Virus qui bloque les sites antivir, le retour

Fermé
antoine136 Messages postés 44 Date d'inscription mardi 16 juin 2009 Statut Membre Dernière intervention 13 septembre 2009 - 2 sept. 2009 à 18:39
jlpjlp Messages postés 51574 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 14 sept. 2009 à 14:17
Bonjour,

j'ai un probleme qui me semble t il est tres similaire a manu (https://forums.commentcamarche.net/forum/affich-10194844-virus-qui-bloque-les-sites-antivirus cad un virus sans doute qui bloque l'acces aux sites d'antivirus, et donc les mises a jour, et qui n'est pas detecte par mon norton 2009

j'ai lance hijackthis, dont je poste le rapport ci dessous, puis ai essayé de lancer combofix, mais il s'affiche le message d'erreur suivant
ALERT it is not safe to continue ! the contents of the combofix package has been compromised prease download a fresh copy from ....
note : you may be infected with a file patching virus "virut"

si quelqu'un pouvait me decrypter le rapport hijackthis, et m'indique les etapes suivantes...
merci infiniment par avance

antoine

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:39:06, on 02/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Peyo\Desktop\downloads\hijackthis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail?u=http%253A//webtv.guidetv.orange.fr/home.do%253Bjsessionid%253D4A54D5011736D1E0B9E3E63EF7CEDA13.otv-as04a
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [AsInstCD] C:\Preload\Patch\ASINST.EXE /inst
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #2] C:\Program Files\Windows Sidebar\sidebar.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #2] C:\Program Files\Windows Sidebar\sidebar.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_8971.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ADSM Service ADSMServiceAeLookupSvc (ADSMServiceAeLookupSvc) - Unknown owner - C:\Windows\TEMP\ghrhrneony.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: sofatnet Service (sofatnet) - Sigma Designs In - C:\Windows\system32\sofatnet.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

54 réponses

antoine136 Messages postés 44 Date d'inscription mardi 16 juin 2009 Statut Membre Dernière intervention 13 septembre 2009
11 sept. 2009 à 18:25
---- User code sections - GMER 1.0.15 ----

.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.reloc C:\Windows\Explorer.EXE[956] C:\Windows\Explorer.EXE section is executable [0x012C7000, 0xAC00, 0xE0000040]
.reloc C:\Windows\Explorer.EXE[956] C:\Windows\Explorer.EXE entry point in ".reloc" section [0x012D1969]
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtCreateUserProcess
0
antoine136 Messages postés 44 Date d'inscription mardi 16 juin 2009 Statut Membre Dernière intervention 13 septembre 2009
11 sept. 2009 à 18:26
---- User code sections - GMER 1.0.15 ----

.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\System32\spoolsv.exe[368] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[536] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\Dwm.exe[616] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\taskeng.exe[636] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\Net4Switch\Net4Switch.exe[696] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\csrss.exe[700] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\wininit.exe[708] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\services.exe[752] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\lsass.exe[764] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\lsm.exe[780] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\SmartLogon\sensorsrv.exe[804] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\winlogon.exe[808] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[948] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.reloc C:\Windows\Explorer.EXE[956] C:\Windows\Explorer.EXE section is executable [0x012C7000, 0xAC00, 0xE0000040]
.reloc C:\Windows\Explorer.EXE[956] C:\Windows\Explorer.EXE entry point in ".reloc" section [0x012D1969]
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\Explorer.EXE[956] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\nvvsvc.exe[992] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[1028] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\System32\svchost.exe[1068] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Users\Peyo\Desktop\7utm8ysg.exe[1160] ntdll.dll!NtCreateUserProcess
0
antoine136 Messages postés 44 Date d'inscription mardi 16 juin 2009 Statut Membre Dernière intervention 13 septembre 2009
11 sept. 2009 à 18:28
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\System32\svchost.exe[1172] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\System32\svchost.exe[1200] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[1212] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[1404] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ASUS Live Update\ALU.exe[1428] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\rundll32.exe[1468] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[1652] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe[1848] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe[1868] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ATKGFNEX\GFNEXSrv.exe[1892] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ATKGFNEX\GFNEXSrv.exe[1892] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ATKGFNEX\GFNEXSrv.exe[1892] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ATKGFNEX\GFNEXSrv.exe[1892] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ATKGFNEX\GFNEXSrv.exe[1892] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ATKGFNEX\GFNEXSrv.exe[1892] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ATKGFNEX\GFNEXSrv.exe[1892] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\taskeng.exe[1952] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\taskeng.exe[1952] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\taskeng.exe[1952] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\taskeng.exe[1952] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\taskeng.exe[1952] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\taskeng.exe[1952] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\taskeng.exe[1952] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\taskeng.exe[2044] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\taskeng.exe[2044] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\taskeng.exe[2044] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\taskeng.exe[2044] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\taskeng.exe[2044] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\taskeng.exe[2044] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\taskeng.exe[2044] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Windows Defender\MSASCui.exe[2096] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Windows Defender\MSASCui.exe[2096] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Windows Defender\MSASCui.exe[2096] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Windows Defender\MSASCui.exe[2096] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Windows Defender\MSASCui.exe[2096] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Windows Defender\MSASCui.exe[2096] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Windows Defender\MSASCui.exe[2096] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe[2132] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe[2132] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe[2132] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe[2132] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe[2132] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe[2132] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe[2132] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe[2140] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe[2140] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe[2140] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe[2140] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe[2140] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe[2140] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe[2140] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe[2208] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe[2208] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe[2208] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe[2208] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe[2208] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe[2208] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe[2208] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ATK Hotkey\HControl.exe[2236] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ATK Hotkey\HControl.exe[2236] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ATK Hotkey\HControl.exe[2236] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ATK Hotkey\HControl.exe[2236] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ATK Hotkey\HControl.exe[2236] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ATK Hotkey\HControl.exe[2236] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ATK Hotkey\HControl.exe[2236] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Wireless Console 2\wcourier.exe[2260] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Wireless Console 2\wcourier.exe[2260] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Wireless Console 2\wcourier.exe[2260] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Wireless Console 2\wcourier.exe[2260] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Wireless Console 2\wcourier.exe[2260] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Wireless Console 2\wcourier.exe[2260] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Wireless Console 2\wcourier.exe[2260] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[2268] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[2268] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[2268] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[2268] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[2268] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[2268] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[2268] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\P4G\BatteryLife.exe[2284] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\P4G\BatteryLife.exe[2284] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\P4G\BatteryLife.exe[2284] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\P4G\BatteryLife.exe[2284] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\P4G\BatteryLife.exe[2284] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\P4G\BatteryLife.exe[2284] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\P4G\BatteryLife.exe[2284] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\Splendid\ACMON.exe[2312] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\Splendid\ACMON.exe[2312] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\Splendid\ACMON.exe[2312] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\Splendid\ACMON.exe[2312] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\Splendid\ACMON.exe[2312] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\Splendid\ACMON.exe[2312] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\Splendid\ACMON.exe[2312] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\System32\ACEngSvr.exe[2424] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\System32\ACEngSvr.exe[2424] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\System32\ACEngSvr.exe[2424] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\System32\ACEngSvr.exe[2424] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\System32\ACEngSvr.exe[2424] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\System32\ACEngSvr.exe[2424] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\System32\ACEngSvr.exe[2424] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\System32\rundll32.exe[2440] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\System32\rundll32.exe[2440] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\System32\rundll32.exe[2440] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\System32\rundll32.exe[2440] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\System32\rundll32.exe[2440] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\System32\rundll32.exe[2440] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\System32\rundll32.exe[2440] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe[2640] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe[2640] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe[2640] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe[2640] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe[2640] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe[2640] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe[2640] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe[2668] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe[2668] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe[2668] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe[2668] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe[2668] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe[2668] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe[2668] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ATK Hotkey\WDC.exe[2680] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ATK Hotkey\WDC.exe[2680] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ATK Hotkey\WDC.exe[2680] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ATK Hotkey\WDC.exe[2680] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ATK Hotkey\WDC.exe[2680] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ATK Hotkey\WDC.exe[2680] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ATK Hotkey\WDC.exe[2680] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\RtHDVCpl.exe[2804] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\RtHDVCpl.exe[2804] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\RtHDVCpl.exe[2804] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\RtHDVCpl.exe[2804] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\RtHDVCpl.exe[2804] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\RtHDVCpl.exe[2804] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\RtHDVCpl.exe[2804] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\ATK Media\DMedia.exe[2860] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\ATK Media\DMedia.exe[2860] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\ATK Media\DMedia.exe[2860] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\ATK Media\DMedia.exe[2860] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\ATK Media\DMedia.exe[2860] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\ATK Media\DMedia.exe[2860] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\ATK Media\DMedia.exe[2860] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\AsScrPro.exe[2900] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\AsScrPro.exe[2900] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\AsScrPro.exe[2900] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\AsScrPro.exe[2900] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\AsScrPro.exe[2900] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\AsScrPro.exe[2900] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\AsScrPro.exe[2900] ntdll.dll!NtCreateUserProcess
0
antoine136 Messages postés 44 Date d'inscription mardi 16 juin 2009 Statut Membre Dernière intervention 13 septembre 2009
11 sept. 2009 à 18:30
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[2932] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[2932] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[2932] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[2932] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[2932] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[2932] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe[2932] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3052] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3052] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3052] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3052] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3052] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3052] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3052] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\iTunes\iTunesHelper.exe[3132] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\iTunes\iTunesHelper.exe[3132] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\iTunes\iTunesHelper.exe[3132] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\iTunes\iTunesHelper.exe[3132] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\iTunes\iTunesHelper.exe[3132] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\iTunes\iTunesHelper.exe[3132] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\iTunes\iTunesHelper.exe[3132] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Java\jre6\bin\jusched.exe[3208] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Java\jre6\bin\jusched.exe[3208] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Java\jre6\bin\jusched.exe[3208] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Java\jre6\bin\jusched.exe[3208] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Java\jre6\bin\jusched.exe[3208] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Java\jre6\bin\jusched.exe[3208] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Java\jre6\bin\jusched.exe[3208] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Windows Sidebar\sidebar.exe[3216] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Windows Sidebar\sidebar.exe[3216] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Windows Sidebar\sidebar.exe[3216] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Windows Sidebar\sidebar.exe[3216] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Windows Sidebar\sidebar.exe[3216] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Windows Sidebar\sidebar.exe[3216] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Windows Sidebar\sidebar.exe[3216] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\ehome\ehtray.exe[3312] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\ehome\ehtray.exe[3312] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\ehome\ehtray.exe[3312] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\ehome\ehtray.exe[3312] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\ehome\ehtray.exe[3312] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\ehome\ehtray.exe[3312] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\ehome\ehtray.exe[3312] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3352] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3352] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3352] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3352] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3352] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3352] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Windows Media Player\wmpnscfg.exe[3352] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\ehome\ehmsas.exe[3400] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\ehome\ehmsas.exe[3400] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\ehome\ehmsas.exe[3400] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\ehome\ehmsas.exe[3400] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\ehome\ehmsas.exe[3400] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\ehome\ehmsas.exe[3400] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\ehome\ehmsas.exe[3400] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Internet Download Manager\IDMan.exe[3408] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Internet Download Manager\IDMan.exe[3408] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Internet Download Manager\IDMan.exe[3408] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Internet Download Manager\IDMan.exe[3408] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Internet Download Manager\IDMan.exe[3408] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Internet Download Manager\IDMan.exe[3408] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Internet Download Manager\IDMan.exe[3408] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[3420] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[3420] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[3420] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[3420] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[3420] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[3420] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[3420] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[3700] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[3700] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[3700] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[3700] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[3700] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[3700] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe[3700] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Bonjour\mDNSResponder.exe[3712] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Bonjour\mDNSResponder.exe[3712] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Bonjour\mDNSResponder.exe[3712] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Bonjour\mDNSResponder.exe[3712] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Bonjour\mDNSResponder.exe[3712] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Bonjour\mDNSResponder.exe[3712] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Bonjour\mDNSResponder.exe[3712] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[3880] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[3880] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[3880] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[3880] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[3880] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[3880] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[3880] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe[3924] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe[3924] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe[3924] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe[3924] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe[3924] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe[3924] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe[3924] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\svchost.exe[3996] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\svchost.exe[3996] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\svchost.exe[3996] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\svchost.exe[3996] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\svchost.exe[3996] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\svchost.exe[3996] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\svchost.exe[3996] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\System32\svchost.exe[4044] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\System32\svchost.exe[4044] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\System32\svchost.exe[4044] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\System32\svchost.exe[4044] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\System32\svchost.exe[4044] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\System32\svchost.exe[4044] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\System32\svchost.exe[4044] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\SearchIndexer.exe[4080] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\SearchIndexer.exe[4080] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\SearchIndexer.exe[4080] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\SearchIndexer.exe[4080] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\SearchIndexer.exe[4080] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\SearchIndexer.exe[4080] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\SearchIndexer.exe[4080] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe[4292] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe[4292] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe[4292] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe[4292] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe[4292] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe[4292] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe[4292] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[4528] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[4528] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[4528] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[4528] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[4528] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[4528] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[4528] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Windows Sidebar\sidebar.exe[4772] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Windows Sidebar\sidebar.exe[4772] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Windows Sidebar\sidebar.exe[4772] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Windows Sidebar\sidebar.exe[4772] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Windows Sidebar\sidebar.exe[4772] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Windows Sidebar\sidebar.exe[4772] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Windows Sidebar\sidebar.exe[4772] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Windows\system32\Taskmgr.exe[5420] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Windows\system32\Taskmgr.exe[5420] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Windows\system32\Taskmgr.exe[5420] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Windows\system32\Taskmgr.exe[5420] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Windows\system32\Taskmgr.exe[5420] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Windows\system32\Taskmgr.exe[5420] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Windows\system32\Taskmgr.exe[5420] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5512] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5512] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5512] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5512] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5512] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5512] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Internet Download Manager\IEMonitor.exe[5512] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\iPod\bin\iPodService.exe[5552] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\iPod\bin\iPodService.exe[5552] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\iPod\bin\iPodService.exe[5552] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\iPod\bin\iPodService.exe[5552] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\iPod\bin\iPodService.exe[5552] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\iPod\bin\iPodService.exe[5552] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\iPod\bin\iPodService.exe[5552] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5684] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5684] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5684] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5684] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5684] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5684] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5684] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
.text C:\Program Files\Mozilla Firefox\firefox.exe[5848] ntdll.dll!NtCreateFile 76E78008 5 Bytes CALL 7FFA4885
.text C:\Program Files\Mozilla Firefox\firefox.exe[5848] ntdll.dll!NtCreateProcess 76E780C8 5 Bytes CALL 7FFA4914
.text C:\Program Files\Mozilla Firefox\firefox.exe[5848] ntdll.dll!NtCreateProcessEx 76E780D8 5 Bytes CALL 7FFA4921
.text C:\Program Files\Mozilla Firefox\firefox.exe[5848] ntdll.dll!NtDeviceIoControlFile 76E78438 5 Bytes CALL 7FFA4BA5
.text C:\Program Files\Mozilla Firefox\firefox.exe[5848] ntdll.dll!NtOpenFile 76E787E8 5 Bytes CALL 7FFA490A
.text C:\Program Files\Mozilla Firefox\firefox.exe[5848] ntdll.dll!NtQueryInformationProcess 76E78A88 5 Bytes CALL 7FFA4962
.text C:\Program Files\Mozilla Firefox\firefox.exe[5848] ntdll.dll!NtCreateUserProcess 76E79438 5 Bytes CALL 7FFA492E
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
antoine136 Messages postés 44 Date d'inscription mardi 16 juin 2009 Statut Membre Dernière intervention 13 septembre 2009
11 sept. 2009 à 18:31
---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [806936D6] \SystemRoot\System32\Drivers\spxm.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [80693042] \SystemRoot\System32\Drivers\spxm.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [80693800] \SystemRoot\System32\Drivers\spxm.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [806930C0] \SystemRoot\System32\Drivers\spxm.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8069313E] \SystemRoot\System32\Drivers\spxm.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [806A2E9C] \SystemRoot\System32\Drivers\spxm.sys
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortNotification] CC358B04
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortWritePortUchar] 838E5C6F
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortWritePortUlong] 458B38C6
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortGetPhysicalAddress] A5A5A514
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 100D8BA5
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortGetScatterGatherList] 5F8E5C40
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortReadPortUchar] 30810889
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortStallExecution] 54771129
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortGetParentBusType] 10C25D5E
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortRequestCallback] 8B55CC00
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 084D8BEC
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortGetUnCachedExtension] 0CF0918B
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortCompleteRequest] 458B0000
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortMoveMemory] 8B108910
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 000CF491
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 04508900
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 053C7980
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortReadPortUshort] 560C558B
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortReadPortBufferUshort] C6127557
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortInitialize] B18D0502
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortGetDeviceBase] 00000CF8
IAT \SystemRoot\System32\Drivers\a4vlr9up.SYS[ataport.SYS!AtaPortDeviceStateChange] A508788D

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 855291F8

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF dynamique/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF dynamique/Microsoft Corporation)

Device \Driver\volmgr \Device\VolMgrControl 84B921F8
Device \Driver\usbuhci \Device\USBPDO-0 86F401F8
Device \Driver\usbuhci \Device\USBPDO-1 86F401F8
Device \Driver\usbuhci \Device\USBPDO-2 86F401F8
Device \Driver\usbehci \Device\USBPDO-3 86F0B1F8
Device \Driver\usbuhci \Device\USBPDO-4 86F401F8

AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\usbuhci \Device\USBPDO-5 86F401F8
Device \Driver\usbuhci \Device\USBPDO-6 86F401F8
Device \Driver\volmgr \Device\HarddiskVolume1 84B921F8
Device \Driver\usbehci \Device\USBPDO-7 86F0B1F8
Device \Driver\volmgr \Device\HarddiskVolume2 84B921F8
Device \Driver\cdrom \Device\CdRom0 870381F8
Device \Driver\cdrom \Device\CdRom1 870381F8
Device \Driver\sptd \Device\429698285 spxm.sys
Device \Driver\cdrom \Device\CdRom2 870381F8
Device \Driver\netbt \Device\NetBt_Wins_Export 91A541F8
Device \Driver\Smb \Device\NetbiosSmb 8FFE41F8
Device \Driver\netbt \Device\NetBT_Tcpip_{2A6D5EAF-B87D-4E35-B515-61803A91BC3B} 91A541F8
Device \Driver\iScsiPrt \Device\RaidPort0 8715E1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{C320AC1F-4303-4DFD-8C05-DCC627E96C94} 91A541F8

AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\PCI_PNP0272 \Device\0000005d spxm.sys
Device \Driver\usbuhci \Device\USBFDO-0 86F401F8
Device \Driver\usbuhci \Device\USBFDO-1 86F401F8
Device \Driver\usbuhci \Device\USBFDO-2 86F401F8
Device \Driver\usbehci \Device\USBFDO-3 86F0B1F8
Device \Driver\usbuhci \Device\USBFDO-4 86F401F8
Device \Driver\usbuhci \Device\USBFDO-5 86F401F8
Device \Driver\usbuhci \Device\USBFDO-6 86F401F8
Device \Driver\usbehci \Device\USBFDO-7 86F0B1F8
Device \Driver\a4vlr9up \Device\Scsi\a4vlr9up1 84C271F8
Device \Driver\a4vlr9up \Device\Scsi\a4vlr9up1Port2Path0Target1Lun0 84C271F8
Device \Driver\a4vlr9up \Device\Scsi\a4vlr9up1Port2Path0Target0Lun0 84C271F8
Device \FileSystem\cdfs \Cdfs B45181F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xDA 0x3E 0x99 0x3C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xBC 0xE5 0xE6 0x70 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x0B 0x36 0xDD 0x45 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x84 0x2B 0xF4 0x2A ...
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx@start 1
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx@type 1
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx@group file system
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx@imagepath \systemroot\system32\drivers\kbiwkmcepdiieo.sys
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\main (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\main@aid 10438
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\main@sid 0
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\main@cmddelay 14400
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\main\delete (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\main\injector (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\main\injector@* kbiwkmwsp.dll
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\main\tasks (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\modules@kbiwkmrk.sys \systemroot\system32\drivers\kbiwkmcepdiieo.sys
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\modules@kbiwkmcmd.dll \systemroot\system32\kbiwkmashqvicn.dll
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\modules@kbiwkmlog.dat \systemroot\system32\kbiwkmrfoycqrd.dat
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\modules@kbiwkmwsp.dll \systemroot\system32\kbiwkmbwpiipvr.dll
Reg HKLM\SYSTEM\ControlSet002\Services\kbiwkmicxunmqx\modules@kbiwkm.dat \systemroot\system32\kbiwkmbifruvtu.dat
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xDA 0x3E 0x99 0x3C ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xBC 0xE5 0xE6 0x70 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x0B 0x36 0xDD 0x45 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x84 0x2B 0xF4 0x2A ...

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 sector 05: copy of MBR

---- Files - GMER 1.0.15 ----

File C:\ADSM_PData_0150 0 bytes
File C:\ADSM_PData_0150\DB 0 bytes
File C:\ADSM_PData_0150\DB\SI.db 624 bytes
File C:\ADSM_PData_0150\DB\UL.db 16 bytes
File C:\ADSM_PData_0150\DB\VL.db 16 bytes
File C:\ADSM_PData_0150\DB\_avt 512 bytes
File C:\ADSM_PData_0150\DragWait.exe 274432 bytes executable
File C:\ADSM_PData_0150\_avt 512 bytes
File C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86 0 bytes
File C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\AsDsm.sys 29752 bytes executable
File C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\_avt 512 bytes

---- EOF - GMER 1.0.15 ----
0
jlpjlp Messages postés 51574 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 042
11 sept. 2009 à 22:34
combofix passe ? rooter?
0
antoine136 Messages postés 44 Date d'inscription mardi 16 juin 2009 Statut Membre Dernière intervention 13 septembre 2009
12 sept. 2009 à 01:24
non non toujours les meme problemes avec combofix / killfix et rooter...
0
jlpjlp Messages postés 51574 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 042
12 sept. 2009 à 08:13
pour combofix tente comme ceci

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.


télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau

sous le nom de antibagle. Fais le avant que le fichier ne soit enregistré sur le bureau]

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)


double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix





si cela passe pas tentons ceci:

lance
panda antirootkit

https://www.zdnet.fr/telecharger/logiciel/panda-free-antivirus-39647425s.htm


_________________


passe bitdefender free

https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/29063.html
0
antoine136 Messages postés 44 Date d'inscription mardi 16 juin 2009 Statut Membre Dernière intervention 13 septembre 2009
12 sept. 2009 à 13:34
bon ca devient de pire en pire : les telechargements de panda et bitdefender sont bloqués car ils renvoient vers des adresses de sites antivirus, j'ai toujours le meme probleme avec combofix, sachant que je ne peux plus acceder au panneau de configuration, ni par le menu demarrer ni par l'explorateur windows !

bon je vais essayer de passer par un autre ordi pour telecharger ces applis
0
antoine136 Messages postés 44 Date d'inscription mardi 16 juin 2009 Statut Membre Dernière intervention 13 septembre 2009
12 sept. 2009 à 14:17
impossible egalement de lancer panda antirootkit : Operating System not supported. apparemment il ne passe pas sous vista
bon allez je me lance sur bitdefender, dernier espoir !
0
antoine136 Messages postés 44 Date d'inscription mardi 16 juin 2009 Statut Membre Dernière intervention 13 septembre 2009
12 sept. 2009 à 18:54
bon alors apres avoir viré norton pour installer bitdefender, j'ai eu l'heureuse surprise au redemarrage d'un plantage complet de l'ordi, qui ne demarrait plus.
donc hop format + reinstallation, et apparemment plus de probleme
merci en tout cas pour ton aide
une derniere question peut etre : qu'est ce que tu me conseilles comme protection gratuite ?
0
jlpjlp Messages postés 51574 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 042
13 sept. 2009 à 11:09
pour protéger gratos ton ordi

https://www.commentcamarche.net/telecharger/securite/


vacciner son ordi après avoir branché toutes ses clés usb avec usbfix ou flash disinfector ou rav antivirus car beaucoup actuellement transitent par les supports externes :
http://ww25.evosla.com/compteur.php?soft=rav_antivirus
http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe
http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe

---------
mettre un antivirus

ANTIVIR ou AVG8 ou (AVAST )
http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/antivir-installation-configuration-sujet_201938_1.htm
https://www.avira.com/fr/free-antivirus-windows
-------------
des anti-espions :
MalwareByte's Anti-Malware + SPYBOT +/- si tea timer non active de spybot:
WINDOWS DEFENDER ou SPYWARE TERMINATOR ou SPYWARE GUARD
+
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

Rq : spybot … sortent de nouvelles versions régulièrement, vérifiez que vous avez la dernière version
--------
un pare feu :
celui de (Windows) ou mieux Online armor ou KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit) ou COMODO

https://www.commentcamarche.net/telecharger/securite/16545-online-armor-personal-firewall/
https://www.01net.com/telecharger/windows/Securite/firewall/fiches/39911.html
https://forum.pcastuces.com/sujet.asp?f=25&s=35606
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
https://www.01net.com/telecharger/windows/Securite/firewall/fiches/18128.html
https://www.zonealarm.com/software/free-firewall

-----------
CCLEANER pour effacer les traces de surf
---------
naviguer avec firefox ou safari ou opera et non internet explorer plus touché par les virus
http://www.mozilla-europe.org/fr/products/firefox/
0
antoine136 Messages postés 44 Date d'inscription mardi 16 juin 2009 Statut Membre Dernière intervention 13 septembre 2009
13 sept. 2009 à 16:34
genial merci pour toutes ces infos
0
jlpjlp Messages postés 51574 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 042
14 sept. 2009 à 14:17
de rien

bon surf!
0