Torna indietro   Hardware Upgrade Forum > Networking e sicurezza > Antivirus e Sicurezza > Tutorial / How-To / F.A.Q.
Ricarica la Pagina gmer e analisi dei suoi logs [tread ufficiale]

Lenovo Factory Tour: siamo entrati nella fabbrica ungherese che produce PC, storage e server
Lenovo Factory Tour: siamo entrati nella fabbrica ungherese che produce PC, storage e server
Edge9 ha visitato lo stabilimento produttivo di Lenovo nei pressi di Budapest in Ungheria, che serve tutta la zona EMEA per i prodotti “business”: PC, storage e server. Un impianto all’avanguardia, con altissimi tassi di efficienza ma anche una grande attenzione alle condizioni lavorative dei dipendenti e alla sostenibilità ambientale
Acer Nitro V 15, alla prova il notebook gaming essenziale con RTX 4050 Laptop
Acer Nitro V 15, alla prova il notebook gaming essenziale con RTX 4050 Laptop
Acer Nitro V 15 è un notebook gaming che punta sul rapporto prezzo-prestazioni per garantire a chi ha un budget intorno o persino inferiore ai 1000€ di giocare abbastanza bene in Full HD grazie alla RTX 4050 Laptop di NVIDIA e la compatibilità con il DLSS 3.
Stellar Blade: l'action RPG di Shift Up sfoggia uno stile (quasi) unico su PS5 - Recensione
Stellar Blade: l'action RPG di Shift Up sfoggia uno stile (quasi) unico su PS5 - Recensione
Primo grande progetto della coreana Shift Up, Stellar Blade è il racconto apparentemente poco originale di un mondo post-apocalittico. La nuova esclusiva PS5 ha attirato l'attenzione di numerosi giocatori per i motivi più disparati: scopriamo i suoi principali punti di forza nella nostra recensione.
La XPeng G6 ora è disponibile anche in Europa: in concorrenza con Tesla Model Y
Google, ecco quanto paga per rimanere il motore di ricerca predefinito sui device Apple
AMD si è ormai lasciata la vulnerabilità Zenbleed alle spalle: CPU Zen 2 al sicuro
2 modelli di SAMSUNG Galaxy S24 Ultra 12/512 GB ora costano 1.199€ (anziché 1.619€)
Amazon Gaming Week: le offerte sulle schede video NVIDIA GeForce RTX: 4070 SUPER a 626€, ma anche molti altri prezzi interessanti
NVIDIA rende più facile giocare con GeForce NOW su Steam Deck
Partita a tre per Paramount: dopo Skydance, arriva l'offerta da 26 miliardi di Sony-Apollo
Violato Dropbox Sign, informazioni sensibili degli utenti a rischio
Tesla è pronta a portare a bordo l'assistente vocale con AI
L'iconica Torre di Destiny 1 è stata ricreata in Call of Duty Black Ops 3
Tutti gli Apple Watch ora in offerta su Amazon: Series 9 a 379€ e Watch SE a 199€
Tutti gli articoli Tutte le news

Vai al Forum
Pagina 15 di 19 « Prima < 5 11 12 13 14 15 16 17 18 19 >
Rispondi
 
Strumenti
Old 06-01-2010, 23:01   #281
nessun0
Member
 
L'Avatar di nessun0
 
Iscritto dal: Apr 2008
Messaggi: 40
Ok, ora sto sulla partizione di Ubuntu.
Ecco la scansione:

Codice:
GMER 1.0.15.15281 - http://www.gmer.net

Rootkit scan 2010-01-06 19:21:48

Windows 5.1.2600 Service Pack 2

Running: wgj2njrs.exe; Driver: C:\DOCUME~1\ALESSIO\IMPOST~1\Temp\kwdoapoc.sys





---- System - GMER 1.0.15 ----



SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwAdjustPrivilegesToken [0xBADFD58C]

SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                            ZwAssignProcessToJobObject [0xF784F1CC]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwClose [0xBADFDE0C]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwConnectPort [0xBADFE922]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwCreateEvent [0xBADFEE94]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwCreateFile [0xBADFE0EE]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwCreateKey [0xBADFC436]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwCreateMutant [0xBADFED6C]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwCreateNamedPipeFile [0xBADFD192]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwCreatePort [0xBADFEC28]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwCreateSection [0xBADFD34E]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwCreateSemaphore [0xBADFEFC6]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwCreateSymbolicLinkObject [0xBAE00C08]

SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                            ZwCreateThread [0xF784F206]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwCreateWaitablePort [0xBADFECCA]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwDebugActiveProcess [0xBAE005FA]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwDeleteKey [0xBADFC9FA]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwDeleteValueKey [0xBADFCD88]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwDeviceIoControlFile [0xBADFE576]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwDuplicateObject [0xBAE015CA]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwEnumerateKey [0xBADFCECA]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwEnumerateValueKey [0xBADFCF74]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwFsControlFile [0xBADFE382]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwLoadDriver [0xBAE0068C]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwLoadKey [0xBADFC412]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwLoadKey2 [0xBADFC424]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwMapViewOfSection [0xBAE00CBC]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwNotifyChangeKey [0xBADFD0C0]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwOpenEvent [0xBADFEF36]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwOpenFile [0xBADFDE8E]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwOpenKey [0xBADFC5DC]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwOpenMutant [0xBADFEE04]

SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                            ZwOpenProcess [0xF784F51A]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwOpenSection [0xBAE00C32]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwOpenSemaphore [0xBADFF068]

SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                            ZwOpenThread [0xF784F3F6]

SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                            ZwProtectVirtualMemory [0xF784F292]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwQueryKey [0xBADFD01E]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwQueryMultipleValueKey [0xBADFCC46]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwQuerySection [0xBAE00FD4]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwQueryValueKey [0xBADFC896]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwQueueApcThread [0xBAE00922]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwRenameKey [0xBADFCB0E]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwReplaceKey [0xBADFC2B0]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwReplyPort [0xBADFF3F2]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwReplyWaitReceivePort [0xBADFF2B8]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwRequestWaitReplyPort [0xBAE0039A]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwRestoreKey [0xBAE03E2C]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwResumeThread [0xBAE014AC]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwSaveKey [0xBADFC248]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwSecureConnectPort [0xBADFE65C]

SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                            ZwSetContextThread [0xF784F18E]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwSetInformationToken [0xBADFFC4A]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwSetSecurityObject [0xBAE00786]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwSetSystemInformation [0xBAE01114]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwSetValueKey [0xBADFC71E]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwSuspendProcess [0xBAE011F8]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwSuspendThread [0xBAE01320]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwSystemDebugControl [0xBAE00526]

SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                            ZwTerminateProcess [0xF784F64E]

SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                            ZwTerminateThread [0xF784F316]

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             ZwUnmapViewOfSection [0xBAE00E8A]

SSDT            \SystemRoot\System32\drivers\pxrts.sys (Prevx Realtime Security/Prevx)                                                                            ZwWriteVirtualMemory [0xF784F34E]



Code            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             FsRtlCheckLockForReadAccess

Code            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)                                                             IoIsOperationSynchronous



---- Kernel code sections - GMER 1.0.15 ----



.text           ntoskrnl.exe!_abnormal_termination + C8                                                                                                           804E2724 4 Bytes  JMP A040E208 

.text           ntoskrnl.exe!_abnormal_termination + 114                                                                                                          804E2770 9 Bytes  [4E, D3, DF, BA, C6, EF, DF, ...]

.text           ntoskrnl.exe!_abnormal_termination + 11E                                                                                                          804E277A 6 Bytes  [E0, BA, 06, F2, 84, F7]

.text           ntoskrnl.exe!_abnormal_termination + 1D0                                                                                                          804E282C 12 Bytes  [8C, 06, E0, BA, 12, C4, DF, ...] {MOV WORD [ESI], ES; LOOPNZ 0xffffffffffffffbe; ADC AL, AH; FISTP QWORD [EDX-0x45203bdc]}

.text           ntoskrnl.exe!_abnormal_termination + 2CC                                                                                                          804E2928 5 Bytes  [1E, D0, DF, BA, 46]

.text           ...                                                                                                                                               

.text           ntoskrnl.exe!IoIsOperationSynchronous                                                                                                             804E8752 5 Bytes  JMP BADF28B6 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)

.text           ntoskrnl.exe!FsRtlCheckLockForReadAccess                                                                                                          80503C29 5 Bytes  JMP BADF24DC \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)

?               C:\WINDOWS\system32\drivers\sptd.sys                                                                                                              Impossibile accedere al file. Il file è utilizzato da un altro processo.

.text           USBPORT.SYS!DllUnload                                                                                                                             F6B8B62C 5 Bytes  JMP 8389C1C8 

?               System32\Drivers\akpvdk0o.SYS                                                                                                                     Impossibile trovare il percorso specificato. !



---- User code sections - GMER 1.0.15 ----



?               C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] C:\WINDOWS\system32\ntdll.dll                                                   time/date stamp mismatch; 

?               C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] C:\WINDOWS\system32\kernel32.dll                                                time/date stamp mismatch; 

.text           C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] USER32.dll!VRipOutput + FFFA4DE7                                                7E392A78 4 Bytes  [70, 11, 33, 6D]

?               C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] C:\WINDOWS\system32\ntdll.dll                                                  time/date stamp mismatch; 

?               C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] C:\WINDOWS\system32\kernel32.dll                                               time/date stamp mismatch; 

.text           C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] USER32.dll!VRipOutput + FFFA4DE7                                               7E392A78 4 Bytes  [70, 11, 33, 6D]



---- Kernel IAT/EAT - GMER 1.0.15 ----



IAT             \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!IoConnectInterrupt]                                                                           [F767B06C] sptd.sys

IAT             pci.sys[ntoskrnl.exe!IoDetachDevice]                                                                                                              [F767B018] sptd.sys

IAT             pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack]                                                                                                 [F769D9AE] sptd.sys

IAT             atapi.sys[ntoskrnl.exe!IoConnectInterrupt]                                                                                                        [F767B06C] sptd.sys

IAT             atapi.sys[HAL.dll!READ_PORT_UCHAR]                                                                                                                [F7664AD4] sptd.sys

IAT             atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT]                                                                                                        [F7664C1A] sptd.sys

IAT             atapi.sys[HAL.dll!READ_PORT_USHORT]                                                                                                               [F7664B9C] sptd.sys

IAT             atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT]                                                                                                       [F7665748] sptd.sys

IAT             atapi.sys[HAL.dll!WRITE_PORT_UCHAR]                                                                                                               [F766561E] sptd.sys

IAT             \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR]                                                                                [F767A29A] sptd.sys

IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[ntoskrnl.exe!IoCreateDevice]                                                                               [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject]                                                                           [BA733820] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\netbt.sys[ntoskrnl.exe!IoCreateDevice]                                                                               [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject]                                                                           [BA733820] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateDevice]                                                                                 [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\netbios.sys[ntoskrnl.exe!IoCreateDevice]                                                                             [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\rdbss.sys[ntoskrnl.exe!IoCreateDevice]                                                                               [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\mrxsmb.sys[ntoskrnl.exe!IoCreateDevice]                                                                              [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\System32\Drivers\Fips.SYS[ntoskrnl.exe!IoCreateDevice]                                                                                [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\ipnat.sys[ntoskrnl.exe!IoCreateDevice]                                                                               [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\wanarp.sys[ntoskrnl.exe!IoCreateDevice]                                                                              [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\System32\Drivers\Cdfs.SYS[ntoskrnl.exe!IoCreateDevice]                                                                                [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\nwlnkipx.sys[ntoskrnl.exe!IoCreateDevice]                                                                            [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\nwlnkipx.sys[TDI.SYS!TdiRegisterDeviceObject]                                                                        [BA733820] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\nwlnknb.sys[ntoskrnl.exe!IoCreateDevice]                                                                             [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\nwlnknb.sys[TDI.SYS!TdiRegisterDeviceObject]                                                                         [BA733820] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\ndisuio.sys[ntoskrnl.exe!IoCreateDevice]                                                                             [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\nwlnkspx.sys[ntoskrnl.exe!IoCreateDevice]                                                                            [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\nwlnkspx.sys[TDI.SYS!TdiRegisterDeviceObject]                                                                        [BA733820] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\mrxdav.sys[ntoskrnl.exe!IoCreateDevice]                                                                              [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\System32\Drivers\ParVdm.SYS[ntoskrnl.exe!IoCreateDevice]                                                                              [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateDevice]                                                                                 [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\System32\Drivers\Fastfat.SYS[ntoskrnl.exe!IoCreateDevice]                                                                             [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

IAT             \SystemRoot\System32\Drivers\HTTP.sys[ntoskrnl.exe!IoCreateDevice]                                                                                [BA7336D0] \??\C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)



---- User IAT/EAT - GMER 1.0.15 ----



IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap]                  00360240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap]                      003602B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap]                      00360320

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap]                00360390

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA]              00C60860

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA]                    00C608D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree]                     003605C0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW]                    00C60940

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]                  00C609B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary]                     00C60A20

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     00C60A90

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread]                    003606A0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc]                    00360710

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap]                        00360780

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap]                    003607F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode]                  00C60B00

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW]                00C60B70

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW]            00C60BE0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread]                  00360860

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   00C60C50

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW]                  00C60CC0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary]                   00C60D30

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]                  00C60DA0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                00C60E10

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc]                  003609B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree]                   00360A20

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap]                      00360A90

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap]                  00360B00

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap]                00360B70

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]                  00C60E80

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread]                    00360BE0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                  00C60EF0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!VirtualFree]                     00360D30

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA]              00C60F60

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]                    7C900550

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     7C9005C0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                  7C900630

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW]                    7C9006A0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary]                     7C900710

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW]              7C900780

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap]                    00360E80

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap]                        00360EF0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]      7C9007F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW]                   7C900860

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA]                     7C9008D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary]                      7C900940

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                   7C9009B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW]                     7C900A20

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap]                     00360F60

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap]                         7D1F0390

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode]                    7C900F60

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     00C70010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]                  00C70080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA]                    00C700F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary]                     00C70160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                  00C701D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                  00C70240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA]              00C702B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy]                     7D1F08D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree]                     7D1F0940

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc]                    7D1F09B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread]                    7D1F0A90

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW]              00C70320

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc]                   7D1F0C50

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree]                    7D1F0CC0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy]                    7D1F0E80

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00C70470

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                   00C704E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                 00C70550

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW]             00C705C0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode]                   00C70630

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]                   00C706A0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                 00C70710

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread]                   7D1F0EF0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW]                 00C70780

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary]                    00C707F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA]                 00C70860

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap]                       7D1F0F60

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00C708D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode]                   00C70940

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW]             00C709B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA]                 00C70A20

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW]                 00C70A90

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW]                   00C70B00

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                 00C70B70

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                 00C70BE0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary]                    00C70C50

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                   00370010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy]                    00370080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]                   00C70CC0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                 00C70D30

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA]             00C70DA0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress]                   00C70E10

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]                     00C70E80

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary]                      00C70EF0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]                     00C70F60

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW]               00C80010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread]                     00370320

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]                   00C80080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA]                   00C800F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                   00C80160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc]                     00370390

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]      00C801D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap]                         00370400

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00C80C50

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA]                   00C80CC0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW]                   00C80D30

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW]             00C80DA0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress]                 00C80E10

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary]                    00C80E80

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap]                       7D1F0080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap]                   7D1F0010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA]                     00C90780

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary]                      00C907F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress]                   00C90860

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter]      00C908D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap]                       7D1F0080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode]                   00C90CC0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW]                   00C90D30

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA]                 00C90DA0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread]                   7D1F01D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW]                 00C90E10

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW]             00C90E80

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress]                 00C90EF0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary]                    00C90F60

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA]                   00CA0010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00CA0080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy]                     7D1F0240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress]                  7C900240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA]              7C900160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA]                    7C9002B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread]                    7D1F01D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary]                     7C9000F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     7C9004E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary]                    7C9000F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7C9004E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA]                   7C9002B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA]             7C900160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread]                   7D1F01D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress]                 7C900240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW]                  7C900400

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7C9004E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA]                  7C9002B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary]                   7C9000F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress]                7C900240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread]                  7D1F01D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA]            7C900160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap]                  7D1F0010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[256] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap]                      7D1F0080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap]                 00360240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap]                     003602B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap]                     00360320

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap]               00360390

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA]             00A80860

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA]                   00A808D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree]                    003605C0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW]                   00A80940

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]                 00A809B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary]                    00A80A20

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00A80A90

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread]                   003606A0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc]                   00360710

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap]                       00360780

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap]                   003607F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode]                 00A80B00

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW]               00A80B70

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW]           00A80BE0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread]                 00360860

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]  00A80C50

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW]                 00A80CC0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary]                  00A80D30

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]                 00A80DA0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]               00A80E10

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc]                 003609B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree]                  00360A20

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap]                     00360A90

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap]                 00360B00

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap]               00360B70

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]                 00A80E80

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread]                   00360BE0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                 00A80EF0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!VirtualFree]                    00360D30

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA]             00A80F60

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]                   7C900550

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7C9005C0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                 7C900630

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW]                   7C9006A0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary]                    7C900710

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW]             7C900780

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap]                   00360E80

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap]                       00360EF0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     7C9007F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW]                  7C900860

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA]                    7C9008D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary]                     7C900940

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                  7C9009B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW]                    7C900A20

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap]                    00360F60

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap]                        7D1F0390

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode]                   7C900F60

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00A90010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]                 00A90080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA]                   00A900F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary]                    00A90160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                 00A901D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                 00A90240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA]             00A902B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy]                    7D1F08D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree]                    7D1F0940

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc]                   7D1F09B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread]                   7D1F0A90

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW]             00A90320

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc]                  7D1F0C50

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree]                   7D1F0CC0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy]                   7D1F0E80

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   00A90470

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                  00A904E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                00A90550

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW]            00A905C0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode]                  00A90630

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]                  00A906A0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                00A90710

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread]                  7D1F0EF0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW]                00A90780

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary]                   00A907F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA]                00A90860

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap]                      7D1F0F60

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   00A908D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode]                  00A90940

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW]            00A909B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA]                00A90A20

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW]                00A90A90

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW]                  00A90B00

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA]                00A90B70

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW]                00A90BE0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary]                   00A90C50

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                  00370010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy]                   00370080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]                  00A90CC0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                00A90D30

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA]            00A90DA0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress]                  00A90E10

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]                    00A90E80

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary]                     00A90EF0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]                    00A90F60

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW]              00AA0010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread]                    00370320

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]                  00AA0080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA]                  00AA00F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                  00AA0160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc]                    00370390

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     00AA01D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap]                        00370400

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   00AA0C50

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA]                  00AA0CC0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW]                  00AA0D30

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW]            00AA0DA0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress]                00AA0E10

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary]                   00AA0E80

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap]                      7D1F0080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap]                  7D1F0010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA]                    00AB0470

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary]                     00AB04E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress]                  00AB0550

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter]     00AB05C0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap]                      7D1F0080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode]                  00AB09B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW]                  00AB0A20

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA]                00AB0A90

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread]                  7D1F01D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW]                00AB0B00

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW]            00AB0B70

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress]                00AB0BE0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary]                   00AB0C50

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA]                  00AB0CC0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   00AB0D30

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy]                    7D1F0240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress]                 7C900240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA]             7C900160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA]                   7C9002B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread]                   7D1F01D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary]                    7C9000F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7C9004E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary]                   7C9000F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7C9004E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA]                  7C9002B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA]            7C900160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread]                  7D1F01D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress]                7C900240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW]                 7C900400

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]  7C9004E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA]                 7C9002B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary]                  7C9000F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress]               7C900240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread]                 7D1F01D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA]           7C900160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap]                 7D1F0010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap]                     7D1F0080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter]  7C9004E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary]                  7C9000F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapDestroy]                  7D1F0240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress]               7C900240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA]                 7C9002B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap]                     7D1F0080

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap]                 7D1F0010

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary]                   7C9000F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]                7C900240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA]                  7C9002B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7C9004E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA]                7C900320

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW]                7C900390

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread]                  7D1F01D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW]            7C9001D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA]            7C900160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!CreateThread]                  7D1F01D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameA]            7C900160

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW]                  7C900400

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameW]            7C9001D0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW]                7C900390

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   7C9004E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetErrorMode]                  7C900470

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress]                7C900240

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA]                  7C9002B0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!FreeLibrary]                   7C9000F0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    7C9004E0

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualFree]                    7D1F0320

IAT             C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe[1880] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualAlloc]                   7D1F02B0



---- Devices - GMER 1.0.15 ----



Device          \FileSystem\Ntfs \Ntfs                                                                                                                            83B651E8

Device          \FileSystem\Fastfat \FatCdrom                                                                                                                     833971E8

Device          \Driver\NetBT \Device\NetBT_Tcpip_{8631214F-8C6F-4ED0-A24B-4159AFE8032E}                                                                          834D2588



AttachedDevice  \Driver\Tcpip \Device\Ip                                                                                                                          kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)



Device          \Driver\usbehci \Device\USBPDO-0                                                                                                                  838795B0

Device          \Driver\usbohci \Device\USBPDO-1                                                                                                                  8389B1E8

Device          \Driver\NetBT \Device\NetBT_Tcpip_{60352F27-FE3D-4A45-88CA-93078C593F92}                                                                          834D2588

Device          \Driver\usbohci \Device\USBPDO-2                                                                                                                  8389B1E8

Device          \Driver\usbohci \Device\USBPDO-3                                                                                                                  8389B1E8

Device          \Driver\PCI_NTPNP1542 \Device\00000061                                                                                                            sptd.sys



AttachedDevice  \Driver\Tcpip \Device\Tcp                                                                                                                         kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)



Device          \Driver\Ftdisk \Device\HarddiskVolume1                                                                                                            83BD41E8

Device          \Driver\Ftdisk \Device\HarddiskVolume2                                                                                                            83BD41E8

Device          \Driver\Cdrom \Device\CdRom0                                                                                                                      838CA1E8

Device          \Driver\Cdrom \Device\CdRom1                                                                                                                      838CA1E8

Device          \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17                                                                                                      83B661E8

Device          \Driver\atapi \Device\Ide\IdePort0                                                                                                                83B661E8

Device          \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3                                                                                                       83B661E8

Device          \Driver\atapi \Device\Ide\IdePort1                                                                                                                83B661E8

Device          \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f                                                                                                       83B661E8

Device          \Driver\Cdrom \Device\CdRom2                                                                                                                      838CA1E8

Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                                                           834D2588

Device          \Driver\NetBT \Device\NetbiosSmb                                                                                                                  834D2588



AttachedDevice  \Driver\Tcpip \Device\Udp                                                                                                                         kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

AttachedDevice  \Driver\Tcpip \Device\RawIp                                                                                                                       kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)



Device          \Driver\usbohci \Device\USBFDO-0                                                                                                                  8389B1E8

Device          \Driver\usbohci \Device\USBFDO-1                                                                                                                  8389B1E8

Device          \FileSystem\MRxSmb \Device\LanmanDatagramReceiver                                                                                                 834C5790

Device          \Driver\usbohci \Device\USBFDO-2                                                                                                                  8389B1E8

Device                                                                                                                                                            834C5790

Device          \Driver\usbehci \Device\USBFDO-3                                                                                                                  838795B0

Device          \Driver\Ftdisk \Device\FtControl                                                                                                                  83BD41E8

Device          \Driver\akpvdk0o \Device\Scsi\akpvdk0o1Port2Path0Target0Lun0                                                                                      838681E8

Device          \Driver\akpvdk0o \Device\Scsi\akpvdk0o1                                                                                                           838681E8

Device                                                                                                                                                            833971E8

Device                                                                                                                                                            Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)



AttachedDevice                                                                                                                                                    fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)



Device          \FileSystem\Cdfs \Cdfs                                                                                                                            834A41E8



---- Registry - GMER 1.0.15 ----



Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1                                                                                                771343423

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2                                                                                                285507792

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0                                                                                                1

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                                                                  

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                               C:\Programmi\Alcohol Soft\Alcohol 120\

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                               0

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                            0xAB 0x73 0x07 0x43 ...

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001                                                         

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                                      0x20 0x01 0x00 0x00 ...

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                                   0xDC 0x47 0x0F 0x70 ...

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40                                                  

Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                            0xDA 0x4C 0x0F 0x30 ...

Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)                                              

Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0                                                                   C:\Programmi\Alcohol Soft\Alcohol 120\

Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                                                                   0

Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                                                                0xAB 0x73 0x07 0x43 ...

Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)                                     

Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0                                                          0x20 0x01 0x00 0x00 ...

Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew                                                       0xDC 0x47 0x0F 0x70 ...

Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)                              

Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew                                                0xDA 0x4C 0x0F 0x30 ...

Reg             HKLM\SOFTWARE\Classes\.bin\PersistentHandler                                                                                                      

Reg             HKLM\SOFTWARE\Classes\.bin\PersistentHandler@                                                                                                     {098f2470-bae0-11cd-b579-08002b30bfeb}

Reg             HKLM\SOFTWARE\Classes\.hqx\PersistentHandler                                                                                                      

Reg             HKLM\SOFTWARE\Classes\.hqx\PersistentHandler@                                                                                                     {098f2470-bae0-11cd-b579-08002b30bfeb}

Reg             HKLM\SOFTWARE\Classes\MSIDXS@                                                                                                                     Microsoft OLE DB Provider for Indexing Service

Reg             HKLM\SOFTWARE\Classes\MSIDXS\Clsid                                                                                                                

Reg             HKLM\SOFTWARE\Classes\MSIDXS\Clsid@                                                                                                               {F9AE8980-7E52-11d0-8964-00C04FD611D7}

Reg             HKLM\SOFTWARE\Classes\MSIDXS ErrorLookup@                                                                                                         Microsoft OLE DB Error Lookup for Indexing Service

Reg             HKLM\SOFTWARE\Classes\MSIDXS ErrorLookup\Clsid                                                                                                    

Reg             HKLM\SOFTWARE\Classes\MSIDXS ErrorLookup\Clsid@                                                                                                   {F9AE8981-7E52-11d0-8964-00C04FD611D7}



---- EOF - GMER 1.0.15 ----
__________________

Do you like fishSticks?
nessun0 è offline   Rispondi citando il messaggio o parte di esso
Old 16-01-2010, 09:18   #282
ging
Junior Member
 
Iscritto dal: Jan 2010
Messaggi: 10
Al ventesimo tentativo circa sono riuscito a fare una scansione con gmer.
Per quanto mi premurassi di killare la gran parte dei processi non necessari all'inizio dello scan (firewall Comodo, processi di Nero, prevx, a-squared, ecc...), gmer si bloccava sempre DOPO aver finito la scansione e mi impallava tutto. Uso Xp SP3.
Da quanto ho potuto vedere tenendo aperto il Task Manager nel corso della scansione, per qualche ragione gmer mi manda SEMPRE l'utilizzo della CPU a 100% (e il valore rimane tale anche dopo la fine della scansione - con l'effetto che si impallano diversi altri processi e salvare il log diventa una tortura - 3 minuti di attesa solo per aprire il Notepad).

Ecco il link del log.

http://wikisend.com/download/892466/gmer_ging1.txt

E' pulito?

(Giusto per informazione, tutti gli altri log - a-squared, prevx, MBAM, antivir, hijackthis, F-secure, Dr.Web - CureIT, ESET SysInspector - risultano puliti).
ging è offline   Rispondi citando il messaggio o parte di esso
Old 16-01-2010, 10:22   #283
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da ging Guarda i messaggi
Al ventesimo tentativo circa sono riuscito a fare una scansione con gmer.
Per quanto mi premurassi di killare la gran parte dei processi non necessari all'inizio dello scan (firewall Comodo, processi di Nero, prevx, a-squared, ecc...), gmer si bloccava sempre DOPO aver finito la scansione e mi impallava tutto. Uso Xp SP3.
Da quanto ho potuto vedere tenendo aperto il Task Manager nel corso della scansione, per qualche ragione gmer mi manda SEMPRE l'utilizzo della CPU a 100% (e il valore rimane tale anche dopo la fine della scansione - con l'effetto che si impallano diversi altri processi e salvare il log diventa una tortura - 3 minuti di attesa solo per aprire il Notepad).

Ecco il link del log.

http://wikisend.com/download/892466/gmer_ging1.txt

E' pulito?

(Giusto per informazione, tutti gli altri log - a-squared, prevx, MBAM, antivir, hijackthis, F-secure, Dr.Web - CureIT, ESET SysInspector - risultano puliti).
Pulito
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 16-01-2010, 12:45   #284
ging
Junior Member
 
Iscritto dal: Jan 2010
Messaggi: 10
Quote:
Originariamente inviato da Chill-Out Guarda i messaggi
Pulito
Grazie mille, davvero molto gentile.
ging è offline   Rispondi citando il messaggio o parte di esso
Old 16-01-2010, 13:27   #285
mcgyver83
Senior Member
 
L'Avatar di mcgyver83
 
Iscritto dal: May 2003
Messaggi: 1504
Quote:
Originariamente inviato da mcgyver83 Guarda i messaggi
Ciao a tutti, ho letto un po di info sui rootkit e mi è venuta un po di paura...ho fatto girare gmer ma quando faccio scan mi dice "c:\Windows\System32\config\SYSTEM impossibile trovare il file specificato" ma il file invece esiste sull'hd.
Se premo ok e imposto la scansione su tutte le unità mi rileva solo 2 voci relative a Comodo e basta.Posso stare sicuro?
Tutto ok o devo preoccuparmi?
__________________
Intel e5450 |-| Dark Knight Xigmatek S1283 |-| Asus P5k SE/EPU |-| OCZ DDR2 PC2-6400 Platinum Revision 2 Dual Channel 4X1024MB 893Mhz |-| Seagate Barracuda 7200.11 500 Gb Sata 300 Buffer 32 Mb 7200 Rpm |-| Sapphire HD 6950 2GB DDR5
mcgyver83 è offline   Rispondi citando il messaggio o parte di esso
Old 16-01-2010, 15:46   #286
Jabberwock
Senior Member
 
L'Avatar di Jabberwock
 
Iscritto dal: May 2002
Città: Nardo' (LE)
Messaggi: 4016
Ho un piccolo problema che sembra causato da Gmer: quando c'e' una scansione in corso (il computer di cui parlo era infetto da diversi rootkit... ma ora non viene rilevato piu' nulla), se provo ad avviare, per dire, Chrome, viene fuori un BSOD! Il Minidump indica csrss come causa del problema, problema che non si verifica se, ad esempio, faccio fare la scansione a Antivir!

RAM, disco e test di stabilita' (usando Burn In Test) sono stati fatti, ma l'unico modo di replicare il problema e' far fare la scansione a Gmer e avviare Chrome!
__________________
15 maggio 2008
11 marzo 2013
26 febbraio 2014
Jabberwock è offline   Rispondi citando il messaggio o parte di esso
Old 16-01-2010, 20:33   #287
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da mcgyver83 Guarda i messaggi
Tutto ok o devo preoccuparmi?
Senza vedere il log è difficile dare una risposta.
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 16-01-2010, 20:33   #288
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Jabberwock Guarda i messaggi
Ho un piccolo problema che sembra causato da Gmer: quando c'e' una scansione in corso (il computer di cui parlo era infetto da diversi rootkit... ma ora non viene rilevato piu' nulla), se provo ad avviare, per dire, Chrome, viene fuori un BSOD! Il Minidump indica csrss come causa del problema, problema che non si verifica se, ad esempio, faccio fare la scansione a Antivir!

RAM, disco e test di stabilita' (usando Burn In Test) sono stati fatti, ma l'unico modo di replicare il problema e' far fare la scansione a Gmer e avviare Chrome!
Non comprendo il problema.
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 16-01-2010, 20:57   #289
Jabberwock
Senior Member
 
L'Avatar di Jabberwock
 
Iscritto dal: May 2002
Città: Nardo' (LE)
Messaggi: 4016
Quote:
Originariamente inviato da Chill-Out Guarda i messaggi
Non comprendo il problema.
Se, mentre Gmer fa la scansione, faccio partire Chrome (non so se capiti anche con altri software: e' successo con quello per la prima volta e non mi sono posto il problema di cercarne altri), viene fuori un BSOD.

Se, mentre Antivir fa la scansione, faccio partire Chrome, non succede nulla!

Il file che causa l'errore, stando ai minidump, e' csrss.exe, ma pare che le condizioni necessarie per generare l'errore siano Gmer + Chrome!

La domanda e': e' giusto che sia cosi' (in teoria, non si dovrebbe usare alcun programma mentre la scansione e' in corso, ma un BSOD mi pare un po' esagerato) o il problema poteva essere di altro genere (posto che disco e RAM sono ok e la macchina non pare avere instabilita' di altro genere)?

Edit: piu' che altro e' una mia curiosita', perche' il computer di cui parlo e' gia' stato restituito al legittimo proprietario.
__________________
15 maggio 2008
11 marzo 2013
26 febbraio 2014
Jabberwock è offline   Rispondi citando il messaggio o parte di esso
Old 16-01-2010, 21:02   #290
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da Jabberwock Guarda i messaggi
Se, mentre Gmer fa la scansione, faccio partire Chrome (non so se capiti anche con altri software: e' successo con quello per la prima volta e non mi sono posto il problema di cercarne altri), viene fuori un BSOD.

Se, mentre Antivir fa la scansione, faccio partire Chrome, non succede nulla!

Il file che causa l'errore, stando ai minidump, e' csrss.exe, ma pare che le condizioni necessarie per generare l'errore siano Gmer + Chrome!

La domanda e': e' giusto che sia cosi' (in teoria, non si dovrebbe usare alcun programma mentre la scansione e' in corso, ma un BSOD mi pare un po' esagerato) o il problema poteva essere di altro genere (posto che disco e RAM sono ok e la macchina non pare avere instabilita' di altro genere)?

Edit: piu' che altro e' una mia curiosita', perche' il computer di cui parlo e' gia' stato restituito al legittimo proprietario.
Si può succedere
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 10-02-2010, 15:58   #291
$Raf$
Senior Member
 
L'Avatar di $Raf$
 
Iscritto dal: May 2009
Città: Napoli
Messaggi: 555
Quote:
Originariamente inviato da Jabberwock Guarda i messaggi
Se, mentre Gmer fa la scansione, faccio partire Chrome (non so se capiti anche con altri software: e' successo con quello per la prima volta e non mi sono posto il problema di cercarne altri), viene fuori un BSOD.

Se, mentre Antivir fa la scansione, faccio partire Chrome, non succede nulla!

Il file che causa l'errore, stando ai minidump, e' csrss.exe, ma pare che le condizioni necessarie per generare l'errore siano Gmer + Chrome!

La domanda e': e' giusto che sia cosi' (in teoria, non si dovrebbe usare alcun programma mentre la scansione e' in corso, ma un BSOD mi pare un po' esagerato) o il problema poteva essere di altro genere (posto che disco e RAM sono ok e la macchina non pare avere instabilita' di altro genere)?

Edit: piu' che altro e' una mia curiosita', perche' il computer di cui parlo e' gia' stato restituito al legittimo proprietario.
succede la stessa cosa anche a me
$Raf$ è offline   Rispondi citando il messaggio o parte di esso
Old 12-02-2010, 10:43   #292
Jestat
Member
 
L'Avatar di Jestat
 
Iscritto dal: Apr 2009
Messaggi: 276
Quote:
Originariamente inviato da ging Guarda i messaggi
Al ventesimo tentativo circa sono riuscito a fare una scansione con gmer.
Per quanto mi premurassi di killare la gran parte dei processi non necessari all'inizio dello scan (firewall Comodo, processi di Nero, prevx, a-squared, ecc...), gmer si bloccava sempre DOPO aver finito la scansione e mi impallava tutto. Uso Xp SP3.
Da quanto ho potuto vedere tenendo aperto il Task Manager nel corso della scansione, per qualche ragione gmer mi manda SEMPRE l'utilizzo della CPU a 100% (e il valore rimane tale anche dopo la fine della scansione - con l'effetto che si impallano diversi altri processi e salvare il log diventa una tortura - 3 minuti di attesa solo per aprire il Notepad).

Ecco il link del log.

http://wikisend.com/download/892466/gmer_ging1.txt

E' pulito?

(Giusto per informazione, tutti gli altri log - a-squared, prevx, MBAM, antivir, hijackthis, F-secure, Dr.Web - CureIT, ESET SysInspector - risultano puliti).
è a mio avviso una pecca grave di questo tool (anche eseguibile già rinominato...), anche a me da lo stesso problema, appena finisce la scansione il pc si impalla e diventa difficile salvare il report.....una volta riuscito a salvarlo non resta però che il "reset" in quanto la macchina non risponde più a nessun comando.....se ci fosse un alternativa al tool oppure una miglioria in questo senso sarebbe di lusso
__________________


http://bassafedeltafanz.blogspot.com/ il blog della fanzine musicale
Jestat è offline   Rispondi citando il messaggio o parte di esso
Old 07-03-2010, 10:56   #293
magicreal
Member
 
L'Avatar di magicreal
 
Iscritto dal: Mar 2006
Messaggi: 189
ciao ragazzi..potete controllare i miei log? ultimamente il mio pc con win 7 sembra impallarsi ogni tanto...
Codice:
GMER 1.0.15.15227 - http://www.gmer.net
Autostart scan 2010-03-07 11:51:08
Windows 6.1.7600 


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = Userinit.exe,

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
ekrn@ = "C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
sppsvc@ = %SystemRoot%\system32\sppsvc.exe
Upsagent@ = C:\Program Files\Upsmon\Upsag_nt.exe
WMPNetworkSvc@ = "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe"

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@SoundManSOUNDMAN.EXE = SOUNDMAN.EXE
@egui"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice = "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
@Upsag_ap"C:\Program Files\Upsmon\Upsag_ap.exe" -nt = "C:\Program Files\Upsmon\Upsag_ap.exe" -nt
ShellServiceObjectDelayLoad@WebCheck = 

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{80009818-f38f-4af1-87b5-eadab9433e58} /*MF ADTS Property Handler*/%SystemRoot%\System32\mf.dll = %SystemRoot%\System32\mf.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll
@{B089FE88-FB52-11D3-BDF1-0050DA34150D} /*ESET Smart Security - Context Menu Shell Extension*/C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll = C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll
@{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} /*NeroCoverEd Live Icons*/C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll = C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
@{72923739-5A47-40A3-9895-25AF0DFBB9E4} /*Glary Utilities Context Menu Shell Extension*/C:\PROGRA~2\GLARYU~1\CONTEX~1.DLL = C:\PROGRA~2\GLARYU~1\CONTEX~1.DLL
@{5E2121EE-0300-11D4-8D3B-444553540000} /*Catalyst Context Menu extension*/C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll = C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
@{59A3380E-5305-4cea-BD99-4F2FF510C91F} /*FineReader9ContextMenu*/C:\Program Files\ABBYY FineReader 9.0\FRIntegration.dll = C:\Program Files\ABBYY FineReader 9.0\FRIntegration.dll
@{44440D00-FF19-4AFC-B765-9A0970567D97} /*TuneUp Theme Extension*/%SystemRoot%\System32\uxtuneup.dll = %SystemRoot%\System32\uxtuneup.dll
@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} /*TuneUp Shredder Shell Extension*/C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll = C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll
@{4838CD50-7E5D-4811-9B17-C47A85539F28} /*TuneUp Disk Space Explorer Shell Extension*/C:\Program Files\TuneUp Utilities 2010\DseShExt-x86.dll = C:\Program Files\TuneUp Utilities 2010\DseShExt-x86.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Cover Designer@{73FCA462-9BD5-4065-A73F-A8E5F6904EF7} = C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
ESET Smart Security - Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} = C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll
FineReader9ContextMenu@{59A3380E-5305-4cea-BD99-4F2FF510C91F} = C:\Program Files\ABBYY FineReader 9.0\FRIntegration.dll
Glary Utilities@{72923739-5A47-40A3-9895-25AF0DFBB9E4} = C:\PROGRA~2\GLARYU~1\CONTEX~1.DLL
Notepad++@{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} = C:\Program Files\Notepad++\NppShell.dll
TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
TuneUp Disk Space Explorer Shell Extension@{4838CD50-7E5D-4811-9B17-C47A85539F28} = C:\Program Files\TuneUp Utilities 2010\DseShExt-x86.dll
TuneUp Shredder Shell Extension@{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} = C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers@{596AB062-B4D2-4215-9F74-E9109B0A8153} = %SystemRoot%\system32\twext.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
ESET Smart Security - Context Menu Shell Extension@{B089FE88-FB52-11D3-BDF1-0050DA34150D} = C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll
Glary Utilities@{72923739-5A47-40A3-9895-25AF0DFBB9E4} = C:\PROGRA~2\GLARYU~1\CONTEX~1.DLL
MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}C:\Program Files\Java\jre6\bin\jp2ssv.dll = C:\Program Files\Java\jre6\bin\jp2ssv.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Local PageC:\Windows\System32\blank.htm = C:\Windows\System32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.corriere.it/ = http://www.corriere.it/
@Local PageC:\Windows\system32\blank.htm = C:\Windows\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\Windows\System32\msvidctl.dll
its@CLSID = %SystemRoot%\System32\itss.dll
livecall@CLSID = C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-its@CLSID = %SystemRoot%\System32\itss.dll
ms-itss@CLSID = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
msnim@CLSID = C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
tv@CLSID = C:\Windows\System32\msvidctl.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ >>>
000000000001@LibraryPath = %SystemRoot%\system32\NLAapi.dll
000000000004@LibraryPath = %SystemRoot%\system32\napinsp.dll
000000000005@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll

C:\Users\The Rock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup = utorrent - collegamento.lnk

---- EOF - GMER 1.0.15 ----


e quello rootkit
Codice:
GMER 1.0.15.15227 - http://www.gmer.net
Rootkit scan 2010-03-07 11:51:34
Windows 6.1.7600 
Running: psobhe4g.exe; Driver: C:\Users\THEROC~1\AppData\Local\Temp\uwddrfob.sys


---- System - GMER 1.0.15 ----

INT 0x1F        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            82A39AF8
INT 0x37        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            82A39104
INT 0xC1        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            82A393F4
INT 0xD1        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            82A21FB4
INT 0xDF        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            82A391DC
INT 0xE1        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            82A39958
INT 0xE3        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            82A396F8
INT 0xFD        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            82A39F2C
INT 0xFE        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                            82A3A1A8

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwSaveKeyEx + 13BD                                                                                     82A995C9 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                              82ABE052 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
?               System32\Drivers\spwg.sys                                                                                           Impossibile trovare il percorso specificato. !
.text           USBPORT.SYS!DllUnload                                                                                               8C440CA0 5 Bytes  JMP 855BF1D8 
.text           a59unxc5.SYS                                                                                                        8DF93000 12 Bytes  [44, 48, A2, 82, EE, 46, A2, ...]
.text           a59unxc5.SYS                                                                                                        8DF9300D 9 Bytes  [27, A2, 82, 48, 4B, A2, 82, ...] {DAA ; MOV [0xa24b4882], AL; ADD BYTE [EAX], 0x0}
.text           a59unxc5.SYS                                                                                                        8DF93017 170 Bytes  [00, DE, 27, F2, 86, E6, 25, ...]
.text           a59unxc5.SYS                                                                                                        8DF930C3 8 Bytes  [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text           a59unxc5.SYS                                                                                                        8DF930CE 4 Bytes  [00, 00, 00, 00] {ADD [EAX], AL; ADD [EAX], AL}
.text           ...                                                                                                                 
.text           peauth.sys                                                                                                          9561DC9D 28 Bytes  [0F, 9F, 2F, 40, 8B, 03, E8, ...]
.text           peauth.sys                                                                                                          9561DCC1 28 Bytes  [0F, 9F, 2F, 40, 8B, 03, E8, ...]
PAGE            spsys.sys!?SPRevision@@3PADA + 4F90                                                                                 84657000 290 Bytes  [8B, FF, 55, 8B, EC, 33, C0, ...]
PAGE            spsys.sys!?SPRevision@@3PADA + 50B3                                                                                 84657123 629 Bytes  [25, 65, 84, FE, 05, 34, 25, ...]
PAGE            spsys.sys!?SPRevision@@3PADA + 5329                                                                                 84657399 101 Bytes  [6A, 28, 59, A5, 5E, C6, 03, ...]
PAGE            spsys.sys!?SPRevision@@3PADA + 538F                                                                                 846573FF 148 Bytes  [18, 5D, C2, 14, 00, 8B, FF, ...]
PAGE            spsys.sys!?SPRevision@@3PADA + 543B                                                                                 846574AB 2228 Bytes  [8B, FF, 55, 8B, EC, FF, 75, ...]
PAGE            ...                                                                                                                 

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[1636] kernel32.dll!SetUnhandledExceptionFilter                  75983162 4 Bytes  [C2, 04, 00, 00]
.text           C:\Program Files\Mozilla Firefox\firefox.exe[3352] ntdll.dll!LdrLoadDll                                             7720F585 5 Bytes  JMP 001E13F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar]                                            [86E26042] \SystemRoot\System32\Drivers\spwg.sys
IAT             \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar]                                           [86E266D6] \SystemRoot\System32\Drivers\spwg.sys
IAT             \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort]                                    [86E26800] \SystemRoot\System32\Drivers\spwg.sys
IAT             \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort]                                     [86E2613E] \SystemRoot\System32\Drivers\spwg.sys
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortNotification]                                          00147880
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortQuerySystemTime]                                       78800C75
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortReadPortUchar]                                         06750015
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortStallExecution]                                        C25DC033
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortWritePortUchar]                                        458B0008
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortWritePortUlong]                                        6A006A08
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortGetPhysicalAddress]                                    50056A24
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong]                         005AB7E8
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortGetScatterGatherList]                                  0001B800
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortGetParentBusType]                                      C25D0000
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortRequestCallback]                                       CCCC0008
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortWritePortBufferUshort]                                 CCCCCCCC
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortGetUnCachedExtension]                                  CCCCCCCC
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortCompleteRequest]                                       CCCCCCCC
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortCopyMemory]                                            53EC8B55
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortEtwTraceLog]                                           800C5D8B
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests]                             7500117B
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb]                                127B806A
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb]                                  80647500
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortReadPortBufferUshort]                                  7500137B
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortInitialize]                                            157B805E
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortGetDeviceBase]                                         56587500
IAT             \SystemRoot\System32\Drivers\a59unxc5.SYS[ataport.SYS!AtaPortDeviceStateChange]                                     8008758B

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\system32\msiexec.exe[2072] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]              [75255E25] C:\Windows\system32\apphelp.dll (Libreria client compatibilità applicazione/Microsoft Corporation)
IAT             C:\Windows\system32\msiexec.exe[2072] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                [75255E25] C:\Windows\system32\apphelp.dll (Libreria client compatibilità applicazione/Microsoft Corporation)
IAT             C:\Windows\system32\msiexec.exe[2072] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                 [75255E25] C:\Windows\system32\apphelp.dll (Libreria client compatibilità applicazione/Microsoft Corporation)
IAT             C:\Windows\system32\msiexec.exe[2072] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]               [75255E25] C:\Windows\system32\apphelp.dll (Libreria client compatibilità applicazione/Microsoft Corporation)
IAT             C:\Windows\system32\msiexec.exe[2072] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]               [75255E25] C:\Windows\system32\apphelp.dll (Libreria client compatibilità applicazione/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                              8436D1F8

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                                              eamon.sys (Amon monitor/ESET)

Device          \Driver\volmgr \Device\VolMgrControl                                                                                843681F8
Device          \Driver\usbohci \Device\USBPDO-0                                                                                    855D11F8
Device          \Driver\usbehci \Device\USBPDO-1                                                                                    855D21F8
Device          \Driver\PCI_PNP0380 \Device\00000054                                                                                spwg.sys
Device          \Driver\volmgr \Device\HarddiskVolume1                                                                              843681F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\volmgr \Device\HarddiskVolume2                                                                              843681F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\cdrom \Device\CdRom0                                                                                        854C2500
Device          \Driver\USBSTOR \Device\00000072                                                                                    854FB500
Device          \Driver\volmgr \Device\HarddiskVolume3                                                                              843681F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\cdrom \Device\CdRom1                                                                                        854C2500
Device          \Driver\atapi \Device\Ide\IdePort0                                                                                  8436A1F8
Device          \Driver\atapi \Device\Ide\IdePort1                                                                                  8436A1F8
Device          \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-2                                                                         8436A1F8
Device          \Driver\nvstor32 \Device\00000066                                                                                   8436B1F8
Device          \Driver\USBSTOR \Device\00000073                                                                                    854FB500
Device          \Driver\volmgr \Device\HarddiskVolume4                                                                              843681F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\cdrom \Device\CdRom2                                                                                        854C2500
Device          \Driver\USBSTOR \Device\00000074                                                                                    854FB500
Device          \Driver\volmgr \Device\HarddiskVolume5                                                                              843681F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume5                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\nvstor32 \Device\00000068                                                                                   8436B1F8
Device          \Driver\USBSTOR \Device\00000075                                                                                    854FB500
Device          \Driver\volmgr \Device\HarddiskVolume6                                                                              843681F8

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume6                                                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device          \Driver\nvstor32 \Device\00000069                                                                                   8436B1F8
Device          \Driver\USBSTOR \Device\00000076                                                                                    854FB500
Device          \Driver\NetBT \Device\NetBt_Wins_Export                                                                             855851F8
Device          \Driver\ACPI_HAL \Device\0000004b                                                                                   halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device          \Driver\nvstor32 \Device\RaidPort0                                                                                  8436B1F8
Device          \Driver\NetBT \Device\NetBT_Tcpip_{4525E888-C08D-4F6B-9878-280CCC56549C}                                            855851F8
Device          \Driver\nvstor32 \Device\RaidPort1                                                                                  8436B1F8
Device          \Driver\sptd \Device\1834287880                                                                                     spwg.sys
Device          \Driver\usbohci \Device\USBFDO-0                                                                                    855D11F8
Device          \Driver\usbehci \Device\USBFDO-1                                                                                    855D21F8
Device          \Driver\a59unxc5 \Device\Scsi\a59unxc51Port4Path0Target0Lun0                                                        8564B1F8
Device          \Driver\a59unxc5 \Device\Scsi\a59unxc51                                                                             8564B1F8

---- Threads - GMER 1.0.15 ----

Thread          System [4:216]                                                                                                      85563930

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1                                                                  771343423
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2                                                                  285507792
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0                                                                  1
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                    
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                 C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                 0xD4 0xC3 0x97 0x02 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                 0
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                              0x72 0x8D 0xD1 0xD9 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                           
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                        0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                     0xAC 0xED 0x5F 0x99 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                      
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                0xDC 0x97 0xD2 0x1C ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                     C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                     0xD4 0xC3 0x97 0x02 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                     0
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                  0x72 0x8D 0xD1 0xD9 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)       
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                            0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                         0xAC 0xED 0x5F 0x99 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                    0xDC 0x97 0xD2 0x1C ...

---- EOF - GMER 1.0.15 ----

grazie
magicreal è offline   Rispondi citando il messaggio o parte di esso
Old 07-03-2010, 11:29   #294
mcgyver83
Senior Member
 
L'Avatar di mcgyver83
 
Iscritto dal: May 2003
Messaggi: 1504
Quote:
Originariamente inviato da mcgyver83
Ciao a tutti, ho letto un po di info sui rootkit e mi è venuta un po di paura...ho fatto girare gmer ma quando faccio scan mi dice "c:\Windows\System32\config\SYSTEM impossibile trovare il file specificato" ma il file invece esiste sull'hd.
Se premo ok e imposto la scansione su tutte le unità mi rileva solo 2 voci relative a Comodo e basta.Posso stare sicuro?

Quote:
Originariamente inviato da Chill-Out Guarda i messaggi
Senza vedere il log è difficile dare una risposta.
Appena apro gmer su win7 ultimate mi da "c:\Windows\System32\config\SYSTEM"...
come posso risolvere?
__________________
Intel e5450 |-| Dark Knight Xigmatek S1283 |-| Asus P5k SE/EPU |-| OCZ DDR2 PC2-6400 Platinum Revision 2 Dual Channel 4X1024MB 893Mhz |-| Seagate Barracuda 7200.11 500 Gb Sata 300 Buffer 32 Mb 7200 Rpm |-| Sapphire HD 6950 2GB DDR5
mcgyver83 è offline   Rispondi citando il messaggio o parte di esso
Old 07-03-2010, 12:38   #295
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da magicreal Guarda i messaggi
ciao ragazzi..potete controllare i miei log?
grazie
Allegali su uno dei Server remoti indicati nelle Regole di sezione, così sono inconsultabili, grazie per la collaborazione.
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 07-03-2010, 12:40   #296
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da mcgyver83 Guarda i messaggi
Appena apro gmer su win7 ultimate mi da "c:\Windows\System32\config\SYSTEM"...
come posso risolvere?
Ribadisco

Quote:
Originariamente inviato da Chill-Out Guarda i messaggi
Senza vedere il log è difficile dare una risposta.
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 07-03-2010, 19:45   #297
magicreal
Member
 
L'Avatar di magicreal
 
Iscritto dal: Mar 2006
Messaggi: 189
allego i log di gmer

Autostart
http://www.filedropper.com/autostart

Rootkit
http://www.filedropper.com/rootkitscan
magicreal è offline   Rispondi citando il messaggio o parte di esso
Old 07-03-2010, 19:50   #298
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da magicreal Guarda i messaggi
La versione corrente è la seguente GMER 1.0.15.15281 tu hai usato la GMER 1.0.14.14536, comunque non emerge nulla.
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Old 07-03-2010, 19:53   #299
magicreal
Member
 
L'Avatar di magicreal
 
Iscritto dal: Mar 2006
Messaggi: 189
ok grazie
cmq ho usato la vecchia versione perchè l'ultima appena la aprivo con il mio windows 7 si chiudeva dicendo che gmer ha smesso sdi funzionare...cmq grazie
magicreal è offline   Rispondi citando il messaggio o parte di esso
Old 08-03-2010, 16:27   #300
Chill-Out
Moderatore
 
L'Avatar di Chill-Out
 
Iscritto dal: Jun 2007
Città: 127.0.0.1
Messaggi: 25885
Quote:
Originariamente inviato da magicreal Guarda i messaggi
ok grazie
cmq ho usato la vecchia versione perchè l'ultima appena la aprivo con il mio windows 7 si chiudeva dicendo che gmer ha smesso sdi funzionare...cmq grazie
Prego
__________________
Try again and you will be luckier.
Chill-Out è offline   Rispondi citando il messaggio o parte di esso
Pagina 15 di 19 « Prima < 5 11 12 13 14 15 16 17 18 19 >
 Rispondi

« Discussione precedente | Discussione successiva »

Lenovo Factory Tour: siamo entrati nella fabbrica ungherese che produce PC, storage e server Lenovo Factory Tour: siamo entrati nella fabbric...
Acer Nitro V 15, alla prova il notebook gaming essenziale con RTX 4050 Laptop Acer Nitro V 15, alla prova il notebook gaming e...
Stellar Blade: l'action RPG di Shift Up sfoggia uno stile (quasi) unico su PS5 - Recensione Stellar Blade: l'action RPG di Shift Up sfoggia ...
Recensione Zenfone 11 Ultra: il flagship ASUS ritorna a essere un 'padellone' Recensione Zenfone 11 Ultra: il flagship ASUS ri...
Appian: non solo low code. La missione è l’ottimizzazione dei processi con l'IA Appian: non solo low code. La missione è ...
La XPeng G6 ora è disponibile anc...
Google, ecco quanto paga per rimanere il...
AMD si è ormai lasciata la vulner...
2 modelli di SAMSUNG Galaxy S24 Ultra 12...
Amazon Gaming Week: le offerte sulle sch...
NVIDIA rende più facile giocare con GeFo...
Partita a tre per Paramount: dopo Skydan...
Violato Dropbox Sign, informazioni sensi...
Tesla è pronta a portare a bordo ...
L'iconica Torre di Destiny 1 è stata ric...
Tutti gli Apple Watch ora in offerta su ...
Apple Watch è stato certificato i...
Lenovo o HP? Ecco 2 super portatili con ...
Apple, la trimestrale è da record...
Microsoft, con 10,5 gigawatt di energia ...
Chromium
GPU-Z
OCCT
LibreOffice Portable
Opera One Portable
Opera One 106
CCleaner Portable
CCleaner Standard
Cpu-Z
Driver NVIDIA GeForce 546.65 WHQL
SmartFTP
Trillian
Google Chrome Portable
Google Chrome 120
VirtualBox
Tutti gli articoli Tutte le news Tutti i download

Strumenti

Regole
Non Puoi aprire nuove discussioni
Non Puoi rispondere ai messaggi
Non Puoi allegare file
Non Puoi modificare i tuoi messaggi
Il codice vB è On
Le Faccine sono On
Il codice [IMG] è On
Il codice HTML è Off
Vai al Forum


Tutti gli orari sono GMT +1. Ora sono le: 12:05.

Contattaci - Hardware Upgrade - Archivio - Note sulla Privacy - Su

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Served by www1v