onkyogs1
-
Compteur de contenus
30 -
Inscription
-
Dernière visite
onkyogs1's Achievements
Member (4/12)
0
Réputation sur la communauté
-
-
Bonjour, lorsque je clique droit sur l'icone réseau de la barre des taches sous windows 7 il ouvre la fenetre diagnostique réseau windows et il indique cela : "Une erreur innatendue s'est produite?l'assitant depannage ne peut pas continuer" Merci d'avance pour vos réponses.
-
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
Bonjour, Je te remercie pour tous ces conseils et je vais me mettre à télécharger ce qui me manque pour l'installer. D'autre part je vais lire tous les articles dont tu m'a donne les liens et ce avec beaucoup d'attention. Je respecte beaucoup votre travail qui est vraiment difficile vu la complexité actuelle de tous les softs et matériels existant ainsi que leurs compatibilités entre eux, ce qui n'arrange pas les choses. Merci à toutes les personnes partie prenante sur ce site et longue vie a celui-ci qui est très convivial. -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
bonsoir, j'ai cree un nouvel utilisateur puis j'ai copier les parametre de l'ancien etc.... cela n'a rien rien change. j'ai donc formate et tout reinstaller et la machine marche nikel. merci beaucoup pour ton aide j'ai pris connaissance de beaucoup de chose en essayant de reparer ce portable. Dont une importante c'est que ce n'est pas facile de retrouver des parametres d'origine . merci encore -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
re ok je fais ca et on va voir ce que ca donne -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
re, j,ai fais ce que tu as dit et pas de changement ,peux tu voir dans les programes installes sur cette machine lesquels poseraient probleme je suis pret a desinstaler ce qu'il faut. mais j'ai un doute quand a la non infection de cette machine.je pense quand meme qu'il ya queque chose de mauvais qui est cache quelque part -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
re voila le log dialhelp option 2 FPort v2.0 - TCP/IP Process to Port Mapper Copyright 2000 by Foundstone, Inc. http://www.foundstone.com Pid Process Port Proto Path 1592 CLMLService -> 12346 TCP C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe 304 MemCheck -> 9999 TCP C:\Acer\Empowering Technology\ePerformance\MemCheck.exe 1868 NCSQLSrv -> 12005 TCP C:\Program Files\AdRem\NetCrunch\4.0\NCSQLSrv.exe 1868 NCSQLSrv -> 12006 TCP C:\Program Files\AdRem\NetCrunch\4.0\NCSQLSrv.exe 4 System -> 139 TCP 4 System -> 445 TCP 1120 svchost -> 135 TCP C:\WINDOWS\system32\svchost.exe 1456 svchost -> 2869 TCP C:\WINDOWS\system32\svchost.exe 1592 CLMLService -> 123 UDP C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe 304 MemCheck -> 1055 UDP C:\Acer\Empowering Technology\ePerformance\MemCheck.exe 1868 NCSQLSrv -> 1061 UDP C:\Program Files\AdRem\NetCrunch\4.0\NCSQLSrv.exe 1868 NCSQLSrv -> 4500 UDP C:\Program Files\AdRem\NetCrunch\4.0\NCSQLSrv.exe 4 System -> 1027 UDP 0 System -> 1036 UDP 0 System -> 1207 UDP 0 System -> 123 UDP 0 System -> 137 UDP 0 System -> 138 UDP 0 System -> 1900 UDP 4 System -> 500 UDP 1456 svchost -> 1035 UDP C:\WINDOWS\system32\svchost.exe 1120 svchost -> 445 UDP C:\WINDOWS\system32\svchost.exe PsList 1.26 - Process Information Lister Copyright © 1999-2004 Mark Russinovich Sysinternals - www.sysinternals.com Process information for ACER-D18848DB56: Name Pid Pri Thd Hnd VM WS Priv Idle 0 0 2 0 0 28 0 System 4 8 70 831 1908 264 0 SMSS 748 11 3 24 3832 660 176 CSRSS 804 13 13 584 71468 9768 2436 WINLOGON 828 13 16 429 54508 2280 6228 SERVICES 872 9 16 336 39436 5648 2380 MemCheck 304 8 12 283 105184 10148 8280 SVCHOST 504 8 8 151 41732 3296 3020 NCTasks 584 8 4 111 47344 9776 6244 SVCHOST 1040 8 17 223 64652 6664 3472 wmiprvse 808 8 6 166 40688 6224 2372 lvcomsx 2780 8 8 159 46944 5408 3004 unsecapp 3012 8 2 106 41680 4816 2696 wmiprvse 3904 8 5 226 45792 8220 3632 CLSched 1104 8 3 102 40628 7072 1412 SVCHOST 1120 8 11 382 41584 5332 2260 SVCHOST 1160 8 71 1632 118140 39684 19144 wuauclt 2996 8 3 172 49464 6652 6196 wscntfy 3180 8 1 47 30520 2784 1028 EvtEng 1212 8 8 142 183816 10332 4336 S24EvMon 1252 8 7 215 47604 7828 3072 RichVideo 1264 8 3 86 35752 3316 1092 SVCHOST 1304 8 4 80 32824 4024 1524 SVCHOST 1456 8 20 314 54852 9784 5956 mdm 1488 8 4 92 37296 1480 1280 CDANTSRV 1532 8 3 37 20632 2048 744 CLCapSvc 1552 8 4 182 58780 15528 10128 CLMLServer 1568 8 2 37 18132 2080 684 CLMLService 1592 8 4 119 51420 6044 10036 fxssvc 1600 8 6 101 34872 2480 1484 SPOOLSV 1736 8 13 153 46764 6236 3492 LVPrcSrv 1776 8 14 194 39584 2972 1144 NCSQLSrv 1868 8 8 73 39632 6256 2552 RegSrvc 2028 8 3 87 33184 1172 1116 sdhelp 2044 8 6 75 37580 4468 1604 CALMAIN 2076 8 7 135 29120 3492 1292 SVCHOST 3944 8 8 102 39784 4308 1908 LSASS 884 9 17 349 44048 1148 3924 taskmgr 3284 13 3 85 37968 2252 1996 EXPLORER 1188 8 19 573 114996 44396 23880 CameraAssistant 2296 8 4 138 48156 7556 3356 ePower_DMC 2412 8 5 197 115188 18556 12340 jusched 2528 8 1 51 31896 3112 1256 SuperCopier2 3232 8 2 62 36180 4660 1280 Maxthon 3328 8 13 511 117628 11724 32432 cmd 3592 8 1 44 18748 2464 2000 pslist 3468 13 2 99 22780 2600 1296 ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ EXPLORER.EXE pid: 1188 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path *** Loaded C:\WINDOWS\system32\kernel32.dll differs from file image: *** File timestamp: Wed Jul 05 12:56:38 2006 *** Loaded image timestamp: Wed Jul 05 12:56:39 2006 *** 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll 0x77ef0000 0x47000 5.01.2600.2818 C:\WINDOWS\system32\GDI32.dll 0x77d10000 0x90000 5.01.2600.2622 C:\WINDOWS\system32\USER32.dll 0x77f40000 0x76000 6.00.2900.3020 C:\WINDOWS\system32\SHLWAPI.dll 0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll 0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll 0x75f10000 0xfd000 6.00.2900.3020 C:\WINDOWS\system32\BROWSEUI.dll 0x77720000 0x170000 6.00.2900.3020 C:\WINDOWS\system32\SHDOCVW.dll 0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll 0x771b0000 0xcf000 7.00.6000.16414 C:\WINDOWS\system32\WININET.dll 0x00400000 0x9000 6.00.5441.0000 C:\WINDOWS\system32\Normaliz.dll 0x6e850000 0x45000 7.00.6000.16414 C:\WINDOWS\system32\iertutil.dll 0x77390000 0x103000 6.00.2900.2982 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x10000000 0xc6000 1.00.0000.0000 C:\Program Files\FreeLaunchBar\flb.dll 0x5a000000 0x1a000 3.06.0000.2080 C:\Program Files\Spyware Doctor\tools\swpg.dat 0x76920000 0x8000 5.01.2600.2751 C:\WINDOWS\system32\LINKINFO.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x61410000 0x124000 7.00.6000.16414 C:\WINDOWS\system32\urlmon.dll 0x74b30000 0x3c000 7.00.6000.16414 C:\WINDOWS\system32\webcheck.dll 0x7e1e0000 0x5ca000 7.00.6000.16414 C:\WINDOWS\system32\IEFRAME.dll 0x745e0000 0x2c6000 3.01.4000.2435 C:\WINDOWS\system32\msi.dll 0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll 0x01f70000 0x17000 9.04.0004.1069 C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll 0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv 0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll 0x01e70000 0x1b000 2.02.0000.0028 C:\WINDOWS\system32\eDStoolbar.dll 0x7c120000 0x19000 7.10.3077.0000 C:\WINDOWS\system32\ATL71.DLL 0x023d0000 0xd5000 1.04.0000.0000 C:\PROGRA~1\SPYBOT~1\SDHelper.dll 0x00cb0000 0x19000 2.00.0000.0009 C:\Program Files\SuperCopier2\SC2Hook.dll 0x022d0000 0x5b000 1.01.0000.0000 C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll 0x026b0000 0x1b9000 2.00.0000.0007 C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll 0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL 0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCR71.dll 0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCP71.dll 0x020a0000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll 0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL 0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL 0x00ba0000 0x8000 0.09.0007.0003 C:\Acer\Empowering Technology\ePower\SysHook.dll 0x02970000 0xb1000 5.01.2600.3019 C:\WINDOWS\system32\SXS.DLL 0x01d90000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x020c0000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x03860000 0x71f000 6.14.0010.8360 C:\WINDOWS\system32\nvcpl.dll 0x74bf0000 0x2c000 4.02.5406.0000 C:\WINDOWS\system32\OLEACC.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x03230000 0x44000 6.14.0010.8360 C:\WINDOWS\system32\NVRSFR.DLL 0x02e30000 0x26000 3.00.0000.4497 C:\WINDOWS\system32\igfxpph.dll 0x023b0000 0x13000 3.00.0000.4497 C:\WINDOWS\system32\hccutils.DLL 0x03290000 0x73000 6.14.0010.11019 C:\WINDOWS\system32\nvshell.dll 0x73a80000 0x15000 5.01.2600.2709 C:\WINDOWS\system32\mscms.dll 0x011b0000 0x14000 2.00.0000.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll 0x01300000 0x102000 7.10.3077.0000 C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL 0x01500000 0x2c000 C:\Program Files\WinRAR\rarext.dll 0x011d0000 0x13000 7.00.0000.0004 C:\Program Files\AntiVir PersonalEdition Classic\shlext.dll 0x01410000 0x1f000 5.00.0149.0001 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll 0x01430000 0x13000 1.00.0000.0000 C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll 0x01450000 0x14000 2.02.0000.0011 C:\WINDOWS\system32\eDSshellExt.dll 0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL 0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\system32\wshext.dll 0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\system32\wshFR.DLL 0x365a0000 0x15000 10.00.2625.0000 C:\PROGRA~1\MICROS~3\Office10\MCPS.DLL ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com No matching processes were found. ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ WINLOGON.EXE pid: 828 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe *** Loaded C:\WINDOWS\system32\kernel32.dll differs from file image: *** File timestamp: Wed Jul 05 12:56:38 2006 *** Loaded image timestamp: Wed Jul 05 12:56:39 2006 *** 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll 0x77680000 0x11000 5.01.2600.2622 C:\WINDOWS\system32\AUTHZ.dll 0x77d10000 0x90000 5.01.2600.2622 C:\WINDOWS\system32\USER32.dll 0x77ef0000 0x47000 5.01.2600.2818 C:\WINDOWS\system32\GDI32.dll 0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll 0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll 0x77f40000 0x76000 6.00.2900.3020 C:\WINDOWS\system32\SHLWAPI.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x77390000 0x103000 6.00.2900.2982 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x776a0000 0x24000 6.00.2900.3051 C:\WINDOWS\system32\SHSVCS.dll 0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll 0x77210000 0xb1000 5.01.2600.3019 C:\WINDOWS\system32\sxs.dll 0x0ffd0000 0x28000 5.01.2600.2161 C:\WINDOWS\system32\rsaenh.dll 0x76d10000 0x19000 5.01.2600.2912 C:\WINDOWS\system32\iphlpapi.dll 0x72c60000 0x8000 5.01.2600.0000 C:\WINDOWS\system32\msacm32.drv 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x5a000000 0x1a000 3.06.0000.2080 C:\Program Files\Spyware Doctor\tools\swpg.dat ListDLLs v2.25 - DLL lister for Win9x/NT Copyright © 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ SERVICES.EXE pid: 872 Command line: C:\WINDOWS\system32\services.exe Base Size Version Path *** Loaded C:\WINDOWS\system32\kernel32.dll differs from file image: *** File timestamp: Wed Jul 05 12:56:38 2006 *** Loaded image timestamp: Wed Jul 05 12:56:39 2006 *** 0x7c800000 0x104000 5.01.2600.2945 C:\WINDOWS\system32\kernel32.dll 0x77d10000 0x90000 5.01.2600.2622 C:\WINDOWS\system32\USER32.dll 0x77ef0000 0x47000 5.01.2600.2818 C:\WINDOWS\system32\GDI32.dll 0x77680000 0x11000 5.01.2600.2622 C:\WINDOWS\system32\AUTHZ.dll 0x7dbc0000 0x21000 5.01.2600.2744 C:\WINDOWS\system32\umpnpmgr.dll 0x6fee0000 0x54000 5.01.2600.2976 C:\WINDOWS\system32\NETAPI32.dll 0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll 0x774a0000 0x13d000 5.01.2600.2726 C:\WINDOWS\system32\ole32.dll 0x7c9d0000 0x823000 6.00.2900.3051 C:\WINDOWS\system32\SHELL32.dll 0x77f40000 0x76000 6.00.2900.3020 C:\WINDOWS\system32\SHLWAPI.dll 0x77390000 0x103000 6.00.2900.2982 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x5a000000 0x1a000 3.06.0000.2080 C:\Program Files\Spyware Doctor\tools\swpg.dat Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est A2F2-78E5 Répertoire de C:\Program Files 10/07/2006 09:46 <REP> . 10/07/2006 09:46 <REP> .. 15/10/2004 11:52 <REP> Fichiers communs 15/10/2004 11:57 <REP> Windows NT 15/10/2004 11:57 <REP> MSN 15/10/2004 11:57 <REP> MSN Gaming Zone 15/10/2004 11:57 <REP> Messenger 15/10/2004 11:57 <REP> Windows Media Player 15/10/2004 11:57 <REP> Online Services 15/10/2004 11:58 <REP> ComPlus Applications 15/10/2004 11:58 <REP> Internet Explorer 15/10/2004 11:58 <REP> Outlook Express 15/10/2004 11:58 <REP> NetMeeting 15/10/2004 11:58 <REP> Movie Maker 15/10/2004 11:59 <REP> Services en ligne 15/10/2004 12:01 <REP> microsoft frontpage 15/10/2004 12:01 <REP> xerox 14/04/2006 16:01 <REP> Intel 14/04/2006 16:04 <REP> Synaptics 14/04/2006 16:05 <REP> Realtek 14/04/2006 16:22 <REP> Acer Inc 14/04/2006 16:22 <REP> NewTech Infosystems 14/04/2006 16:23 <REP> Adobe 06/09/2006 03:10 <REP> Acer 06/09/2006 03:10 <REP> CyberLink 06/09/2006 03:14 <REP> Launch Manager 06/09/2006 03:18 <REP> WinPCap 03/10/2006 16:26 <REP> Microsoft Works 03/10/2006 16:26 <REP> Microsoft Office 03/10/2006 19:29 <REP> InterActual 04/10/2006 01:41 <REP> epson 05/11/2006 00:19 <REP> Scroll Mouse 09/11/2006 19:51 <REP> Microsoft Visual Studio 09/11/2006 19:53 <REP> SuperCopier2 09/11/2006 20:06 <REP> WinRAR 09/11/2006 20:08 <REP> MagicISO 09/11/2006 20:15 <REP> Nero 09/11/2006 20:21 <REP> Universalis 9 09/11/2006 21:28 <REP> CodeStuff 23/12/2006 10:44 <REP> Canon 24/12/2006 18:54 <REP> Maxis 26/12/2006 20:03 <REP> Alice_Triway_WiFi 27/12/2006 03:35 <REP> MSXML 4.0 27/12/2006 12:43 <REP> Google 31/12/2006 14:30 <REP> MSN Messenger 31/12/2006 14:31 <REP> Windows Live Toolbar 03/01/2007 14:09 <REP> CCleaner 03/01/2007 16:18 <REP> Spybot - Search & Destroy 03/01/2007 16:20 <REP> Maxthon 03/01/2007 16:31 <REP> MailWasher Pro 03/01/2007 16:49 <REP> Siber Systems 06/01/2007 11:22 <REP> eMule 14/01/2007 12:39 <REP> Java 24/01/2007 17:38 <REP> FreeLaunchBar 14/01/2007 20:28 <REP> RegSeeker 01/05/2006 04:29 <REP> ecalc 24/01/2007 18:53 <REP> DVD Shrink 24/01/2007 19:37 <REP> Lavasoft 24/01/2007 19:43 <REP> VideoLAN 24/01/2007 19:50 <REP> ToniArts 24/01/2007 20:51 <REP> Kaspersky Lab 24/01/2007 22:22 <REP> Picasa2 10/01/2007 14:56 <REP> BorderMaker 10/01/2007 14:56 <REP> RENOMME 24/01/2007 22:49 <REP> DxO Labs 24/02/2007 13:48 <REP> Spyware Doctor 25/02/2007 10:21 <REP> Hijackthis Version Française 26/02/2007 15:16 <REP> AdRem 28/02/2007 19:23 <REP> AntiVir PersonalEdition Classic 0 fichier(s) 0 octets 69 Rép(s) 13 124 009 984 octets libres Le volume dans le lecteur C s'appelle ACER Le numéro de série du volume est A2F2-78E5 Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 4 fichier(s) 343 040 octets 0 Rép(s) 13 124 009 984 octets libres C:\Documents and Settings\Sébastien Delcourte\Local Settings\Temporary Internet Files\Content.IE5\GTOE96RS\GoogleEarthWin[1].exe C:\Documents and Settings\Ariane Vidal\Mes documents\ccsetup136.exe C:\Documents and Settings\Ariane Vidal\Mes documents\GoogleSketchUpWEN.exe C:\Documents and Settings\Ariane Vidal\Mes documents\Install_Messenger.exe C:\Documents and Settings\Ariane Vidal\Mes documents\maxthon159.exe C:\Documents and Settings\Ariane Vidal\Mes documents\spybotsd14.exe C:\Documents and Settings\Ariane Vidal\Mes documents\maxthon159\Maxthon.exe C:\Documents and Settings\Ariane Vidal\Mes documents\maxthon159\MaxUpdate.exe C:\Documents and Settings\Ariane Vidal\Mes documents\Downloads\Shareaza_2.2.5.0.exe C:\Documents and Settings\Ariane Vidal\Bureau\antivir_workstation_win7u_en_h.exe C:\Documents and Settings\Ariane Vidal\Bureau\blbeta.exe C:\Documents and Settings\Ariane Vidal\Bureau\nailfix.exe C:\Documents and Settings\Ariane Vidal\Bureau\Spyware Doctor 4.0.0.2621-REA-cRaCkErTeAm\Spyware Doctor 4.0.0.2621-REA-cRaCkErTeAm\sdsetup.exe C:\Documents and Settings\Ariane Vidal\Bureau\Spyware Doctor 4.0.0.2621-REA-cRaCkErTeAm\Spyware Doctor 4.0.0.2621-REA-cRaCkErTeAm\crack\swdoctor.exe C:\Documents and Settings\Ariane Vidal\Bureau\roland\nc4prem.exe C:\Documents and Settings\Ariane Vidal\Bureau\roland\Real VNC Enterprise Edition v4.1.9 Including Keygen\keygen.exe C:\Documents and Settings\Ariane Vidal\Bureau\roland\Real VNC Enterprise Edition v4.1.9 Including Keygen\setup.exe C:\Documents and Settings\Ariane Vidal\Bureau\DiagHelp\diff.exe C:\Documents and Settings\Ariane Vidal\Bureau\DiagHelp\FilesInfoCmd.exe C:\Documents and Settings\Ariane Vidal\Bureau\DiagHelp\Fport.exe C:\Documents and Settings\Ariane Vidal\Bureau\DiagHelp\grep.exe C:\Documents and Settings\Ariane Vidal\Bureau\DiagHelp\LFiles.exe C:\Documents and Settings\Ariane Vidal\Bureau\DiagHelp\LISTDLLS.exe C:\Documents and Settings\Ariane Vidal\Bureau\DiagHelp\pslist.exe C:\Documents and Settings\Ariane Vidal\Bureau\DiagHelp\streams.exe C:\Documents and Settings\Ariane Vidal\Bureau\DiagHelp\swreg.exe C:\Documents and Settings\Ariane Vidal\Bureau\gmer\gmer.exe C:\Documents and Settings\Ariane Vidal\Application Data\Microsoft\Internet Explorer\Quick Launch\SECURITE\HijackThisFR.exe C:\Documents and Settings\Ariane Vidal\Application Data\Microsoft\Internet Explorer\Quick Launch\Traitement D'images\Renomme.exe C:\Documents and Settings\Ariane Vidal\Application Data\Microsoft\Internet Explorer\Quick Launch\Traitement D'images\ZoomBrowser.exe C:\Documents and Settings\Ariane Vidal\Application Data\Microsoft\Installer\{A80C7E17-7E94-4FE9-932F-20E6E257F256}\ARPPRODUCTICON.exe C:\Documents and Settings\Ariane Vidal\Application Data\Microsoft\Installer\{A80C7E17-7E94-4FE9-932F-20E6E257F256}\NewShortcut1_89A8E5678FEB406FA99151E43005C05D.exe C:\Documents and Settings\Ariane Vidal\Application Data\Microsoft\Installer\{A80C7E17-7E94-4FE9-932F-20E6E257F256}\NewShortcut2_89A8E5678FEB406FA99151E43005C05D.exe C:\Documents and Settings\Ariane Vidal\Application Data\Microsoft\Installer\{A80C7E17-7E94-4FE9-932F-20E6E257F256}\NewShortcut4_89A8E5678FEB406FA99151E43005C05D.exe C:\Documents and Settings\Ariane Vidal\Application Data\Microsoft\Installer\{A80C7E17-7E94-4FE9-932F-20E6E257F256}\NewShortcut6_89A8E5678FEB406FA99151E43005C05D.exe C:\Documents and Settings\Ariane Vidal\Application Data\Microsoft\Installer\{A80C7E17-7E94-4FE9-932F-20E6E257F256}\WinTools_Premium_A80C7E177E944FE9932F20E6E257F256.exe -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
re log en cours pour dialhelp option 2 je poste des que c'est fini car j'etais sur une autre machine et celle ci est tres longue a demarrer -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
re que penses tu du log de gmer -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
Re, un autre bug que je constate si ca peut aider. j'utilise maxthon et dans la barre de recherhe a gauche je regles les options"options -puis- options de maxthon -puis - recherche - puis - default - puis - ok. a la suite de ca j'ai dans le menu deroulant de la recherche les anciennes recherche effectuées et ce en francais. au bout d'un moment ca passe en langage chinois sans que je n'intervienne. je suis oblige d'aller regler de nouveau les options de recherche et puis ca reviens un peu plus tard en chinois de nouveau etc ... je ne sais pas si il y a un rapport avec la lenteur de la machine mais je le signale quand meme au cas ou..... -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
re voila le log de gmer GMER 1.0.12.12027 - http://www.gmer.net Rootkit scan 2007-02-28 00:08:40 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.12 ---- SSDT \SystemRoot\System32\drivers\klif.sys ZwClose SSDT \SystemRoot\System32\drivers\klif.sys ZwCreateProcess SSDT \SystemRoot\System32\drivers\klif.sys ZwCreateProcessEx SSDT \SystemRoot\System32\drivers\klif.sys ZwCreateSection SSDT \SystemRoot\System32\drivers\klif.sys ZwCreateThread SSDT \SystemRoot\System32\drivers\klif.sys ZwOpenProcess SSDT \SystemRoot\System32\drivers\klif.sys ZwQueryInformationFile SSDT \SystemRoot\System32\drivers\klif.sys ZwSetInformationProcess SSDT \SystemRoot\System32\drivers\klif.sys ZwTerminateProcess SSDT \SystemRoot\System32\drivers\klif.sys SSDT[284] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[285] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[286] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[287] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[288] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[289] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[290] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[291] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[292] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[293] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[294] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[295] SSDT \SystemRoot\System32\drivers\klif.sys SSDT[296] ---- Kernel code sections - GMER 1.0.12 ---- .text ntkrnlpa.exe!ZwCallbackReturn + 2F1C 80503C00 2 Bytes [ 30, 95 ] .text ntkrnlpa.exe!KiDispatchInterrupt + 100 80544C20 7 Bytes JMP F15C9668 \SystemRoot\System32\drivers\klif.sys ---- User code sections - GMER 1.0.12 ---- .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[460] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[460] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[460] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[460] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[460] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[460] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\wscntfy.exe[516] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\system32\wscntfy.exe[516] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\system32\wscntfy.exe[516] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\system32\wscntfy.exe[516] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\system32\wscntfy.exe[516] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\system32\wscntfy.exe[516] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[540] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[540] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 18, 5F ] .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[540] KERNEL32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 12, 5F ] .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[540] KERNEL32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 15, 5F ] .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[540] KERNEL32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 0F, 5F ] .text C:\Acer\Empowering Technology\ePower\ePower_DMC.exe[540] KERNEL32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe[608] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe[608] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe[608] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe[608] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe[608] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe[608] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\AdRem\NetCrunch\4.0\NCTasks.exe[644] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\Program Files\AdRem\NetCrunch\4.0\NCTasks.exe[644] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\Program Files\AdRem\NetCrunch\4.0\NCTasks.exe[644] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\Program Files\AdRem\NetCrunch\4.0\NCTasks.exe[644] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\Program Files\AdRem\NetCrunch\4.0\NCTasks.exe[644] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\SYSTEM32\CSRSS.EXE[804] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\CSRSS.EXE[804] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\CSRSS.EXE[804] KERNEL32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\CSRSS.EXE[804] KERNEL32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\CSRSS.EXE[804] KERNEL32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\SYSTEM32\WINLOGON.EXE[828] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\WINLOGON.EXE[828] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\WINLOGON.EXE[828] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\WINLOGON.EXE[828] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\WINLOGON.EXE[828] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\system32\igfxsrvc.exe[856] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\system32\igfxsrvc.exe[856] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\system32\igfxsrvc.exe[856] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\system32\igfxsrvc.exe[856] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\system32\igfxsrvc.exe[856] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\system32\igfxsrvc.exe[856] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\SYSTEM32\SERVICES.EXE[872] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\SERVICES.EXE[872] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\SERVICES.EXE[872] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\SERVICES.EXE[872] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\SERVICES.EXE[872] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\SYSTEM32\LSASS.EXE[884] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\LSASS.EXE[884] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\LSASS.EXE[884] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\LSASS.EXE[884] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\LSASS.EXE[884] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\Documents and Settings\Ariane Vidal\Bureau\gmer\gmer.exe[964] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\Documents and Settings\Ariane Vidal\Bureau\gmer\gmer.exe[964] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\Documents and Settings\Ariane Vidal\Bureau\gmer\gmer.exe[964] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\Documents and Settings\Ariane Vidal\Bureau\gmer\gmer.exe[964] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\Documents and Settings\Ariane Vidal\Bureau\gmer\gmer.exe[964] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\Documents and Settings\Ariane Vidal\Bureau\gmer\gmer.exe[964] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\SYSTEM32\DRIVERS\CDANTSRV.EXE[1000] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\DRIVERS\CDANTSRV.EXE[1000] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\DRIVERS\CDANTSRV.EXE[1000] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\DRIVERS\CDANTSRV.EXE[1000] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\DRIVERS\CDANTSRV.EXE[1000] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1044] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1044] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1044] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1044] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1044] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\TV\CLCAPSVC.EXE[1100] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\TV\CLCAPSVC.EXE[1100] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\TV\CLCAPSVC.EXE[1100] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\TV\CLCAPSVC.EXE[1100] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\TV\CLCAPSVC.EXE[1100] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1160] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1160] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1160] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1160] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1160] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1200] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1200] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1200] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1200] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1200] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVER.EXE[1220] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVER.EXE[1220] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVER.EXE[1220] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVER.EXE[1220] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVER.EXE[1220] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVICE.EXE[1236] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVICE.EXE[1236] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVICE.EXE[1236] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVICE.EXE[1236] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\PROGRAM FILES\ACER\ACER ARCADE\KERNEL\CLML_NTSERVICE\CLMLSERVICE.EXE[1236] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE[1256] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE[1256] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE[1256] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE[1256] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE[1256] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE[1308] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE[1308] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE[1308] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE[1308] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE[1308] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1344] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1344] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1344] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1344] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1344] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1480] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1480] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1480] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1480] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[1480] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\Program Files\Canon\CAL\CALMAIN.exe[1568] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\Program Files\Canon\CAL\CALMAIN.exe[1568] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\Program Files\Canon\CAL\CALMAIN.exe[1568] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\Program Files\Canon\CAL\CALMAIN.exe[1568] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\Program Files\Canon\CAL\CALMAIN.exe[1568] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\Program Files\Canon\CAL\CALMAIN.exe[1568] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe[1600] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe[1600] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe[1600] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe[1600] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe[1600] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\Program Files\AdRem\NetCrunch\4.0\NCSQLSrv.exe[1616] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\Program Files\AdRem\NetCrunch\4.0\NCSQLSrv.exe[1616] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\Program Files\AdRem\NetCrunch\4.0\NCSQLSrv.exe[1616] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\Program Files\AdRem\NetCrunch\4.0\NCSQLSrv.exe[1616] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\Program Files\AdRem\NetCrunch\4.0\NCSQLSrv.exe[1616] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\SYSTEM32\SPOOLSV.EXE[1800] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\SPOOLSV.EXE[1800] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\SPOOLSV.EXE[1800] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\SPOOLSV.EXE[1800] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\SPOOLSV.EXE[1800] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\PROGRAM FILES\FICHIERS COMMUNS\LOGITECH\LVMVFM\LVPRCSRV.EXE[1836] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\PROGRAM FILES\FICHIERS COMMUNS\LOGITECH\LVMVFM\LVPRCSRV.EXE[1836] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\PROGRAM FILES\FICHIERS COMMUNS\LOGITECH\LVMVFM\LVPRCSRV.EXE[1836] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\PROGRAM FILES\FICHIERS COMMUNS\LOGITECH\LVMVFM\LVPRCSRV.EXE[1836] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\PROGRAM FILES\FICHIERS COMMUNS\LOGITECH\LVMVFM\LVPRCSRV.EXE[1836] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[1884] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[1884] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[1884] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[1884] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe[1884] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[1952] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[1952] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[1952] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[1952] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\Program Files\CyberLink\Shared Files\RichVideo.exe[1952] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\ACER\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE[1976] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\ACER\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE[1976] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\ACER\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE[1976] KERNEL32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\ACER\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE[1976] KERNEL32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\ACER\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE[1976] KERNEL32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe[2076] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe[2076] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 12, 5F ] .text C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe[2076] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 0C, 5F ] .text C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe[2076] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0F, 5F ] .text C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe[2076] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 09, 5F ] .text C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe[2076] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\lvcomsx.exe[2088] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\system32\lvcomsx.exe[2088] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\system32\lvcomsx.exe[2088] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\system32\lvcomsx.exe[2088] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\system32\lvcomsx.exe[2088] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\system32\lvcomsx.exe[2088] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2548] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2548] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2548] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2548] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2548] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2548] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\System32\alg.exe[2556] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\System32\alg.exe[2556] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\wbem\unsecapp.exe[2780] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\system32\wbem\unsecapp.exe[2780] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\system32\wbem\unsecapp.exe[2780] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\system32\wbem\unsecapp.exe[2780] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\system32\wbem\unsecapp.exe[2780] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\system32\wbem\unsecapp.exe[2780] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2872] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2872] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2872] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2872] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2872] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\system32\wbem\wmiprvse.exe[2872] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\Explorer.EXE[2928] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\Explorer.EXE[2928] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\Explorer.EXE[2928] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\Explorer.EXE[2928] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\Explorer.EXE[2928] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\Explorer.EXE[2928] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\system32\wuauclt.exe[3252] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\system32\wuauclt.exe[3252] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\system32\wuauclt.exe[3252] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\system32\wuauclt.exe[3252] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\system32\wuauclt.exe[3252] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\system32\wuauclt.exe[3252] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[3464] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[3464] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[3464] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[3464] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[3464] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\SYSTEM32\SVCHOST.EXE[3464] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\Program Files\Acer\OrbiCam\CameraAssistant.exe[4016] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\Program Files\Acer\OrbiCam\CameraAssistant.exe[4016] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\Program Files\Acer\OrbiCam\CameraAssistant.exe[4016] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\Program Files\Acer\OrbiCam\CameraAssistant.exe[4016] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\Program Files\Acer\OrbiCam\CameraAssistant.exe[4016] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\Program Files\Acer\OrbiCam\CameraAssistant.exe[4016] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] .text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE[4056] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ] .text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE[4056] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ] .text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE[4056] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes [ FF, 25, 1E, 00, 08, 5F ] .text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE[4056] kernel32.dll!CreateProcessW 7C802332 6 Bytes [ FF, 25, 1E, 00, 0B, 5F ] .text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE[4056] kernel32.dll!CreateProcessA 7C802367 6 Bytes [ FF, 25, 1E, 00, 05, 5F ] .text C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE[4056] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, 7F, E2 ] ---- Registry - GMER 1.0.12 ---- Reg \Registry\MACHINE\SOFTWARE\AdRem\Setup@AdRem NetCrunch 4.01.02 0x00 0x00 0x00 0x00 ... Reg \Registry\MACHINE\SOFTWARE\AdRem\Setup@AdRem NetCrunch 4.01.02LRD 0x00 0x00 0x00 0x00 ... Reg \Registry\MACHINE\SOFTWARE\AdRem\Setup@AdRem NetCrunch 1.00.02 0x00 0x00 0x00 0x00 ... Reg \Registry\MACHINE\SOFTWARE\AdRem\Setup@AdRem NetCrunch 1.00.02LRD 0x00 0x00 0x00 0x00 ... ---- EOF - GMER 1.0.12 ---- -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
re, je viens d'arriver pour les problèmes de ralentissement c'est en permanence meme au demmarrage c'est tres long . ----------------------------------------------------------------------------------------------------------------------- pour le fichier C:\StubInstaller.exe je l'ai trouve apres une recherche dans c:\windows\Prefetch et je l'ai elimine -------------------------------------------------------------------------------------------------------------------------------- Pour java j'ai telecharger et installé la version J2SE Runtime Environnement 5.0 Update 11 --------------------------------------------------------------------------------------------------------------- et j'ai desinstalle la version J2SE Runtime Environment 5.0 Update 8. ------------------------------------------------------------------------------------------------- j'ai telechargé gmer et je te joint le log demain il est en cours de scan -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
re je vais me coucher on se retrouve demain soir avec plaisir ci possible merci pour toute cette aide ce forum est tres convivial mon seul regret est de ne pas m'etre inscrit plus tot. On se cultive beaucoup ici -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
re dans les services j'ai desactive et arreté nvidia pour google c'etait deja arrete et en manuel j'ai redemarre et c'est toujours le meme probleme -
(Resolu Formatage) gros probleme d'infection
onkyogs1 a répondu à un(e) sujet de onkyogs1 dans Analyses et éradication malwares
re pour la memoire des processus svchost.exe 35392 ko ------------------------------- explorer.exe 29104 ko ------------------------------- epower_DMC.exe 18724 ko ------------------------------------- kavsvc.exe 16432 ko ------------------------------ clcapsuc.exe 14096 ko ---------------------------------- clmlservice.exe 10464 ko ------------------------------- memchec.exe 10040 ko le reste en dessous de 10000 ko