c'est fait
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2008-01-18 23:44:06
Windows 5.1.2600 Service Pack 2
---- Files - GMER 1.0.13 ----
ADS C:\Documents and Settings\XP\Local Settings\Application Data\Microsoft\Messenger\og662@hotmail.com\SharingMetadata\oumeyaz@hotmail.com\DFSR\Staging\CS{FB8774D7-265F-D6CE-6BA8-86D942EBDA13}\01\10-{FB8774D7-265F-D6CE-6BA8-86D942EBDA13}-v1-{8DB5F808-4754-4708-97B1-13543FB83C34}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\XP\Local Settings\Application Data\Microsoft\Messenger\og662@hotmail.com\SharingMetadata\oumeyaz@hotmail.com\DFSR\Staging\CS{FB8774D7-265F-D6CE-6BA8-86D942EBDA13}\22\39-{40BC24D4-852C-4C66-8904-88B6F942FC85}-v22-{40BC24D4-852C-4C66-8904-88B6F942FC85}-v39-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\XP\Local Settings\Application Data\Microsoft\Messenger\og662@hotmail.com\SharingMetadata\oumeyaz@hotmail.com\DFSR\Staging\CS{FB8774D7-265F-D6CE-6BA8-86D942EBDA13}\48\27-{40BC24D4-852C-4C66-8904-88B6F942FC85}-v48-{D93E9D87-55AC-456D-9909-18F2CCFBDE8C}-v27-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
---- EOF - GMER 1.0.13 ----
Est ce un rootkit?
Modérateur: Modérateurs
Règles du forum
Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles).
Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications).
Un topic par machine, chacun crée le sien. 
Les désinfections sont prises en charge par un groupe spécifique, tout le monde ne peut pas intervenir pour désinfecter les machines (règles). Les procédures sont sur-mesure, ne faites pas la même chose chez vous (explications). Un topic par machine, chacun crée le sien.
98 messages
• Page 4 sur 5 • 1, 2, 3, 4, 5
Re: Est ce un rootkit?
par OG662 » 17 Jan 2008 23:47
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par Falkra » 17 Jan 2008 23:51
Merci, relance Gmer mais cette fois laisse tout coché.
Le processus va être plus long.
Le processus va être plus long.
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 00:26
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2008-01-18 23:56:47
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.13 ----
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwClose
SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateKey
SSDT \SystemRoot\System32\vsdatant.sys ZwCreatePort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSymbolicLinkObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateThread
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateWaitablePort
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwFlushKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwInitializeRegistry
SSDT \SystemRoot\System32\vsdatant.sys ZwLoadDriver
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey2
SSDT \SystemRoot\System32\vsdatant.sys ZwMapViewOfSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwNotifyChangeKey
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenKey
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenSection
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryMultipleValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQuerySystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwReplaceKey
SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwRestoreKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwResumeThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSaveKey
SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetContextThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetSecurityObject
SSDT \SystemRoot\System32\vsdatant.sys ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSuspendThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSystemDebugControl
SSDT \SystemRoot\System32\vsdatant.sys ZwTerminateProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwUnloadDriver
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwUnloadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwWriteVirtualMemory
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[284]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[285]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[286]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[287]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[288]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[289]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[290]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[291]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[292]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[293]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[294]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[295]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[296]
INT 0x20 srescan.sys BA4C6CB0
Code \??\C:\WINDOWS\system32\drivers\klif.sys FsRtlCheckLockForReadAccess
Code \??\C:\WINDOWS\system32\drivers\klif.sys IoIsOperationSynchronous
---- Kernel code sections - GMER 1.0.13 ----
.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAF3E 5 Bytes JMP B7260B90 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntkrnlpa.exe!IoIsOperationSynchronous 804EF8E6 5 Bytes JMP B7261090 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntkrnlpa.exe!KiDispatchInterrupt + 100 80544E40 7 Bytes JMP B72641C0 \??\C:\WINDOWS\system32\drivers\klif.sys
? C:\WINDOWS\system32\drivers\sptd.sys Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
? srescan.sys Le fichier spécifié est introuvable.
.text USBPORT.SYS!DllUnload B9D2D62C 5 Bytes JMP 891321C8
? System32\Drivers\atams3xp.SYS Le fichier spécifié est introuvable.
? C:\WINDOWS\TEMP\mc21.tmp Le fichier spécifié est introuvable.
? C:\WINDOWS\system32\Drivers\RKREVEAL150.SYS Le fichier spécifié est introuvable.
---- User code sections - GMER 1.0.13 ----
.text C:\WINDOWS\system32\csrss.exe[836] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\csrss.exe[836] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\csrss.exe[836] KERNEL32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\csrss.exe[836] KERNEL32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\csrss.exe[836] KERNEL32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\winlogon.exe[860] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\winlogon.exe[860] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\winlogon.exe[860] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\winlogon.exe[860] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\winlogon.exe[860] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\services.exe[904] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\services.exe[904] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\services.exe[904] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\services.exe[904] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\services.exe[904] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\lsass.exe[916] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\lsass.exe[916] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\lsass.exe[916] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\lsass.exe[916] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\lsass.exe[916] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\svchost.exe[1052] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[1052] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\svchost.exe[1088] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[1088] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[1088] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\svchost.exe[1088] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\svchost.exe[1088] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\svchost.exe[1156] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[1156] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[1156] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\svchost.exe[1156] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\svchost.exe[1156] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\System32\svchost.exe[1252] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\System32\svchost.exe[1252] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\System32\svchost.exe[1252] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\System32\svchost.exe[1252] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text
Rootkit scan 2008-01-18 23:56:47
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.13 ----
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwClose
SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateKey
SSDT \SystemRoot\System32\vsdatant.sys ZwCreatePort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSymbolicLinkObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateThread
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateWaitablePort
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwFlushKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwInitializeRegistry
SSDT \SystemRoot\System32\vsdatant.sys ZwLoadDriver
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey2
SSDT \SystemRoot\System32\vsdatant.sys ZwMapViewOfSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwNotifyChangeKey
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenKey
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenSection
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryMultipleValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQuerySystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwReplaceKey
SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwRestoreKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwResumeThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSaveKey
SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetContextThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetSecurityObject
SSDT \SystemRoot\System32\vsdatant.sys ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSuspendThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSystemDebugControl
SSDT \SystemRoot\System32\vsdatant.sys ZwTerminateProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwUnloadDriver
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwUnloadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwWriteVirtualMemory
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[284]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[285]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[286]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[287]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[288]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[289]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[290]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[291]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[292]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[293]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[294]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[295]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[296]
INT 0x20 srescan.sys BA4C6CB0
Code \??\C:\WINDOWS\system32\drivers\klif.sys FsRtlCheckLockForReadAccess
Code \??\C:\WINDOWS\system32\drivers\klif.sys IoIsOperationSynchronous
---- Kernel code sections - GMER 1.0.13 ----
.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAF3E 5 Bytes JMP B7260B90 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntkrnlpa.exe!IoIsOperationSynchronous 804EF8E6 5 Bytes JMP B7261090 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntkrnlpa.exe!KiDispatchInterrupt + 100 80544E40 7 Bytes JMP B72641C0 \??\C:\WINDOWS\system32\drivers\klif.sys
? C:\WINDOWS\system32\drivers\sptd.sys Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus.
? srescan.sys Le fichier spécifié est introuvable.
.text USBPORT.SYS!DllUnload B9D2D62C 5 Bytes JMP 891321C8
? System32\Drivers\atams3xp.SYS Le fichier spécifié est introuvable.
? C:\WINDOWS\TEMP\mc21.tmp Le fichier spécifié est introuvable.
? C:\WINDOWS\system32\Drivers\RKREVEAL150.SYS Le fichier spécifié est introuvable.
---- User code sections - GMER 1.0.13 ----
.text C:\WINDOWS\system32\csrss.exe[836] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\csrss.exe[836] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\csrss.exe[836] KERNEL32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\csrss.exe[836] KERNEL32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\csrss.exe[836] KERNEL32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\winlogon.exe[860] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\winlogon.exe[860] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\winlogon.exe[860] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\winlogon.exe[860] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\winlogon.exe[860] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\services.exe[904] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\services.exe[904] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\services.exe[904] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\services.exe[904] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\services.exe[904] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\lsass.exe[916] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\lsass.exe[916] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\lsass.exe[916] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\lsass.exe[916] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\lsass.exe[916] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\svchost.exe[1052] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[1052] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\svchost.exe[1052] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\svchost.exe[1088] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[1088] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[1088] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\svchost.exe[1088] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\svchost.exe[1088] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\svchost.exe[1156] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[1156] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[1156] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\svchost.exe[1156] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\svchost.exe[1156] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\System32\svchost.exe[1252] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\System32\svchost.exe[1252] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\System32\svchost.exe[1252] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\System32\svchost.exe[1252] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 00:26
la suite
C:\WINDOWS\System32\svchost.exe[1252] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\svchost.exe[1372] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[1372] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1396] ntdll.dll!KiFastSystemCall + 2 7C91EB8D 2 Bytes [ CD, 20 ]
.text C:\WINDOWS\Explorer.EXE[1640] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\Explorer.EXE[1640] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\Explorer.EXE[1640] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\Explorer.EXE[1640] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\Explorer.EXE[1640] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
---- Kernel IAT/EAT - GMER 1.0.13 ----
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [BA6BEAD4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [BA6BEC1A] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [BA6BEB9C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [BA6BF748] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [BA6BF61E] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [BA6D429A] sptd.sys
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] 89177090
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] 89176C80
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] 89177260
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] 89176AA0
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [B7365AC0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [B7365AC0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [B7365AC0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] 89143C50
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] 89143C50
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B7365AC0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [B7365AC0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
---- User IAT/EAT - GMER 1.0.13 ----
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00AB03D6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00AB0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00AB042A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00AB0454
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00AB047E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00AB04A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00AB04D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00AB04FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00AB0526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00AB0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00AB057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00AB05A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00AB05CE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00AB05F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00AB0622
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 00AB064C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 00AB0676
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 00AB06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 00AB06CA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 00AB06F4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00AB071E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 00AB0748
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 00AB0772
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 00AB079C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 00AB07C6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00AB0B8C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00AB0BB6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00AB0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00AB0C0A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00AB0C34
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00AB0C5E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00AB0C88
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00AB0CB2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 00AB0CDC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00AB0D06
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00AB0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 00AB0D5A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00AB0D84
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00AB0DAE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 00AB0DD8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 00AB0E02
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00AB0E2C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00AB0E56
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00AB0E80
C:\WINDOWS\System32\svchost.exe[1252] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\svchost.exe[1372] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\system32\svchost.exe[1372] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\system32\svchost.exe[1372] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\system32\ZoneLabs\vsmon.exe[1396] ntdll.dll!KiFastSystemCall + 2 7C91EB8D 2 Bytes [ CD, 20 ]
.text C:\WINDOWS\Explorer.EXE[1640] ntdll.dll!NtTerminateProcess 7C91E88E 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\Explorer.EXE[1640] ntdll.dll!NtTerminateProcess + 4 7C91E892 2 Bytes [ 0E, 5F ]
.text C:\WINDOWS\Explorer.EXE[1640] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\Explorer.EXE[1640] kernel32.dll!CreateProcessW 7C802332 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\Explorer.EXE[1640] kernel32.dll!CreateProcessA 7C802367 6 Bytes JMP 5F040F5A
---- Kernel IAT/EAT - GMER 1.0.13 ----
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [BA6BEAD4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [BA6BEC1A] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [BA6BEB9C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [BA6BF748] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [BA6BF61E] sptd.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [BA6D429A] sptd.sys
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] 89177090
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] 89176C80
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] 89177260
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] 89176AA0
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [B7365AC0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [B7365AC0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [B7365AC0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] 89143C50
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] 89143C50
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B7365AC0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [B7365950] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [B7365AC0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [B7365FD0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [B7365E70] \SystemRoot\System32\vsdatant.sys
---- User IAT/EAT - GMER 1.0.13 ----
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00AB03D6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00AB0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00AB042A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00AB0454
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00AB047E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00AB04A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00AB04D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00AB04FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00AB0526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00AB0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00AB057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00AB05A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00AB05CE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00AB05F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00AB0622
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 00AB064C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 00AB0676
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 00AB06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 00AB06CA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 00AB06F4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00AB071E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 00AB0748
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 00AB0772
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 00AB079C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 00AB07C6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00AB0B8C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00AB0BB6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00AB0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00AB0C0A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00AB0C34
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00AB0C5E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00AB0C88
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00AB0CB2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 00AB0CDC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00AB0D06
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00AB0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 00AB0D5A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00AB0D84
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00AB0DAE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 00AB0DD8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 00AB0E02
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00AB0E2C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00AB0E56
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00AB0E80
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 00:28
SUITE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00AB0EAA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00AB0ED4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00AB0EFE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00AB0F28
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00AB0F52
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00AB0F7C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00AB0FA6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 00AB0FD0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00AD0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00AD00E2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00AD010C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00AD0136
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00AD0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00AD047E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 00AD04A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 00AD04D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 00AD04FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00AD0526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00AD0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00AD057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00AD05A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 00AB018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 00AB018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetErrorMode] 00AB02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameA] 00AB018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExA] 00AB0232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] 00AB0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 00AB0232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 00AB025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 00AB01B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA] 00AB018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 00AB0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 00AB018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00AB0EAA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00AB0ED4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00AB0EFE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00AB0F28
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00AB0F52
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00AB0F7C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00AB0FA6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 00AB0FD0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00AD0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00AD00E2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00AD010C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00AD0136
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00AD0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00AD047E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 00AD04A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 00AD04D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 00AD04FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00AD0526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00AD0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00AD057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00AD05A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 00AB018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 00AB018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetErrorMode] 00AB02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameA] 00AB018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExA] 00AB0232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] 00AB0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 00AB0232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 00AB025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 00AB01B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA] 00AB018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 00AB0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 00AB018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!LoadLibraryA] 00AB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!FreeLibrary] 00AB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[528] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!GetProcAddress] 00AB01DE
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 00:29
SUITE
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[836] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[860] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW]
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 00:29
SUITE
[7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
[7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[904] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[916] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 00:30
SUITE
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1052] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1088] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par Falkra » 18 Jan 2008 00:32
Il faut que je vérifie le reste, mais klif et vsdatant sont légitimes (ZoneAlarm notamment en met partout).
C'est ailleurs que c'est intéressant, mais il faut trier, il y a du légitime là dedans à ne pas shooter.
Je regarde tout ça en détail demain
@ demain
C'est ailleurs que c'est intéressant, mais il faut trier, il y a du légitime là dedans à ne pas shooter.
Je regarde tout ça en détail demain
@ demain
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 00:33
SUITE
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1156] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1252] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 00:34
SUITE
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00C903D6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00C90400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00C9042A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00C90454
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00C9047E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00C904A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00C904D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00C904FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00C90526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00C90550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00C9057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00C905A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00C905CE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00C905F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00C90622
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 00C9064C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 00C90676
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 00C906A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 00C906CA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 00C906F4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00C9071E
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1372] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[1640] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [5CEA7774] C:\WINDOWS\system32\ShimEng.dll
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00C903D6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00C90400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00C9042A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00C90454
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00C9047E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00C904A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00C904D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00C904FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00C90526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00C90550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00C9057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00C905A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00C905CE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00C905F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00C90622
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 00C9064C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 00C90676
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 00C906A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 00C906CA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 00C906F4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00C9071E
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 00:36
SUITE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 00C90748
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 00C90772
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 00C9079C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 00C907C6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00C90B8C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00C90BB6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00C90BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00C90C0A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00C90C34
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00C90C5E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00C90C88
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00C90CB2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 00C90CDC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00C90D06
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00C90D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 00C90D5A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00C90D84
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00C90DAE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 00C90DD8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 00C90E02
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00C90E2C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00C90E56
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00C90E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00C90EAA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00C90ED4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00C90EFE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00C90F28
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00C90F52
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00C90F7C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00C90FA6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 00C90FD0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00CB0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00CB00E2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00CB010C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00CB0136
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00CB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00CB047E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 00CB04A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 00CB04D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 00CB04FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00CB0526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00CB0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00CB057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00CB05A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 00C901DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 00C9018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 00C90208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 00C90160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 00C90160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 00C90208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 00C9018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 00C901DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 00C90286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 00C90208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 00C90160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 00C901DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 00C9018A
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 00C90748
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 00C90772
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 00C9079C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 00C907C6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00C90B8C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00C90BB6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00C90BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00C90C0A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00C90C34
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00C90C5E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00C90C88
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00C90CB2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 00C90CDC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00C90D06
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00C90D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 00C90D5A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00C90D84
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00C90DAE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 00C90DD8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 00C90E02
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00C90E2C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00C90E56
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00C90E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00C90EAA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00C90ED4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00C90EFE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00C90F28
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00C90F52
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00C90F7C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00C90FA6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 00C90FD0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00CB0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00CB00E2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00CB010C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00CB0136
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00CB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00CB047E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 00CB04A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 00CB04D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 00CB04FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00CB0526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00CB0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00CB057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00CB05A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 00C901DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 00C9018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 00C90208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 00C90160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 00C90160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 00C90208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 00C9018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 00C901DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 00C90286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 00C90208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 00C90160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 00C901DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe[2236] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 00C9018A
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 00:37
SUITE
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
je te met le reste demain,ca fait vraiment beaucoup,@ demain
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[2324] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Mozilla Firefox\firefox.exe[3288] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[3804] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\XP\Bureau\gmer\gmer.exe[4044] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:\WINDOWS\system32\kernel32.dll
je te met le reste demain,ca fait vraiment beaucoup,@ demain
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par Falkra » 18 Jan 2008 00:43
Si ça fait trop, poste un fichier texte à webmaste [at] libellules [point] ch, ça ira plus vite. 
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 18:50
Bonsoir Falkra ,je viens d'envoyer le fichier,le resultat du scan de Gmer
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par Falkra » 18 Jan 2008 20:52
Uploadé ici, je regarde ça, je viens d'arriver.
http://cjoint.com/?bsu0GRM6Sn
http://cjoint.com/?bsu0GRM6Sn
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
Re: Est ce un rootkit?
par Falkra » 18 Jan 2008 21:48
C'est étrange ton affaire, on est plusieurs là à plancher sur ton pc.
Peut-être du faux positif en partie.
As-tu des symptômes d'infection en dehors de messages d'AVG ?
Peut-être du faux positif en partie.
As-tu des symptômes d'infection en dehors de messages d'AVG ?
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 21:58
lors d'un scan avec diaghelp Kaspersky me détecte un trojan (Trojan.Win32.Inject.mf) que je peux pas supprimer car fichier introuvable
chemin du fichier infecté est introuvable : C:\DOCUME~1\XP\LOCALS~1\Temp\nlbxeryk29DB624.dll
Rootkit Revealer 1.7 me trouve également des "rootkit" mais pas celui détecté par AVG
quand je fais un clic droit sur poste de travail puis propriétés pour vérifier la fréquence de mon processeur,la fréquence change
j'ai un Quad core 6600 je passe de 2,4 Ghz à 1,58 Ghz
chemin du fichier infecté est introuvable : C:\DOCUME~1\XP\LOCALS~1\Temp\nlbxeryk29DB624.dll
Rootkit Revealer 1.7 me trouve également des "rootkit" mais pas celui détecté par AVG
quand je fais un clic droit sur poste de travail puis propriétés pour vérifier la fréquence de mon processeur,la fréquence change
j'ai un Quad core 6600 je passe de 2,4 Ghz à 1,58 Ghz
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
Re: Est ce un rootkit?
par Falkra » 18 Jan 2008 22:16
Le CPU, c'est autre chose, je ne suis pas hyper Intel (hum) mais c'est ans doute une fonction d'économie d'énergie, ne nous affolons pas.
J'aimerais voir ton rapport Kaspersky de l'intérieur.
- Double clique sur l'icône de KAV dans ta barre de tâches à côté de l'horloge,
- Clique sur Rapports dans la colonne de gauche,
- Puis encore sur Rapports dans le menu qui s'affiche et enfin sur Détectés
- Fais un clic droit dans la fenêtre > Sélectionner tout, puis un nouveau clic droit > Copier
Exemple pour l'interface :
http://www.zimagez.com/zimage/logkav.php
- Colle le résultat sur le forum.
J'aimerais voir ton rapport Kaspersky de l'intérieur.
- Double clique sur l'icône de KAV dans ta barre de tâches à côté de l'horloge,
- Clique sur Rapports dans la colonne de gauche,
- Puis encore sur Rapports dans le menu qui s'affiche et enfin sur Détectés
- Fais un clic droit dans la fenêtre > Sélectionner tout, puis un nouveau clic droit > Copier
Exemple pour l'interface :
http://www.zimagez.com/zimage/logkav.php
- Colle le résultat sur le forum.
-
Falkra - Admin libellules.ch
- Messages: 24424
- Inscription: 30 Jan 2005 13:44
- Localisation: 127.0.0.1
Re: Est ce un rootkit?
par OG662 » 18 Jan 2008 23:15
Analyse
-------
Analysés : 23453
Infectés : 0
Non traités : 0
Lancement : 19/01/2008 23:07:54
Durée : 00:02:06
Fin : 19/01/2008 23:10:00
Infectés
--------
Etat Objet
---- -----
Evènements
----------
Heure Nom Etat Cause
----- --- ---- -----
19/01/2008 23:06:04 Le secteur du disque logique: C ok analysé
19/01/2008 23:06:04 Le secteur du disque: \Device\Harddisk1\DR2 ok analysé
19/01/2008 23:06:05 Le secteur du disque: \Device\Harddisk0\DR0 ok analysé
19/01/2008 23:06:05 Le fichier: C:\AUTOEXEC.BAT ok iSwift
19/01/2008 23:06:05 Le fichier: C:\boot.ini ok analysé
19/01/2008 23:06:05 Le fichier: C:\Bootfont.bin ok iSwift
19/01/2008 23:06:06 Le fichier: C:\ComboFix.txt ok analysé
19/01/2008 23:06:06 Le fichier: C:\CONFIG.SYS ok iSwift
19/01/2008 23:06:06 Le fichier: C:\debug.log ok iSwift
19/01/2008 23:06:06 Le fichier: C:\fixnavi.txt ok analysé
19/01/2008 23:06:06 Le fichier: C:\IO.SYS ok iSwift
19/01/2008 23:06:06 Le fichier: C:\MSDOS.SYS ok iSwift
19/01/2008 23:06:06 Le fichier: C:\NTDETECT.COM ok iSwift
19/01/2008 23:06:06 Le fichier: C:\ntldr ok iSwift
19/01/2008 23:06:06 Le fichier: C:\pagefile.sys non traité utilisé par une autre application
19/01/2008 23:06:06 Le fichier: C:\resultat.txt ok analysé
19/01/2008 23:06:07 Le fichier: C:\sqmdata00.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmdata01.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmdata02.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmdata03.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmnoopt00.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmnoopt01.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmnoopt02.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmnoopt03.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz archive GZIP
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar archive Tar
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/appdata.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/cache.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/desktop.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/favorites.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/local appdata.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/local settings.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/my pictures.folder.dat ok analysé
19/01/2008 23:06:10 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/personal.folder.dat ok analysé
19/01/2008 23:06:10 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/profiles.folder.dat ok analysé
19/01/2008 23:06:10 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/programs.folder.dat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/setpath.bat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/setpath.dat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/start menu.folder.dat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/startup.folder.dat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/templates.folder.dat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/CFScript_used_2008-01-17@21.22.txt ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/CFScript_used_2008-01-17@23.44.txt ok analysé
19/01/2008 23:06:12 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/ComboFix-quarantined-files.txt ok analysé
19/01/2008 23:06:12 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/ComboFix2.txt ok analysé
19/01/2008 23:06:12 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/ComboFix3.txt ok analysé
19/01/2008 23:06:12 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/C/ComboFix/errdbg.dat.vir ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/C/WINDOWS/system32/testDLL.dll.vir ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/catchme.log ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/I/autorun.inf.vir ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/Registry_backups/LEGACY_MEMSWEEP2.reg.dat ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/Registry_backups/services_MEMSWEEP2.reg.dat ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/Registry_backups/services_poof.reg.dat ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/snapshot@2008-01-16_23.01.05.46.dat ok analysé
19/01/2008 23:06:19 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/snapshot@2008-01-16_23.01.05.46_B.dat ok analysé
19/01/2008 23:06:19 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/BASSMOD.dll ok analysé
19/01/2008 23:06:20 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/CmdLineExt.dll ok analysé
19/01/2008 23:06:21 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/msvcp71.dll ok analysé
19/01/2008 23:06:21 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/rmoc3260.dll ok analysé
19/01/2008 23:06:22 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/pndx5032.dll ok analysé
19/01/2008 23:06:22 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/pndx5016.dll ok analysé
19/01/2008 23:06:22 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/pncrt.dll ok analysé
19/01/2008 23:06:23 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/msvcr71.dll ok analysé
19/01/2008 23:06:23 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar ok analysé
19/01/2008 23:06:23 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz ok analysé
19/01/2008 23:06:23 Le fichier: C:\autorun.inf\lpt3.This folder was created by Flash_Disinfector ok iChecker
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\NTUSER.DAT ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\NTUSER.dat.LOG ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\ntuser.ini ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\Application Data\desktop.ini ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.bak ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.txt ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\Cookies\index.dat ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\Favoris\Unicornis - Fonds d'ecran - Gifs - Création....url ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Favoris\•°•° UNICORNIS °•°•.url ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Favoris\ico\iconeunicornis.ico ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\desktop.ini ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.DTD ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.XML ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Historique\desktop.ini ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\desktop.ini ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\desktop.ini ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\desktop.ini ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\desktop.ini ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Lecteur Windows Media.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Assistant Compatibilité des programmes.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\desktop.ini ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\desktop.ini ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\desktop.ini ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\desktop.ini ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\amipro.sam ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\excel.xls ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\excel4.xls ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\lotus.wk4 ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\powerpnt.ppt ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\presenta.shw ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\quattro.wb2 ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\sndrec.wav ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\Modèles\winword.doc ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\Modèles\winword2.doc ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpd ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpg ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\SendTo\Bureau (créer un raccourci).DeskLink ok iChecker
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\SendTo\desktop.ini ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\SendTo\Destinataire.MAPIMail ok iChecker
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\desktop.ini ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\hpzinstall.log ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{6F7425F3-EB34-46b0-9B63-430203611455}\Version\7.00\olreg.ini ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.6.621_10.17_13.45_63c.SRV.exception.log ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.6.621_10.17_13.45_63c.SRV.full.dmp ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.6.621_10.17_13.45_63c.SRV.mini.dmp ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\3a531953687a2ff5.klq ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\4aae279c5caef9db.klq ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\ah-i386-0607g.xml ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\ah-i386-test-0607g.xml ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\as-0607g.xml ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\aspy-0607g.xml ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\av-i386-0607g.xml ok analysé
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\avcmhk4.dll ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\avcmhk5.mhk ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\avp_x.set ok analysé
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\avu-i386-0607g.xml ok analysé
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base001.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base001c.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base002.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base002c.avc ok analysé
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base003.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base003c.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base004.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base004c.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base005.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base005c.avc ok analysé
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base006.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base006c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base007.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base007c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base008.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base008c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base009.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base009c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base010.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base010c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base011.avc ok analysé
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base011c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base012.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base012c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base013.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base013c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base014.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base014c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base015.avc ok analysé
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base015c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base016.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base016c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base017.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base017c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base018.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base018c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base019.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base019c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base020.avc ok analysé
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base020c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base021.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base021c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base022.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base022c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base023.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base023c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base024.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base024c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base025.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base025c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base026.avc ok analysé
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base026c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base027.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base027c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base028.avc non traité traitement suspendu
Statistiques
------------
Objet Analysés Objets dangereux Non traités Supprimés Placés en quarantaine Archives Fichiers compactés Protégés par un mot de passe Corrompus
----- -------- ---------------- ------------ --------- --------------------- -------- ------------------ ---------------------------- ---------
Paramètres
----------
Paramètre Valeur
--------- ------
Niveau de protection Utilisateur
Action Confirmer à la fin de l'analyse
Mode de lancement Manuel
Types de fichiers Analyser tous les fichiers
Analyse uniquement des nouveaux fichiers et des fichiers modifiés Non
Analyse des archives l'ensemble des
Analyse des objets OLE joints l'ensemble des
Ne pas analyser l'objet s'il fait plus de Non
Ne pas analyser si l'analyse dure plus de Non
Analyse des fichiers au format de messagerie Non
Analyse des archives protégées par un mot de passe Non
Activer la technologie iChecker Oui
Activer la technologie iSwift Oui
Afficher les objets dangereux découverts sur l'onglet "Infectés" Oui
-------
Analysés : 23453
Infectés : 0
Non traités : 0
Lancement : 19/01/2008 23:07:54
Durée : 00:02:06
Fin : 19/01/2008 23:10:00
Infectés
--------
Etat Objet
---- -----
Evènements
----------
Heure Nom Etat Cause
----- --- ---- -----
19/01/2008 23:06:04 Le secteur du disque logique: C ok analysé
19/01/2008 23:06:04 Le secteur du disque: \Device\Harddisk1\DR2 ok analysé
19/01/2008 23:06:05 Le secteur du disque: \Device\Harddisk0\DR0 ok analysé
19/01/2008 23:06:05 Le fichier: C:\AUTOEXEC.BAT ok iSwift
19/01/2008 23:06:05 Le fichier: C:\boot.ini ok analysé
19/01/2008 23:06:05 Le fichier: C:\Bootfont.bin ok iSwift
19/01/2008 23:06:06 Le fichier: C:\ComboFix.txt ok analysé
19/01/2008 23:06:06 Le fichier: C:\CONFIG.SYS ok iSwift
19/01/2008 23:06:06 Le fichier: C:\debug.log ok iSwift
19/01/2008 23:06:06 Le fichier: C:\fixnavi.txt ok analysé
19/01/2008 23:06:06 Le fichier: C:\IO.SYS ok iSwift
19/01/2008 23:06:06 Le fichier: C:\MSDOS.SYS ok iSwift
19/01/2008 23:06:06 Le fichier: C:\NTDETECT.COM ok iSwift
19/01/2008 23:06:06 Le fichier: C:\ntldr ok iSwift
19/01/2008 23:06:06 Le fichier: C:\pagefile.sys non traité utilisé par une autre application
19/01/2008 23:06:06 Le fichier: C:\resultat.txt ok analysé
19/01/2008 23:06:07 Le fichier: C:\sqmdata00.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmdata01.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmdata02.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmdata03.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmnoopt00.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmnoopt01.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmnoopt02.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\sqmnoopt03.sqm ok iSwift
19/01/2008 23:06:07 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz archive GZIP
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar archive Tar
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/appdata.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/cache.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/desktop.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/favorites.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/local appdata.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/local settings.folder.dat ok analysé
19/01/2008 23:06:09 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/my pictures.folder.dat ok analysé
19/01/2008 23:06:10 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/personal.folder.dat ok analysé
19/01/2008 23:06:10 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/profiles.folder.dat ok analysé
19/01/2008 23:06:10 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/programs.folder.dat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/setpath.bat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/setpath.dat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/start menu.folder.dat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/startup.folder.dat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/BackEnv/templates.folder.dat ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/CFScript_used_2008-01-17@21.22.txt ok analysé
19/01/2008 23:06:11 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/CFScript_used_2008-01-17@23.44.txt ok analysé
19/01/2008 23:06:12 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/ComboFix-quarantined-files.txt ok analysé
19/01/2008 23:06:12 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/ComboFix2.txt ok analysé
19/01/2008 23:06:12 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/ComboFix3.txt ok analysé
19/01/2008 23:06:12 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/C/ComboFix/errdbg.dat.vir ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/C/WINDOWS/system32/testDLL.dll.vir ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/catchme.log ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/I/autorun.inf.vir ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/Registry_backups/LEGACY_MEMSWEEP2.reg.dat ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/Registry_backups/services_MEMSWEEP2.reg.dat ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/Quarantine/Registry_backups/services_poof.reg.dat ok analysé
19/01/2008 23:06:18 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/snapshot@2008-01-16_23.01.05.46.dat ok analysé
19/01/2008 23:06:19 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//qoobox/snapshot@2008-01-16_23.01.05.46_B.dat ok analysé
19/01/2008 23:06:19 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/BASSMOD.dll ok analysé
19/01/2008 23:06:20 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/CmdLineExt.dll ok analysé
19/01/2008 23:06:21 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/msvcp71.dll ok analysé
19/01/2008 23:06:21 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/rmoc3260.dll ok analysé
19/01/2008 23:06:22 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/pndx5032.dll ok analysé
19/01/2008 23:06:22 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/pndx5016.dll ok analysé
19/01/2008 23:06:22 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/pncrt.dll ok analysé
19/01/2008 23:06:23 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar//WINDOWS/System32/msvcr71.dll ok analysé
19/01/2008 23:06:23 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz//upload_moi.tar ok analysé
19/01/2008 23:06:23 Le fichier: C:\upload_moi_XPSP2-AB29DB624.tar.gz ok analysé
19/01/2008 23:06:23 Le fichier: C:\autorun.inf\lpt3.This folder was created by Flash_Disinfector ok iChecker
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\NTUSER.DAT ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\NTUSER.dat.LOG ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\ntuser.ini ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\Application Data\desktop.ini ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.bak ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\brndlog.txt ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\Cookies\index.dat ok analysé
19/01/2008 23:06:23 Le fichier: C:\Documents and Settings\Administrateur\Favoris\Unicornis - Fonds d'ecran - Gifs - Création....url ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Favoris\•°•° UNICORNIS °•°•.url ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Favoris\ico\iconeunicornis.ico ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\desktop.ini ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.DTD ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNS.XML ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Historique\desktop.ini ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\desktop.ini ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\desktop.ini ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\desktop.ini ok analysé
19/01/2008 23:06:24 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Assistance à distance.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\desktop.ini ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Lecteur Windows Media.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Assistant Compatibilité des programmes.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Bloc-notes.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\desktop.ini ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Explorateur Windows.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Invite de commandes.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Synchroniser.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Clavier visuel.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\desktop.ini ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Gestionnaire d'utilitaires.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Accessibilité\Loupe.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\desktop.ini ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Accessoires\Divertissement\Lecteur Windows Media.lnk ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\desktop.ini ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\amipro.sam ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\excel.xls ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\excel4.xls ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\lotus.wk4 ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\powerpnt.ppt ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\presenta.shw ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\quattro.wb2 ok analysé
19/01/2008 23:06:25 Le fichier: C:\Documents and Settings\Administrateur\Modèles\sndrec.wav ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\Modèles\winword.doc ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\Modèles\winword2.doc ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpd ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\Modèles\wordpfct.wpg ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\SendTo\Bureau (créer un raccourci).DeskLink ok iChecker
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\SendTo\desktop.ini ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\Administrateur\SendTo\Destinataire.MAPIMail ok iChecker
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\desktop.ini ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\hpzinstall.log ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\CyberLink\OLReg\HKEY_CLASS_ROOT\CLSID\{6F7425F3-EB34-46b0-9B63-430203611455}\Version\7.00\olreg.ini ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.6.621_10.17_13.45_63c.SRV.exception.log ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.6.621_10.17_13.45_63c.SRV.full.dmp ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP.6.621_10.17_13.45_63c.SRV.mini.dmp ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\3a531953687a2ff5.klq ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Backup\4aae279c5caef9db.klq ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\ah-i386-0607g.xml ok analysé
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\ah-i386-test-0607g.xml ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\as-0607g.xml ok iSwift
19/01/2008 23:06:26 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\aspy-0607g.xml ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\av-i386-0607g.xml ok analysé
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\avcmhk4.dll ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\avcmhk5.mhk ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\avp_x.set ok analysé
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\avu-i386-0607g.xml ok analysé
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base001.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base001c.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base002.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base002c.avc ok analysé
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base003.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base003c.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base004.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base004c.avc ok iSwift
19/01/2008 23:06:27 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base005.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base005c.avc ok analysé
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base006.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base006c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base007.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base007c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base008.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base008c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base009.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base009c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base010.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base010c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base011.avc ok analysé
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base011c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base012.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base012c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base013.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base013c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base014.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base014c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base015.avc ok analysé
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base015c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base016.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base016c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base017.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base017c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base018.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base018c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base019.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base019c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base020.avc ok analysé
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base020c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base021.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base021c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base022.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base022c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base023.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base023c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base024.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base024c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base025.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base025c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base026.avc ok analysé
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base026c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base027.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base027c.avc ok iSwift
19/01/2008 23:06:28 Le fichier: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\Bases\base028.avc non traité traitement suspendu
Statistiques
------------
Objet Analysés Objets dangereux Non traités Supprimés Placés en quarantaine Archives Fichiers compactés Protégés par un mot de passe Corrompus
----- -------- ---------------- ------------ --------- --------------------- -------- ------------------ ---------------------------- ---------
Paramètres
----------
Paramètre Valeur
--------- ------
Niveau de protection Utilisateur
Action Confirmer à la fin de l'analyse
Mode de lancement Manuel
Types de fichiers Analyser tous les fichiers
Analyse uniquement des nouveaux fichiers et des fichiers modifiés Non
Analyse des archives l'ensemble des
Analyse des objets OLE joints l'ensemble des
Ne pas analyser l'objet s'il fait plus de Non
Ne pas analyser si l'analyse dure plus de Non
Analyse des fichiers au format de messagerie Non
Analyse des archives protégées par un mot de passe Non
Activer la technologie iChecker Oui
Activer la technologie iSwift Oui
Afficher les objets dangereux découverts sur l'onglet "Infectés" Oui
- OG662
- Libellulien
- Messages: 51
- Inscription: 14 Jan 2008 21:37
98 messages
• Page 4 sur 5 • 1, 2, 3, 4, 5
Qui est en ligne
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 2 invités
Développé par phpBB® Forum Software © phpBB Group
Traduction par phpBB-fr.com
Traduction par phpBB-fr.com
phpBB Metro Theme by PixelGoose Studio