008 à 22:53
23 nov. 2008 à 22:53
Il faut que je me renseigne sur ces trucs là...
O4 - HKLM\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s
O4 - HKUS\S-1-5-19\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE RÉSEAU')
Comme tu peux le voir ici, GOOGLE il n'y a que dans ton cas que ces DLL sont visibles...
Comme tu me dis que ton xp est peut etre illegitime, il se peut qu'elles viennent de là.
Un truc que tu peux faire, c'est installer et Utiliser le navigateur Firefox plus sur que IE7
POURQUOI ? Lire Attentivement ceci
comment sécuriser Firefox
Je te tiens au courant dès que possible.
O4 - HKLM\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s
O4 - HKUS\S-1-5-19\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE RÉSEAU')
Comme tu peux le voir ici, GOOGLE il n'y a que dans ton cas que ces DLL sont visibles...
Comme tu me dis que ton xp est peut etre illegitime, il se peut qu'elles viennent de là.
Un truc que tu peux faire, c'est installer et Utiliser le navigateur Firefox plus sur que IE7
POURQUOI ? Lire Attentivement ceci
comment sécuriser Firefox
Je te tiens au courant dès que possible.
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
23 nov. 2008 à 23:09
23 nov. 2008 à 23:09
ok! tien moi au courant ! j'installe firefox a bientot
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
24 nov. 2008 à 20:16
24 nov. 2008 à 20:16
Up.
C'est fait ?
Comment se porte le pc ?
Plus rapide ?
Pas du tout ?
C'est fait ?
Comment se porte le pc ?
Plus rapide ?
Pas du tout ?
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
24 nov. 2008 à 20:58
24 nov. 2008 à 20:58
Refais moi un log HJT tout frais stp...
Ø Relance Hijackthis en double cliquant sur son raccourci sur le Bureau.
Choisis l'option "Do a system scan and save a log file"
Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
Clique sur "Edition" ->> "Sélectionner tout", puis sur "Edition" ->> Copier" pour copier tout le contenu du rapport ici
Ø Relance Hijackthis en double cliquant sur son raccourci sur le Bureau.
Choisis l'option "Do a system scan and save a log file"
Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
Clique sur "Edition" ->> "Sélectionner tout", puis sur "Edition" ->> Copier" pour copier tout le contenu du rapport ici
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
24 nov. 2008 à 21:07
24 nov. 2008 à 21:07
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:06:10, on 24/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {468c6a26-c4b3-42b1-85d8-c6c01cbf2438} - C:\WINDOWS\system32\volosejo.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [CamWizard] C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\CamWizrd.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s
O4 - HKLM\..\RunOnce: [InstallShieldSetup] C:\PROGRA~1\INSTAL~1\{C4304~1\setup.exe -rebootC:\PROGRA~1\INSTAL~1\{C4304~1\reboot.ini -l0x40c
O4 - HKUS\S-1-5-19\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer = 81.253.149.9 80.10.246.132
O20 - AppInit_DLLs: C:\WINDOWS\system32\fareruta.dll boskhw.dll c:\windows\system32\futakoze.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
Scan saved at 21:06:10, on 24/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {468c6a26-c4b3-42b1-85d8-c6c01cbf2438} - C:\WINDOWS\system32\volosejo.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [CamWizard] C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\CamWizrd.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe /RegAll
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s
O4 - HKLM\..\RunOnce: [InstallShieldSetup] C:\PROGRA~1\INSTAL~1\{C4304~1\setup.exe -rebootC:\PROGRA~1\INSTAL~1\{C4304~1\reboot.ini -l0x40c
O4 - HKUS\S-1-5-19\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [moriyojopi] Rundll32.exe "C:\WINDOWS\system32\nunoloje.dll",s (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer = 81.253.149.9 80.10.246.132
O20 - AppInit_DLLs: C:\WINDOWS\system32\fareruta.dll boskhw.dll c:\windows\system32\futakoze.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
24 nov. 2008 à 21:15
24 nov. 2008 à 21:15
Télécharge => Lopxp (by Moe) :
* Double clic sur Lopxpsetup.exe pour lancer l'installation
* Au menu, choisir l'option 1
* Patiente jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
* Un rapport sera créé, copie/colle le en entier sur ta prochaine réponse stp.
* Double clic sur Lopxpsetup.exe pour lancer l'installation
* Au menu, choisir l'option 1
* Patiente jusqu'à que l'on demande d'appuyer sur une touche, appuyer !
* Un rapport sera créé, copie/colle le en entier sur ta prochaine réponse stp.
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
25 nov. 2008 à 06:04
25 nov. 2008 à 06:04
je n'arrive pas a l'ouvrir par rapport a lextention fichier je suppose ! explique comment faut que je prossede
j'au essayer de le decompresser avec winrar mais ni fait !
j'au essayer de le decompresser avec winrar mais ni fait !
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
25 nov. 2008 à 08:20
25 nov. 2008 à 08:20
j'au essayer de le decompresser avec winrar mais ni fait !
Pas besoin .
C'est un executable.
Clic droit dessus, pus sur " ouvrir "
Une nouvelle icone aparait ( avec une roue crantée ) sur le bureau.
Double clique dessus.
Pas besoin .
C'est un executable.
Clic droit dessus, pus sur " ouvrir "
Une nouvelle icone aparait ( avec une roue crantée ) sur le bureau.
Double clique dessus.
yo6440
Messages postés
386
Date d'inscription
mercredi 19 novembre 2008
Statut
Membre
Dernière intervention
26 décembre 2016
9
25 nov. 2008 à 18:25
25 nov. 2008 à 18:25
je n'arrive pas du tout a louvrir j'ai essaye de le telecharger mais je n'y arrive !!!quand je clic dessus il me propose de louvrir avec ...
jorginho67
Messages postés
14716
Date d'inscription
mardi 11 septembre 2007
Statut
Contributeur sécurité
Dernière intervention
11 février 2011
1 169
25 nov. 2008 à 19:42
25 nov. 2008 à 19:42
Essaye avec celui ci :
Télécharge LopSD.exe sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Clique droit sur le raccourci Lop S&D présent sur ton Bureau puis " Exécuter en tant qu'administrateur "
* Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré qui se trouve ici => (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde ce tutorial
Télécharge LopSD.exe sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-clique dessus pour lancer l'installation
* Clique droit sur le raccourci Lop S&D présent sur ton Bureau puis " Exécuter en tant qu'administrateur "
* Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré qui se trouve ici => (C:\lopR.txt)
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
Si tu as un problème pour utiliser Lop S&D, regarde ce tutorial
19 nov. 2008 à 20:18
19 nov. 2008 à 21:29
20 nov. 2008 à 06:20
Rapport fait à 6:16:35,28, 20/11/2008
Executé à partir de C:\Documents and Settings\a\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\a\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\a
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\a\LOCALS~1\Temp
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\a\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\a\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\system32\\fareruta.dll boskhw.dll"
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 10.0.0.138
Description: WAN (PPP/SLIP) Interface
DNS Server Search Order: 81.253.149.9
DNS Server Search Order: 80.10.246.132
HKLM\SYSTEM\CCS\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer=81.253.149.9 80.10.246.132
HKLM\SYSTEM\CCS\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS1\Services\Tcpip\..\{ACC656E3-76C3-471A-BCCA-7DFD00DDE39F}: NameServer=81.253.149.9 80.10.246.132
HKLM\SYSTEM\CS1\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\..\{B13C8A19-94EA-41F0-BB7C-9B931C42298C}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin