Votre question

Virus jl.chura.pl/rc

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Mars 2009 16:18:01

je refais donc un nouveau sujet..Dslé d avoir emprunté le fil d un autre...beug avec IE avec message de plantage reguliers ou message IE 'erreur sur la page"..de tps a autre acces à jl.chura.pl/rc....Merci pour votre aide !

Rapport gmer :

GMER 1.0.15.14878 - http://www.gmer.net
Rootkit scan 2009-03-12 15:28:05
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.15 ----

Code 86A704D0 pIofCallDriver

---- Kernel code sections - GMER 1.0.15 ----

? C:\WINNT\system32\Drivers\uphcleanhlp.sys Le fichier spécifié est introuvable. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Network Associates\VirusScan\vstskmgr.exe[164] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Network Associates\VirusScan\vstskmgr.exe[164] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Network Associates\VirusScan\vstskmgr.exe[164] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Network Associates\VirusScan\vstskmgr.exe[164] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Network Associates\VirusScan\vstskmgr.exe[164] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[184] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[184] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[184] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[184] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[184] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe[236] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe[236] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe[236] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe[236] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe[236] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe[348] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe[348] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe[348] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe[348] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe[348] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe[452] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe[452] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe[452] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe[452] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Network Associates\Common Framework\naPrdMgr.exe[452] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\svchost.exe[652] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\svchost.exe[652] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\svchost.exe[652] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\svchost.exe[652] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\svchost.exe[652] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\Pen_Tablet.exe[664] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\Pen_Tablet.exe[664] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\Pen_Tablet.exe[664] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\Pen_Tablet.exe[664] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\Pen_Tablet.exe[664] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\RCSERV.EXE[700] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\RCSERV.EXE[700] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\RCSERV.EXE[700] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\RCSERV.EXE[700] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\RCSERV.EXE[700] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\UPHClean\uphclean.exe[732] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\UPHClean\uphclean.exe[732] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\UPHClean\uphclean.exe[732] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\UPHClean\uphclean.exe[732] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\UPHClean\uphclean.exe[732] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\SearchIndexer.exe[792] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FF93FD0
.text C:\WINNT\system32\SearchIndexer.exe[792] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FF9405F
.text C:\WINNT\system32\SearchIndexer.exe[792] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FF9406C
.text C:\WINNT\system32\SearchIndexer.exe[792] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FF94055
.text C:\WINNT\system32\SearchIndexer.exe[792] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FF940AD
.text C:\WINNT\system32\SearchIndexer.exe[792] kernel32.dll!WriteFile 7C810D87 7 Bytes JMP 00D31B19 C:\WINNT\system32\mssrch.dll (mssrch.lib/Microsoft Corporation)
.text C:\Program Files\Network Associates\Common Framework\UdaterUI.exe[852] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Network Associates\Common Framework\UdaterUI.exe[852] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Network Associates\Common Framework\UdaterUI.exe[852] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Network Associates\Common Framework\UdaterUI.exe[852] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Network Associates\Common Framework\UdaterUI.exe[852] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\winlogon.exe[932] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FF93FD0
.text C:\WINNT\system32\winlogon.exe[932] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FF9405F
.text C:\WINNT\system32\winlogon.exe[932] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FF9406C
.text C:\WINNT\system32\winlogon.exe[932] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FF94055
.text C:\WINNT\system32\winlogon.exe[932] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FF940AD
.text C:\WINNT\system32\services.exe[976] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FF93FD0
.text C:\WINNT\system32\services.exe[976] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FF9405F
.text C:\WINNT\system32\services.exe[976] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FF9406C
.text C:\WINNT\system32\services.exe[976] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FF94055
.text C:\WINNT\system32\services.exe[976] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FF940AD
.text C:\WINNT\system32\lsass.exe[992] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FF93FD0
.text C:\WINNT\system32\lsass.exe[992] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FF9405F
.text C:\WINNT\system32\lsass.exe[992] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FF9406C
.text C:\WINNT\system32\lsass.exe[992] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FF94055
.text C:\WINNT\system32\lsass.exe[992] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FF940AD
.text C:\WINNT\system32\svchost.exe[1164] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FF93FD0
.text C:\WINNT\system32\svchost.exe[1164] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FF9405F
.text C:\WINNT\system32\svchost.exe[1164] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FF9406C
.text C:\WINNT\system32\svchost.exe[1164] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FF94055
.text C:\WINNT\system32\svchost.exe[1164] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FF940AD
.text C:\WINNT\system32\svchost.exe[1212] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\svchost.exe[1212] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\svchost.exe[1212] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\svchost.exe[1212] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\svchost.exe[1212] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\svchost.exe[1392] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\svchost.exe[1392] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\svchost.exe[1392] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\svchost.exe[1392] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\svchost.exe[1392] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\svchost.exe[1424] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\svchost.exe[1424] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\svchost.exe[1424] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\svchost.exe[1424] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\svchost.exe[1424] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Network Associates\Common Framework\McTray.exe[1512] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Network Associates\Common Framework\McTray.exe[1512] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Network Associates\Common Framework\McTray.exe[1512] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Network Associates\Common Framework\McTray.exe[1512] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Network Associates\Common Framework\McTray.exe[1512] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\spoolsv.exe[1664] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\spoolsv.exe[1664] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\spoolsv.exe[1664] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\spoolsv.exe[1664] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\spoolsv.exe[1664] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\System32\SCardSvr.exe[1712] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\System32\SCardSvr.exe[1712] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\System32\SCardSvr.exe[1712] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\System32\SCardSvr.exe[1712] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\System32\SCardSvr.exe[1712] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\e-buro.exe[1756] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\e-buro.exe[1756] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\e-buro.exe[1756] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\e-buro.exe[1756] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\e-buro.exe[1756] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\wbem\wmiprvse.exe[1804] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\wbem\wmiprvse.exe[1804] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\wbem\wmiprvse.exe[1804] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\wbem\wmiprvse.exe[1804] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\wbem\wmiprvse.exe[1804] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\svchost.exe[1816] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\svchost.exe[1816] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\svchost.exe[1816] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\svchost.exe[1816] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\svchost.exe[1816] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\eTSrv.exe[1872] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\eTSrv.exe[1872] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\eTSrv.exe[1872] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\eTSrv.exe[1872] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\eTSrv.exe[1872] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text c:\tivoli\itm\FTIM.EXE[1904] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text c:\tivoli\itm\FTIM.EXE[1904] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text c:\tivoli\itm\FTIM.EXE[1904] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text c:\tivoli\itm\FTIM.EXE[1904] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text c:\tivoli\itm\FTIM.EXE[1904] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe[1944] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe[1944] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe[1944] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe[1944] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe[1944] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe[1956] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe[1956] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe[1956] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe[1956] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe[1956] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe[1996] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe[1996] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe[1996] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe[1996] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\lcfd.exe[1996] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[2028] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FF93FD0
.text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[2028] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FF9405F
.text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[2028] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FF9406C
.text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[2028] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FF94055
.text C:\Program Files\Network Associates\Common Framework\FrameworkService.exe[2028] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FF940AD
.text C:\WINNT\system32\LVCOMSX.EXE[2144] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\LVCOMSX.EXE[2144] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\LVCOMSX.EXE[2144] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\LVCOMSX.EXE[2144] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\LVCOMSX.EXE[2144] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Logitech\Video\LogiTray.exe[2192] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Logitech\Video\LogiTray.exe[2192] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Logitech\Video\LogiTray.exe[2192] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Logitech\Video\LogiTray.exe[2192] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Logitech\Video\LogiTray.exe[2192] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\System32\reader_s.exe[2216] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\System32\reader_s.exe[2216] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\System32\reader_s.exe[2216] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\System32\reader_s.exe[2216] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\System32\reader_s.exe[2216] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Progra~1\PrintScreen\PrintScreen.exe[2228] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Progra~1\PrintScreen\PrintScreen.exe[2228] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Progra~1\PrintScreen\PrintScreen.exe[2228] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Progra~1\PrintScreen\PrintScreen.exe[2228] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Progra~1\PrintScreen\PrintScreen.exe[2228] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\System32\svchost.exe[2232] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\System32\svchost.exe[2232] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\System32\svchost.exe[2232] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\System32\svchost.exe[2232] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\System32\svchost.exe[2232] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\ctfmon.exe[2448] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\ctfmon.exe[2448] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\ctfmon.exe[2448] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\ctfmon.exe[2448] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\ctfmon.exe[2448] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\PrintScreen\PrintScreen.exe[2460] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\PrintScreen\PrintScreen.exe[2460] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\PrintScreen\PrintScreen.exe[2460] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\PrintScreen\PrintScreen.exe[2460] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\PrintScreen\PrintScreen.exe[2460] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE[2492] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE[2492] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE[2492] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE[2492] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE[2492] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2556] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2556] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2556] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2556] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2556] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Microsoft ActiveSync\wcescomm.exe[2688] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Microsoft ActiveSync\wcescomm.exe[2688] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Microsoft ActiveSync\wcescomm.exe[2688] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Microsoft ActiveSync\wcescomm.exe[2688] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Microsoft ActiveSync\wcescomm.exe[2688] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Citrix\ICA Client\ssonsvr.exe[2772] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Citrix\ICA Client\ssonsvr.exe[2772] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Citrix\ICA Client\ssonsvr.exe[2772] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Citrix\ICA Client\ssonsvr.exe[2772] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Citrix\ICA Client\ssonsvr.exe[2772] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Documents and Settings\avmi6292\reader_s.exe[2792] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Documents and Settings\avmi6292\reader_s.exe[2792] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Documents and Settings\avmi6292\reader_s.exe[2792] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Documents and Settings\avmi6292\reader_s.exe[2792] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Documents and Settings\avmi6292\reader_s.exe[2792] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[2860] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[2860] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[2860] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[2860] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Windows Desktop Search\WindowsSearch.exe[2860] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[2908] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[2908] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[2908] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[2908] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\PROGRA~1\MI3AA1~1\rapimgr.exe[2908] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\gcc.exe[3156] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\gcc.exe[3156] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\gcc.exe[3156] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\gcc.exe[3156] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\gcc.exe[3156] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\Explorer.EXE[3160] Explorer.EXE 0101A8EB 4 Bytes [FF, 15, 1C, 11]
.text C:\WINNT\Explorer.EXE[3160] C:\WINNT\Explorer.EXE section is writeable [0x01001000, 0x44AD9, 0xE0000060]
.reloc C:\WINNT\Explorer.EXE[3160] C:\WINNT\Explorer.EXE section is executable [0x010FB000, 0x8800, 0xE2000040]
.text C:\WINNT\Explorer.EXE[3160] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\Explorer.EXE[3160] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\Explorer.EXE[3160] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\Explorer.EXE[3160] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\Explorer.EXE[3160] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\WTablet\Pen_TabletUser.exe[3536] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\WTablet\Pen_TabletUser.exe[3536] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\WTablet\Pen_TabletUser.exe[3536] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\WTablet\Pen_TabletUser.exe[3536] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\WTablet\Pen_TabletUser.exe[3536] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\Pen_Tablet.exe[3608] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\Pen_Tablet.exe[3608] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\Pen_Tablet.exe[3608] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\Pen_Tablet.exe[3608] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\Pen_Tablet.exe[3608] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\wscntfy.exe[3628] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\wscntfy.exe[3628] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\wscntfy.exe[3628] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\wscntfy.exe[3628] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\wscntfy.exe[3628] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\quickres.exe[3676] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\quickres.exe[3676] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\quickres.exe[3676] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\quickres.exe[3676] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\quickres.exe[3676] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\hkcmd.exe[3692] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\hkcmd.exe[3692] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\hkcmd.exe[3692] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\hkcmd.exe[3692] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\hkcmd.exe[3692] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\igfxpers.exe[3704] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\igfxpers.exe[3704] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\igfxpers.exe[3704] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\igfxpers.exe[3704] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\igfxpers.exe[3704] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\stsystra.exe[3712] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\stsystra.exe[3712] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\stsystra.exe[3712] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\stsystra.exe[3712] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\stsystra.exe[3712] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Dell\QuickSet\quickset.exe[3752] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Dell\QuickSet\quickset.exe[3752] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Dell\QuickSet\quickset.exe[3752] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Dell\QuickSet\quickset.exe[3752] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Dell\QuickSet\quickset.exe[3752] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\e-buroUI.exe[3760] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\e-buroUI.exe[3760] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\e-buroUI.exe[3760] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\e-buroUI.exe[3760] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\e-buroUI.exe[3760] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\svchost.exe[3768] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\svchost.exe[3768] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\svchost.exe[3768] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\svchost.exe[3768] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\svchost.exe[3768] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE[3776] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE[3776] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE[3776] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE[3776] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE[3776] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe[3784] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe[3784] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe[3784] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe[3784] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe[3784] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe[3816] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe[3816] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe[3816] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe[3816] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe[3816] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\rundll32.exe[3836] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\rundll32.exe[3836] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\rundll32.exe[3836] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\rundll32.exe[3836] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\rundll32.exe[3836] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\eTCrtMng.exe[3852] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\eTCrtMng.exe[3852] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\eTCrtMng.exe[3852] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\eTCrtMng.exe[3852] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\eTCrtMng.exe[3852] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\igfxsrvc.exe[3876] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\igfxsrvc.exe[3876] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\igfxsrvc.exe[3876] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\igfxsrvc.exe[3876] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\igfxsrvc.exe[3876] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\WINNT\system32\SearchProtocolHost.exe[5624] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\WINNT\system32\SearchProtocolHost.exe[5624] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\WINNT\system32\SearchProtocolHost.exe[5624] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\WINNT\system32\SearchProtocolHost.exe[5624] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\WINNT\system32\SearchProtocolHost.exe[5624] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Logitech\Video\FxSvr2.exe[8716] ntdll.dll!NtCreateFile 7C90D682 5 Bytes CALL 7FFA3FD0
.text C:\Program Files\Logitech\Video\FxSvr2.exe[8716] ntdll.dll!NtCreateProcess 7C90D754 5 Bytes CALL 7FFA405F
.text C:\Program Files\Logitech\Video\FxSvr2.exe[8716] ntdll.dll!NtCreateProcessEx 7C90D769 5 Bytes CALL 7FFA406C
.text C:\Program Files\Logitech\Video\FxSvr2.exe[8716] ntdll.dll!NtOpenFile 7C90DCFD 5 Bytes CALL 7FFA4055
.text C:\Program Files\Logitech\Video\FxSvr2.exe[8716] ntdll.dll!NtQueryInformationProcess 7C90E01B 5 Bytes CALL 7FFA40AD
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[8876]

Autres pages sur : virus chura

Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS