|
| Auteur |
Message |
kader66
Newbie
Inscrit le: 25 Jan 2008
Message(s): 28
|
 Posté le: 14 Mar 2008 23:35 Sujet du message: Impossible d'activer mon antivirus via le centre de sécurité |
 |
|
Bonsoir tous le monde,
Voilà, j'ai un petit problème et j'aimerais que vous m'aidiez svp
En rallumant mon ordinateur, le centre de sécurité windows me dit que mon anti virus Kaspersky 7 n'est pas actif, et en voulant l'activer cela ne marche pas, pourtant mon antivirus a l'air de fonctionner et je ne comprend pas d'où peut venir le problème. Je suis sous Vista Intégrale 32bits. Je vous joins le rapport Hijackthis. Merci d'avance pour votre aide.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:35:29, on 24/11/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\vsnp2std.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\abdelkader-pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SLD12677\dss[1].exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\conime.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\abdelkader-pc.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\Windows\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [eCarteBleue-LP-P1] "C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe" /dontopenmycards
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EPSON Stylus DX6000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBIE.EXE /FU "C:\Windows\TEMP\E_S3B0F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/fr-fr/wlscctrl2.cab
O16 - DPF: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01} (ConnectivityTester Class) - http://motive.club-internet.fr:2112/lwp/static/installers/WebflowActiveXInstaller_4-0-0.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 9305 bytes |
|
| Revenir en haut de page |
|
 |
kader66
Newbie
Inscrit le: 25 Jan 2008
Message(s): 28
|
| Posté le: 14 Mar 2008 23:39 Sujet du message: |
|
|
| J'ai oublié aussi de vous signaler une chose importante, en plus de ne pas vouloir activer mon anti virus, il en voit un autre qui est Antivir alors qu'il n'est même pas installé sur mon ordinateur ! |
|
| Revenir en haut de page |
|
|
Angeldark
Equipe Sécurité
Inscrit le: 23 Mai 2007
Message(s): 121
|
| Posté le: 15 Mar 2008 14:09 Sujet du message: |
|
|
Bonjour,
Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.
Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.
Lorsque le scan est terminé, clique sur Copy.
Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici. |
|
| Revenir en haut de page |
|
|
kader66
Newbie
Inscrit le: 25 Jan 2008
Message(s): 28
|
| Posté le: 15 Mar 2008 17:36 Sujet du message: |
|
|
Voici le rapport que tu m'as demandé :
GMER 1.0.14.14205 - http://www.gmer.net
Rootkit scan 2008-03-15 16:32:03
Windows 6.0.6000
---- System - GMER 1.0.14 ----
SSDT \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys ZwOpenProcess [0x841DB8AC]
SSDT \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys ZwTerminateProcess [0x841DB812]
---- Kernel code sections - GMER 1.0.14 ----
? C:\Windows\System32\Drivers\sptd.sys Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
.text USBPORT.SYS!DllUnload 8C702ACF 5 Bytes JMP 87999770
? System32\Drivers\attgcln0.SYS Le fichier spécifié est introuvable. !
---- User code sections - GMER 1.0.14 ----
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] kernel32.dll!OutputDebugStringW 769E60A7 5 Bytes JMP 28001E50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] kernel32.dll!FindResourceExA 769E92DD 7 Bytes JMP 28001C20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] kernel32.dll!FindResourceA 769E93BB 5 Bytes JMP 28001B90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] kernel32.dll!FindResourceW 769F33FE 5 Bytes JMP 28001A80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] kernel32.dll!SizeofResource 769F341C 7 Bytes JMP 28001D80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] kernel32.dll!SetUnhandledExceptionFilter 769FD187 5 Bytes JMP 0056DBBD C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Windows Live Messenger/Microsoft Corporation)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] kernel32.dll!CreateEventA 76A17B60 5 Bytes JMP 28001840 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] kernel32.dll!LockResource 76A1D5DF 5 Bytes JMP 28001DF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] kernel32.dll!FindResourceExW 76A1D673 7 Bytes JMP 28001B00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] kernel32.dll!LoadResource 76A1D74B 7 Bytes JMP 28001CC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] ADVAPI32.dll!CryptDeriveKey 778ED229 7 Bytes JMP 28001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] ADVAPI32.dll!CryptDecrypt 778ED359 7 Bytes JMP 28001060 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] USER32.dll!SetWindowPlacement 767674E1 5 Bytes JMP 28005740 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] USER32.dll!TrackPopupMenuEx 7676C76F 5 Bytes JMP 28004870 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] USER32.dll!LoadImageW 7676D3D5 5 Bytes JMP 28006050 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] USER32.dll!SetWindowRgn 7676E016 7 Bytes JMP 28005880 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] USER32.dll!CreateWindowExW 767785F8 5 Bytes JMP 280037C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] USER32.dll!LoadIconW 767786E0 5 Bytes JMP 28006240 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] USER32.dll!PeekMessageW 767825BC 5 Bytes JMP 28003F90 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] USER32.dll!MessageBoxIndirectW 7678F1B3 5 Bytes JMP 28005C40 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] USER32.dll!CreateDialogParamW 7679A500 5 Bytes JMP 28005A50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] WS2_32.dll!closesocket 77ED3847 5 Bytes JMP 2800A780 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] WS2_32.dll!send 77ED3A8A 5 Bytes JMP 2800A360 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] WS2_32.dll!recv 77ED4ABD 5 Bytes JMP 28009FA0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] WS2_32.dll!WSASend 77ED4EE9 5 Bytes JMP 2800A540 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] WS2_32.dll!WSARecv 77ED72B5 5 Bytes JMP 2800A140 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] SHELL32.dll!Shell_NotifyIconW 76E53104 5 Bytes JMP 28002FE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] ole32.dll!CoRegisterClassObject 76B239AC 5 Bytes JMP 28002200 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] ole32.dll!CoInitializeEx 76B5885D 5 Bytes JMP 28002100 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] WININET.dll!InternetCloseHandle 7669DAC1 5 Bytes JMP 280091A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] WININET.dll!HttpOpenRequestA 766A4399 5 Bytes JMP 28008E60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] WININET.dll!InternetReadFile 766AABF4 5 Bytes JMP 28008FF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[580] WININET.dll!HttpSendRequestA 766ACD78 5 Bytes JMP 280090D0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Patchou)
.text C:\Windows\system32\SearchProtocolHost.exe[736] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Windows\system32\wininit.exe[872] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe[888] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Windows\system32\services.exe[920] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Windows\system32\lsass.exe[932] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text ...
? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: hypertrm.exe"unknown module: wmvcore.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] USER32.dll!DispatchMessageA + 4ED 76774168 4 Bytes [ 70, 11, CA, 00 ]
.text C:\Windows\system32\svchost.exe[1732] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe[1808] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Windows\System32\spoolsv.exe[1964] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Windows\system32\svchost.exe[1988] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Windows\system32\taskeng.exe[2012] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text ...
? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: hypertrm.exe"unknown module: wmvcore.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] USER32.dll!DispatchMessageA + 4ED 76774168 4 Bytes [ 70, 11, C5, 00 ]
.text C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe[3252] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe[3268] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe[3360] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe[3384] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Program Files\Athan\Athan.exe[3432] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text ...
.text C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE[4580] kernel32.dll!SetUnhandledExceptionFilter 769FD187 5 Bytes JMP 68624F4E C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)
.text C:\Program Files\Windows Sidebar\sidebar.exe[4720] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Windows\System32\mobsync.exe[4740] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Windows\system32\conime.exe[4820] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Program Files\Windows Live\Messenger\usnsvc.exe[5424] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 10001F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text C:\Program Files\PC Connectivity Solution\ServiceLayer.exe[5472] ntdll.dll!LdrLoadDll 77D7EB00 5 Bytes JMP 00171F20 C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll (Kaspersky Anti-Virus Ring 3 Hooker/Kaspersky Lab)
.text ...
---- Kernel IAT/EAT - GMER 1.0.14 ----
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [82D1861E] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [82D17AD4] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [82D18748] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [82D17B9C] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [82D17C1A] \SystemRoot\System32\Drivers\sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [82D2D29A] \SystemRoot\System32\Drivers\sptd.sys
---- User IAT/EAT - GMER 1.0.14 ----
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D904A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00D904D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00D904FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00D90526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00D90550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00D9057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00D905A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00D905CE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00D905F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00D90622
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00D9064C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00D90676
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D906A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00D906CA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00D906F4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00D9071E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00D90748
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 00D90772
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D9079C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 00D907C6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 00D907F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 00D9081A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 00D90844
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D9086E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00D90898
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 00D908C2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 00D908EC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 00D90916
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 00D90940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D90D84
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00D90DAE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00D90DD8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 00D90E02
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00D90E2C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00D90E56
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00D90E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00D90EAA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00D90ED4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00D90EFE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00D90F28
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00D90F52
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00D90F7C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D90FA6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00D90FD0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00DE0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00DE003A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00DE0064
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00DE008E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00DE00B8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00DE00E2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DE010C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00DE0136
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00DE0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00DE018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00DE01B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00DE01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 00DE0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 00DE04A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DE04D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 00DE04FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 00DE0526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 00DE0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 00DE057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW] 00DE05A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] 00DE05CE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00DE0748
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] 00DE0772
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!FreeLibrary] 00DE079C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] 00DE07C6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DE07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DE0A3C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00DE0A66
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00DE0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00DE0ABA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00DE0AE4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00DE0DD8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00DE0E02
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00DE0E2C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00DE0E56
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DE0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00DE0EAA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D90358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 00D90286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 00D901DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 00D9025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!SetErrorMode] 00D9032E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameA] 00D90208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] 00D90304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameW] 00D90232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] 00D902DA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D90358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetProcAddress] 00D9025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] 00D90286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!FreeLibrary] 00D901DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D90358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 00D901DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 00D9025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 00D90286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 00D902DA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 00D90232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\Netapi32.dll [KERNEL32.dll!LoadLibraryW] 00D90304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\Netapi32.dll [KERNEL32.dll!LoadLibraryA] 00D90286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\Netapi32.dll [KERNEL32.dll!FreeLibrary] 00D901DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\Netapi32.dll [KERNEL32.dll!GetProcAddress] 00D9025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\Netapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D90358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1660] @ C:\Windows\system32\Netapi32.dll [KERNEL32.dll!GetModuleFileNameA] 00D90208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011504A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 011504D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 011504FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 01150526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 01150550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 0115057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 011505A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 011505CE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 011505F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 01150622
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 0115064C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 01150676
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011506A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 011506CA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 011506F4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 0115071E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 01150748
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 01150772
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 0115079C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 011507C6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 011507F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 0115081A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 01150844
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 0115086E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 01150898
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 011508C2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 011508EC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 01150916
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 01150940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01150D84
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 01150DAE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 01150DD8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 01150E02
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 01150E2C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 01150E56
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 01150E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 01150EAA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 01150ED4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 01150EFE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 01150F28
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 01150F52
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 01150F7C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01150FA6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 01150FD0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 011A0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 011A003A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 011A0064
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 011A008E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 011A00B8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 011A00E2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011A010C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 011A0136
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 011A0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 011A018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 011A01B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 011A01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 011A0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 011A04A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011A04D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 011A04FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 011A0526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 011A0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 011A057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW] 011A05A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] 011A05CE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 011A0748
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] 011A0772
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!FreeLibrary] 011A079C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] 011A07C6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011A07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011A0A3C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 011A0A66
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 011A0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 011A0ABA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 011A0AE4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 011A0EFE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 011A0F28
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 011A0F52
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 011A0F7C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 011A0FA6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 011A0FD0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 0115032E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 01150208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 01150304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 01150232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 011502DA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01150358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 0115025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 01150286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 011501DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01150358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 011501DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 0115025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 01150286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 011502DA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3212] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 01150232
---- Devices - GMER 1.0.14 ----
Device \FileSystem\Ntfs \Ntfs 85C5D1E8
Device \FileSystem\fastfat \FatCdrom 86CA4790
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy2 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy3 snapman.sys (Acronis Snapshot API/Acronis)
Device \Driver\volmgr \Device\VolMgrControl 85C5A1E8
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy4 snapman.sys (Acronis Snapshot API/Acronis)
Device \Driver\usbuhci \Device\USBPDO-0 87B01790
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy5 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy6 snapman.sys (Acronis Snapshot API/Acronis)
Device \Driver\usbuhci \Device\USBPDO-1 87B01790
Device \Driver\usbuhci \Device\USBPDO-2 87B01790
Device \Driver\usbehci \Device\USBPDO-3 87A62790
Device \Driver\usbuhci \Device\USBPDO-4 87B01790
AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
Device \Driver\usbuhci \Device\USBPDO-5 87B01790
Device \Driver\usbuhci \Device\USBPDO-6 87B01790
Device \Driver\volmgr \Device\HarddiskVolume1 85C5A1E8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis)
Device \Driver\netbt \Device\NetBT_Tcpip_{72664397-D08E-40A6-B2E9-E86F0101A85C} 88278790
Device \Driver\usbehci \Device\USBPDO-7 87A62790
Device \Driver\PCI_NTPNP7404 \Device\00000064 sptd.sys
Device \Driver\volmgr \Device\HarddiskVolume2 85C5A1E8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 snapman.sys (Acronis Snapshot API/Acronis)
Device \Driver\volmgr \Device\HarddiskVolume3 85C5A1E8
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 snapman.sys (Acronis Snapshot API/Acronis)
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 85C5C1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 85C5C1E8
Device \Driver\atapi \Device\Ide\IdePort0 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 85C5C1E8
Device \Driver\atapi \Device\Ide\IdePort1 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 85C5C1E8
Device \Driver\atapi \Device\Ide\IdePort2 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort3 85C5C1E8
Device \Driver\atapi \Device\Ide\IdePort3 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort4 85C5C1E8
Device \Driver\atapi \Device\Ide\IdePort4 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort5 85C5C1E8
Device \Driver\atapi \Device\Ide\IdePort5 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-3 85C5C1E8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-3 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\volmgr \Device\HarddiskVolume4 |
|
| Revenir en haut de page |
|
|
Angeldark
Equipe Sécurité
Inscrit le: 23 Mai 2007
Message(s): 121
|
| Posté le: 15 Mar 2008 18:33 Sujet du message: |
|
|
On va vérifier autrement.
Désactive tes protections résidentes (antivirus, Spybot...) !
- Télécharge Combofix (sUBs) sur ton Bureau.
- Double clique sur combofix.exe afin de le lancer.
- Tape sur la touche 1 (Yes) pour démarrer le scan.
- Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
|
|
| Revenir en haut de page |
|
|
kader66
Newbie
Inscrit le: 25 Jan 2008
Message(s): 28
|
| Posté le: 15 Mar 2008 19:50 Sujet du message: |
|
|
| Désolé, mais je n'arrive pas à avoir de rapport, le logiciel rallume le pc puis s'affiche un message qui me demande de ne pas ouvrir de programme puis ensuite plus rien, je ne comprends pas ce qui se passe. |
|
| Revenir en haut de page |
|
|
Angeldark
Equipe Sécurité
Inscrit le: 23 Mai 2007
Message(s): 121
|
| Posté le: 15 Mar 2008 21:05 Sujet du message: |
|
|
| Tu as essayé en sans échec ? |
|
| Revenir en haut de page |
|
|
kader66
Newbie
Inscrit le: 25 Jan 2008
Message(s): 28
|
| Posté le: 16 Mar 2008 10:55 Sujet du message: |
|
|
| Même en mode sans echec, cela ne fonctionne pas, j'ai beau essayé plusieurs fois mais toujours rien. |
|
| Revenir en haut de page |
|
|
Angeldark
Equipe Sécurité
Inscrit le: 23 Mai 2007
Message(s): 121
|
|
| Revenir en haut de page |
|
|
kader66
Newbie
Inscrit le: 25 Jan 2008
Message(s): 28
|
| Posté le: 16 Mar 2008 15:24 Sujet du message: |
|
|
| Le programme que tu me proposes, lorsque je le met en route m'indique qu'il n'est pas à jour et que je dois télécharger un autre à jour. Alors si tu as une autre idée |
|
| Revenir en haut de page |
|
|
Angeldark
Equipe Sécurité
Inscrit le: 23 Mai 2007
Message(s): 121
|
|
| Revenir en haut de page |
|
|
kader66
Newbie
Inscrit le: 25 Jan 2008
Message(s): 28
|
| Posté le: 17 Mar 2008 14:59 Sujet du message: |
|
|
J'ai enfin réussi, mais j'ai galèré et en plus il fallait le trouver le rapport il était bien caché. Alors voici le rapport :
ComboFix 08-03-14.4 - abdelkader-pc 2008-03-16 23:00:51.4 - NTFSx86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1036.18.1289 [GMT 1:00]
Endroit: C:\Users\abdelkader-pc\Desktop\Combo-Fix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-16 to 2008-03-16 ))))))))))))))))))))))))))))))))))))
.
2008-03-16 14:07 . 2008-03-16 14:07 <REP> d-------- C:\ComboFix(1)
2008-03-15 15:56 . 2008-03-15 15:56 250 --a------ C:\Windows\gmer.ini
2008-03-12 22:57 . 2008-03-12 22:57 <REP> d-------- C:\Program Files\Realtek
2008-03-12 22:57 . 2008-02-14 14:56 118,784 --a------ C:\Windows\System32\drivers\Rtlh86.sys
2008-03-12 10:23 . 2007-12-16 23:50 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-03-12 10:23 . 2007-12-16 10:56 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
2008-03-07 12:19 . 2008-03-07 12:19 <REP> d-------- C:\Users\abdelkader-pc\AppData\Roaming\Nokia Multimedia Player
2008-03-07 12:15 . 2008-03-07 12:15 <REP> d-------- C:\Users\All Users\PC Suite
2008-03-07 12:15 . 2008-03-07 12:15 <REP> d-------- C:\ProgramData\PC Suite
2008-03-07 12:14 . 2008-03-07 12:15 <REP> d-------- C:\Users\abdelkader-pc\AppData\Roaming\Nokia
2008-03-07 12:14 . 2008-03-07 12:14 <REP> d-------- C:\Program Files\DIFX
2008-03-07 12:13 . 2008-03-07 12:13 <REP> d-------- C:\Program Files\Common Files\PCSuite
2008-03-07 12:13 . 2008-03-07 12:13 <REP> d-------- C:\Program Files\Common Files\Nokia
2008-03-07 12:12 . 2008-03-07 12:16 <REP> d-------- C:\Users\abdelkader-pc\AppData\Roaming\PC Suite
2008-03-07 12:11 . 2008-03-07 12:11 <REP> d-------- C:\Program Files\PC Connectivity Solution
2008-03-07 12:09 . 2008-03-07 12:13 <REP> d-------- C:\Program Files\Nokia
2008-03-07 11:29 . 2008-03-07 11:29 <REP> d-------- C:\Users\All Users\Installations
2008-03-07 11:29 . 2008-03-07 11:29 <REP> d-------- C:\ProgramData\Installations
2008-03-01 19:08 . 2008-03-01 19:08 <REP> d-------- C:\Users\Administrateur\AppData\Roaming\vlc
2008-03-01 18:31 . 2008-03-01 18:31 268 --ah----- C:\sqmdata03.sqm
2008-03-01 18:31 . 2008-03-01 18:31 244 --ah----- C:\sqmnoopt03.sqm
2008-02-29 17:16 . 2008-02-29 17:16 244 --ah----- C:\sqmnoopt02.sqm
2008-02-29 17:16 . 2008-02-29 17:16 232 --ah----- C:\sqmdata02.sqm
2008-02-27 11:47 . 2008-02-27 11:47 <REP> d-------- C:\Program Files\Serials 2000 7.1 Plus
2008-02-26 11:40 . 2008-02-26 11:40 <REP> d-------- C:\Users\abdelkader-pc\AppData\Roaming\vlc
2008-02-24 15:40 . 2008-02-24 23:34 <REP> d-------- C:\Users\abdelkader-pc\dwhelper
2008-02-18 23:38 . 2008-02-04 20:26 151,040 ---hs---- C:\Windows\System32\VistaUltm.dll
2008-02-18 23:38 . 2007-12-17 14:43 27,648 ---hs---- C:\Windows\System32\Smab0.dll
2008-02-18 23:22 . 2006-09-12 12:46 227,328 -r-hs---- C:\Windows\System32\ac3DX.ax
2008-02-18 23:22 . 2006-03-10 22:48 169,472 -r-hs---- C:\Windows\System32\MatroskaDX.ax
2008-02-18 23:22 . 2006-05-03 11:06 163,328 -r-hs---- C:\Windows\System32\flvDX.dll
2008-02-18 23:22 . 2005-11-25 21:46 161,792 -r-hs---- C:\Windows\System32\RealMediaDX.ax
2008-02-18 23:22 . 2006-01-13 00:23 123,904 -r-hs---- C:\Windows\System32\AVCDX.ax
2008-02-18 23:22 . 2003-11-21 00:00 54,784 -r-hs---- C:\Windows\System32\RLAPEDec.ax
2008-02-18 23:22 . 2004-04-27 00:00 37,888 -r-hs---- C:\Windows\System32\RLMPCDec.ax
2008-02-18 23:22 . 2007-02-21 12:47 31,232 -r-hs---- C:\Windows\System32\msfDX.dll
2008-02-18 23:22 . 2008-02-05 18:04 9,884 ---h----- C:\Windows\super.chm
2008-02-18 18:52 . 2008-02-18 18:52 <REP> d-------- C:\Users\All Users\Macrovision
2008-02-18 18:52 . 2008-02-18 18:52 <REP> d-------- C:\ProgramData\Macrovision
2008-02-18 18:52 . 2008-02-18 18:52 <REP> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-02-18 17:19 . 2005-02-13 00:00 186,880 -r-hs---- C:\Windows\System32\RLOgg.ax
2008-02-18 17:19 . 2005-01-18 00:26 179,200 -r-hs---- C:\Windows\System32\DiracSplitter.ax
2008-02-18 17:19 . 2005-02-13 00:00 67,584 -r-hs---- C:\Windows\System32\RLTheoraDec.ax
2008-02-18 17:16 . 2005-02-22 17:55 81,920 -r-hs---- C:\Windows\System32\aac_parser.ax
2008-02-16 15:08 . 2008-02-16 15:08 <REP> d-------- C:\Users\All Users\Xerox
2008-02-16 15:08 . 2008-02-16 15:08 <REP> d-------- C:\ProgramData\Xerox
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-16 22:05 45,283,872 --sha-w C:\Windows\system32\drivers\fidbox.dat
2008-03-16 22:05 --------- d-----w C:\ProgramData\Kaspersky Lab
2008-03-16 22:03 613,724 --sha-w C:\Windows\system32\drivers\fidbox.idx
2008-03-16 21:59 --------- d-----w C:\Users\abdelkader-pc\AppData\Roaming\Free Download Manager
2008-03-16 18:58 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-03-16 14:05 --------- d-----w C:\Users\abdelkader-pc\AppData\Roaming\U3
2008-03-16 13:27 --------- d-----w C:\Program Files\Athan
2008-03-16 13:26 737,280 ----a-w C:\Windows\iun6002.exe
2008-03-16 08:28 --------- d-----w C:\ProgramData\Google Updater
2008-03-12 21:57 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-12 12:29 --------- d-----w C:\Program Files\Windows Mail
2008-03-12 12:19 --------- d-----w C:\ProgramData\Microsoft Help
2008-03-04 09:34 --------- d-----w C:\Users\abdelkader-pc\AppData\Roaming\uTorrent
2008-02-27 23:12 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-02-26 23:53 --------- d-----w C:\Users\abdelkader-pc\AppData\Roaming\Moyea
2008-02-26 11:17 --------- d-----w C:\Program Files\Moyea
2008-02-21 09:46 --------- d-----w C:\Users\abdelkader-pc\AppData\Roaming\Samsung
2008-02-21 09:38 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-02-20 08:07 --------- d-----w C:\Program Files\Navilog1
2008-02-18 17:51 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-15 17:58 --------- d-----w C:\Program Files\Windows SideShow
2008-02-13 13:46 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 13:44 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys
2008-02-13 13:44 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys
2008-02-13 13:44 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys
2008-02-13 13:44 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys
2008-02-13 13:44 34,360 ----a-w C:\Windows\system32\drivers\mouclass.sys
2008-02-13 13:44 19,968 ----a-w C:\Windows\system32\drivers\sermouse.sys
2008-02-13 13:44 15,872 ----a-w C:\Windows\system32\drivers\mouhid.sys
2008-02-13 13:40 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 13:40 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 13:40 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 13:40 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 13:40 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 13:40 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-02-13 13:40 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 13:39 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 13:39 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 13:39 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 13:39 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 13:34 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-12 15:58 --------- d-----w C:\Program Files\Smallvideosoft
2008-02-11 22:44 --------- d-----w C:\Program Files\Common Files\Ahead
2008-02-10 18:43 --------- d-----w C:\Program Files\Samsung
2008-02-05 09:17 --------- d-----w C:\Program Files\PC2TV
2008-01-31 17:57 91,700 ----a-w C:\Windows\system32\drivers\klin.dat
2008-01-31 09:13 --------- d-----w C:\Program Files\Virtual Earth 3D
2008-01-29 10:54 --------- d-----w C:\ProgramData\CyberLink
2008-01-29 10:53 --------- d-----w C:\Program Files\Cenega
2008-01-29 09:42 --------- d-----w C:\Program Files\Veoh Networks
2008-01-27 17:16 --------- d-----w C:\Users\Administrateur\AppData\Roaming\Grisoft
2008-01-27 11:05 --------- d-----w C:\Program Files\CyberLink
2008-01-26 13:25 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-01-26 00:52 --------- d-----w C:\Users\abdelkader-pc\AppData\Roaming\Grisoft
2008-01-26 00:52 --------- d-----w C:\ProgramData\Grisoft
2008-01-25 10:40 --------- d-----w C:\Users\abdelkader-pc\AppData\Roaming\Ahead
2008-01-24 10:17 --------- d-----w C:\Users\abdelkader-pc\AppData\Roaming\DMCache
2008-01-23 23:11 --------- d-----w C:\Program Files\Free Download Manager
2008-01-23 23:09 --------- d-----w C:\ProgramData\FreeDownloadManager.ORG
2008-01-23 22:48 --------- d-----w C:\Users\abdelkader-pc\AppData\Roaming\IDM
2008-01-23 12:40 --------- d-----w C:\Program Files\ZebHelpProcess 2
2008-01-23 12:38 --------- d-----w C:\Program Files\Common Files\Borland Shared
2008-01-22 16:53 --------- d-----w C:\Program Files\IDA
2008-01-22 16:42 --------- d-----w C:\Users\abdelkader-pc\AppData\Roaming\Internet Download Accelerator
2008-01-22 16:03 --------- d-----w C:\Users\abdelkader-pc\AppData\Roaming\LimeWire
2008-01-22 09:43 --------- d-----w C:\Program Files\The Cleaner Free
2008-01-21 19:43 --------- d-----w C:\Program Files\TubeMaster
2008-01-20 19:19 --------- d-----w C:\Program Files\Astase
2008-01-12 17:44 160,755,024 ----a-w C:\Program Files\Adobe.Photoshop.8.Cs.Fr.Le.Vrai.(Version.Finale.Francaise).jlr.rs.ifrance.com.zip
2007-12-07 15:47 22,328 ----a-w C:\Users\abdelkader-pc\AppData\Roaming\PnkBstrK.sys
2007-11-23 23:33 632 ----a-w C:\Users\abdelkader-pc\dss.exe
2007-09-16 08:19 174 --sha-w C:\Program Files\desktop.ini
2006-05-03 10:06 163,328 --sh--r C:\Windows\System32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r C:\Windows\System32\msfDX.dll
.
((((((((((((((((((((((((((((( snapshot@2008-03-16_14.18.26.58 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-03-16 13:13:19 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-03-16 22:04:51 67,584 --s-a-w C:\Windows\bootstat.dat
- 2008-03-16 13:17:47 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat
+ 2008-03-16 21:28:31 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat
- 2008-03-16 13:13:47 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-03-16 22:05:21 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-03-16 13:17:41 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat
+ 2008-03-16 22:01:17 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat
- 2008-03-16 13:17:42 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-03-16 22:06:30 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2008-03-16 13:08:00 104,570 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-03-16 16:20:59 104,570 ----a-w C:\Windows\System32\perfc009.dat
- 2008-03-16 13:08:00 118,244 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-03-16 16:20:59 118,244 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-03-16 13:08:00 612,848 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-03-16 16:20:59 612,848 ----a-w C:\Windows\System32\perfh009.dat
- 2008-03-16 13:08:00 693,350 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-03-16 16:20:59 693,350 ----a-w C:\Windows\System32\perfh00C.dat
- 2008-03-09 19:12:25 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
+ 2008-03-16 18:58:24 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:34 125440]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 18:03 152872]
"EPSON Stylus DX6000 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBIE.exe" [2006-09-22 03:01 139264]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-28 17:22 68856]
"Ub4TrayApp"="C:\Program Files\Astase\UltraBackup\4.0\bin\ubtray.exe" [ ]
"Internet Download Accelerator"="C:\Program Files\IDA\ida.exe" [ ]
"metacoal"="C:\ProgramData\PARTTESTTEST.3qx2826" [ ]
"bend logo clock film"="C:\ProgramData\STORE DALE BOWS.korha" [ ]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2008-01-22 15:13 2449455]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 10:39 1232896]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 10:12 695808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"eCarteBleue-LP-P1"="C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe" [2005-12-13 14:37 200704]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-10-25 19:48 1836544]
"snp2std"="C:\Windows\vsnp2std.exe" [2006-09-15 13:21 675840]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-26 16:53 218376]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-12-11 17:06 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-12-11 17:06 8530464]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-12-11 17:06 81920]
"DiscWizardMonitor.exe"="C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe" [2007-08-21 10:15 1192336]
"AcronisTimounterMonitor"="C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe" [2007-08-21 10:17 1966128]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe" [2007-08-20 18:20 148760]
"Athan"="C:\Program Files\Athan\Athan.exe" [2007-09-06 20:24 1024000]
"Windows Mobile-based device management"="%windir%\WindowsMobile\wmdc.exe" [ ]
"EoEngine"="C:\Program Files\EoRezo\EoEngine.exe" [ ]
"EoWeather"="" []
"ItsMedia"="C:\Program Files\EoRezo\EoWeather\ItsEngine.exe" [ ]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-02-18 18:51:34 113664]
LaunchU3.exe.lnk - C:\Windows\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [2008-02-07 16:29:45 22486]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-28 17:22:02 126136]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A6FE181E-9908-42AE-BC2C-76353189942B}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{7DAF6A33-85E9-4D01-A118-FE7FD616B8E6}"= UDP:1034:LocalSubnet:LocalSubnet|IF={1DFD9C52-F121-48AB-9410-B1DC6F9384AA}:@%systemroot%\WindowsMobile\wmdc.exe,-4003
"{A7813284-CE59-4B63-A3F1-889F7C33C6D4}"= UDP:5678:LocalSubnet:LocalSubnet|IF={1DFD9C52-F121-48AB-9410-B1DC6F9384AA}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004
"{AF6730CC-A11A-43AD-8239-8BBE4B32C0D4}"= UDP:999:LocalSubnet:LocalSubnet|IF={1DFD9C52-F121-48AB-9410-B1DC6F9384AA}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005
"{480E8A3B-6D27-4CE1-947F-E8C509F07F51}"= UDP:26675:LocalSubnet:LocalSubnet|IF={1DFD9C52-F121-48AB-9410-B1DC6F9384AA}:@%systemroot%\WindowsMobile\wmdc.exe,-4006
"TCP Query User{D75728FF-081B-4AA9-B839-EC2A2165F35A}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{B3521FB3-7B98-4788-A9FA-A15806A8935F}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{CA2342A7-F53A-4C1C-831D-A66C499F2DFC}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{9C2185F5-50D0-407B-914F-AB43BB8EE851}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{7DC3D6BD-ED93-4CF0-A16D-832CA5A3FA57}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{1B5E3C28-E8CB-48C1-A05E-ECF5ED349D23}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{05AE2DAC-132D-48D1-A296-BCBCB0FC0708}C:\\program files\\ea games\\mohda\\mohaa.exe"= UDP:C:\program files\ea games\mohda\mohaa.exe:Medal of Honor Allied Assault(tm)
"UDP Query User{E36A2639-5D96-47E5-95D1-7AB32E7186D6}C:\\program files\\ea games\\mohda\\mohaa.exe"= TCP:C:\program files\ea games\mohda\mohaa.exe:Medal of Honor Allied Assault(tm)
"{0C15C059-D253-4B21-BCA8-7B0B0A9A446F}"= UDP:C:\Program Files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"{8C0C5259-50FB-49F6-AFC5-1387E5E785B0}"= TCP:C:\Program Files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"{0946627F-33A6-4D9C-A02F-FECF57D63A67}"= UDP:C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe:Medal of Honor Airborne
"{1C999FA1-366F-4CFA-875E-28BBA177292A}"= TCP:C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe:Medal of Honor Airborne
"TCP Query User{119CB181-BB23-479F-8261-2D18D15B4540}C:\\program files\\ea sports\\fifa 08\\fifa08.exe"= UDP:C:\program files\ea sports\fifa 08\fifa08.exe:FIFA08
"UDP Query User{5C95F7FF-6BDF-430C-A51F-46404BE52238}C:\\program files\\ea sports\\fifa 08\\fifa08.exe"= TCP:C:\program files\ea sports\fifa 08\fifa08.exe:FIFA08
"{62802CC4-B92B-4DDB-A9F9-001564D958AB}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
"{8E139A5D-C0D4-4AFA-9154-D8DA6578AAFF}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
"TCP Query User{474AEB32-8ABD-415B-87E1-BCB513AAF765}C:\\program files\\windows sidebar\\sidebar.exe"= UDP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{21F400A9-C449-4A71-8224-8E8C8F43DE47}C:\\program files\\windows sidebar\\sidebar.exe"= TCP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"TCP Query User{D802575D-8517-4A25-8178-9950EF28833C}C:\\users\\abdelkader-pc\\appdata\\local\\temp\\rar$ex31.938\\totalcontrol-ppc2003\\server.exe"= UDP:C:\users\abdelkader-pc\appdata\local\temp\rar$ex31.938\totalcontrol-ppc2003\server.exe:server.exe
"UDP Query User{32F97FC1-C991-4E31-AB5B-92D847FEAD48}C:\\users\\abdelkader-pc\\appdata\\local\\temp\\rar$ex31.938\\totalcontrol-ppc2003\\server.exe"= TCP:C:\users\abdelkader-pc\appdata\local\temp\rar$ex31.938\totalcontrol-ppc2003\server.exe:server.exe
"TCP Query User{9243A90B-E59A-4E54-8746-4EFADECF0737}C:\\users\\abdelkader-pc\\appdata\\local\\temp\\rar$ex00.961\\totalcontrol-ppc2003\\server.exe"= UDP:C:\users\abdelkader-pc\appdata\local\temp\rar$ex00.961\totalcontrol-ppc2003\server.exe:server.exe
"UDP Query User{294443CE-940C-415F-9D90-7BCB53B2F9FA}C:\\users\\abdelkader-pc\\appdata\\local\\temp\\rar$ex00.961\\totalcontrol-ppc2003\\server.exe"= TCP:C:\users\abdelkader-pc\appdata\local\temp\rar$ex00.961\totalcontrol-ppc2003\server.exe:server.exe
"{87AFDA3F-1FCB-45D4-8D12-D8C201EDCAD3}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{D91071BE-36B3-4607-A5C7-778B45A88551}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{916F1D74-5F71-4925-A41F-DC7E105252C4}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"{72FC318E-94A9-49AB-A8AA-1EF9E94961FE}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
"{DA8F8468-2CC1-4D3F-95B1-06E7BAD539AD}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
"TCP Query User{1CB0B417-0565-4E24-A726-CB716CA6EC96}C:\\program files\\windows sidebar\\sidebar.exe"= UDP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"UDP Query User{1531E870-4491-4346-9564-703821CD7DAB}C:\\program files\\windows sidebar\\sidebar.exe"= TCP:C:\program files\windows sidebar\sidebar.exe:Volet Windows
"TCP Query User{C2BF3285-613B-42B6-BF4D-C391CC93EC1D}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{41013597-5143-43EB-BCA2-DC40233818E4}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{9895F41B-2A28-420A-9AE4-D6B6FEB0FCFD}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{0BA095B4-A875-4500-A932-8EA4996328DB}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{AEB2E667-77E7-47CF-A762-3ACD683FE5B1}C:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= UDP:C:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"UDP Query User{173A663C-6973-49FA-99FE-7B565C9E6CBC}C:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= TCP:C:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"TCP Query User{D47D648C-DEAC-48D8-892D-F19DAC3DF25E}C:\\program files\\bitdownload\\bitdownload.exe"= UDP:C:\program files\bitdownload\bitdownload.exe:BitDownload
"UDP Query User{11E41616-578F-44A0-9F69-5CDB86EEE0B9}C:\\program files\\bitdownload\\bitdownload.exe"= TCP:C:\program files\bitdownload\bitdownload.exe:BitDownload
"TCP Query User{3E6D2643-4075-4AEF-A940-6CD49F954D80}C:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:C:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"UDP Query User{4084A5E1-323A-432C-BA77-1C4DA36909E6}C:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:C:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader
"TCP Query User{1FE55C38-97F0-4AAF-97BB-58D0E19280D5}C:\\program files\\free download manager\\fdm.exe"= UDP:C:\program files\free download manager\fdm.exe:Free Download Manager
"UDP Query User{A65A01CE-ED5B-4047-8768-F5E9FD521AEA}C:\\program files\\free download manager\\fdm.exe"= TCP:C:\program files\free download manager\fdm.exe:Free Download Manager
"{76C985FA-BF68-401F-8973-178BB3731F84}"= C:\Program Files\Cyberlink\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"TCP Query User{F878C936-9C7D-4480-ADE1-8DEB7C411AFF}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{FFB2E1C7-1402-4543-8B9B-3A454BD309EF}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{E4D84C46-AD6C-40F8-A89D-F7EBA682C120}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= UDP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"UDP Query User{EA5D6186-BA5E-4DA6-BD94-8828D4844103}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= TCP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"{F9B19D2F-DCAB-4B86-BD10-CDC81FE6069A}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{3639884A-1EC5-42CE-AB0C-34E5F9CB11A1}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{7E79C430-998F-4C26-B94F-F764D49EB718}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{3C182577-4102-4083-A438-88E1D3C56D8A}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"TCP Query User{0EF2754A-4CA3-4317-88E3-6BC4E869FBEE}C:\\program files\\free download manager\\fdm.exe"= UDP:C:\program files\free download manager\fdm.exe:Free Download Manager
"UDP Query User{8E564451-DF43-4108-8021-AA6480B2D126}C:\\program files\\free download manager\\fdm.exe"= TCP:C:\program files\free download manager\fdm.exe:Free Download Manager
"TCP Query User{C76817AA-8502-4FCE-A485-67542D45A49B}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{0BA9840B-EBE6-4E9B-BBAD-43713700EB68}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{7B5AC0AC-725A-423F-A819-05885BEF29EE}C:\\program files\\activision\\call of duty 4 - modern warfare\\iw3mp.exe"= UDP:C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe:iw3mp
"UDP Query User{E4530072-552F-4555-AEE3-F6610BE320DF}C:\\program files\\activision\\call of duty 4 - modern warfare\\iw3mp.exe"= TCP:C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe:iw3mp
"TCP Query User{8CB2D07F-CD5A-450E-A106-0E487403BCC5}C:\\program files\\global downloader\\globaldownloader.exe"= Disabled:UDP:C:\program files\global downloader\globaldownloader.exe:GlobalDownloader
"UDP Query User{4E1C2986-BE12-4B7D-9382-568455DCAF1D}C:\\program files\\global downloader\\globaldownloader.exe"= Disabled:TCP:C:\program files\global downloader\globaldownloader.exe:GlobalDownloader
"TCP Query User{9698E758-212F-46C7-AC96-5C871A9A50CC}C:\\program files\\limewire\\limewire.exe"= Disabled:UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{165FC7DF-E31C-4487-AF1B-83FD78716C22}C:\\program files\\limewire\\limewire.exe"= Disabled:TCP:C:\program files\limewire\limewire.exe:LimeWire
"{5EF88457-3F66-4A93-9E74-65565D547D50}"= Disabled:UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{828A63DB-ED8E-407D-855A-52055AA1385C}"= Disabled:TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{859F8041-5801-44E4-9725-D6D0E1C58DBE}"= Disabled:UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{066CB627-A011-4024-8221-5E4867DEB2FF}"= Disabled:TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{3C25A28D-A405-4ED8-A474-A34F778970DD}C:\\users\\abdelkader-pc\\appdata\\local\\temp\\nero web\\setupxu.exe"= UDP:C:\users\abdelkader-pc\appdata\local\temp\nero web\setupxu.exe:setupxu.exe
"UDP Query User{3C424C9B-2F04-4CAD-AB7F-3C243F28E7A1}C:\\users\\abdelkader-pc\\appdata\\local\\temp\\nero web\\setupxu.exe"= TCP:C:\users\abdelkader-pc\appdata\local\temp\nero web\setupxu.exe:setupxu.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\Windows\system32\drivers\sfsync03.sys [2006-07-11 08:30]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2007-04-04 14:59]
R2 RapiMgr;Windows Mobile-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
R2 WcesComm;Windows Mobile-2003-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 10:45]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-04-09 11:38]
S0 OemBiosDevice;Royalty OEM BIOS Extension;C:\Windows\system32\DRIVERS\royal.sys [2007-03-02 08:19]
S3 gdrv;gdrv;C:\Windows\gdrv.sys [2007-09-15 23:06]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 10:43]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 11:11]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 11:11]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 11:11]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2007-09-26 16:25]
S3 USBCamera;Icatch(IV) Still Camera Device;C:\Windows\system32\Drivers\Bulk533.sys [2002-07-25 11:19]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M]
\shell\AutoRun\command - M:\LaunchU3.exe -a
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-16 15:27:12 C:\Windows\Tasks\User_Feed_Synchronization-{8CB4BC15-D500-496F-9B31-CD10E9DDFCC0}.job"
- C:\Windows\system32\msfeedssync.exe
"2008-03-16 22:05:09 C:\Windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" |
|
| Revenir en haut de page |
|
|
Angeldark
Equipe Sécurité
Inscrit le: 23 Mai 2007
Message(s): 121
|
| Posté le: 17 Mar 2008 21:26 Sujet du message: |
|
|
Bizarre.
Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.
Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.
Lorsque le scan est terminé, clique sur Copy.
Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici. |
|
| Revenir en haut de page |
|
|
| Publicité |
|
|
| Navigation |
Autres sujets similaires |
|
|
|
|
|
Vous ne pouvez pas poster de nouveaux sujets dans ce forum
Vous ne pouvez pas répondre aux sujets dans ce forum
Vous ne pouvez pas éditer vos messages dans ce forum
Vous ne pouvez pas supprimer vos messages dans ce forum
Vous ne pouvez pas voter dans les sondages de ce forum
|
|
FAQ
Charte
Rechercher
Membres
S'enregistrer
Profil
Vérifier ses messages privés
Connexion
