popup, alertes avira, advanced virus remover, son

Salut les gens.
Je flippe beaucoup ce soir, parce que cela fait plus de 24 heures que:
- mon PC voit des pages pop-up (porno bien sur) s'afficher en rafales,
- des alertes Avira se lancent (deux toutes les 30 secondes en moyenne!)
- un logiciel s'est installé nommé "advanced virus remover" (je n'y ai bien sur pas touché)
- on entend des bandes son qui se mettent en marche alors que je n'ai rien ouvert de particulier (dont une conversation entre deux personnes visitant un appartement! )

Je précise que j'ai une connexion partagée en résidence:
la prise au mur me permet d'obtenir une connexion que beaucoup de résidents partagent, sur la même plateforme.

Aidez moi, je vous en prie!!!!!

Comme je crois que c'est l'usage: je poste le rapport HSIT
(seulement le fichier log, parce que le fichier Info ne veut pas apparaitre, même dans le dossier c:/hsit )

MERCI D'AVANCE, ames charitables!!!

EDITION MODERATEUR : Règle du forum à respecter :

Pas de rapport avant qu'il n'en soit demandé un !

Veuillez lire l'article suivant :
http://forum.telecharger.01net.com/telecharger/securite_virus_et_assimiles/a_(...)

Merci d'en prendre connaissance.

Oups, désolé pour ce petit écart.
Je mets le rapport de côté!

Merci de votre réponse!!!

Salut Ximini


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

Merci de vous pencher sur le sujet!


Voici le rapport Log:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Xim at 2009-10-31 18:01:10
Microsoft® Windows Vista™ Professionnel Service Pack 2
System drive C: has 5 GB (10%) free of 57 GB
Total RAM: 895 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:01:37, on 31/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sdra64.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\msb.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Windows\System32\oopmagentts.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\ASScrPro.exe
C:\Windows\system32\svchost.exe
C:\Windows\lsass.exe
C:\Windows\odb.exe
C:\Windows\svc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\StkCSrv.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Users\Xim\Desktop\CAPDEVIOLE - FICHIERS A CONSERVER\X\Xim & NoDee's Logiciels\Protection\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Xim.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Windows\system32\sdra64.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ooquickpdfv7] "C:\Windows\system32\oopmagentts.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [winupdate.exe] C:\Windows\system32\winupdate.exe
O4 - HKLM\..\Run: [lsass] C:\Windows\lsass.exe
O4 - HKLM\..\Run: [odby] C:\Windows\odb.exe
O4 - HKLM\..\Run: [netc] C:\Windows\svc.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PopRock] C:\Users\Xim\AppData\Local\Temp\b.exe
O4 - HKCU\..\Run: [Advanced Virus Remover] C:\Program Files\AdvancedVirusRemover\PAVRM.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: *.chat-land.org
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe

--
End of file - 11857 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{F7995F25-208C-4738-85A9-C7BD377EF923}.job
C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
C:\Windows\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-06-28 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-10-08 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-06-28 185896]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-23 815104]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-10-09 729088]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-02 4186112]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"PowerForPhone"=C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-01-15 778240]
"ooquickpdfv7"=C:\Windows\system32\oopmagentts.exe [2007-09-06 69632]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-26 161328]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-03-26 1057328]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"ASUSTPE"=C:\Windows\system32\ASUSTPE.exe [2006-12-12 106496]
"ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe [2007-06-08 33136]
"ASUS Camera ScreenSaver"=C:\Windows\ASScrProlog.exe [2007-06-08 37232]
"winupdate.exe"=C:\Windows\system32\winupdate.exe []
"lsass"=C:\Windows\lsass.exe [2009-10-30 280064]
"odby"=C:\Windows\odb.exe [2009-10-30 233472]
"netc"=C:\Windows\svc.exe [2009-10-30 234496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-29 39408]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-26 149040]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"PopRock"=C:\Users\Xim\AppData\Local\Temp\b.exe []
"Advanced Virus Remover"=C:\Program Files\AdvancedVirusRemover\PAVRM.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
OFFICE One Startup v7.lnk - C:\Program Files\OFFICE One v7\OFFICE One Startup v7\oostartupv7.exe

C:\Users\Xim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=36
"NoDrives"=0
"NoSetActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2009-10-30 15:05:54 ----A---- C:\Windows\system32\18467.exe
2009-10-30 14:53:28 ----D---- C:\ProgramData\WindowsSearch
2009-10-30 14:31:56 ----D---- C:\Program Files\AdvancedVirusRemover
2009-10-30 14:31:36 ----A---- C:\Windows\system32\41.exe
2009-10-30 14:31:02 ----A---- C:\Windows\system32\winhelper.dll
2009-10-30 14:30:47 ----A---- C:\Windows\svc.exe
2009-10-30 14:30:47 ----A---- C:\Windows\odb.exe
2009-10-30 14:30:40 ----SHD---- C:\Windows\system32\lowsec
2009-10-30 14:30:38 ----A---- C:\Windows\lsass.exe
2009-10-30 11:31:08 ----A---- C:\Windows\msb.exe
2009-10-29 21:14:18 ----A---- C:\Windows\msa.exe
2009-10-29 21:13:30 ----A---- C:\Windows\system32\msxml71.dll
2009-10-29 13:34:38 ----A---- C:\Windows\system32\wups2.dll
2009-10-29 13:34:38 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-29 13:34:37 ----A---- C:\Windows\system32\wucltux.dll
2009-10-29 13:34:36 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-29 13:33:41 ----A---- C:\Windows\system32\wups.dll
2009-10-29 13:33:41 ----A---- C:\Windows\system32\wudriver.dll
2009-10-29 13:33:41 ----A---- C:\Windows\system32\wuapi.dll
2009-10-29 13:32:58 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-29 13:32:58 ----A---- C:\Windows\system32\wuapp.exe
2009-10-15 23:14:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-15 23:14:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-15 23:14:15 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-15 23:14:04 ----A---- C:\Windows\system32\wininet.dll
2009-10-15 23:14:03 ----A---- C:\Windows\system32\urlmon.dll
2009-10-15 23:14:02 ----A---- C:\Windows\system32\mshtml.dll
2009-10-15 23:13:55 ----A---- C:\Windows\system32\ieframe.dll
2009-10-15 23:13:53 ----A---- C:\Windows\system32\ieui.dll
2009-10-15 23:13:51 ----A---- C:\Windows\system32\ieencode.dll
2009-10-15 23:13:47 ----A---- C:\Windows\system32\ieapfltr.dll
2009-10-15 23:13:37 ----A---- C:\Windows\system32\msasn1.dll
2009-10-15 23:13:22 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-11 12:03:39 ----D---- C:\Program Files\Saitek Dual Analog Rumble Pad
2009-10-08 11:47:08 ----D---- C:\Program Files\Microsoft
2009-10-08 11:46:42 ----D---- C:\Program Files\Windows Live SkyDrive
2009-10-08 11:46:03 ----D---- C:\Program Files\Windows Live
2009-10-08 11:44:28 ----D---- C:\Program Files\Common Files\Windows Live
2009-10-06 21:55:27 ----D---- C:\Users\Xim\AppData\Roaming\skypePM
2009-10-06 21:51:48 ----D---- C:\Users\Xim\AppData\Roaming\Skype
2009-10-06 21:51:03 ----D---- C:\Program Files\Common Files\Skype
2009-10-06 21:51:00 ----RD---- C:\Program Files\Skype
2009-10-06 21:50:50 ----D---- C:\ProgramData\Skype
2009-10-05 08:25:57 ----A---- C:\Windows\system32\kerberos.dll
2009-10-05 08:25:56 ----A---- C:\Windows\system32\wdigest.dll
2009-10-05 08:25:54 ----A---- C:\Windows\system32\schannel.dll
2009-10-05 08:25:53 ----A---- C:\Windows\system32\lsasrv.dll
2009-10-05 08:25:52 ----A---- C:\Windows\system32\secur32.dll
2009-10-05 08:25:52 ----A---- C:\Windows\system32\lsass.exe
2009-10-01 18:27:55 ----D---- C:\Windows\pss
2009-09-29 21:46:05 ----D---- C:\Program Files\7-Zip
2009-09-29 21:38:37 ----D---- C:\Program Files\Project64 1.6
2009-09-21 08:20:06 ----D---- C:\Windows\system32\eu-ES
2009-09-21 08:20:06 ----D---- C:\Windows\system32\ca-ES
2009-09-21 08:20:01 ----D---- C:\Windows\system32\vi-VN
2009-09-21 07:51:36 ----D---- C:\Windows\system32\EventProviders
2009-09-17 11:06:15 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-17 11:06:15 ----A---- C:\Windows\system32\wlansec.dll
2009-09-17 11:06:15 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-17 11:06:15 ----A---- C:\Windows\system32\wlanhlp.dll
2009-09-17 11:06:15 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-17 11:06:14 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-17 11:04:22 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-17 11:04:19 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-17 11:04:19 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-17 11:04:19 ----A---- C:\Windows\system32\ARP.EXE
2009-09-17 11:04:18 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-17 11:04:18 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-17 11:04:18 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-17 11:04:18 ----A---- C:\Windows\system32\finger.exe
2009-09-17 11:04:16 ----A---- C:\Windows\system32\netevent.dll
2009-09-17 11:02:38 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-17 11:02:36 ----A---- C:\Windows\system32\mf.dll
2009-09-17 11:02:34 ----A---- C:\Windows\system32\rrinstaller.exe
2009-09-17 11:02:34 ----A---- C:\Windows\system32\mfps.dll
2009-09-17 11:02:34 ----A---- C:\Windows\system32\mfpmp.exe
2009-09-17 11:02:34 ----A---- C:\Windows\system32\mferror.dll
2009-09-17 11:02:30 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 02:02:35 ----A---- C:\Windows\system32\tzres.dll
2009-08-17 23:33:52 ----A---- C:\Windows\system32\FM20.DLL
2009-08-17 01:14:05 ----A---- C:\Windows\system32\netfxperf.dll
2009-08-16 18:35:00 ----A---- C:\Windows\system32\atl.dll
2009-08-16 18:34:58 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-16 18:34:54 ----A---- C:\Windows\system32\tsgqec.dll
2009-08-16 18:34:54 ----A---- C:\Windows\system32\mstscax.dll
2009-08-16 18:34:54 ----A---- C:\Windows\system32\aaclient.dll
2009-08-16 18:34:52 ----A---- C:\Windows\system32\avifil32.dll
2009-08-16 18:34:24 ----A---- C:\Windows\system32\wmp.dll
2009-08-16 18:34:17 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-16 18:34:17 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-16 18:34:16 ----A---- C:\Windows\system32\wmploc.DLL
2009-08-16 18:34:16 ----A---- C:\Windows\system32\spwmp.dll
2009-08-16 04:32:46 ----D---- C:\Windows\Sun

======List of files/folders modified in the last 3 months======

2009-10-31 18:01:37 ----D---- C:\Program Files\Trend Micro
2009-10-31 18:01:10 ----D---- C:\rsit
2009-10-31 17:55:21 ----D---- C:\Program Files\Mozilla Firefox
2009-10-31 17:54:27 ----D---- C:\Windows\temp
2009-10-31 17:48:26 ----D---- C:\Windows\system32\drivers
2009-10-31 17:47:47 ----D---- C:\Windows\Tasks
2009-10-31 00:11:42 ----A---- C:\Windows\NeroDigital.ini
2009-10-31 00:03:20 ----D---- C:\Windows\system32\Tasks
2009-10-31 00:03:18 ----A---- C:\Windows\system32\acovcnt.exe
2009-10-30 23:22:18 ----D---- C:\Windows\system32\catroot2
2009-10-30 23:21:41 ----SHD---- C:\Windows\Installer
2009-10-30 23:21:33 ----D---- C:\ProgramData\Microsoft Help
2009-10-30 23:19:27 ----RSD---- C:\Windows\assembly
2009-10-30 23:15:49 ----RSD---- C:\Windows\Fonts
2009-10-30 23:15:43 ----D---- C:\Program Files\Common Files\microsoft shared
2009-10-30 23:15:21 ----D---- C:\Program Files\Microsoft Works
2009-10-30 23:12:43 ----A---- C:\Windows\win.ini
2009-10-30 23:06:35 ----D---- C:\Windows\System32
2009-10-30 16:09:18 ----D---- C:\Windows
2009-10-30 14:53:28 ----HD---- C:\ProgramData
2009-10-30 14:31:56 ----RD---- C:\Program Files
2009-10-30 14:30:41 ----D---- C:\Windows\Prefetch
2009-10-30 02:04:41 ----D---- C:\Windows\winsxs
2009-10-29 17:32:51 ----D---- C:\Windows\rescache
2009-10-29 17:14:30 ----D---- C:\Windows\system32\fr-FR
2009-10-29 13:36:14 ----D---- C:\Windows\PolicyDefinitions
2009-10-29 13:35:21 ----D---- C:\Windows\system32\catroot
2009-10-29 13:32:46 ----SHD---- C:\System Volume Information
2009-10-28 17:54:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-28 17:54:08 ----D---- C:\Windows\inf
2009-10-28 13:51:42 ----D---- C:\Users\Xim\AppData\Roaming\dvdcss
2009-10-20 00:54:00 ----A---- C:\Windows\WORDPAD.INI
2009-10-16 19:22:37 ----D---- C:\Windows\Microsoft.NET
2009-10-08 12:27:45 ----SD---- C:\Users\Xim\AppData\Roaming\Microsoft
2009-10-08 11:44:28 ----D---- C:\Program Files\Common Files
2009-10-08 11:44:12 ----SD---- C:\ProgramData\Microsoft
2009-10-07 08:11:29 ----D---- C:\ProgramData\Google
2009-10-07 08:11:28 ----D---- C:\Program Files\Google
2009-10-02 19:01:57 ----A---- C:\Windows\system32\mrt.exe
2009-09-23 10:46:32 ----D---- C:\Users\Xim\AppData\Roaming\Mozilla
2009-09-22 15:27:31 ----D---- C:\Users\Xim\AppData\Roaming\OFFICEOne7
2009-09-21 08:34:06 ----SHD---- C:\Boot
2009-09-21 08:22:59 ----D---- C:\Program Files\Windows Mail
2009-09-21 08:22:59 ----D---- C:\Program Files\Windows Calendar
2009-09-21 08:22:59 ----D---- C:\Program Files\Movie Maker
2009-09-21 08:22:56 ----D---- C:\Program Files\Windows Sidebar
2009-09-21 08:22:56 ----D---- C:\Program Files\Windows Media Player
2009-09-21 08:22:56 ----D---- C:\Program Files\Internet Explorer
2009-09-21 08:22:55 ----D---- C:\Program Files\Windows Collaboration
2009-09-21 08:22:54 ----D---- C:\Program Files\Windows Journal
2009-09-21 08:22:50 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-21 08:22:50 ----D---- C:\Program Files\Common Files\System
2009-09-21 08:22:43 ----D---- C:\Windows\servicing
2009-09-21 08:22:43 ----D---- C:\Program Files\Windows Defender
2009-09-21 08:22:17 ----D---- C:\Windows\IME
2009-09-21 08:22:16 ----D---- C:\Windows\system32\XPSViewer
2009-09-21 08:22:16 ----D---- C:\Windows\system32\sk-SK
2009-09-21 08:22:16 ----D---- C:\Windows\system32\lv-LV
2009-09-21 08:22:16 ----D---- C:\Windows\system32\ko-KR
2009-09-21 08:22:16 ----D---- C:\Windows\system32\it-IT
2009-09-21 08:22:16 ----D---- C:\Windows\system32\hr-HR
2009-09-21 08:22:16 ----D---- C:\Windows\system32\et-EE
2009-09-21 08:22:16 ----D---- C:\Windows\system32\en-US
2009-09-21 08:22:16 ----D---- C:\Windows\system32\de-DE
2009-09-21 08:22:16 ----D---- C:\Windows\system32\da-DK
2009-09-21 08:22:15 ----D---- C:\Windows\system32\oobe
2009-09-21 08:22:15 ----D---- C:\Windows\system32\fr
2009-09-21 08:22:15 ----D---- C:\Windows\system32\el-GR
2009-09-21 08:22:14 ----D---- C:\Windows\system32\migration
2009-09-21 08:22:05 ----D---- C:\Windows\system32\ru-RU
2009-09-21 08:22:05 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-21 08:21:57 ----D---- C:\Windows\system32\sv-SE
2009-09-21 08:21:57 ----D---- C:\Windows\system32\SLUI
2009-09-21 08:21:57 ----D---- C:\Windows\system32\setup
2009-09-21 08:21:57 ----D---- C:\Windows\system32\pt-PT
2009-09-21 08:21:57 ----D---- C:\Windows\system32\hu-HU
2009-09-21 08:21:57 ----D---- C:\Windows\system32\he-IL
2009-09-21 08:21:57 ----D---- C:\Windows\system32\fi-FI
2009-09-21 08:21:57 ----D---- C:\Windows\system32\cs-CZ
2009-09-21 08:21:55 ----D---- C:\Windows\system32\zh-TW
2009-09-21 08:21:55 ----D---- C:\Windows\system32\zh-CN
2009-09-21 08:21:55 ----D---- C:\Windows\system32\uk-UA
2009-09-21 08:21:55 ----D---- C:\Windows\system32\sr-Latn-CS
2009-09-21 08:21:55 ----D---- C:\Windows\system32\sl-SI
2009-09-21 08:21:55 ----D---- C:\Windows\system32\pl-PL
2009-09-21 08:21:55 ----D---- C:\Windows\system32\manifeststore
2009-09-21 08:21:55 ----D---- C:\Windows\system32\ja-JP
2009-09-21 08:21:55 ----D---- C:\Windows\system32\es-ES
2009-09-21 08:21:55 ----D---- C:\Windows\system32\bg-BG
2009-09-21 08:21:54 ----D---- C:\Windows\system32\ro-RO
2009-09-21 08:21:52 ----D---- C:\Windows\system32\th-TH
2009-09-21 08:21:50 ----D---- C:\Windows\system32\tr-TR
2009-09-21 08:21:48 ----D---- C:\Windows\system32\wbem
2009-09-21 08:21:46 ----D---- C:\Windows\system32\nb-NO
2009-09-21 08:21:45 ----D---- C:\Windows\system32\nl-NL
2009-09-21 08:21:45 ----D---- C:\Windows\system32\lt-LT
2009-09-21 08:21:45 ----D---- C:\Windows\system32\ar-SA
2009-09-21 08:21:44 ----D---- C:\Windows\system32\pt-BR
2009-09-21 08:21:44 ----D---- C:\Windows\system32\migwiz
2009-09-21 08:20:17 ----D---- C:\Windows\AppPatch
2009-09-21 08:20:01 ----D---- C:\Windows\system32\Boot
2009-09-19 19:20:14 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-03-26 37040]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-07-22 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-09-20 55656]
R3 Atc002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Controller; C:\Windows\system32\DRIVERS\L260x86.sys [2006-12-13 25600]
R3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-02 1655464]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-19 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-06-05 62464]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-10-09 981504]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-01-19 1324544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-23 181304]
R3 WCPU;WCPU; \??\C:\Program Files\P4G\WCPU.sys [2007-01-02 11120]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-03-26 108592]
S1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-03-26 39472]
S2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-11-16 15216]
S3 61883;Pilote d'unité 61883; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 Avc;Périphérique AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2008-07-25 15352]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 lvupdtio;lvupdtio; \??\C:\Program Files\ASUS\ASUS Live Update\SYS64\lvupdtio.sys [2006-11-08 15216]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-10-14 4422560]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-22 108289]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-03-26 864816]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-29 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2006-12-11 24576]
R3 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-09-20 185089]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-26 267824]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-10 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-07-25 191656]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-26 779824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]

-----------------EOF-----------------



... Et le fichier Info:
info.txt logfile of random's system information tool 1.06 2009-10-31 18:01:45

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\NuNInst.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x40c /cont -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3D173DC5-4AE5-4B3F-9819-3977DD11B1D0}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9EFF51A-C925-4F1A-9DEB-DB5F970DE983}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x40c -removeonly
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70800000002}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ASUS InstantFun-->MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
ASUS Splendid Video Enhancement Technology-->C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ASUS Touch Pad Extra-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB891739-2EB3-45A8-9CBD-941C255CECD4}\SETUP.EXE" -l0x9
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\SETUP.EXE" -l0x40c -removeonly
ATI Uninstaller-->C:\Program Files\ATI\CIM\Bin\Atisetup.exe -uninstall all
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Attansic Giga Ethernet Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F698102-5739-441E-96F0-74F4EA540F06}\SETUP.EXE" -l0x9
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Chicken Invaders v1.30-->"C:\Program Files\Chicken Invaders\unins000.exe"
Ciel Devis Factures 6.0-->MsiExec.exe /I{F29DDAD0-447D-4BDB-80CB-4276B4D5C9A7}
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
De Blob (alleen verwijderen)-->C:\Program Files\De Blob\Uninstall EN.exe
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
FL Studio 6-->C:\Program Files\Image-Line\FL Studio 6\uninstall.exe
Free Video to Mp3 Converter version 2.7-->"C:\Program Files\DVDVIDEOSOFT\Free Video to Mp3 Converter\unins000.exe"
GLtron version 0.70-->"C:\Program Files\GLtron\unins000.exe"
Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Guitar Pro 4.0-->C:\PROGRA~1\GUITAR~1\UNWISE.EXE C:\PROGRA~1\GUITAR~1\INSTALL.LOG
HDD Capacity Restore 1.2-->"C:\Program Files\HDD Capacity Restore\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Codec Pack 2.85 Basic-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Ma-Config.com-->MsiExec.exe /X{CFF24C43-9C46-4044-9C54-A4D98A3A25FB}
MediaShow 3.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe" -uninstall
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {0A75DA12-55CB-4DE5-8B6A-74D97847204E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
Mozilla Firefox (3.0.15)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NB Probe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\SETUP.EXE" -l0x9
Nero 7 Essentials-->MsiExec.exe /X{97F32DF8-D66E-446A-A425-C1D7B45C1033}
Net4Switch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D6D7811-43B3-463C-BC79-5D1755269989}\setup.exe" -l0x9
OFFICE One 150 Templates v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA147801-8946-4BBE-BE17-A2199CE52C81}\setup.exe" -l0x40c -removeonly
OFFICE One 7.0-->MsiExec.exe /I{EA7D2E55-386E-488D-9880-F6B939534AAE}
OFFICE One BankPerfect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2AE949D0-89B5-479B-A2C3-3482F68C1E7E}\setup.exe" -l0x40c -removeonly
OFFICE One ClipArt v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8F3555E-B918-445E-97D1-BC4861C4EF59}\setup.exe" -l0x40c -removeonly
OFFICE One Fonts v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC0C788C-7C68-47A9-BFBF-0DF7B205B4CC}\setup.exe" -l0x40c -removeonly
OFFICE One Games - Bomberic 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F4427003-AE4B-4D1E-A54A-E2F1E5D5B219}\setup.exe" -l0x40c -removeonly
OFFICE One Games - Pharaohs Curse-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6B10961-45A0-48AD-BB50-777A99286B39}\setup.exe" -l0x40c -removeonly
OFFICE One Games - Rainbow Islands Candyland-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3149B9A3-85FD-4E1C-8C20-2402863B36F0}\setup.exe" -l0x40c -removeonly
OFFICE One Games - Robots-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C42E03E9-E897-4D96-968F-24BFF2D693CF}\setup.exe" -l0x40c -removeonly
OFFICE One Games - The Postman-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{80A88659-E13D-46C8-8BDC-312A8F1FE8A2}\setup.exe" -l0x40c -removeonly
OFFICE One Games - Water in Fire 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C78D647E-3895-4621-A1F7-BD62784B95B4}\setup.exe" -l0x40c -removeonly
OFFICE One Menu v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85C5827E-106F-4497-8066-B7CFEBBEA91D}\setup.exe" -l0x40c -removeonly
OFFICE One Notes v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D2683BE-2C44-4DB5-BECD-87B324077A7F}\setup.exe" -l0x40c -removeonly
OFFICE One QuickPDF v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D85E64FE-A7F1-496B-858F-4D55A622C50D}\setup.exe" -l0x40c -removeonly
OFFICE One QuickZip v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87DEF84E-51A5-4A0E-91C2-E012E92DE69B}\setup.exe" -l0x40c -removeonly
OFFICE One Safety-Box v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B243ABE9-57C2-4B97-BA6B-37DF6C0208ED}\setup.exe" -l0x40c -removeonly
OFFICE One Startup v7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FEC30F06-A382-47D1-B828-859AC641EB1D}\setup.exe" -l0x40c -removeonly
OFFICE One v7 Paint.net-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2FE38EFA-06B3-4FC0-A06B-B173A3E3422E}\setup.exe" -l0x40c -removeonly
Outil de télécharg

Salut Ximini


Télécharge combofix.exe (de sUBs) sur le bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm


==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\ Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++

Mais... Mais...

Je comprends pas:
je lance Combofix, en désactivant mes protections et mon contrôle d'utilisateurs.

Le PC redémarre ("Combofix a detecté une activité de rootkit")

... Et au redémarrage, aucune trace de l'activité de combofix,
et aucun rapport combofix.txt ne s'affiche;
il y a juste un fichier nommé Combofix sous c:/ , mais il n'a pas d'extension (je ne peux pas en rajouter), et a l'icone "ordinateur".

Help please!

Salut Ximini


Télécharge Gmer et enregistre-le sur ton bureau.

Note : l'application portera un nom aléatoire. Indique-le moi dans ton prochain message.

- Déconnecte toi d'internet si possible et ferme tous les programmes, puis lance l'outil.
- Clique sur le bouton "Scan" sur la droite.

- Lorsque le scan est terminé, clic sur "Copy".
- Ouvre le bloc-note et clic sur le Menu Edition / Coller
- Le rapport doit alors apparaître.

- Enregistre le fichier sur ton bureau et copie/colle le contenu ici.


@++

C'est fait!
Le nom de l'application est: yu3vnrec

Voila le rapport:

GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2009-10-31 22:08:49
Windows 6.0.6002 Service Pack 2
Running: yu3vnrec.exe; Driver: C:\Users\Xim\AppData\Local\Temp\kwdirpob.sys


---- System - GMER 1.0.15 ----

SSDT 8A97649C ZwCreateThread
SSDT 8A976488 ZwOpenProcess
SSDT 8A97648D ZwOpenThread
SSDT 8A976497 ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 221 820C3964 4 Bytes [9C, 64, 97, 8A]
.text ntkrnlpa.exe!KeSetEvent + 3F1 820C3B34 4 Bytes [88, 64, 97, 8A] {MOV [EDI+EDX*4-0x76], AH}
.text ntkrnlpa.exe!KeSetEvent + 40D 820C3B50 4 Bytes [8D, 64, 97, 8A] {LEA ESP, [EDI+EDX*4-0x76]}
.text ntkrnlpa.exe!KeSetEvent + 621 820C3D64 4 Bytes [97, 64, 97, 8A]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\ASUS\ASUS Live Update\ALU.exe[316] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 007D5140
IAT C:\Program Files\ASUS\ASUS Live Update\ALU.exe[316] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 007D5027
IAT C:\Program Files\ASUS\ASUS Live Update\ALU.exe[316] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 007D508C
IAT C:\Program Files\ASUS\ASUS Live Update\ALU.exe[316] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 007D5140
IAT C:\Program Files\ASUS\ASUS Live Update\ALU.exe[316] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 007D53F9
IAT C:\Program Files\ASUS\ASUS Live Update\ALU.exe[316] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 007D56AB
IAT C:\Program Files\ASUS\ASUS Live Update\ALU.exe[316] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 007D56AB
IAT C:\Program Files\ASUS\ASUS Live Update\ALU.exe[316] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 007D53F9
IAT C:\Program Files\ASUS\ASUS Live Update\ALU.exe[316] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 007D56AB
IAT C:\Program Files\ASUS\ASUS Live Update\ALU.exe[316] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 007D5140
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 01D15140
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 01D15027
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 01D1508C
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExA] [00419806] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!CreateWindowExW] [0041987E] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 01D156AB
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamA] [00419A10] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DialogBoxParamW] [00419A10] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!MessageBoxW] [00419A1C] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxW] [00419A1C] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!CreateWindowExW] [0041987E] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 01D153F9
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 01D156AB
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!SetWindowPos] [004199A4] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DialogBoxParamW] [00419A10] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!ShowWindow] [004198F6] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHELL32.dll [USER32.dll!MessageBoxIndirectW] [00419A0A] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 01D15140
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 01D153F9
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\ole32.dll [USER32.dll!CreateWindowExW] [0041987E] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\ole32.dll [USER32.dll!DialogBoxParamW] [00419A10] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\ole32.dll [USER32.dll!MessageBoxW] [00419A1C] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\ole32.dll [USER32.dll!ShowWindow] [004198F6] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 01D156AB
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\WININET.dll [USER32.dll!CreateWindowExW] [0041987E] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\WININET.dll [USER32.dll!MessageBoxW] [00419A1C] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowPos] [004199A4] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\WININET.dll [USER32.dll!DialogBoxParamW] [00419A10] C:\Windows\msb.exe
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\Ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 01D15140
IAT C:\Windows\msb.exe[436] @ C:\Windows\system32\crypt32.dll [USER32.dll!MessageBoxW] [00419A1C] C:\Windows\msb.exe
IAT C:\Windows\system32\wininit.exe[576] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 003A5140
IAT C:\Windows\system32\wininit.exe[576] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 003A5027
IAT C:\Windows\system32\wininit.exe[576] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 003A508C
IAT C:\Windows\system32\wininit.exe[576] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 003A56AB
IAT C:\Windows\system32\wininit.exe[576] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 003A53F9
IAT C:\Windows\system32\wininit.exe[576] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 003A56AB
IAT C:\Windows\system32\wininit.exe[576] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 003A5140
IAT C:\Windows\system32\wininit.exe[576] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 003A53F9
IAT C:\Windows\system32\wininit.exe[576] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 003A56AB
IAT C:\Windows\system32\wininit.exe[576] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 003A5140
IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\services.exe [ntdll.dll!NtQueryDirectoryFile] 009B5140
IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 009B5140
IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 009B5027
IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 009B508C
IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 009B56AB
IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 009B53F9
IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 009B56AB
IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 009B5140
IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 009B53F9
IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 009B56AB
IAT C:\Windows\system32\services.exe[620] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 009B5140
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 000C5140
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 000C5027
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 000C508C
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\LSASRV.dll [ntdll.dll!LdrLoadDll] 000C508C
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\SAMSRV.dll [ntdll.dll!LdrLoadDll] 000C508C
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\SAMSRV.dll [ntdll.dll!LdrGetProcedureAddress] 000C5027
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 000C5140
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 000C56AB
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 000C53F9
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 000C56AB
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 000C5140
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 000C53F9
IAT C:\Windows\system32\lsass.exe[632] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 000C56AB
IAT C:\Windows\system32\lsm.exe[640] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00875140
IAT C:\Windows\system32\lsm.exe[640] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00875027
IAT C:\Windows\system32\lsm.exe[640] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 0087508C
IAT C:\Windows\system32\lsm.exe[640] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 008756AB
IAT C:\Windows\system32\lsm.exe[640] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 008753F9
IAT C:\Windows\system32\lsm.exe[640] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 008756AB
IAT C:\Windows\system32\lsm.exe[640] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00875140
IAT C:\Windows\system32\lsm.exe[640] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 008753F9
IAT C:\Windows\system32\lsm.exe[640] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 008756AB
IAT C:\Windows\system32\lsm.exe[640] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00875140
IAT C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe[836] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 01585140
IAT C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe[836] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 01585027
IAT C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe[836] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 0158508C
IAT C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe[836] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 015856AB
IAT C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe[836] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 015853F9
IAT C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe[836] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 015856AB
IAT C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe[836] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 015853F9
IAT C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe[836] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 015856AB
IAT C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe[836] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 01585140
IAT C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe[836] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 01585140
IAT C:\Windows\system32\svchost.exe[916] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00D85140
IAT C:\Windows\system32\svchost.exe[916] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00D85027
IAT C:\Windows\system32\svchost.exe[916] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00D8508C
IAT C:\Windows\system32\svchost.exe[916] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00D856AB
IAT C:\Windows\system32\svchost.exe[916] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00D853F9
IAT C:\Windows\system32\svchost.exe[916] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00D856AB
IAT C:\Windows\system32\svchost.exe[916] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00D85140
IAT C:\Windows\system32\svchost.exe[916] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00D853F9
IAT C:\Windows\system32\svchost.exe[916] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00D856AB
IAT C:\Windows\system32\svchost.exe[916] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00D85140
IAT C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[996] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00D15140
IAT C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[996] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00D15027
IAT C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[996] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00D1508C
IAT C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[996] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00D153F9
IAT C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[996] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00D156AB
IAT C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[996] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00D15140
IAT C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[996] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00D156AB
IAT C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[996] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00D153F9
IAT C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[996] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00D156AB
IAT C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe[996] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00D15140
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[1024] @ C:\Windows\system32\KERNEL32.dll [ntdll.dll!NtQueryDirectoryFile] 04ED5140
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[1024] @ C:\Windows\system32\KERNEL32.dll [ntdll.dll!LdrGetProcedureAddress] 04ED5027
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[1024] @ C:\Windows\system32\KERNEL32.dll [ntdll.dll!LdrLoadDll] 04ED508C
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[1024] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 04ED56AB
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[1024] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 04ED53F9
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[1024] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 04ED56AB
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[1024] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 04ED5140
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[1024] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 04ED53F9
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[1024] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 04ED56AB
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[1024] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 04ED5140
IAT C:\Windows\system32\Ati2evxx.exe[1048] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00495140
IAT C:\Windows\system32\Ati2evxx.exe[1048] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00495027
IAT C:\Windows\system32\Ati2evxx.exe[1048] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 0049508C
IAT C:\Windows\system32\Ati2evxx.exe[1048] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 004953F9
IAT C:\Windows\system32\Ati2evxx.exe[1048] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 004956AB
IAT C:\Windows\system32\Ati2evxx.exe[1048] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 004956AB
IAT C:\Windows\system32\Ati2evxx.exe[1048] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 004953F9
IAT C:\Windows\system32\Ati2evxx.exe[1048] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 004956AB
IAT C:\Windows\system32\Ati2evxx.exe[1048] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00495140
IAT C:\Windows\system32\Ati2evxx.exe[1048] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00495140
IAT C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe[1064] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 01AE5140
IAT C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe[1064] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 01AE5027
IAT C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe[1064] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 01AE508C
IAT C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe[1064] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 01AE53F9
IAT C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe[1064] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 01AE56AB
IAT C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe[1064] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 01AE56AB
IAT C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe[1064] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 01AE53F9
IAT C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe[1064] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 01AE56AB
IAT C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe[1064] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 01AE5140
IAT C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe[1064] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 01AE5140
IAT C:\Windows\RtHDVCpl.exe[1080] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00D55140
IAT C:\Windows\RtHDVCpl.exe[1080] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00D55027
IAT C:\Windows\RtHDVCpl.exe[1080] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00D5508C
IAT C:\Windows\RtHDVCpl.exe[1080] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00D553F9
IAT C:\Windows\RtHDVCpl.exe[1080] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00D556AB
IAT C:\Windows\RtHDVCpl.exe[1080] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00D556AB
IAT C:\Windows\RtHDVCpl.exe[1080] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00D553F9
IAT C:\Windows\RtHDVCpl.exe[1080] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00D556AB
IAT C:\Windows\RtHDVCpl.exe[1080] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00D55140
IAT C:\Windows\RtHDVCpl.exe[1080] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00D55140
IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00E35140
IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00E35027
IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00E3508C
IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00E356AB
IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00E353F9
IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00E356AB
IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00E35140
IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00E353F9
IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00E356AB
IAT C:\Windows\System32\svchost.exe[1104] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00E35140
IAT C:\Windows\System32\svchost.exe[1128] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00F85140
IAT C:\Windows\System32\svchost.exe[1128] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00F85027
IAT C:\Windows\System32\svchost.exe[1128] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00F8508C
IAT C:\Windows\System32\svchost.exe[1128] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00F856AB
IAT C:\Windows\System32\svchost.exe[1128] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00F853F9
IAT C:\Windows\System32\svchost.exe[1128] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00F856AB
IAT C:\Windows\System32\svchost.exe[1128] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00F85140
IAT C:\Windows\System32\svchost.exe[1128] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00F853F9
IAT C:\Windows\System32\svchost.exe[1128] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00F856AB
IAT C:\Windows\System32\svchost.exe[1128] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00F85140
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00F45140
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00F45027
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 00F4508C
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 00F456AB
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 00F453F9
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 00F456AB
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00F45140
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 00F453F9
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 00F456AB
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00F45140
IAT C:\Program Files\ATK Hotkey\Hcontrol.exe[1196] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 019D5140
IAT C:\Program Files\ATK Hotkey\Hcontrol.exe[1196] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 019D5027
IAT C:\Program Files\ATK Hotkey\Hcontrol.exe[1196] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 019D508C
IAT C:\Program Files\ATK Hotkey\Hcontrol.exe[1196] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 019D53F9
IAT C:\Program Files\ATK Hotkey\Hcontrol.exe[1196] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 019D56AB
IAT C:\Program Files\ATK Hotkey\Hcontrol.exe[1196] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 019D56AB
IAT C:\Program Files\ATK Hotkey\Hcontrol.exe[1196] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 019D5140
IAT C:\Program Files\ATK Hotkey\Hcontrol.exe[1196] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 019D53F9
IAT C:\Program Files\ATK Hotkey\Hcontrol.exe[1196] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 019D56AB
IAT C:\Program Files\ATK Hotkey\Hcontrol.exe[1196] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 019D5140
IAT C:\Program Files\ATKOSD2\ATKOSD2.exe[1212] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 02055140
IAT C:\Program Files\ATKOSD2\ATKOSD2.exe[1212] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 02055027
IAT C:\Program Files\ATKOSD2\ATKOSD2.exe[1212] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 0205508C
IAT C:\Program Files\ATKOSD2\ATKOSD2.exe[1212] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 020553F9
IAT C:\Program Files\ATKOSD2\ATKOSD2.exe[1212] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 020556AB
IAT C:\Program Files\ATKOSD2\ATKOSD2.exe[1212] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 020556AB
IAT C:\Program Files\ATKOSD2\ATKOSD2.exe[1212] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 020553F9
IAT C:\Program Files\ATKOSD2\ATKOSD2.exe[1212] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 020556AB
IAT C:\Program Files\ATKOSD2\ATKOSD2.exe[1212] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 02055140
IAT C:\Program Files\ATKOSD2\ATKOSD2.exe[1212] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 02055140
IAT C:\Windows\system32\SLsvc.exe[1264] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00285140
IAT C:\Windows\system32\SLsvc.exe[1264] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00285027
IAT C:\Windows\system32\SLsvc.exe[1264] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 0028508C
IAT C:\Windows\system32\SLsvc.exe[1264] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00285140
IAT C:\Windows\system32\SLsvc.exe[1264] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 002856AB
IAT C:\Windows\system32\SLsvc.exe[1264] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 002853F9
IAT C:\Windows\system32\SLsvc.exe[1264] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 002856AB
IAT C:\Windows\system32\SLsvc.exe[1264] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00285140
IAT C:\Windows\system32\SLsvc.exe[1264] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 002853F9
IAT C:\Windows\system32\SLsvc.exe[1264] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 002856AB
IAT C:\Program Files\P4G\BatteryLife.exe[1344] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 008F5140
IAT C:\Program Files\P4G\BatteryLife.exe[1344] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 008F5027
IAT C:\Program Files\P4G\BatteryLife.exe[1344] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 008F508C
IAT C:\Program Files\P4G\BatteryLife.exe[1344] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 008F56AB
IAT C:\Program Files\P4G\BatteryLife.exe[1344] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 008F53F9
IAT C:\Program Files\P4G\BatteryLife.exe[1344] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 008F56AB
IAT C:\Program Files\P4G\BatteryLife.exe[1344] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 008F53F9
IAT C:\Program Files\P4G\BatteryLife.exe[1344] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 008F56AB
IAT C:\Program Files\P4G\BatteryLife.exe[1344] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 008F5140
IAT C:\Program Files\P4G\BatteryLife.exe[1344] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 008F5140
IAT C:\Windows\system32\Ati2evxx.exe[1348] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 020D5140
IAT C:\Windows\system32\Ati2evxx.exe[1348] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 020D5027
IAT C:\Windows\system32\Ati2evxx.exe[1348] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 020D508C
IAT C:\Windows\system32\Ati2evxx.exe[1348] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 020D53F9
IAT C:\Windows\system32\Ati2evxx.exe[1348] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 020D56AB
IAT C:\Windows\system32\Ati2evxx.exe[1348] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 020D56AB
IAT C:\Windows\system32\Ati2evxx.exe[1348] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 020D53F9
IAT C:\Windows\system32\Ati2evxx.exe[1348] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 020D56AB
IAT C:\Windows\system32\Ati2evxx.exe[1348] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 020D5140
IAT C:\Windows\system32\Ati2evxx.exe[1348] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 020D5140
IAT C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe[1356] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 019B5140
IAT C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe[1356] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 019B5027
IAT C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe[1356] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 019B508C
IAT C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe[1356] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 019B53F9
IAT C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe[1356] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 019B56AB
IAT C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe[1356] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 019B5140
IAT C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe[1356] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 019B56AB
IAT C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe[1356] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 019B53F9
IAT C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe[1356] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 019B56AB
IAT C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe[1356] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 019B5140
IAT C:\Windows\system32\svchost.exe[1372] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 00975140
IAT C:\Windows\system32\svchost.exe[1372] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 00975027
IAT C:\Windows\system32\svchost.exe[1372] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 0097508C
IAT C:\Windows\system32\svchost.exe[1372] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 009756AB
IAT C:\Windows\system32\svchost.exe[1372] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 009753F9
IAT C:\Windows\system32\svchost.exe[1372] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 009756AB
IAT C:\Windows\system32\svchost.exe[1372] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 00975140
IAT C:\Windows\system32\svchost.exe[1372] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 009753F9
IAT C:\Windows\system32\svchost.exe[1372] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 009756AB
IAT C:\Windows\system32\svchost.exe[1372] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 00975140
IAT C:\Program Files\ASUS\Splendid\ACMON.exe[1400] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 024E5140
IAT C:\Program Files\ASUS\Splendid\ACMON.exe[1400] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 024E5027
IAT C:\Program Files\ASUS\Splendid\ACMON.exe[1400] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 024E508C
IAT C:\Program Files\ASUS\Splendid\ACMON.exe[1400] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 024E56AB
IAT C:\Program Files\ASUS\Splendid\ACMON.exe[1400] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 024E53F9
IAT C:\Program Files\ASUS\Splendid\ACMON.exe[1400] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 024E56AB
IAT C:\Program Files\ASUS\Splendid\ACMON.exe[1400] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 024E53F9
IAT C:\Program Files\ASUS\Splendid\ACMON.exe[1400] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 024E56AB
IAT C:\Program Files\ASUS\Splendid\ACMON.exe[1400] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 024E5140
IAT C:\Program Files\ASUS\Splendid\ACMON.exe[1400] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 024E5140
IAT C:\Windows\system32\svchost.exe[1608] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 009D5140
IAT C:\Windows\system32\svchost.exe[1608] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 009D5027
IAT C:\Windows\system32\svchost.exe[1608] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 009D508C
IAT C:\Windows\system32\svchost.exe[1608] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 009D56AB
IAT C:\Windows\system32\svchost.exe[1608] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 009D53F9
IAT C:\Windows\system32\svchost.exe[1608] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 009D56AB
IAT C:\Windows\system32\svchost.exe[1608] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 009D5140
IAT C:\Windows\system32\svchost.exe[1608] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 009D53F9
IAT C:\Windows\system32\svchost.exe[1608] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 009D56AB
IAT C:\Windows\system32\svchost.exe[1608] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 009D5140
IAT C:\Windows\system32\sdra64.exe[1800] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 01525140
IAT C:\Windows\system32\sdra64.exe[1800] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 01525027
IAT C:\Windows\system32\sdra64.exe[1800] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 0152508C
IAT C:\Windows\system32\sdra64.exe[1800] @ C:\Windows\system32\OLE32.DLL [USER32.dll!GetClipboardData] 015253F9
IAT C:\Windows\system32\sdra64.exe[1800] @ C:\Windows\system32\OLE32.DLL [USER32.dll!TranslateMessage] 015256AB
IAT C:\Windows\system32\sdra64.exe[1800] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 015256AB
IAT C:\Windows\system32\sdra64.exe[1800] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 015253F9
IAT C:\Windows\system32\sdra64.exe[1800] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 015256AB
IAT C:\Windows\system32\sdra64.exe[1800] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 01525140
IAT C:\Windows\system32\sdra64.exe[1800] @ C:\Windows\system32\ws2_32.dll [ntdll.dll!NtQueryDirectoryFile] 01525140
IAT C:\Program Files\ATK Hotkey\ASLDRSrv.exe[1812] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 003E5140
IAT C:\Program Files\ATK Hotkey\ASLDRSrv.exe[1812] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 003E5027
IAT C:\Program Files\ATK Hotkey\ASLDRSrv.exe[1812] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 003E508C
IAT C:\Program Files\ATK Hotkey\ASLDRSrv.exe[1812] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 003E56AB
IAT C:\Program Files\ATK Hotkey\ASLDRSrv.exe[1812] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 003E53F9
IAT C:\Program Files\ATK Hotkey\ASLDRSrv.exe[1812] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 003E56AB
IAT C:\Program Files\ATK Hotkey\ASLDRSrv.exe[1812] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 003E5140
IAT C:\Program Files\ATK Hotkey\ASLDRSrv.exe[1812] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 003E53F9
IAT C:\Program Files\ATK Hotkey\ASLDRSrv.exe[1812] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 003E56AB
IAT C:\Program Files\ATK Hotkey\ASLDRSrv.exe[1812] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 003E5140
IAT C:\Windows\system32\Dwm.exe[1828] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 04E55140
IAT C:\Windows\system32\Dwm.exe[1828] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 04E55027
IAT C:\Windows\system32\Dwm.exe[1828] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 04E5508C
IAT C:\Windows\system32\Dwm.exe[1828] @ C:\Windows\system32\ole32.dll [USER32.dll!GetClipboardData] 04E553F9
IAT C:\Windows\system32\Dwm.exe[1828] @ C:\Windows\system32\ole32.dll [USER32.dll!TranslateMessage] 04E556AB
IAT C:\Windows\system32\Dwm.exe[1828] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!TranslateMessage] 04E556AB
IAT C:\Windows\system32\Dwm.exe[1828] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetClipboardData] 04E553F9
IAT C:\Windows\system32\Dwm.exe[1828] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TranslateMessage] 04E556AB
IAT C:\Windows\system32\Dwm.exe[1828] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] 04E55140
IAT C:\Windows\system32\Dwm.exe[1828] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!NtQueryDirectoryFile] 04E55140
IAT C:\Windows\Explorer.EXE[1852] @ C:\Windows\Explorer.EXE [USER32.dll!TranslateMessage] 036056AB
IAT C:\Windows\Explorer.EXE[1852] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtQueryDirectoryFile] 03605140
IAT C:\Windows\Explorer.EXE[1852] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrGetProcedureAddress] 03605027
IAT C:\Windows\Explorer.EXE[1852] @ C:\Windows\system32\kernel32.dll [ntdll.dll!LdrLoadDll] 0360508C
IAT C:\Windows\Explorer.EXE[1852] @ C:\Windows\system32\

Salut Ximini


Ton rapport n'est pas complet, utilise cjoint.com pour poster en lien ton rapport :
http://cjoint.com/

- Clique sur Parcourir pour aller chercher le rapport
- Clique sur Ouvrir ensuite sur Créer le lien Cjoint

- Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.

Si ton rapport plus grand que 500Ko ici : http://www.sendspace.com/


@++

http://cjoint.com/?kFwHI7xgKu

Désolé, et merci de te pencher autant sur mon problème!

Depuis hier soir, j'ai pris l'initiative de supprimer odb.exe et svc.exe, apparemment à l'origine (d'après le gestionnaires des tâches) des "pop-ups sonores" qui se lançaient (soit: des bruits de clavier, des gens qui parlent en espagnol, et la musique d'Halloween pour me faire peur... )


Je ne sais pas si ça reviendra,
Mais quoiqu'il en soit, le reste est toujours là!
A l'aide siouplé!!!
Merci d'avance!

Salut Ximini


Supprime ce dossier C:\rsit

Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

Voila le Log:
http://cjoint.com/?lbpYIG8Ce3


Et l'Info:
http://cjoint.com/?lbpZJR4jrF


Merci!

Salut Ximini


Télécharge OTM (de Old_Timer) sur le bureau :

http://oldtimer.geekstogo.com/OTM.exe


Double-clique sur OTM.exe sur le bureau

- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTM nommé Paste Instructions for Items to be Moved



- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTMoveIt qui se trouve dans C:\_OTM\MovedFiles.


@++

Enfin!

Voici le rapport:
http://cjoint.com/?lbvVHa4iV0


A noter:
1) J'ai du éteindre mon PC "de force", il ne voulait pas s'éteindre lors du redémarrage automatique de l'opération d'OTM.

2) Jusqu'à maintenant et depuis l'opération d'OTM, je ne parvenais pas à me connecter sur internet. C'est réparé maintenant.

3) Depuis l'opération d'OTM, à chaque démarrage de Windows le message suivant s'affiche:
ATI Catalyst Control Center a cessé de fonctionner:

Salut Ximini


Supprime ce dossier C:\rsit

Refais un scan avec RSIT et poste le rapport log.txt seulement à la fin de l’analyse

Le rapport est dans le dossier ici C:\rsit


@++

bon ben là je peux plus rien supprimer du tout: mon ordi ne veut plus s'allumer je suis sur le PC de quelqu'un d'autre...

Moi qui pensait que le problème était résolu voilà qu'il m'a totalement annihilé.
même le recovery system ne peut rien faire.
je n'en peux plus.

Salut Ximini


Et le mode sans échec, as-tu fais l'essai?


@++

j'ai que deux choix:

-lancer l'outil de démarrage system
-demarrer windows normalement
quand je sélectionne l'outil démarrage system, l'écran affiche que windows charge les fichiers et je dois lancé le system recovery mais celui ci se bloque au bout de 3 minutes
je n'ai pas d'autre choix que d'éteindre mon ordi

si tu as une solution merci de me la faire parvenir au plus vite.

Salut Ximini


Si le recovery ne marche plus cela ne va pas bien, as-tu fais une sauvegarde?


@++

ben j'en ai fait une le mois dernier je crois, mais si j'arrive pas à lancer le recovery system aucun interêt, si?

Salut Ximini


Supprime Combofix de cette manière, clique sur le bouton démarrer/ Exécuter puis tape la commande où copier/coller : ComboFix /u

Supprime ce qui est en gras si présent :
C:\ComboFix
C:\Qoobox
Et Combofix.exe si encore présent sur le bureau

-----


Télécharge combofix.exe (de sUBs) sur le bureau :
Faire un clic droit sur ce lien :

http://subs.geekstogo.com/ComboFix.exe

Pour Internet Explorer

- Choisi Enregistrer la cible sous ...

Pour Firefox

- Choisi Enregistrer la cible du lien sous...


- Choisi le bureau comme lieu d'enregistrement

- Donne lui ce nom bibite.exe clique sur Enregistrer

Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm


==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur bibite.exe, clique sur OUI et valide par Entrée

Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\ Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++

je t'arrête tout de suite je ne peux pas démarrer mon ordi comment veux tu que je trouve la commande démarrer...
merci sincèrement de ton aide mais j'ai l'impression de tourner en rond (als que ca fait 3 messages que je dis que je ne peux rien faire)

Salut Ximini


As tu le CD de Vista?


@++

Laisse tomber, mon PC qui ne démarrait plus est maintenant réparé,
40 euros plus tard.

Merci quand même.