About Online Clipboard…Clipboard Contents
http://www.miraclesalad.com/webtools/clip.php?clip=3184
001 |
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-30 21:01:26
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\nicolas\AppData\Local\Temp\pwlyyfog.sys
---- System - GMER 1.0.15 ----
INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1BAF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1B104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1B3F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C042D8
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C03898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1B1DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1B958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1B6F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1BF2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1C1A8
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82C7B579 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C9FF52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? System32\drivers\algrldm.sys Le chemin d’accès spécifié est introuvable. !
.text peauth.sys 9AAF6C9D 28 Bytes [55, A2, 69, CC, D8, A5, EF, ...]
.text peauth.sys 9AAF6CC1 28 Bytes [55, A2, 69, CC, D8, A5, EF, ...]
? C:\Users\nicolas\AppData\Local\Temp\pwlyyfog.sys Le fichier spécifié est introuvable. !
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[1940] kernel32.dll!SetUnhandledExceptionFilter 76F73142 4 Bytes [C2, 04, 00, 00]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] kernel32.dll!LockResource 76F6345C 5 Bytes JMP 28001F50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] kernel32.dll!CreateEventA 76F63A2B 5 Bytes JMP 28001840 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] kernel32.dll!FindResourceW 76F6922F 5 Bytes JMP 28001BE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] kernel32.dll!SizeofResource 76F6924D 5 Bytes JMP 28001EE0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] kernel32.dll!FindResourceExW 76F6A7EF 5 Bytes JMP 28001C60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] kernel32.dll!LoadResource 76F6D3B0 5 Bytes JMP 28001E20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] kernel32.dll!FindResourceExA 76F6D4AD 7 Bytes JMP 28001D80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] kernel32.dll!FindResourceA 76F6D575 5 Bytes JMP 28001CF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] ADVAPI32.dll!CryptDecrypt 766F2140 5 Bytes JMP 28001060 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] ADVAPI32.dll!CryptDeriveKey 766F2150 5 Bytes JMP 28001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] USER32.dll!SetWindowPlacement 77528169 5 Bytes JMP 28005E10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] USER32.dll!CreateDialogParamW 77529BFF 5 Bytes JMP 28006090 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] USER32.dll!SetWindowRgn 7752B29A 7 Bytes JMP 28005F50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] USER32.dll!CreateWindowExW 77530E51 5 Bytes JMP 28003C60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] USER32.dll!LoadIconW 77531431 5 Bytes JMP 280068D0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] USER32.dll!LoadImageW 77532323 5 Bytes JMP 280066E0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] USER32.dll!GetWindowLongW 775383A9 7 Bytes JMP 28006A70 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] USER32.dll!PeekMessageW 775391B5 5 Bytes JMP 28004630 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] USER32.dll!TrackPopupMenuEx 77555F72 5 Bytes JMP 28004F10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] USER32.dll!MessageBoxIndirectW 7757E9C3 5 Bytes JMP 28006280 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] WS2_32.dll!closesocket 75813BED 5 Bytes JMP 2800B8C0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] WS2_32.dll!recv 758147DF 5 Bytes JMP 2800B0E0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] WS2_32.dll!WSASend 758168A7 5 Bytes JMP 2800B680 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] WS2_32.dll!WSARecv 7581C29F 5 Bytes JMP 2800B280 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] WS2_32.dll!send 7581C4C8 5 Bytes JMP 2800B4A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] SHELL32.dll!Shell_NotifyIconW 7586FBA1 5 Bytes JMP 280033B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] ole32.dll!CoRegisterClassObject 769C11F5 5 Bytes JMP 28002360 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] ole32.dll!CoInitializeEx 769F0804 5 Bytes JMP 28002260 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] ole32.dll!CoCreateInstance 76A057FC 1 Byte [E9]
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] ole32.dll!CoCreateInstance 76A057FC 5 Bytes JMP 28002600 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] WININET.dll!InternetCloseHandle 771CC87E 5 Bytes JMP 2800A240 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] WININET.dll!InternetReadFile 771CE2A4 5 Bytes JMP 2800A090 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] WININET.dll!HttpOpenRequestA 771D043A 5 Bytes JMP 28009F00 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
.text C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] WININET.dll!HttpSendRequestA 7724011C 5 Bytes JMP 2800A170 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll (Messenger Plus! Live Add-On/Yuna Software)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\system32\rundll32.exe[1592] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[1592] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[1592] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\system32\rundll32.exe[1592] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [10001D00] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExA] [10001D00] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AdjustWindowRect] [1002DB00] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AdjustWindowRectEx] [1002DA90] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [10001D00] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!SetWindowLongA] [1002DB20] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [10001D00] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [10001CE0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [10001D30] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [10001CC0] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\WININET.dll [USER32.dll!SetWindowLongA] [1002DB20] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryExA] [10001D00] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe[2620] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [10001050] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll (New UI/Sony Ericsson Mobile Communications AB)
IAT C:\Windows\System32\rundll32.exe[3840] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3840] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3840] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Windows\System32\rundll32.exe[3840] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
IAT C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4044] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [75465D3D] C:\Windows\system32\apphelp.dll (Fichier DLL du client de compatibilité des applications/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy1 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy1 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy2 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy2 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy3 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy3 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy4 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy4 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy5 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy5 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy6 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy6 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy7 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy7 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy8 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy8 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy9 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy9 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\tdx \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
Device \Driver\ACPI_HAL \Device\00000057 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy10 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy10 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy11 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy11 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy12 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy12 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\tdx \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Carte réseau USB\x00a02.0 Realtek RTL8187B sans fil 802.11b/g 54\xa0Mbits/s 1?
Reg HKLM\SYSTEM\ControlSet002\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@Carte réseau USB\x00a02.0 Realtek RTL8187B sans fil 802.11b/g 54\xa0Mbits/s 1?
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 01: copy of MBR
Disk \Device\Harddisk0\DR0 sector 02: copy of MBR
Disk \Device\Harddisk0\DR0 sector 03: copy of MBR
Disk \Device\Harddisk0\DR0 sector 04: copy of MBR
Disk \Device\Harddisk0\DR0 sector 05: copy of MBR
Disk \Device\Harddisk0\DR0 sector 06: copy of MBR
Disk \Device\Harddisk0\DR0 sector 07: copy of MBR
Disk \Device\Harddisk0\DR0 sector 08: copy of MBR
Disk \Device\Harddisk0\DR0 sector 09: copy of MBR
Disk \Device\Harddisk0\DR0 sector 10: copy of MBR
Disk \Device\Harddisk0\DR0 sector 11: copy of MBR
Disk \Device\Harddisk0\DR0 sector 12: copy of MBR
Disk \Device\Harddisk0\DR0 sector 13: copy of MBR
Disk \Device\Harddisk0\DR0 sector 14: copy of MBR
Disk \Device\Harddisk0\DR0 sector 15: copy of MBR
Disk \Device\Harddisk0\DR0 sector 16: copy of MBR
Disk \Device\Harddisk0\DR0 sector 17: copy of MBR
Disk \Device\Harddisk0\DR0 sector 18: copy of MBR
Disk \Device\Harddisk0\DR0 sector 19: copy of MBR
Disk \Device\Harddisk0\DR0 sector 20: copy of MBR
Disk \Device\Harddisk0\DR0 sector 21: copy of MBR
Disk \Device\Harddisk0\DR0 sector 22: copy of MBR
Disk \Device\Harddisk0\DR0 sector 23: copy of MBR
Disk \Device\Harddisk0\DR0 sector 24: copy of MBR
Disk \Device\Harddisk0\DR0 sector 25: copy of MBR
Disk \Device\Harddisk0\DR0 sector 26: copy of MBR
Disk \Device\Harddisk0\DR0 sector 27: copy of MBR
Disk \Device\Harddisk0\DR0 sector 28: copy of MBR
Disk \Device\Harddisk0\DR0 sector 29: copy of MBR
Disk \Device\Harddisk0\DR0 sector 30: copy of MBR
Disk \Device\Harddisk0\DR0 sector 31: copy of MBR
Disk \Device\Harddisk0\DR0 sector 32: copy of MBR
Disk \Device\Harddisk0\DR0 sector 33: copy of MBR
Disk \Device\Harddisk0\DR0 sector 34: copy of MBR
Disk \Device\Harddisk0\DR0 sector 35: copy of MBR
Disk \Device\Harddisk0\DR0 sector 36: copy of MBR
Disk \Device\Harddisk0\DR0 sector 37: copy of MBR
Disk \Device\Harddisk0\DR0 sector 38: copy of MBR
Disk \Device\Harddisk0\DR0 sector 39: copy of MBR
Disk \Device\Harddisk0\DR0 sector 40: copy of MBR
Disk \Device\Harddisk0\DR0 sector 41: copy of MBR
Disk \Device\Harddisk0\DR0 sector 42: copy of MBR
Disk \Device\Harddisk0\DR0 sector 43: copy of MBR
Disk \Device\Harddisk0\DR0 sector 44: copy of MBR
Disk \Device\Harddisk0\DR0 sector 45: copy of MBR
Disk \Device\Harddisk0\DR0 sector 46: copy of MBR
Disk \Device\Harddisk0\DR0 sector 47: copy of MBR
Disk \Device\Harddisk0\DR0 sector 48: copy of MBR
Disk \Device\Harddisk0\DR0 sector 49: copy of MBR
Disk \Device\Harddisk0\DR0 sector 50: copy of MBR
Disk \Device\Harddisk0\DR0 sector 51: copy of MBR
Disk \Device\Harddisk0\DR0 sector 52: copy of MBR
Disk \Device\Harddisk0\DR0 sector 53: copy of MBR
Disk \Device\Harddisk0\DR0 sector 54: copy of MBR
Disk \Device\Harddisk0\DR0 sector 55: copy of MBR
Disk \Device\Harddisk0\DR0 sector 56: copy of MBR
Disk \Device\Harddisk0\DR0 sector 57: copy of MBR
Disk \Device\Harddisk0\DR0 sector 58: copy of MBR
Disk \Device\Harddisk0\DR0 sector 59: copy of MBR
Disk \Device\Harddisk0\DR0 sector 60: copy of MBR
Disk \Device\Harddisk0\DR0 sector 61: copy of MBR
Disk \Device\Harddisk0\DR0 sector 62: copy of MBR
Disk \Device\Harddisk0\DR0 sector 63: copy of MBR
---- EOF - GMER 1.0.15 ---- |
3 updates, last one at Wed, Dec 31, 1969, 7:00pm.
Embed code: