A l'aide, Infecté par rootkit.win32.tdss.ai

sebas009 Messages postés 42 Statut Membre -  
 Utilisateur anonyme -
Bonsoir,

Voila, mon programme zone alarm détecte rootkit.win32.tdss.ai et je suis incapable de le supprimer.

Aussi, je suis incapable d'utiliser google chrome depuis ce temps.



Merci de votre aide

74 réponses

Réponse 1 / 74
Utilisateur anonyme
 
salut je crois que ca vient d'une imprimante Brother
2
Réponse 2 / 74
Utilisateur anonyme
 
bonjour

DESACTIVE TON ANTIVIRUS ET TON PAREFEU SI PRESENTS !!!!!(car il est détecté a tort comme infection)

Télécharge List_Kill'em et enregistre le sur ton bureau
http://sd-1.archive-host.com/...
double clique ( clic droit "exécuter en tant qu'administrateur" pour Vista/7 ) sur le raccourci sur ton bureau pour lancer l'installation

Une fois terminée , clic sur "terminer" et le programme se lancera seul

Choisis l'option Search

Une icône blanche et noire va s'afficher sur le bureau , il te servira à relancer le programme par la suite.
Une autre rouge et noire te servira a désinstaller le prog à la fin de la désinfection.

Laisse travailler l'outil

A l'apparition de la fenêtre blanche , c'est un peu long , c'est normal , le programme n'est pas bloqué.

Un rapport du nom de catchme apparait sur ton bureau , ignore-le,ne le poste pas , , il s'auto supprimera a la fin du scan

Poste le contenu du rapport qui s'ouvre aux 100 % du scan à l'écran "COMPLETED"
1
Réponse 3 / 74
Utilisateur anonyme
 
hello petite verif quand meme :

relance List_Kill'em , option MD5 , un fichier texte va apparaitre vide , colle ceci dedans :

C:\Windows\System32\Drivers\atapi.sys

referme avec la croix rouge , et accepte les modifs

un autre texte va s'ouvrir avec des infos , communique-les nous
1
Réponse 4 / 74
sebas009 Messages postés 42 Statut Membre 1
 
bonjour, depuis ce matin,l'affichage bogue, ca sautille, je ne peux pas travailler avec l'ordi. A la deuxieme ouverture de windows, il ouvre pas.

Merci
1

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 74
Utilisateur anonyme
 
bonjour
c'est quoi ton OS
0
Réponse 6 / 74
sebas009 Messages postés 42 Statut Membre 1
 
Bonjour, ma machine tourne sous windows XP
0
Réponse 7 / 74
Utilisateur anonyme
 
Il faut impérativement désactiver tous tes logiciels de protection pour utiliser ce programme
Télécharge Gmer http://www.gmer.net/
* Clique sur "Download EXE" pour télécharger Gmer (sous un nom aléatoire, pour éviter qu'il soit bloqué par une infection)
* Dans l'onglet "Rootkit", clique sur "Scan" puis patiente.
* A la fin, clique sur "Save" et enregistre le rapport sur ton Bureau.
0
Réponse 8 / 74
sebas009 Messages postés 42 Statut Membre 1
 
Bonjour,

Je lance l'analyse, tout se passe bien mais je suis incapable d'enregistrer le resultat du scan a la fin. Tout est gelé, plus rien ne fonctionne et je dois redémarrer ma machine.
0
Réponse 9 / 74
Utilisateur anonyme
 
bonjour
supprime gmer, et retélécharge le ici
http://sd-1.archive-host.com/membres/up/203669918515832581/81t50z8f.exe
suit les instructions que je t'ai donné

sinon, si cela gèle
essaye ceci
Attention, avant de commencer, lit attentivement la procédure, et imprime la

Télécharge ComboFix de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et DESACTIVES TOUTES LES DEFENSES, antivirus et antispyware y compris /!\
---> Double-clique sur ComboFix.exe
Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter
SURTOUT INSTALLES LA CONSOLE DE RECUPERATION
---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

Ne touche à rien(souris, clavier) tant que le scan n'est pas terminé, car tu risques de figer ton PC

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\ComboFix.txt

si cela coince, on essayera autre chose, cela doit être le rootkit qui bloque tout
0
Réponse 10 / 74
sebas009
 
Bonjour, voici le scan de combo fix

ComboFix 10-03-29.04 - HP_Propriétaire 2010-03-31 5:37.1.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.2039.1490 [GMT -4:00]
Lancé depuis: C:\123eds.exe
AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Updated) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Security Suite Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\5954241.exe
C:\6815955.exe
c:\docume~1\HP_PRO~1\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\{B225FE11-26F2-4DC2-BE0A-E8E6E43984B8}\chrome.manifest
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\{B225FE11-26F2-4DC2-BE0A-E8E6E43984B8}\chrome\content\_cfg.js
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\{B225FE11-26F2-4DC2-BE0A-E8E6E43984B8}\chrome\content\overlay.xul
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\{B225FE11-26F2-4DC2-BE0A-E8E6E43984B8}\install.rdf
c:\documents and settings\HP_Propriétaire\Local Settings\Temp\IadHide5.dll
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
E:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-02-28 au 2010-03-31 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans ce laps de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
.

------- Sigcheck -------

[-] 2010-03-28 17:34 . 4D967CB1A03116137E06300371176C20 . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2004-08-05 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[7] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[7] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\8a2a5ecd72c62a4fe04757ab8c19e933\backup\atapi.sys
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1c491116-c175-45e1-a570-6fb14fea8b7b}"= "c:\program files\PHPNukeFR\tbPHPN.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{1c491116-c175-45e1-a570-6fb14fea8b7b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}]
2009-12-31 16:53 2349080 ----a-w- c:\program files\PHPNukeFR\tbPHPN.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1c491116-c175-45e1-a570-6fb14fea8b7b}"= "c:\program files\PHPNukeFR\tbPHPN.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{1c491116-c175-45e1-a570-6fb14fea8b7b}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1C491116-C175-45E1-A570-6FB14FEA8B7B}"= "c:\program files\PHPNukeFR\tbPHPN.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{1c491116-c175-45e1-a570-6fb14fea8b7b}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-12 39408]
"WeatherEye"="c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe" [2009-10-27 718232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-19 319792]
"Google Update"="c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-03-18 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-02-10 149280]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 61952]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-11-02 126976]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2010-01-17 180269]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2004-10-13 278528]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"SoundMan"="SOUNDMAN.EXE" [2004-10-13 77824]
"AlcWzrd"="ALCWZRD.EXE" [2004-10-13 2742272]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2004-12-13 663552]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2004-06-03 204800]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-10 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-10 40960]
"SetDefPrt"="c:\program files\Brother\Brmfl04a\BrStDvPt.exe" [2004-05-25 49152]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2004-06-14 851968]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-10-28 1037192]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2009-10-27 730480]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-01-17 98304]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe" [2009-11-18 240480]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

c:\documents and settings\HP_Propri'taire\Menu D'marrer\Programmes\D'marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-12-16 503808]
syspck32.exe [2008-4-13 30208]

c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2010-1-31 118784]
Panorama Maker 3.lnk - c:\program files\ArcSoft\Panorama Maker 3\pmk3.exe [2010-1-19 794624]
Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2010-1-17 819200]
Updates from HP.lnk - c:\program files\Updates from HP\309731\Program\Updates from HP.exe [2010-1-17 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=


R0 ohczgi;ohczgi; [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 135664]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\44F.tmp [x]
S0 rk_remover-boot;rk_remover-boot;c:\windows\system32\drivers\rk_remover.sys [2010-03-28 50176]
S1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys [2009-06-18 18816]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2009-10-27 25208]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2009-10-27 476528]

.
Contenu du dossier 'Tâches planifiées'

2010-03-31 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-03-26 01:39]

2010-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 18:01]

2010-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 18:01]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2102473
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-NWEReboot - (no file)
HKLM-Run-Fqejohun - c:\windows\anomikagoxu.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-31 06:18
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\44F.tmp"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(516)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

- - - - - - - > 'lsass.exe'(572)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

- - - - - - - > 'explorer.exe'(2744)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\brss01a.exe
c:\windows\system32\Brmfrmps.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\SOUNDMAN.EXE
c:\program files\iPod\bin\iPodService.exe
c:\windows\ALCWZRD.EXE
c:\program files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\documents and settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe
c:\program files\Messenger\msmsgs.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2010-03-31 06:22:51 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-03-31 10:22

Avant-CF: 467 808 407 552 octets libres
Après-CF: 469 210 800 128 octets libres

- - End Of File - - 564AE9A7A52E7741DDDB4564D230A7E2
0
Réponse 11 / 74
Utilisateur anonyme
 
bonsoir
le rapport n'est pas très bon, ComboFix a supprimé des cochonneries
Il faudrai essayer de faire Gmer
0
Réponse 12 / 74
sebas009 Messages postés 42 Statut Membre 1
 
Bonjour voici le rapport de gmer


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-02 05:13:15
Windows 5.1.2600 Service Pack 3
Running: 81t50z8f.exe; Driver: C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\pwdiakoc.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xA90CC542]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwClose [0xA90CCDBA]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwConnectPort [0xA8F9D600]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwCreateEvent [0xA90CDDCC]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateFile [0xA8F96D50]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateKey [0xA8FBB040]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwCreateMutant [0xA90CDCA4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0xA90CC148]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreatePort [0xA8F9DE10]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateProcess [0xA8FB4D00]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateProcessEx [0xA8FB5120]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateSection [0xA8FBF210]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwCreateSemaphore [0xA90CDEFE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xA90CF784]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwCreateThread [0xA90CCA58]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwCreateWaitablePort [0xA8F9DF80]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xA90CF176]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwDeleteFile [0xA8F97C30]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwDeleteKey [0xA8FBC750]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwDeleteValueKey [0xA8FBC130]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xA90CD524]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwDuplicateObject [0xA8FB3E40]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwEnumerateKey [0xA90CBE80]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xA90CBF2A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwFsControlFile [0xA90CD330]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwLoadDriver [0xA90CF208]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwLoadKey [0xA8FBD050]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwLoadKey2 [0xA8FBD280]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwMapViewOfSection [0xA8FBF5C0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xA90CC076]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwOpenEvent [0xA90CDE6E]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwOpenFile [0xA8F97720]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwOpenKey [0xA90CB592]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwOpenMutant [0xA90CDD3C]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwOpenProcess [0xA8FB7420]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwOpenSection [0xA90CF7AE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwOpenSemaphore [0xA90CDFA0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwOpenThread [0xA8FB6FF0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwQueryKey [0xA90CBFD4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xA90CBBFC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwQuerySection [0xA90CFB50]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwQueryValueKey [0xA90CB84C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwQueueApcThread [0xA90CF49E]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwRenameKey [0xA8FBE400]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwReplaceKey [0xA8FBDA10]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwReplyPort [0xA90CE32A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xA90CE1F0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwRequestWaitReplyPort [0xA8F9D150]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwRestoreKey [0xA8FBE0A0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwResumeThread [0xA90D0028]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwSaveKey [0xA90CB1FE]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwSecureConnectPort [0xA8F9D8E0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwSetContextThread [0xA90CCC76]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwSetInformationFile [0xA8F98050]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwSetInformationToken [0xA90CE86C]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwSetSecurityObject [0xA8FBE8B0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwSetSystemInformation [0xA90CFC90]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwSetValueKey [0xA8FBB940]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwSuspendProcess [0xA90CFD74]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwSuspendThread [0xA90CFE9C]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwSystemDebugControl [0xA8FB5CF0]
SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD) ZwTerminateProcess [0xA8FB5A20]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwTerminateThread [0xA90CC80E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xA90CFA06]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xA90CC998]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab) IoIsOperationSynchronous
0
Réponse 13 / 74
sebas009 Messages postés 42 Statut Membre 1
 
voila la suite...


---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAF84 5 Bytes JMP A90C19D4 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!IoIsOperationSynchronous 804EF912 5 Bytes JMP A90C1DAE \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wxp_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!ZwCallbackReturn + 2C88 80504524 12 Bytes [10, DE, F9, A8, 00, 4D, FB, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 2C98 80504534 16 Bytes [10, F2, FB, A8, FE, DE, 0C, ...] {ADC DL, DH; STI ; TEST AL, 0xfe; FIMUL WORD [ECX+EBP*4]; TEST BH, DH; OR AL, 0xa9; POP EAX; RETF 0xa90c}
.text ntkrnlpa.exe!ZwCallbackReturn + 2D54 805045F0 12 Bytes [08, F2, 0C, A9, 50, D0, FB, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 2ED0 8050476C 16 Bytes [00, E4, FB, A8, 10, DA, FB, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 2F68 80504804 4 Bytes CALL F1D6F115
.text ...

---- User code sections - GMER 1.0.15 ----

.text c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe[128] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe[128] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe[128] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe[128] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe[128] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe[128] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe[128] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe[128] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE[180] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE[180] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE[180] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE[180] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE[180] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE[180] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE[180] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE[180] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[240] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[240] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[240] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[240] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[240] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[240] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[240] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[240] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\GoogleUpdate.exe[272] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\GoogleUpdate.exe[272] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\GoogleUpdate.exe[272] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\GoogleUpdate.exe[272] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\GoogleUpdate.exe[272] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\GoogleUpdate.exe[272] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
0
Réponse 14 / 74
sebas009 Messages postés 42 Statut Membre 1
 
encore la suite...


.text C:\Program Files\Google\Update\GoogleUpdate.exe[272] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\GoogleUpdate.exe[272] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe[292] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe[292] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe[292] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe[292] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe[292] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe[292] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe[292] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\Update\1.2.183.23\GoogleCrashHandler.exe[292] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[400] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[400] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[400] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[400] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[400] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[400] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[400] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[400] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\winlogon.exe[512] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\winlogon.exe[512] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\winlogon.exe[512] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\winlogon.exe[512] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\winlogon.exe[512] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\winlogon.exe[512] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\winlogon.exe[512] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\winlogon.exe[512] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE[532] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE[532] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE[532] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE[532] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE[532] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE[532] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE[532] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE[532] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\services.exe[556] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\services.exe[556] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\services.exe[556] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\services.exe[556] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\services.exe[556] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\services.exe[556] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\services.exe[556] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\services.exe[556] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\lsass.exe[568] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
0
Réponse 15 / 74
sebas009 Messages postés 42 Statut Membre 1
 
encore la suite...

.text C:\WINDOWS\system32\lsass.exe[568] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\lsass.exe[568] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\lsass.exe[568] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\lsass.exe[568] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\lsass.exe[568] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\lsass.exe[568] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[716] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[716] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[716] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[716] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[716] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[716] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[716] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[716] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[796] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[796] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[796] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[796] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[796] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[796] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[796] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[796] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[836] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[836] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[836] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[836] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[836] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[836] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[836] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[836] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[880] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[880] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[880] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[880] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[880] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[880] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[880] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[880] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[924] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[924] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[924] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[924] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[924] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
0
Réponse 16 / 74
sebas009 Messages postés 42 Statut Membre 1
 
.text C:\WINDOWS\system32\svchost.exe[924] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[924] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[924] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[936] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[936] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[936] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[936] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[936] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[936] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[936] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[936] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Messenger\msmsgs.exe[1208] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Messenger\msmsgs.exe[1208] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Messenger\msmsgs.exe[1208] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Messenger\msmsgs.exe[1208] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Messenger\msmsgs.exe[1208] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Messenger\msmsgs.exe[1208] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Messenger\msmsgs.exe[1208] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Messenger\msmsgs.exe[1208] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\Explorer.EXE[1252] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\Explorer.EXE[1252] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\Explorer.EXE[1252] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\Explorer.EXE[1252] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\Explorer.EXE[1252] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\Explorer.EXE[1252] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\Explorer.EXE[1252] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\Explorer.EXE[1252] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1476] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe[1476] USER32.dll!DefDlgProcW + 56E 7E3A42A8 5 Bytes JMP 20C29299 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brsvc01a.exe[1596] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brsvc01a.exe[1596] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brsvc01a.exe[1596] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brsvc01a.exe[1596] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brsvc01a.exe[1596] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brsvc01a.exe[1596] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brsvc01a.exe[1596] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brsvc01a.exe[1596] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brss01a.exe[1632] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brss01a.exe[1632] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brss01a.exe[1632] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brss01a.exe[1632] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brss01a.exe[1632] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brss01a.exe[1632] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brss01a.exe[1632] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\brss01a.exe[1632] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\spoolsv.exe[1640] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\spoolsv.exe[1640] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\spoolsv.exe[1640] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\spoolsv.exe[1640] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\spoolsv.exe[1640] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\spoolsv.exe[1640] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\spoolsv.exe[1640] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
0
Réponse 17 / 74
sebas009 Messages postés 42 Statut Membre 1
 
la suite...

.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1648] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1648] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1648] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1648] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1648] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes JMP 209A37DD C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWDMP.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1648] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1648] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\CheckPoint\ZAForceField\ForceField.exe[1648] USER32.dll!DefDlgProcW + 56E 7E3A42A8 5 Bytes JMP 20C29299 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[1800] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[1800] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[1800] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[1800] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[1800] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[1800] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[1800] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\svchost.exe[1800] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\Brmfrmps.exe[1844] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\Brmfrmps.exe[1844] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\Brmfrmps.exe[1844] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\Brmfrmps.exe[1844] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\Brmfrmps.exe[1844] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\Brmfrmps.exe[1844] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\Brmfrmps.exe[1844] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\Brmfrmps.exe[1844] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jqs.exe[2020] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jqs.exe[2020] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jqs.exe[2020] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jqs.exe[2020] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jqs.exe[2020] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jqs.exe[2020] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jqs.exe[2020] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jqs.exe[2020] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\alg.exe[2168] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\alg.exe[2168] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\alg.exe[2168] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\alg.exe[2168] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\alg.exe[2168] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\alg.exe[2168] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\alg.exe[2168] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\alg.exe[2168] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[2332] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[2332] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[2332] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[2332] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[2332] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[2332] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[2332] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\System32\svchost.exe[2332] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jusched.exe[2748] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jusched.exe[2748] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jusched.exe[2748] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
0
Réponse 18 / 74
sebas009 Messages postés 42 Statut Membre 1
 
la suite...

.text C:\Program Files\Java\jre6\bin\jusched.exe[2748] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jusched.exe[2748] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jusched.exe[2748] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jusched.exe[2748] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Java\jre6\bin\jusched.exe[2748] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe[2752] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe[2752] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe[2752] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe[2752] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe[2752] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe[2752] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe[2752] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe[2752] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\windows\system\hpsysdrv.exe[2800] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\windows\system\hpsysdrv.exe[2800] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\windows\system\hpsysdrv.exe[2800] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\windows\system\hpsysdrv.exe[2800] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\windows\system\hpsysdrv.exe[2800] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\windows\system\hpsysdrv.exe[2800] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\windows\system\hpsysdrv.exe[2800] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\windows\system\hpsysdrv.exe[2800] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hkcmd.exe[2860] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hkcmd.exe[2860] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hkcmd.exe[2860] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hkcmd.exe[2860] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hkcmd.exe[2860] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hkcmd.exe[2860] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hkcmd.exe[2860] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hkcmd.exe[2860] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hphmon06.exe[2880] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hphmon06.exe[2880] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hphmon06.exe[2880] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hphmon06.exe[2880] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hphmon06.exe[2880] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hphmon06.exe[2880] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hphmon06.exe[2880] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\hphmon06.exe[2880] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\HP\KBD\KBD.EXE[2892] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\HP\KBD\KBD.EXE[2892] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\HP\KBD\KBD.EXE[2892] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\HP\KBD\KBD.EXE[2892] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\HP\KBD\KBD.EXE[2892] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\HP\KBD\KBD.EXE[2892] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\HP\KBD\KBD.EXE[2892] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\HP\KBD\KBD.EXE[2892] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iTunes\iTunesHelper.exe[2916] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iTunes\iTunesHelper.exe[2916] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iTunes\iTunesHelper.exe[2916] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iTunes\iTunesHelper.exe[2916] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iTunes\iTunesHelper.exe[2916] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iTunes\iTunesHelper.exe[2916] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iTunes\iTunesHelper.exe[2916] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iTunes\iTunesHelper.exe[2916] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\SOUNDMAN.EXE[2996] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\SOUNDMAN.EXE[2996] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\SOUNDMAN.EXE[2996] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\SOUNDMAN.EXE[2996] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\SOUNDMAN.EXE[2996] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\SOUNDMAN.EXE[2996] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\SOUNDMAN.EXE[2996] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\SOUNDMAN.EXE[2996] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iPod\bin\iPodService.exe[3012] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iPod\bin\iPodService.exe[3012] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iPod\bin\iPodService.exe[3012] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iPod\bin\iPodService.exe[3012] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iPod\bin\iPodService.exe[3012] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iPod\bin\iPodService.exe[3012] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iPod\bin\iPodService.exe[3012] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\iPod\bin\iPodService.exe[3012] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\ALCWZRD.EXE[3024] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\ALCWZRD.EXE[3024] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\ALCWZRD.EXE[3024] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\ALCWZRD.EXE[3024] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\ALCWZRD.EXE[3024] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\ALCWZRD.EXE[3024] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\ALCWZRD.EXE[3024] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\ALCWZRD.EXE[3024] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe[3032] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe[3032] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe[3032] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe[3032] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
0
Réponse 19 / 74
sebas009 Messages postés 42 Statut Membre 1
 
la suite...

.text C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe[3032] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe[3032] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe[3032] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe[3032] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliType Pro\type32.exe[3096] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliType Pro\type32.exe[3096] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliType Pro\type32.exe[3096] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliType Pro\type32.exe[3096] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliType Pro\type32.exe[3096] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliType Pro\type32.exe[3096] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliType Pro\type32.exe[3096] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliType Pro\type32.exe[3096] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliPoint\point32.exe[3116] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliPoint\point32.exe[3116] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliPoint\point32.exe[3116] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliPoint\point32.exe[3116] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliPoint\point32.exe[3116] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliPoint\point32.exe[3116] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliPoint\point32.exe[3116] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Microsoft IntelliPoint\point32.exe[3116] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe[3148] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe[3148] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe[3148] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe[3148] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe[3148] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe[3148] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe[3148] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe[3148] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Brother\ControlCenter2\brctrcen.exe[3236] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Brother\ControlCenter2\brctrcen.exe[3236] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Brother\ControlCenter2\brctrcen.exe[3236] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Brother\ControlCenter2\brctrcen.exe[3236] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Brother\ControlCenter2\brctrcen.exe[3236] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Brother\ControlCenter2\brctrcen.exe[3236] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Brother\ControlCenter2\brctrcen.exe[3236] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Brother\ControlCenter2\brctrcen.exe[3236] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\QuickTime\qttask.exe[3284] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\QuickTime\qttask.exe[3284] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\QuickTime\qttask.exe[3284] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\QuickTime\qttask.exe[3284] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\QuickTime\qttask.exe[3284] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\QuickTime\qttask.exe[3284] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\QuickTime\qttask.exe[3284] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\QuickTime\qttask.exe[3284] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe[3308] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe[3308] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe[3308] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe[3308] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe[3308] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe[3308] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe[3308] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe[3308] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\81t50z8f.exe[3316] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\81t50z8f.exe[3316] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\81t50z8f.exe[3316] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\81t50z8f.exe[3316] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\81t50z8f.exe[3316] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\81t50z8f.exe[3316] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\81t50z8f.exe[3316] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\81t50z8f.exe[3316] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3476] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3476] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3476] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3476] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3476] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3476] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3476] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[3476] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe[3492] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe[3492] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe[3492] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe[3492] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe[3492] user32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe[3492] user32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe[3492] advapi32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe[3492] advapi32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe[3508] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe[3508] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe[3508] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe[3508] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe[3508] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
0
Réponse 20 / 74
sebas009 Messages postés 42 Statut Membre 1
 
encore la suite...

.text C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe[3508] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe[3508] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe[3508] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe[3556] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe[3556] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe[3556] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe[3556] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe[3556] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe[3556] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe[3556] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\GoogleUpdate.exe[3556] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\ctfmon.exe[3624] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\ctfmon.exe[3624] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\ctfmon.exe[3624] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\ctfmon.exe[3624] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\ctfmon.exe[3624] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\ctfmon.exe[3624] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\ctfmon.exe[3624] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\ctfmon.exe[3624] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe[3768] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe[3768] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe[3768] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe[3768] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe[3768] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe[3768] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe[3768] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe[3768] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3780] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3780] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3780] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3780] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3780] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3780] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3780] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[3780] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Nikon\PictureProject\NkbMonitor.exe[3872] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Nikon\PictureProject\NkbMonitor.exe[3872] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Nikon\PictureProject\NkbMonitor.exe[3872] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Nikon\PictureProject\NkbMonitor.exe[3872] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Nikon\PictureProject\NkbMonitor.exe[3872] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Nikon\PictureProject\NkbMonitor.exe[3872] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Nikon\PictureProject\NkbMonitor.exe[3872] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Nikon\PictureProject\NkbMonitor.exe[3872] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe[4076] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe[4076] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe[4076] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe[4076] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe[4076] USER32.dll!FindWindowA 7E3A82E1 5 Bytes JMP 20C282B8 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe[4076] USER32.dll!FindWindowW 7E3AC9C3 5 Bytes JMP 20C28283 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe[4076] ADVAPI32.dll!ImpersonateNamedPipeClient 77DA7426 5 Bytes JMP 20C28E86 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe[4076] ADVAPI32.dll!SetThreadToken 77DAF193 5 Bytes JMP 20C2905F C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\verclsid.exe[4880] ntdll.dll!NtAccessCheckByType 7C91CE8E 5 Bytes JMP 20C287BA C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\verclsid.exe[4880] ntdll.dll!NtImpersonateClientOfPort 7C91D3FE 5 Bytes JMP 20C28D81 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\verclsid.exe[4880] ntdll.dll!NtSetInformationProcess 7C91DC9E 5 Bytes JMP 20C289D4 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
.text C:\WINDOWS\system32\verclsid.exe[4880] kernel32.dll!OpenProcess 7C8309E9 5 Bytes JMP 20C28495 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (ZoneAlarm ForceField/Check Point Software Technologies)
0

Discussions similaires

infecté par des virus
Lisy59120 -
Lisy59120 -

5 réponses
Menace détectée TrojanSMS-PA sur Google Huawei/Android
Outmost -
bazfile -

6 réponses
Virus non détecté par mon anti-virus ?
F2L -
cabrier -

12 réponses
Virus détecté
Koony -
MisteryBean -

6 réponses
Powershell infecté
Bal2bin -
MisteryBean -

8 réponses