Home » Viren, Trojaner & Malware Forum » Rootkit mit gmer gefunden, was nun? » Themenansicht

Rootkit mit gmer gefunden, was nun?
#0
16.02.2010, 19:59
Stronger
...neu hier

Beiträge: 2
#1 Hallo zusammen!

Nun muss ich euch mal was fragen. Mein Laptoplüfter läuft ununterbrochen, und es treten einzelne Probleme auf. Ich habe nun mal mit dem gmer eine Suche gestartet. Hier ist das Ergebnis:

Scan 1:

Code

 GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-16 19:33:10
Windows 6.0.6000 
Running: lyx9pgfd.exe; Driver: C:\Users\Toschi\AppData\Local\Temp\ugliipog.sys


---- System - GMER 1.0.15 ----

SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwAdjustPrivilegesToken [0x8A454BD0]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwAlpcConnectPort [0x8A45652C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwAlpcCreatePort [0x8A456782]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwAlpcSendWaitReceivePort [0x8A4569FC]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwClose [0x8A455450]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwConnectPort [0x8A455B32]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwCreateEvent [0x8A455F3C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwCreateFile [0x8A4555F8]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwCreateMutant [0x8A455E14]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwCreateNamedPipeFile [0x8A4547D6]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwCreatePort [0x8A455CD0]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwCreateSection [0x8A454992]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwCreateSemaphore [0x8A45606E]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwCreateSymbolicLinkObject [0x8A457CB0]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwCreateThread [0x8A4550EE]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwCreateWaitablePort [0x8A455D72]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwDebugActiveProcess [0x8A4576A2]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwDuplicateObject [0x8A458672]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwFsControlFile [0x8A455752]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwLoadDriver [0x8A457734]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwMapViewOfSection [0x8A457D64]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwOpenEvent [0x8A455FDE]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwOpenFile [0x8A4554D2]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwOpenMutant [0x8A455EAC]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwOpenProcess [0x8A454DD6]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwOpenSection [0x8A457CDA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwOpenSemaphore [0x8A456110]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwOpenThread [0x8A454CFA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwQueryDirectoryObject [0x8A456C3E]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwQuerySection [0x8A45807C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwQueueApcThread [0x8A4579CA]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwReplyPort [0x8A45649A]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwReplyWaitReceivePort [0x8A456360]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwRequestWaitReplyPort [0x8A457442]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwResumeThread [0x8A458554]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwSecureConnectPort [0x8A45586C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwSetContextThread [0x8A45530C]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwSetInformationToken [0x8A456CF2]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwSetSecurityObject [0x8A45782E]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwSetSystemInformation [0x8A4581BC]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwSuspendProcess [0x8A4582A0]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwSuspendThread [0x8A4583C8]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwSystemDebugControl [0x8A4575CE]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwTerminateProcess [0x8A454F4E]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwTerminateThread [0x8A454EA4]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwUnmapViewOfSection [0x8A457F32]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwWriteVirtualMemory [0x8A45502E]
SSDT            \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab)                                                           ZwCreateThreadEx [0x8A4551EE]

---- Kernel code sections - GMER 1.0.15 ----

.text           ntoskrnl.exe!_alloca_probe + 5C                                                                                                                81C560AC 4 Bytes  [D0, 4B, 45, 8A]
.text           ntoskrnl.exe!_alloca_probe + 80                                                                                                                81C560D0 5 Bytes  [2C, 65, 45, 8A, 82]
.text           ntoskrnl.exe!_alloca_probe + 86                                                                                                                81C560D6 2 Bytes  [45, 8A]
.text           ntoskrnl.exe!_alloca_probe + C4                                                                                                                81C56114 4 Bytes  [FC, 69, 45, 8A]
.text           ntoskrnl.exe!_alloca_probe + EC                                                                                                                81C5613C 4 Bytes  [50, 54, 45, 8A]
.text           ...                                                                                                                                            
.text           C:\Windows\system32\DRIVERS\nvlddmkm.sys                                                                                                       section is writeable [0x89BC0340, 0x2926E7, 0xE8000020]
PAGE            spsys.sys!?SPVersion@@3PADA + 1807                                                                                                             9516603F 114 Bytes  [8B, FF, 55, 8B, EC, 8B, 45, ...]
PAGE            spsys.sys!?SPVersion@@3PADA + 187A                                                                                                             951660B2 389 Bytes  [95, FF, 15, C4, C1, 14, 95, ...]
PAGE            spsys.sys!?SPVersion@@3PADA + 1A00                                                                                                             95166238 434 Bytes  [04, 3B, C1, 73, 05, 8B, 02, ...]
PAGE            spsys.sys!?SPVersion@@3PADA + 1BB3                                                                                                             951663EB 120 Bytes  [5D, 0C, EB, 03, 8B, 4D, 10, ...]
PAGE            spsys.sys!?SPVersion@@3PADA + 1C2C                                                                                                             95166464 1379 Bytes  [8B, 4E, 10, 31, 4D, D4, 8B, ...]
PAGE            ...                                                                                                                                            

---- User code sections - GMER 1.0.15 ----

?               D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] C:\Windows\system32\ntdll.dll                                                   time/date stamp mismatch; 
?               D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] C:\Windows\system32\kernel32.dll                                                time/date stamp mismatch; 
.text           D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] USER32.dll!DispatchMessageA + 4ED                                               77754168 4 Bytes  [70, 11, 33, 6D]
?               D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] C:\Windows\system32\ntdll.dll                                                  time/date stamp mismatch; 
?               D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] C:\Windows\system32\kernel32.dll                                               time/date stamp mismatch; 
.text           D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] USER32.dll!DispatchMessageA + 4ED                                              77754168 4 Bytes  [70, 11, 33, 6D]

---- User IAT/EAT - GMER 1.0.15 ----

IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap]                  00170240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap]                      001702B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap]                      00170320
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap]                00170390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap]                        00170550
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap]                    001705C0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     00E40860
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA]              00E408D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]                  00E40940
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary]                     00E409B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA]                    00E40A20
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW]                    00E40A90
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc]                    001706A0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree]                     00170710
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!HeapFree]                        001707F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread]                    00170860
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap]                      001708D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap]                  00170940
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                00E40B00
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]                  00E40B70
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree]                      001709B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary]                   00E40BE0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW]                00E40C50
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW]            00E40CC0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode]                  00E40D30
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree]                   00170B00
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread]                  00170BE0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   00E40DA0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW]                  00E40E10
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap]                        00170C50
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap]                  00170CC0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap]                    00170D30
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap]                        00170DA0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]                  00E40E80
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread]                    00170E10
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                  00E40EF0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA]              00E40F60
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]                    77B10550
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     77B105C0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW]              77B10630
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW]                    77B106A0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                  77B10710
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary]                     77B10780
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap]                     00170E80
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap]                         00170EF0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]      77B107F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW]                   77B10860
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA]                     77B108D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary]                      77B10940
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                   77B109B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW]                     77B10A20
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode]                    77B10F60
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]                  00E50010
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA]                    00E50080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary]                     00E500F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                  00E50160
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                  00E501D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy]                     77D00780
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualFree]                     77D007F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapFree]                        77D00860
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc]                    77D00940
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA]              00E50240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW]              00E502B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     00E50320
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW]                    00E50390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread]                    77D00A20
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualFree]                    77D00BE0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc]                   77D00C50
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00E504E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW]                 00E50550
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy]                    77D00CC0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread]                   77D00D30
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                 00E505C0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA]             00E50630
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode]                   00E506A0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                 00E50710
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW]             00E50780
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]                   00E507F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary]                    00E50860
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapFree]                       77D00DA0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                   00E508D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap]                       77D00EF0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW]                   00E50940
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW]             00E509B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree]                       77D00F60
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                   00180080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA]             00E50A20
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00E50A90
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW]                 00E50B00
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode]                   00E50B70
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]                   00E50BE0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary]                    00E50C50
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                 00E50CC0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree]                         00180160
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread]                     001802B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]                   00E50D30
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy]                      00180320
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                   00E50DA0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualAlloc]                     00180390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]      00E50E10
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]                     00E50E80
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW]               00E50EF0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]                     00E50F60
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary]                      00E60010
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress]                   00E60080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA]               00E600F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap]                         00180400
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap]                     00180470
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap]                   001804E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap]                   77D00010
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlFreeHeap]                       77D00080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00E702B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA]                   00E70320
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW]                   00E70390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW]             00E70400
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress]                 00E70470
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary]                    00E704E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter]      00E707F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\userenv.dll [ntdll.dll!RtlFreeHeap]                       77D00080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!HeapFree]                       77D002B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!CreateThread]                   77D001D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode]                   00E70BE0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress]                 00E70C50
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary]                    00E70CC0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA]                   00E70D30
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00E70DA0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW]             00E70E10
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap]                      77D00080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap]                  77D00010
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!HeapFree]                      77D002B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   77B104E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA]                  77B102B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary]                   77B100F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress]                77B10240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA]              77B10160
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     77B104E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary]                     77B100F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread]                    77D001D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress]                  77B10240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA]                    77B102B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW]                  77B10390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy]                     77D00240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW]              77B101D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW]                    77B10400
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapFree]                        77D002B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    77B104E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!VirtualAlloc]                   77D00320
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary]                    77B100F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]                 77B10240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA]                   77B102B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!CreateThread]                   77D001D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW]                 77B10390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW]             77B101D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap]                       77D00080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap]                   77D00010
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap]                  77D00010
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap]                      77D00080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW]                  77B10400
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA]                  77B102B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary]                   77B100F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress]                77B10240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   77B104E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA]            77B10160
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree]                      77D002B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateThread]                  77D001D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SAMLIB.dll [ntdll.dll!RtlFreeHeap]                        77D00080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA]                    77B102B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!FreeLibrary]                     77B100F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress]                  77B10240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     77B104E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!CreateThread]                   77D001D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!SetErrorMode]                   77B10470
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameA]             77B10160
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryW]                   77B10400
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!HeapFree]                       77D002B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameW]             77B101D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW]                 77B10390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    77B104E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetProcAddress]                 77B10240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!LoadLibraryA]                   77B102B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[124] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!FreeLibrary]                    77B100F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap]                 00170240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap]                     001702B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap]                     00170320
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap]               00170390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap]                       00170550
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap]                   001705C0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00CB0860
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA]             00CB08D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]                 00CB0940
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary]                    00CB09B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA]                   00CB0A20
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW]                   00CB0A90
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc]                   001706A0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree]                    00170710
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!HeapFree]                       001707F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread]                   00170860
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap]                     001708D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap]                 00170940
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]               00CB0B00
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]                 00CB0B70
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree]                     001709B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary]                  00CB0BE0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW]               00CB0C50
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW]           00CB0CC0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode]                 00CB0D30
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree]                  00170B00
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread]                 00170BE0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]  00CB0DA0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW]                 00CB0E10
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap]                       00170C50
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap]                 00170CC0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap]                   00170D30
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap]                       00170DA0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]                 00CB0E80
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread]                   00170E10
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW]                 00CB0EF0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA]             00CB0F60
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]                   77B10550
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    77B105C0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW]             77B10630
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW]                   77B106A0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                 77B10710
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary]                    77B10780
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap]                    00170E80
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap]                        00170EF0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     77B107F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW]                  77B10860
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA]                    77B108D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary]                     77B10940
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                  77B109B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW]                    77B10A20
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode]                   77B10F60
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]                 00CC0010
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA]                   00CC0080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary]                    00CC00F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                 00CC0160
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                 00CC01D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy]                    77D00780
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualFree]                    77D007F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapFree]                       77D00860
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc]                   77D00940
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA]             00CC0240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW]             00CC02B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    00CC0320
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW]                   00CC0390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread]                   77D00A20
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualFree]                   77D00BE0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc]                  77D00C50
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   00CC04E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW]                00CC0550
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy]                   77D00CC0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread]                  77D00D30
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW]                00CC05C0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA]            00CC0630
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode]                  00CC06A0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                00CC0710
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW]            00CC0780
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]                  00CC07F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary]                   00CC0860
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapFree]                      77D00DA0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]                  00CC08D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap]                      77D00EF0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW]                  00CC0940
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW]            00CC09B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree]                      77D00F60
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread]                  00180080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA]            00CC0A20
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   00CC0A90
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW]                00CC0B00
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode]                  00CC0B70
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]                  00CC0BE0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary]                   00CC0C50
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                00CC0CC0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree]                        00180160
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread]                    001802B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW]                  00CC0D30
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy]                     00180320
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                  00CC0DA0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualAlloc]                    00180390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]     00CC0E10
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]                    00CC0E80
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW]              00CC0EF0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]                    00CC0F60
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary]                     00CD0010
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress]                  00CD0080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA]              00CD00F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap]                        00180400
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap]                    00180470
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap]                  001804E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap]                  77D00010
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlFreeHeap]                      77D00080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   011A02B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA]                  011A0320
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW]                  011A0390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW]            011A0400
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress]                011A0470
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary]                   011A04E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter]     011A0B00
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\userenv.dll [ntdll.dll!RtlFreeHeap]                      77D00080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!HeapFree]                      77D002B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!CreateThread]                  77D001D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode]                  011A0EF0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress]                011A0F60
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary]                   011B0010
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA]                  011B0080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter]   011B00F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW]            011B0160
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap]                 77D00010
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap]                     77D00080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW]                 77B10400
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA]                 77B102B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary]                  77B100F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress]               77B10240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]  77B104E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA]           77B10160
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree]                     77D002B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateThread]                 77D001D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA]             77B10160
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    77B104E0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary]                    77B100F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread]                   77D001D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress]                 77B10240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA]                   77B102B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW]                 77B10390
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy]                    77D00240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW]             77B101D0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW]                   77B10400
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapFree]                       77D002B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SAMLIB.dll [ntdll.dll!RtlFreeHeap]                       77D00080
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA]                   77B102B0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!FreeLibrary]                    77B100F0
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress]                 77B10240
IAT             D:\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[3828] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter]    77B104E0



Den zweiten Scan konnte ich leider nicht speicher, weil mein Rechner dann hängen blieb.
Ich reiche den euch gleich nach.

Wer kann mir helfen?

Danke schonmal!!!
Seitenanfang Seitenende
16.02.2010, 20:01
Stronger
...neu hier

Themenstarter

Beiträge: 2
#2 Hier der 2. Teil

Code


---- Devices - GMER 1.0.15 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                                                        Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                                                        Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\tdx \Device\Tcp                                                                                                                        kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice  \Driver\tdx \Device\Udp                                                                                                                        kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)
AttachedDevice  \Driver\tdx \Device\RawIp                                                                                                                      kl1.sys (Kaspersky Unified Driver/Kaspersky Lab)

---- Processes - GMER 1.0.15 ----

Process          (*** hidden *** )                                                                                                                             -2099307560                                              
Process          (*** hidden *** )                                                                                                                             -2069581640                                              
Process          (*** hidden *** )                                                                                                                             -2069379576                                              
Process          (*** hidden *** )                                                                                                                             -2069374800                                              
Process          (*** hidden *** )                                                                                                                             -2064044544                                              
Process          (*** hidden *** )                                                                                                                             -2063359648                                              
Process          (*** hidden *** )                                                                                                                             -2063297696                                              
Process          (*** hidden *** )                                                                                                                             -2063197728                                              
Process          (*** hidden *** )                                                                                                                             -2062834976                                              
Process          (*** hidden *** )                                                                                                                             -2062807552                                              
Process          (*** hidden *** )                                                                                                                             -2062337176                                              
Process          (*** hidden *** )                                                                                                                             -2062321456                                              
Process          (*** hidden *** )                                                                                                                             -2062309976                                              
Process          (*** hidden *** )                                                                                                                             -2062136000                                              
Process          (*** hidden *** )                                                                                                                             -2061767784                                              
Process          (*** hidden *** )                                                                                                                             -2061543328                                              
Process          (*** hidden *** )                                                                                                                             -2061295432                                              
Process          (*** hidden *** )                                                                                                                             -2060199984                                              
Process          (*** hidden *** )                                                                                                                             -2059839496                                              
Process          (*** hidden *** )                                                                                                                             -2059827688                                              
Process          (*** hidden *** )                                                                                                                             -2059684840                                              
Process          (*** hidden *** )                                                                                                                             -2059576808                                              
Process          (*** hidden *** )                                                                                                                             -2059499328                                              
Process          (*** hidden *** )                                                                                                                             -2059235840                                              
Process          (*** hidden *** )                                                                                                                             -2059136840                                              
Process          (*** hidden *** )                                                                                                                             -2059106184                                              
Process          (*** hidden *** )                                                                                                                             -2059035728                                              
Process          (*** hidden *** )                                                                                                                             -2058967832                                              
Process          (*** hidden *** )                                                                                                                             -2058751464                                              
Process          (*** hidden *** )                                                                                                                             -2058727240                                              
Process          (*** hidden *** )                                                                                                                             -2058703360                                              
Process          (*** hidden *** )                                                                                                                             -2058655184                                              
Process          (*** hidden *** )                                                                                                                             -2058620744                                              
Process          (*** hidden *** )                                                                                                                             -2058606896                                              
Process          (*** hidden *** )                                                                                                                             -2058538288                                              
Process          (*** hidden *** )                                                                                                                             -2058507984                                              
Process          (*** hidden *** )                                                                                                                             -2058470344                                              
Process          (*** hidden *** )                                                                                                                             -2058464560                                              
Process          (*** hidden *** )                                                                                                                             -2058376648                                              
Process          (*** hidden *** )                                                                                                                             -2057752392                                              
Process          (*** hidden *** )                                                                                                                             -2057485736                                              
Process          (*** hidden *** )                                                                                                                             -2056762824                                              
Process          (*** hidden *** )                                                                                                                             -2056118088                                              
Process          (*** hidden *** )                                                                                                                             -2043419600                                              
Process          (*** hidden *** )                                                                                                                             -2042487616                                              
Process          (*** hidden *** )                                                                                                                             -2042352128                                              
Process          (*** hidden *** )                                                                                                                             -2042331912                                              
Process          (*** hidden *** )                                                                                                                             -1976541016                                              
Process          (*** hidden *** )                                                                                                                             -1914798592                                              
Process          (*** hidden *** )                                                                                                                             -1914552136                                              
Process          (*** hidden *** )                                                                                                                             -1914460336                                              
Process          (*** hidden *** )                                                                                                                             -1914433352                                              
Process          (*** hidden *** )                                                                                                                             -1914397720                                              
Process          (*** hidden *** )                                                                                                                             -1914388992                                              
Process          (*** hidden *** )                                                                                                                             -1914356760                                              
Process          (*** hidden *** )                                                                                                                             -1914129336                                              
Process          (*** hidden *** )                                                                                                                             -1914065408                                              
Process          (*** hidden *** )                                                                                                                             -1913372488                                              
Process          (*** hidden *** )                                                                                                                             -1913295360                                              
Process          (*** hidden *** )                                                                                                                             -1913279928                                              
Process          (*** hidden *** )                                                                                                                             -1913102152                                              
Process          (*** hidden *** )                                                                                                                             -1913085768                                              
Process          (*** hidden *** )                                                                                                                             -1913068024                                              
Process          (*** hidden *** )                                                                                                                             -1913061888                                              
Process          (*** hidden *** )                                                                                                                             -1913057792                                              
Process          (*** hidden *** )                                                                                                                             -1913025960                                              
Process          (*** hidden *** )                                                                                                                             -1912953200                                              
Process          (*** hidden *** )                                                                                                                             -1912930120                                              
Process          (*** hidden *** )                                                                                                                             -1912831640                                              
Process          (*** hidden *** )                                                                                                                             -1912829552                                              
Process          (*** hidden *** )                                                                                                                             -1912824320                                              
Process          (*** hidden *** )                                                                                                                             -1912795648                                              
Process          (*** hidden *** )                                                                                                                             -1790865920                                              
Process          (*** hidden *** )                                                                                                                             -1790655032                                              
Process          (*** hidden *** )                                                                                                                             -1790470104                                              
Process          (*** hidden *** )                                                                                                                             -1790309616                                              
Process          (*** hidden *** )                                                                                                                             -1790096296                                              
Process          (*** hidden *** )                                                                                                                             -1789349096                                              
Process          (*** hidden *** )                                                                                                                             -1789344056                                              
Process          (*** hidden *** )                                                                                                                             -1789222728                                              
Process          (*** hidden *** )                                                                                                                             -1789202248                                              
Process          (*** hidden *** )                                                                                                                             -1789195968                                              
Process          (*** hidden *** )                                                                                                                             -1789139240                                              
Process          (*** hidden *** )                                                                                                                             -1789116232                                              
Process          (*** hidden *** )                                                                                                                             -1789111016                                              
Process          (*** hidden *** )                                                                                                                             -1788942544                                              
Process          (*** hidden *** )                                                                                                                             -1788862280                                              
Process          (*** hidden *** )                                                                                                                             -1788799504                                              
Process          (*** hidden *** )                                                                                                                             -1788727808                                              
Process          (*** hidden *** )                                                                                                                             -1788532096                                              
Process          (*** hidden *** )                                                                                                                             -1788335784                                              
Process          (*** hidden *** )                                                                                                                             -1788111880                                              
Process          (*** hidden *** )                                                                                                                             -1787961160                                              
Process          (*** hidden *** )                                                                                                                             -1787918464                                              
Process          (*** hidden *** )                                                                                                                             -1787905608                                              
Process          (*** hidden *** )                                                                                                                             -1787798336                                              
Process          (*** hidden *** )                                                                                                                             -1787570784                                              
Process          (*** hidden *** )                                                                                                                             -1786490696                                              
Process          (*** hidden *** )                                                                                                                             -1786480648                                              
Process          (*** hidden *** )                                                                                                                             -1786225808                                              
Process          (*** hidden *** )                                                                                                                             -1785801168                                              
Process          (*** hidden *** )                                                                                                                             -1785680384                                              
Process          (*** hidden *** )                                                                                                                             -1785402928                                              
Process          (*** hidden *** )                                                                                                                             -1785317824                                              
Process          (*** hidden *** )                                                                                                                             -1785298320                                              
Process          (*** hidden *** )                                                                                                                             -1785226920                                              
Process          (*** hidden *** )                                                                                                                             -1785216840                                              
Process          (*** hidden *** )                                                                                                                             -1784423824                                              
Process          (*** hidden *** )                                                                                                                             -1784383152                                              
Process          (*** hidden *** )                                                                                                                             -1784366520                                              
Process          (*** hidden *** )                                                                                                                             -1784326376                                              
Process          (*** hidden *** )                                                                                                                             -1784085312                                              
Process          (*** hidden *** )                                                                                                                             -1784079992                                              
Process          (*** hidden *** )                                                                                                                             -1784014008                                              
Process          (*** hidden *** )                                                                                                                             -1784001968                                              
Process          (*** hidden *** )                                                                                                                             -1783631072                                              
Process          (*** hidden *** )                                                                                                                             -1783552712                                              

---- EOF - GMER 1.0.15 ----
Seitenanfang Seitenende
16.02.2010, 20:33
virenfinder
Member

Beiträge: 3716
#3 hi,
http://board.protecus.de/t23188.htm
erst malwarebytes, dann combofix, beide logs posten.
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1