- This topic has 20 ответов, 3 участника, and was last updated 16 years назад by
.
-
Сообщения
-
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExA + 43 77FA902C 63 Bytes [ FF, 50, 8D, 85, D0, FE, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExA + 83 77FA906C 24 Bytes [ 03, 33, FF, 47, FF, B5, F8, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExA + 9C 77FA9085 3 Bytes [ 97, BF, FB ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExA + A0 77FA9089 17 Bytes [ C9, C2, 08, 00, 90, 90, 90, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExA + B2 77FA909B 50 Bytes [ 56, 57, 74, 3C, 83, 7D, 0C, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsA + 2 77FA9369 5 Bytes [ FF, FF, D7, 8B, 45 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsA + 8 77FA936F 49 Bytes [ 39, 85, E0, FE, FF, FF, 0F, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsA + 3A 77FA93A1 167 Bytes [ B5, F0, FE, FF, FF, 8D, 85, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsA + E2 77FA9449 2 Bytes [ FF, 56 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsA + E5 77FA944C 4 Bytes [ B5, F0, FE, FF ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringA + 29 77FAFD36 17 Bytes [ B5, 80, F3, FF, FF, FF, 75, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringA + 3B 77FAFD48 5 Bytes [ B5, 78, F3, FF, FF ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringA + 41 77FAFD4E 8 Bytes [ B5, C4, F9, FF, FF, FF, B5, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringA + 4B 77FAFD58 17 Bytes [ FF, FF, 15, 54, 13, F6, 77, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringA + 5D 77FAFD6A 36 Bytes [ 73, 04, 8B, F3, 8D, BD, 30, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringByKeyA + B 77FAFE53 70 Bytes [ 90, 90, 90, 90, 90, 8B, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringByKeyA + 52 77FAFE9A 4 Bytes [ B5, EC, FD, FF ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringByKeyA + 57 77FAFE9F 8 Bytes [ 56, FF, 15, E0, D1, FC, 77, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringByKeyA + 60 77FAFEA8 2 Bytes CALL 03FAFEAA
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringByKeyA + 64 77FAFEAC 5 Bytes [ 8B, F0, E8, D2, A4 ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryKeyA + 2 77FAFF5F 30 Bytes [ 75, 14, 56, 57, FF, 75, 08, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryKeyA + 21 77FAFF7E 18 Bytes [ 8B, 45, F8, 68, EC, 03, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryKeyA + 3F 77FAFF9C 11 Bytes [ 74, 16, 85, F6, 74, 12, 8D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryKeyA + 4B 77FAFFA8 21 Bytes CALL 77FAA5F0 C:WINDOWSsystem32SHLWAPI.dll (Библиотека небольших программ оболочки/Корпорация Майкрософт)
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryKeyA + 61 77FAFFBE 23 Bytes [ FF, 8B, 4D, FC, 8B, C7, 5F, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathFindSuffixArrayW + 2F 77FB0EFC 23 Bytes [ FF, FF, 75, 0C, FF, 75, 08, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathQuoteSpacesW + 7 77FB0F5E 52 Bytes [ FF, 55, 8B, EC, 81, EC, 20, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSkipRootW + 13 77FB0FC5 94 Bytes [ FF, FF, 75, 0C, FF, 75, 08, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsSameRootW + 15 77FB1024 47 Bytes [ BF, 04, 01, 00, 00, 57, 8D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsSameRootW + 45 77FB1054 184 Bytes [ 00, 8B, 86, 84, 00, 00, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnmakeSystemFolderW + 11 77FB1127 25 Bytes [ 90, 25, 00, 25, 00, 25, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnmakeSystemFolderW + 2B 77FB1141 3 Bytes [ 55, 8B, EC ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnmakeSystemFolderW + 30 77FB1146 73 Bytes [ 39, 05, 68, DA, FC, 77, 56, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsLFNFileSpecW + 6 77FB1190 1 Byte [ 45 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsLFNFileSpecW + 8 77FB1192 9 Bytes [ 57, 8B, 7D, 0C, 8D, 8D, 70, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsLFNFileSpecW + 12 77FB119C 92 Bytes [ 89, 85, 6C, FF, FF, FF, 89, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsLFNFileSpecW + F6 77FB1280 7 Bytes [ 75, 11, 6A, FF, FF, B5, 68 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsLFNFileSpecW + 108 77FB1292 35 Bytes [ F8, 8D, 8D, 70, FF, FF, FF, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathRenameExtensionW + 2E 77FB1330 192 Bytes [ 8D, 70, FF, FF, FF, E8, 98, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsDirectoryEmptyW + 97 77FB13F1 21 Bytes [ D3, 8D, 44, 00, 02, 50, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsDirectoryEmptyW + AD 77FB1407 5 Bytes [ FF, E8, 62, 92, FB ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsDirectoryEmptyW + B3 77FB140D 44 Bytes [ 6A, 00, 8D, 85, F0, FD, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathW + 15 77FB143A 116 Bytes [ F4, FD, FF, FF, 50, FF, B5, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathW + 8C 77FB14B1 22 Bytes [ 89, 85, E0, FD, FF, FF, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathW + A3 77FB14C8 16 Bytes [ FF, 83, 85, E4, FD, FF, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathW + B4 77FB14D9 10 Bytes [ 5E, 5B, 8B, 4D, FC, 8B, 85, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathW + D0 77FB14F5 46 Bytes [ 55, 8B, EC, 8B, 45, 08, 53, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSetDlgItemPathW + 21 77FB16FA 9 Bytes [ FF, 68, 04, 01, 00, 00, 33, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSetDlgItemPathW + 2B 77FB1704 1 Byte [ BD ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSetDlgItemPathW + 33 77FB170C 9 Bytes [ FB, FF, 83, C4, 10, 8D, 85, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSetDlgItemPathW + 3D 77FB1716 22 Bytes [ FF, 50, 8D, 85, F0, FD, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSetDlgItemPathW + 80 77FB1759 8 Bytes [ 85, C0, 74, 0A, C7, 85, EC, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExW + 34 77FB1A16 79 Bytes [ EB, 03, 33, DB, 43, 8B, 4D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExW + 120 77FB1B02 14 Bytes [ 90, 90, 90, 90, 90, 8B, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExW + 130 77FB1B12 62 Bytes [ A1, 80, D2, FC, 77, 53, 56, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExW + 16F 77FB1B51 60 Bytes [ 83, 04, 07, 80, 83, E3, 40, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExW + 1AF 77FB1B91 25 Bytes [ 8B, 85, E4, FD, FF, FF, 8B, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsW + 5F 77FB1DB8 7 Bytes [ 55, 8B, EC, 81, EC, 0C, 02 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsW + 67 77FB1DC0 59 Bytes [ 00, A1, 80, D2, FC, 77, 56, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsW + A3 77FB1DFC 11 Bytes [ 8B, F8, 85, FF, 74, 3A, 85, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsW + AF 77FB1E08 26 Bytes [ 15, 70, 14, F6, 77, 8D, 44, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsW + CA 77FB1E23 13 Bytes [ 0D, 68, 18, 61, F9, 77, 6A, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHRegisterValidateTemplate + 3B 77FB6068 64 Bytes [ 85, C0, 74, 4D, 83, 7D, 10, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHRegisterValidateTemplate + 7C 77FB60A9 11 Bytes [ 75, 14, FF, 75, 10, FF, 75, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHRegisterValidateTemplate + 88 77FB60B5 30 Bytes [ 50, 14, 8B, D8, 5F, 8B, C3, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHRegisterValidateTemplate + A7 77FB60D4 21 Bytes [ 39, 7D, 14, 75, 0A, B8, 57, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHRegisterValidateTemplate + BD 77FB60EA 12 Bytes [ 08, F6, 86, 18, 02, 00, 00, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHReleaseThreadRef + 40 77FB6DB8 10 Bytes [ 15, 70, 13, F6, 77, 8B, 4D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHReleaseThreadRef + 4B 77FB6DC3 2 Bytes [ 59, E2 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHReleaseThreadRef + 4F 77FB6DC7 1 Byte [ C9 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHReleaseThreadRef + 51 77FB6DC9 1 Byte [ 08 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHReleaseThreadRef + 54 77FB6DCC 75 Bytes [ 41, 64, 64, 49, 6E, 74, 65, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHIsLowMemoryMachine + 3F 77FB6E18 4 Bytes [ 56, 68, 02, 00 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHIsLowMemoryMachine + 60 77FB6E39 1 Byte [ 56 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHIsLowMemoryMachine + 62 77FB6E3B 5 Bytes [ 01, 00, 00, 80, E8 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHIsLowMemoryMachine + 68 77FB6E41 19 Bytes [ AE, FB, FF, F7, D8, 1B, C0, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHIsLowMemoryMachine + 7C 77FB6E55 7 Bytes [ FF, 55, 8B, EC, 56, 6A, 04 ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!GetAcceptLanguagesA + 41 77FBDD46 1 Byte [ 10 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!GetAcceptLanguagesA + 43 77FBDD48 2 Bytes [ 4B, 01 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!GetAcceptLanguagesA + 46 77FBDD4B 74 Bytes [ 00, 57, FF, 15, C4, 17, F6, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!GetAcceptLanguagesA + D3 77FBDDD8 37 Bytes [ FF, 75, 14, FF, 75, 10, 50, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!GetAcceptLanguagesA + FA 77FBDDFF 107 Bytes [ 10, FF, 35, 80, DC, FC, 77, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCompareA + 24 77FBECA1 1 Byte [ 01 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCompareA + 26 77FBECA3 12 Bytes CALL 77FAD927 C:WINDOWSsystem32SHLWAPI.dll (Библиотека небольших программ оболочки/Корпорация Майкрософт)
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCompareA + 33 77FBECB0 9 Bytes [ 15, 88, 14, F6, 77, EB, 03, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCompareA + 3D 77FBECBA 12 Bytes [ 8B, 4D, FC, 5F, 8B, C6, 5E, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCompareA + 4A 77FBECC7 133 Bytes [ C9, C3, 90, 90, 90, 70, 73, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashA 77FBED92 54 Bytes [ 90, 90, 8B, FF, 55, 8B, EC, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashA + 3A 77FBEDCC 149 Bytes [ 8B, FF, 55, 8B, EC, 56, 8B, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashW + 95 77FBEE62 43 Bytes [ FF, 55, 8B, EC, 81, EC, 0C, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashW + C1 77FBEE8E 124 Bytes [ 45, 08, 50, 57, 57, FF, 15, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashW + 13E 77FBEF0B 89 Bytes [ C0, 74, 27, 56, FF, 15, 6C, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashW + 198 77FBEF65 85 Bytes [ FF, 89, 45, FC, 8B, 45, 0C, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashW + 1EE 77FBEFBB 72 Bytes [ 01, 00, 00, A1, 80, D2, FC, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlEscapeA + 1 77FBF64E 7 Bytes [ 00, 25, 00, FF, 00, 00, 09 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlEscapeA + 9 77FBF656 29 Bytes [ 83, 7B, 14, 00, 74, 0A, 8B, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlEscapeA + 27 77FBF674 36 Bytes [ 55, 8B, EC, 8B, 45, 08, 8B, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlEscapeA + 4C 77FBF699 40 Bytes [ 85, C0, 74, 12, 6A, 0A, 59, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlEscapeA + 75 77FBF6C2 35 Bytes [ 41, 24, 85, C0, 75, 13, 39, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlGetPartA + 24 77FBF75E 8 Bytes [ 56, 8B, 75, 08, 8B, 06, 57, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlGetPartA + 2D 77FBF767 1 Byte [ 02 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlGetPartA + 2F 77FBF769 76 Bytes [ 00, 23, C3, 50, FF, 76, 14, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlGetPartA + 7C 77FBF7B6 8 Bytes [ 76, 14, FF, 76, 10, E8, 46, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlGetPartA + 87 77FBF7C1 34 Bytes [ 75, F8, 89, 45, 08, 8D, 45, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlUnescapeA + 13 77FBF853 100 Bytes [ FF, 55, 8B, EC, 51, 83, 65, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlUnescapeA + 78 77FBF8B8 16 Bytes [ F4, C7, 45, FC, 05, 40, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlUnescapeA + 89 77FBF8C9 34 Bytes [ 55, 8B, EC, 8B, 45, 08, 66, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCreateFromPathA + 1A 77FBF8EC 68 Bytes [ EC, 81, EC, 34, 04, 00, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCreateFromPathA + 5F 77FBF931 39 Bytes [ 50, 01, 00, 00, 56, BE, 04, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCreateFromPathA + 87 77FBF959 35 Bytes [ 50, 8D, 85, F4, FD, FF, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCreateFromPathA + AB 77FBF97D 33 Bytes [ FF, 89, BD, D8, FB, FF, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCreateFromPathA + CD 77FBF99F 69 Bytes [ 50, 6A, FF, 8D, 85, F8, FE, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeA + 27 77FBF9E6 17 Bytes [ FF, 50, 8D, 85, F4, FD, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeA + 39 77FBF9F8 3 Bytes CALL C8FBF9F8
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeA + 3E 77FBF9FD 8 Bytes [ 50, 8D, 85, F8, FE, FF, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeA + 47 77FBFA06 11 Bytes [ B5, D8, FB, FF, FF, 89, B5, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeA + 53 77FBFA12 11 Bytes [ B5, DC, FB, FF, FF, 89, B5, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeW 77FBFA9A 56 Bytes [ 90, 90, 53, 6F, 66, 74, 77, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeW + 39 77FBFAD3 81 Bytes [ 90, 90, 90, 90, 90, 8B, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeW + B4 77FBFB4E 1 Byte [ 53 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeW + F9 77FBFB93 38 Bytes [ 00, 5C, 00, 57, 00, 69, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeW + 120 77FBFBBA 48 Bytes [ 73, 00, 69, 00, 6F, 00, 6E, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlIsNoHistoryA + 1C 77FBFF12 36 Bytes [ C7, 5F, 5E, C3, 90, 90, 90, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlIsNoHistoryA + 41 77FBFF37 1 Byte [ 6A ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlIsNoHistoryA + 43 77FBFF39 1 Byte [ 6A ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlIsNoHistoryA + 45 77FBFF3B 6 Bytes [ 6A, 2F, 53, FF, 76, 04 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlIsNoHistoryA + 4C 77FBFF42 84 Bytes CALL 77F83AC7 C:WINDOWSsystem32SHLWAPI.dll (Библиотека небольших программ оболочки/Корпорация Майкрософт)
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamOnFileA + 2 77FC0128 50 Bytes [ 75, 07, B8, 96, 00, 00, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamOnFileA + 36 77FC015C 36 Bytes [ 66, 8B, 4C, 4D, BC, 66, 85, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamOnFileA + 5B 77FC0181 46 Bytes [ 74, 05, 83, C0, 14, EB, 27, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamOnFileA + 8A 77FC01B0 20 Bytes [ 85, B4, EF, FF, FF, 8B, 8D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamOnFileA + 9F 77FC01C5 35 Bytes [ 72, 8F, 33, DB, 8B, 8D, B8, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHOpenRegStreamW + 23 77FC22F5 107 Bytes [ 00, 74, 5C, 8B, 45, 08, 3B, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHOpenRegStreamW + 8F 77FC2361 1 Byte [ D7 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHOpenRegStreamW + 91 77FC2363 70 Bytes [ 45, FC, 5F, 5E, 5B, C9, C2, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHOpenRegStreamW + D8 77FC23AA 42 Bytes [ 3A, 89, 4D, F8, 8B, 4D, 0C, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHOpenRegStreamW + 104 77FC23D6 10 Bytes [ 39, 75, F4, 75, 05, 33, F6, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DllGetVersion + D 77FC5996 72 Bytes [ 00, 5F, 8B, C6, 5E, 5D, C2, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DllGetVersion + 57 77FC59E0 22 Bytes [ 8D, 85, FC, F5, FF, FF, 50, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DllGetVersion + 6E 77FC59F7 81 Bytes [ FF, 68, 00, 01, 00, 00, 8D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DllGetVersion + C0 77FC5A49 10 Bytes [ FF, 55, 8B, EC, 83, EC, 18, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DllGetVersion + CB 77FC5A54 97 Bytes [ 45, 1C, FF, 75, 14, 83, 65, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DelayLoadFailureHook + 20 77FC6A55 82 Bytes [ 55, 8B, EC, 8B, 45, 08, 56, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DelayLoadFailureHook + 74 77FC6AA9 6 Bytes [ 5E, 0F, 95, C1, 8B, C1 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DelayLoadFailureHook + 7C 77FC6AB1 1 Byte [ 08 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DelayLoadFailureHook + 83 77FC6AB8 58 Bytes [ 8B, FF, 55, 8B, EC, 51, 83, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DelayLoadFailureHook + BE 77FC6AF3 94 Bytes [ 55, 8B, EC, 56, 33, F6, 39, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamWrapper + B 77FC7A26 3 Bytes [ 6E, 00, 63 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamWrapper + F 77FC7A2A 4 Bytes [ 65, 00, 64, 00 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamWrapper + 14 77FC7A2F 1 Byte [ 00 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamWrapper + 19 77FC7A34 39 Bytes [ 90, 8B, FF, 55, 8B, EC, 56, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamWrapper + 41 77FC7A5C 19 Bytes [ 8B, F0, 85, F6, 74, 07, 6A, … ]
.text …
? C:WINDOWSSystem32alg.exe[260] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32csrss.exe[712] C:WINDOWSsystem32KERNEL32.dll time/date stamp mismatch;
? C:WINDOWSsystem32winlogon.exe[736] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32services.exe[784] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32lsass.exe[796] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32svchost.exe[964] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32svchost.exe[1028] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSSystem32svchost.exe[1156] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32svchost.exe[1244] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:Program FilesMozilla Firefoxfirefox.exe[1256] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32svchost.exe[1460] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSExplorer.EXE[1492] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32spoolsv.exe[1708] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSSOUNDMAN.EXE[1920] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSSamsungComSMMgrssmmgr.exe[1932] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? E:Program FilesKleptomaniak-mania.exe[1956] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32ctfmon.exe[1964] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:Documents and SettingsUserРабочий столgmer.exe[3196] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;—- User IAT/EAT — GMER 1.0.14 —-
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32svchost.exe [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32svchost.exe [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32svchost.exe [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт).text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExA + 43 77FA902C 63 Bytes [ FF, 50, 8D, 85, D0, FE, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExA + 83 77FA906C 24 Bytes [ 03, 33, FF, 47, FF, B5, F8, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExA + 9C 77FA9085 3 Bytes [ 97, BF, FB ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExA + A0 77FA9089 17 Bytes [ C9, C2, 08, 00, 90, 90, 90, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExA + B2 77FA909B 50 Bytes [ 56, 57, 74, 3C, 83, 7D, 0C, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsA + 2 77FA9369 5 Bytes [ FF, FF, D7, 8B, 45 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsA + 8 77FA936F 49 Bytes [ 39, 85, E0, FE, FF, FF, 0F, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsA + 3A 77FA93A1 167 Bytes [ B5, F0, FE, FF, FF, 8D, 85, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsA + E2 77FA9449 2 Bytes [ FF, 56 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsA + E5 77FA944C 4 Bytes [ B5, F0, FE, FF ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringA + 29 77FAFD36 17 Bytes [ B5, 80, F3, FF, FF, FF, 75, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringA + 3B 77FAFD48 5 Bytes [ B5, 78, F3, FF, FF ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringA + 41 77FAFD4E 8 Bytes [ B5, C4, F9, FF, FF, FF, B5, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringA + 4B 77FAFD58 17 Bytes [ FF, FF, 15, 54, 13, F6, 77, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringA + 5D 77FAFD6A 36 Bytes [ 73, 04, 8B, F3, 8D, BD, 30, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringByKeyA + B 77FAFE53 70 Bytes [ 90, 90, 90, 90, 90, 8B, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringByKeyA + 52 77FAFE9A 4 Bytes [ B5, EC, FD, FF ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringByKeyA + 57 77FAFE9F 8 Bytes [ 56, FF, 15, E0, D1, FC, 77, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringByKeyA + 60 77FAFEA8 2 Bytes CALL 03FAFEAA
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryStringByKeyA + 64 77FAFEAC 5 Bytes [ 8B, F0, E8, D2, A4 ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryKeyA + 2 77FAFF5F 30 Bytes [ 75, 14, 56, 57, FF, 75, 08, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryKeyA + 21 77FAFF7E 18 Bytes [ 8B, 45, F8, 68, EC, 03, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryKeyA + 3F 77FAFF9C 11 Bytes [ 74, 16, 85, F6, 74, 12, 8D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryKeyA + 4B 77FAFFA8 21 Bytes CALL 77FAA5F0 C:WINDOWSsystem32SHLWAPI.dll (Библиотека небольших программ оболочки/Корпорация Майкрософт)
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!AssocQueryKeyA + 61 77FAFFBE 23 Bytes [ FF, 8B, 4D, FC, 8B, C7, 5F, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathFindSuffixArrayW + 2F 77FB0EFC 23 Bytes [ FF, FF, 75, 0C, FF, 75, 08, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathQuoteSpacesW + 7 77FB0F5E 52 Bytes [ FF, 55, 8B, EC, 81, EC, 20, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSkipRootW + 13 77FB0FC5 94 Bytes [ FF, FF, 75, 0C, FF, 75, 08, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsSameRootW + 15 77FB1024 47 Bytes [ BF, 04, 01, 00, 00, 57, 8D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsSameRootW + 45 77FB1054 184 Bytes [ 00, 8B, 86, 84, 00, 00, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnmakeSystemFolderW + 11 77FB1127 25 Bytes [ 90, 25, 00, 25, 00, 25, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnmakeSystemFolderW + 2B 77FB1141 3 Bytes [ 55, 8B, EC ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnmakeSystemFolderW + 30 77FB1146 73 Bytes [ 39, 05, 68, DA, FC, 77, 56, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsLFNFileSpecW + 6 77FB1190 1 Byte [ 45 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsLFNFileSpecW + 8 77FB1192 9 Bytes [ 57, 8B, 7D, 0C, 8D, 8D, 70, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsLFNFileSpecW + 12 77FB119C 92 Bytes [ 89, 85, 6C, FF, FF, FF, 89, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsLFNFileSpecW + F6 77FB1280 7 Bytes [ 75, 11, 6A, FF, FF, B5, 68 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsLFNFileSpecW + 108 77FB1292 35 Bytes [ F8, 8D, 8D, 70, FF, FF, FF, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathRenameExtensionW + 2E 77FB1330 192 Bytes [ 8D, 70, FF, FF, FF, E8, 98, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsDirectoryEmptyW + 97 77FB13F1 21 Bytes [ D3, 8D, 44, 00, 02, 50, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsDirectoryEmptyW + AD 77FB1407 5 Bytes [ FF, E8, 62, 92, FB ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathIsDirectoryEmptyW + B3 77FB140D 44 Bytes [ 6A, 00, 8D, 85, F0, FD, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathW + 15 77FB143A 116 Bytes [ F4, FD, FF, FF, 50, FF, B5, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathW + 8C 77FB14B1 22 Bytes [ 89, 85, E0, FD, FF, FF, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathW + A3 77FB14C8 16 Bytes [ FF, 83, 85, E4, FD, FF, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathW + B4 77FB14D9 10 Bytes [ 5E, 5B, 8B, 4D, FC, 8B, 85, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathW + D0 77FB14F5 46 Bytes [ 55, 8B, EC, 8B, 45, 08, 53, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSetDlgItemPathW + 21 77FB16FA 9 Bytes [ FF, 68, 04, 01, 00, 00, 33, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSetDlgItemPathW + 2B 77FB1704 1 Byte [ BD ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSetDlgItemPathW + 33 77FB170C 9 Bytes [ FB, FF, 83, C4, 10, 8D, 85, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSetDlgItemPathW + 3D 77FB1716 22 Bytes [ FF, 50, 8D, 85, F0, FD, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathSetDlgItemPathW + 80 77FB1759 8 Bytes [ 85, C0, 74, 0A, C7, 85, EC, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExW + 34 77FB1A16 79 Bytes [ EB, 03, 33, DB, 43, 8B, 4D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExW + 120 77FB1B02 14 Bytes [ 90, 90, 90, 90, 90, 8B, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExW + 130 77FB1B12 62 Bytes [ A1, 80, D2, FC, 77, 53, 56, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExW + 16F 77FB1B51 60 Bytes [ 83, 04, 07, 80, 83, E3, 40, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathCompactPathExW + 1AF 77FB1B91 25 Bytes [ 8B, 85, E4, FD, FF, FF, 8B, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsW + 5F 77FB1DB8 7 Bytes [ 55, 8B, EC, 81, EC, 0C, 02 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsW + 67 77FB1DC0 59 Bytes [ 00, A1, 80, D2, FC, 77, 56, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsW + A3 77FB1DFC 11 Bytes [ 8B, F8, 85, FF, 74, 3A, 85, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsW + AF 77FB1E08 26 Bytes [ 15, 70, 14, F6, 77, 8D, 44, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!PathUnExpandEnvStringsW + CA 77FB1E23 13 Bytes [ 0D, 68, 18, 61, F9, 77, 6A, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHRegisterValidateTemplate + 3B 77FB6068 64 Bytes [ 85, C0, 74, 4D, 83, 7D, 10, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHRegisterValidateTemplate + 7C 77FB60A9 11 Bytes [ 75, 14, FF, 75, 10, FF, 75, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHRegisterValidateTemplate + 88 77FB60B5 30 Bytes [ 50, 14, 8B, D8, 5F, 8B, C3, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHRegisterValidateTemplate + A7 77FB60D4 21 Bytes [ 39, 7D, 14, 75, 0A, B8, 57, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHRegisterValidateTemplate + BD 77FB60EA 12 Bytes [ 08, F6, 86, 18, 02, 00, 00, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHReleaseThreadRef + 40 77FB6DB8 10 Bytes [ 15, 70, 13, F6, 77, 8B, 4D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHReleaseThreadRef + 4B 77FB6DC3 2 Bytes [ 59, E2 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHReleaseThreadRef + 4F 77FB6DC7 1 Byte [ C9 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHReleaseThreadRef + 51 77FB6DC9 1 Byte [ 08 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHReleaseThreadRef + 54 77FB6DCC 75 Bytes [ 41, 64, 64, 49, 6E, 74, 65, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHIsLowMemoryMachine + 3F 77FB6E18 4 Bytes [ 56, 68, 02, 00 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHIsLowMemoryMachine + 60 77FB6E39 1 Byte [ 56 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHIsLowMemoryMachine + 62 77FB6E3B 5 Bytes [ 01, 00, 00, 80, E8 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHIsLowMemoryMachine + 68 77FB6E41 19 Bytes [ AE, FB, FF, F7, D8, 1B, C0, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHIsLowMemoryMachine + 7C 77FB6E55 7 Bytes [ FF, 55, 8B, EC, 56, 6A, 04 ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!GetAcceptLanguagesA + 41 77FBDD46 1 Byte [ 10 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!GetAcceptLanguagesA + 43 77FBDD48 2 Bytes [ 4B, 01 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!GetAcceptLanguagesA + 46 77FBDD4B 74 Bytes [ 00, 57, FF, 15, C4, 17, F6, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!GetAcceptLanguagesA + D3 77FBDDD8 37 Bytes [ FF, 75, 14, FF, 75, 10, 50, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!GetAcceptLanguagesA + FA 77FBDDFF 107 Bytes [ 10, FF, 35, 80, DC, FC, 77, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCompareA + 24 77FBECA1 1 Byte [ 01 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCompareA + 26 77FBECA3 12 Bytes CALL 77FAD927 C:WINDOWSsystem32SHLWAPI.dll (Библиотека небольших программ оболочки/Корпорация Майкрософт)
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCompareA + 33 77FBECB0 9 Bytes [ 15, 88, 14, F6, 77, EB, 03, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCompareA + 3D 77FBECBA 12 Bytes [ 8B, 4D, FC, 5F, 8B, C6, 5E, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCompareA + 4A 77FBECC7 133 Bytes [ C9, C3, 90, 90, 90, 70, 73, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashA 77FBED92 54 Bytes [ 90, 90, 8B, FF, 55, 8B, EC, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashA + 3A 77FBEDCC 149 Bytes [ 8B, FF, 55, 8B, EC, 56, 8B, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashW + 95 77FBEE62 43 Bytes [ FF, 55, 8B, EC, 81, EC, 0C, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashW + C1 77FBEE8E 124 Bytes [ 45, 08, 50, 57, 57, FF, 15, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashW + 13E 77FBEF0B 89 Bytes [ C0, 74, 27, 56, FF, 15, 6C, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashW + 198 77FBEF65 85 Bytes [ FF, 89, 45, FC, 8B, 45, 0C, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlHashW + 1EE 77FBEFBB 72 Bytes [ 01, 00, 00, A1, 80, D2, FC, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlEscapeA + 1 77FBF64E 7 Bytes [ 00, 25, 00, FF, 00, 00, 09 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlEscapeA + 9 77FBF656 29 Bytes [ 83, 7B, 14, 00, 74, 0A, 8B, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlEscapeA + 27 77FBF674 36 Bytes [ 55, 8B, EC, 8B, 45, 08, 8B, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlEscapeA + 4C 77FBF699 40 Bytes [ 85, C0, 74, 12, 6A, 0A, 59, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlEscapeA + 75 77FBF6C2 35 Bytes [ 41, 24, 85, C0, 75, 13, 39, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlGetPartA + 24 77FBF75E 8 Bytes [ 56, 8B, 75, 08, 8B, 06, 57, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlGetPartA + 2D 77FBF767 1 Byte [ 02 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlGetPartA + 2F 77FBF769 76 Bytes [ 00, 23, C3, 50, FF, 76, 14, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlGetPartA + 7C 77FBF7B6 8 Bytes [ 76, 14, FF, 76, 10, E8, 46, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlGetPartA + 87 77FBF7C1 34 Bytes [ 75, F8, 89, 45, 08, 8D, 45, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlUnescapeA + 13 77FBF853 100 Bytes [ FF, 55, 8B, EC, 51, 83, 65, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlUnescapeA + 78 77FBF8B8 16 Bytes [ F4, C7, 45, FC, 05, 40, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlUnescapeA + 89 77FBF8C9 34 Bytes [ 55, 8B, EC, 8B, 45, 08, 66, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCreateFromPathA + 1A 77FBF8EC 68 Bytes [ EC, 81, EC, 34, 04, 00, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCreateFromPathA + 5F 77FBF931 39 Bytes [ 50, 01, 00, 00, 56, BE, 04, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCreateFromPathA + 87 77FBF959 35 Bytes [ 50, 8D, 85, F4, FD, FF, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCreateFromPathA + AB 77FBF97D 33 Bytes [ FF, 89, BD, D8, FB, FF, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlCreateFromPathA + CD 77FBF99F 69 Bytes [ 50, 6A, FF, 8D, 85, F8, FE, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeA + 27 77FBF9E6 17 Bytes [ FF, 50, 8D, 85, F4, FD, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeA + 39 77FBF9F8 3 Bytes CALL C8FBF9F8
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeA + 3E 77FBF9FD 8 Bytes [ 50, 8D, 85, F8, FE, FF, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeA + 47 77FBFA06 11 Bytes [ B5, D8, FB, FF, FF, 89, B5, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeA + 53 77FBFA12 11 Bytes [ B5, DC, FB, FF, FF, 89, B5, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeW 77FBFA9A 56 Bytes [ 90, 90, 53, 6F, 66, 74, 77, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeW + 39 77FBFAD3 81 Bytes [ 90, 90, 90, 90, 90, 8B, FF, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeW + B4 77FBFB4E 1 Byte [ 53 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeW + F9 77FBFB93 38 Bytes [ 00, 5C, 00, 57, 00, 69, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlApplySchemeW + 120 77FBFBBA 48 Bytes [ 73, 00, 69, 00, 6F, 00, 6E, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlIsNoHistoryA + 1C 77FBFF12 36 Bytes [ C7, 5F, 5E, C3, 90, 90, 90, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlIsNoHistoryA + 41 77FBFF37 1 Byte [ 6A ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlIsNoHistoryA + 43 77FBFF39 1 Byte [ 6A ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlIsNoHistoryA + 45 77FBFF3B 6 Bytes [ 6A, 2F, 53, FF, 76, 04 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!UrlIsNoHistoryA + 4C 77FBFF42 84 Bytes CALL 77F83AC7 C:WINDOWSsystem32SHLWAPI.dll (Библиотека небольших программ оболочки/Корпорация Майкрософт)
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamOnFileA + 2 77FC0128 50 Bytes [ 75, 07, B8, 96, 00, 00, 00, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamOnFileA + 36 77FC015C 36 Bytes [ 66, 8B, 4C, 4D, BC, 66, 85, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamOnFileA + 5B 77FC0181 46 Bytes [ 74, 05, 83, C0, 14, EB, 27, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamOnFileA + 8A 77FC01B0 20 Bytes [ 85, B4, EF, FF, FF, 8B, 8D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamOnFileA + 9F 77FC01C5 35 Bytes [ 72, 8F, 33, DB, 8B, 8D, B8, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHOpenRegStreamW + 23 77FC22F5 107 Bytes [ 00, 74, 5C, 8B, 45, 08, 3B, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHOpenRegStreamW + 8F 77FC2361 1 Byte [ D7 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHOpenRegStreamW + 91 77FC2363 70 Bytes [ 45, FC, 5F, 5E, 5B, C9, C2, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHOpenRegStreamW + D8 77FC23AA 42 Bytes [ 3A, 89, 4D, F8, 8B, 4D, 0C, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHOpenRegStreamW + 104 77FC23D6 10 Bytes [ 39, 75, F4, 75, 05, 33, F6, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DllGetVersion + D 77FC5996 72 Bytes [ 00, 5F, 8B, C6, 5E, 5D, C2, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DllGetVersion + 57 77FC59E0 22 Bytes [ 8D, 85, FC, F5, FF, FF, 50, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DllGetVersion + 6E 77FC59F7 81 Bytes [ FF, 68, 00, 01, 00, 00, 8D, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DllGetVersion + C0 77FC5A49 10 Bytes [ FF, 55, 8B, EC, 83, EC, 18, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DllGetVersion + CB 77FC5A54 97 Bytes [ 45, 1C, FF, 75, 14, 83, 65, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DelayLoadFailureHook + 20 77FC6A55 82 Bytes [ 55, 8B, EC, 8B, 45, 08, 56, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DelayLoadFailureHook + 74 77FC6AA9 6 Bytes [ 5E, 0F, 95, C1, 8B, C1 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DelayLoadFailureHook + 7C 77FC6AB1 1 Byte [ 08 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DelayLoadFailureHook + 83 77FC6AB8 58 Bytes [ 8B, FF, 55, 8B, EC, 51, 83, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!DelayLoadFailureHook + BE 77FC6AF3 94 Bytes [ 55, 8B, EC, 56, 33, F6, 39, … ]
.text …
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamWrapper + B 77FC7A26 3 Bytes [ 6E, 00, 63 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamWrapper + F 77FC7A2A 4 Bytes [ 65, 00, 64, 00 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamWrapper + 14 77FC7A2F 1 Byte [ 00 ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamWrapper + 19 77FC7A34 39 Bytes [ 90, 8B, FF, 55, 8B, EC, 56, … ]
.text C:WINDOWSsystem32svchost.exe[220] SHLWAPI.dll!SHCreateStreamWrapper + 41 77FC7A5C 19 Bytes [ 8B, F0, 85, F6, 74, 07, 6A, … ]
.text …
? C:WINDOWSSystem32alg.exe[260] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32csrss.exe[712] C:WINDOWSsystem32KERNEL32.dll time/date stamp mismatch;
? C:WINDOWSsystem32winlogon.exe[736] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32services.exe[784] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32lsass.exe[796] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32svchost.exe[964] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32svchost.exe[1028] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSSystem32svchost.exe[1156] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32svchost.exe[1244] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:Program FilesMozilla Firefoxfirefox.exe[1256] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32svchost.exe[1460] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSExplorer.EXE[1492] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32spoolsv.exe[1708] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSSOUNDMAN.EXE[1920] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSSamsungComSMMgrssmmgr.exe[1932] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? E:Program FilesKleptomaniak-mania.exe[1956] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:WINDOWSsystem32ctfmon.exe[1964] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;
? C:Documents and SettingsUserРабочий столgmer.exe[3196] C:WINDOWSsystem32kernel32.dll time/date stamp mismatch;—- User IAT/EAT — GMER 1.0.14 —-
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32svchost.exe [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32svchost.exe [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32svchost.exe [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[220] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSystem32alg.exe[260] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ c:windowssystem32WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ c:windowssystem32WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32svchost.exe[1460] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSExplorer.EXE [KERNEL32.dll!LoadLibraryExA] [7C882FB0] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSExplorer.EXE [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSExplorer.EXE [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSExplorer.EXE [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSExplorer.EXE [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSExplorer.EXE[1492] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32netapi32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32netapi32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32spoolsv.exe[1708] @ C:WINDOWSsystem32netapi32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00B004A8
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00B004D2
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00B004FC
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00B00526
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00B00550
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B0057A
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B0086E
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00B00898
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] 00B008C2
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!FreeLibrary] 00B008EC
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] 00B00916
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] 00B00940
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B20454
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!LoadLibraryA] 00B2047E
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!LoadLibraryW] 00B204A8
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!GetProcAddress] 00B204D2
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!FreeLibrary] 00B204FC
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!SetErrorMode] 00B0032E
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!GetModuleFileNameA] 00B00208
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryW] 00B00304
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!GetModuleFileNameW] 00B00232
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryExW] 00B002DA
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B00358
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!GetProcAddress] 00B0025C
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryA] 00B00286
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!FreeLibrary] 00B001DE
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32psapi.dll [KERNEL32.dll!LoadLibraryA] 00B00286
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32psapi.dll [KERNEL32.dll!FreeLibrary] 00B001DE
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32psapi.dll [KERNEL32.dll!GetProcAddress] 00B0025C
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32psapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B00358
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!GetProcAddress] 00B0025C
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 00B00208
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!LoadLibraryA] 00B00286
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!FreeLibrary] 00B001DE
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B00358
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 00B00304
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B00358
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 00B00286
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!FreeLibrary] 00B001DE
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!GetProcAddress] 00B0025C
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1860] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 00B00208
IAT C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe[1892] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSOUNDMAN.EXE[1920] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSOUNDMAN.EXE[1920] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSOUNDMAN.EXE[1920] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSOUNDMAN.EXE[1920] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSOUNDMAN.EXE[1920] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSOUNDMAN.EXE[1920] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSOUNDMAN.EXE[1920] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSamsungComSMMgrssmmgr.exe[1932] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSamsungComSMMgrssmmgr.exe[1932] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSamsungComSMMgrssmmgr.exe[1932] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSamsungComSMMgrssmmgr.exe[1932] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSamsungComSMMgrssmmgr.exe[1932] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSamsungComSMMgrssmmgr.exe[1932] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSSamsungComSMMgrssmmgr.exe[1932] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT E:Program FilesKleptomaniak-mania.exe[1956] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT E:Program FilesKleptomaniak-mania.exe[1956] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT E:Program FilesKleptomaniak-mania.exe[1956] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT E:Program FilesKleptomaniak-mania.exe[1956] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT E:Program FilesKleptomaniak-mania.exe[1956] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT E:Program FilesKleptomaniak-mania.exe[1956] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT E:Program FilesKleptomaniak-mania.exe[1956] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32ctfmon.exe[1964] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32ctfmon.exe[1964] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32ctfmon.exe[1964] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32ctfmon.exe[1964] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32ctfmon.exe[1964] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32ctfmon.exe[1964] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:WINDOWSsystem32ctfmon.exe[1964] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 009604A8
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 009604D2
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 009604FC
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00960526
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00960550
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 0096057A
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 0096086E
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00960898
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] 009608C2
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!FreeLibrary] 009608EC
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] 00960916
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] 00960940
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00980454
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!LoadLibraryA] 0098047E
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!LoadLibraryW] 009804A8
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!GetProcAddress] 009804D2
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32Secur32.dll [KERNEL32.dll!FreeLibrary] 009804FC
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!SetErrorMode] 0096032E
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!GetModuleFileNameA] 00960208
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryW] 00960304
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!GetModuleFileNameW] 00960232
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryExW] 009602DA
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00960358
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!GetProcAddress] 0096025C
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!LoadLibraryA] 00960286
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WININET.dll [KERNEL32.dll!FreeLibrary] 009601DE
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32psapi.dll [KERNEL32.dll!LoadLibraryA] 00960286
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32psapi.dll [KERNEL32.dll!FreeLibrary] 009601DE
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32psapi.dll [KERNEL32.dll!GetProcAddress] 0096025C
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32psapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00960358
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!GetProcAddress] 0096025C
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 00960208
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!LoadLibraryA] 00960286
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!FreeLibrary] 009601DE
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00960358
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 00960304
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00960358
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 00960286
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!FreeLibrary] 009601DE
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!GetProcAddress] 0096025C
IAT C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe[1984] @ C:WINDOWSsystem32NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 00960208
IAT C:Documents and SettingsUserРабочий столgmer.exe[3196] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C882FD8] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Documents and SettingsUserРабочий столgmer.exe[3196] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)IAT C:Documents and SettingsUserРабочий столgmer.exe[3196] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Documents and SettingsUserРабочий столgmer.exe[3196] @ C:WINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Documents and SettingsUserРабочий столgmer.exe[3196] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C882F9C] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Documents and SettingsUserРабочий столgmer.exe[3196] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C882FC4] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)
IAT C:Documents and SettingsUserРабочий столgmer.exe[3196] @ C:WINDOWSsystem32RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C882FEC] C:WINDOWSsystem32kernel32.dll (Библиотека клиента Windows NT BASE API/Корпорация Майкрософт)—- Devices — GMER 1.0.14 —-
AttachedDevice FileSystemNtfs Ntfs klif.sys (spuper-ptor/Kaspersky Lab)
AttachedDevice FileSystemFastfat Fat klif.sys (spuper-ptor/Kaspersky Lab)—- Registry — GMER 1.0.14 —-
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 �W�A�N� �(�L�002�T�P�) 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 �W�A�N� �(�P�P�T�P�) 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 �W�A�N� �(�P�P�P�o�E�) 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@374@4O4<4>494 �?�0404@�0404;4;�0454;4L4=4K494 �?4>4@4B4 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 �W�A�N� �(�I�P�) 1?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 �?4;�0404=484@4>�0424I484:�0404 �?�0404:�0454B4>�0424 1?2?
Reg HKLMSYSTEMCurrentControlSetControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@20�044�0404?4B�0454@4 �<484=484?4>4@4B�0404 �M�i�c�r�o�s�o�f�t� �T�u�n 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 �W�A�N� �(�L�002�T�P�) 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 �W�A�N� �(�P�P�T�P�) 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 �W�A�N� �(�P�P�P�o�E�) 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@374@4O4<4>494 �?�0404@�0404;4;�0454;4L4=4K494 �?4>4@4B4 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 �W�A�N� �(�I�P�) 1?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@34484=484?4>4@4B4 �?4;�0404=484@4>�0424I484:�0404 �?�0404:�0454B4>�0424 1?2?
Reg HKLMSYSTEMControlSet002ControlNetwork{4D36E972-E325-11CE-BFC1-08002BE10318}Descriptions@20�044�0404?4B�0454@4 �<484=484?4>4@4B�0404 �M�i�c�r�o�s�o�f�t� �T�u�n 1?—- EOF — GMER 1.0.14 —-
второй
GMER 1.0.14.14536 — http://www.gmer.net
Autostart scan 2008-12-28 11:31:10
Windows 5.1.2600 Service Pack 2HKLMSYSTEMCurrentControlSetControlSession Manager@BootExecute = »» /*file not found*/
HKLMSYSTEMCurrentControlSetControlSession ManagerSubSystems@Windows = %SystemRoot%system32csrss.exe ObjectDirectory=Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon@Userinit = C:WINDOWSsystem32userinit.exe,
HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogonNotifyklogon@DLLName = C:WINDOWSsystem32klogon.dll
HKLMSYSTEMCurrentControlSetServices >>>
ABBYY.Licensing.FineReader.Professional.9.0@ = «C:Program FilesABBYY FineReader 9.0NetworkLicenseServer.exe» -service
AVP@ = «C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe» -rHKLMSoftwareMicrosoftWindowsCurrentVersionRun >>>
@AVP»C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe» = «C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe»
@SoundManSOUNDMAN.EXE = SOUNDMAN.EXE
@Samsung Common SM»C:WINDOWSSamsungComSMMgrssmmgr.exe» /autorun = «C:WINDOWSSamsungComSMMgrssmmgr.exe» /autorun
@KernelFaultCheck%systemroot%system32dumprep 0 -k = %systemroot%system32dumprep 0 -kHKCUSoftwareMicrosoftWindowsCurrentVersionRun >>>
@KleptomaniaE:Program FilesKleptomaniak-mania.exe = E:Program FilesKleptomaniak-mania.exe
@CTFMON.EXEC:WINDOWSsystem32ctfmon.exe = C:WINDOWSsystem32ctfmon.exeHKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Расширение CPL панорамирования дисплея*/(null) =
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Свойства: Предыдущие версии*/%SystemRoot%system32twext.dll = %SystemRoot%system32twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Предыдущие версии*/%SystemRoot%system32twext.dll = %SystemRoot%system32twext.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:WINDOWSsystem32extmgr.dll = C:WINDOWSsystem32extmgr.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Веб-папки*/C:PROGRA~1COMMON~1MICROS~1WEBFOL~1MSONSEXT.DLL = C:PROGRA~1COMMON~1MICROS~1WEBFOL~1MSONSEXT.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:Program FilesMicrosoft OfficeOFFICE11msohev.dll = C:Program FilesMicrosoft OfficeOFFICE11msohev.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:Program FilesWinRARrarext.dll = C:Program FilesWinRARrarext.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:WINDOWSsystem32dfshim.dll = C:WINDOWSsystem32dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:WINDOWSsystem32dfshim.dll = C:WINDOWSsystem32dfshim.dll
@{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft.XPS.Shell.Metadata.1*/%SystemRoot%System32XPSSHHDR.DLL = %SystemRoot%System32XPSSHHDR.DLL
@{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft.XPS.Shell.Thumbnail.1*/%SystemRoot%System32XPSSHHDR.DLL = %SystemRoot%System32XPSSHHDR.DLL
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser Architecture*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:WINDOWSsystem32ieframe.dll = C:WINDOWSsystem32ieframe.dll
@{59A3380E-5305-4cea-BD99-4F2FF510C91F} /*FineReader9ContextMenu*/C:Program FilesABBYY FineReader 9.0FRIntegration.dll = C:Program FilesABBYY FineReader 9.0FRIntegration.dllHKLMSoftwareClasses*shellexContextMenuHandlers >>>
FineReader9ContextMenu@{59A3380E-5305-4cea-BD99-4F2FF510C91F} = C:Program FilesABBYY FineReader 9.0FRIntegration.dll
Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows WorkstationsShellEx.dll
PromtMenu@{E28C61E1-67D8-4005-9BF4-E232B2EB9012} = C:Program FilesPRMT8PRMTprmshell.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:Program FilesWinRARrarext.dllHKLMSoftwareClassesDirectoryshellexContextMenuHandlersWinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:Program FilesWinRARrarext.dll
HKLMSoftwareClassesFoldershellexContextMenuHandlers >>>
Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows WorkstationsShellEx.dll
MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = C:Program FilesMalwarebytes’ Anti-Malwarembamext.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:Program FilesWinRARrarext.dllHKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
HKCUControl PanelDesktop@SCRNSAVE.EXE = C:WINDOWSsystem32logon.scr
HKLMSoftwareMicrosoftInternet ExplorerMain >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Local Page%SystemRoot%system32blank.htm = %SystemRoot%system32blank.htmHKCUSoftwareMicrosoftInternet ExplorerMain >>>
@Default_Page_URLhttp://search.qip.ru = http://search.qip.ru
@Start Pagehttp://www.yandex.ru/ = http://www.yandex.ru/
@Local PageC:WINDOWSsystem32blank.htm = C:WINDOWSsystem32blank.htmHKLMSoftwareClassesPROTOCOLSFiltertext/xml@CLSID = C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL
HKLMSoftwareClassesPROTOCOLSHandler >>>
dvd@CLSID = C:WINDOWSsystem32msvidctl.dll
its@CLSID = C:WINDOWSsystem32itss.dll
mhtml@CLSID = %SystemRoot%system32inetcomm.dll
ms-its@CLSID = C:WINDOWSsystem32itss.dll
mso-offdap11@CLSID = C:PROGRA~1COMMON~1MICROS~1WEBCOM~111OWC11.DLL
tv@CLSID = C:WINDOWSsystem32msvidctl.dllHKLMSoftwareClassesPROTOCOLSHandlerwia@CLSID = C:WINDOWSsystem32wiascr.dll
—- EOF — GMER 1.0.14 —-
Кроме этого заметил, что ПК проработал в безопасном режиме более 4 часов и не завис. Поэтому через диспетчер задач снял работающие файлы в 2 режимах:Безопасный режим с загрузкой сетевых драйверов:
Имя образа Имя пользователя ЦП Память
taskmgr.exe User 02 3 704 КБ
ctfmon.exe User 00 1 428 КБ
WINWORD.EXE User 00 30 852 КБ
Explorer.EXE User 00 10 044 КБ
k-mania.exe User 15 3 116 КБ
svchost.exe LOCAL SERVICE 00 1 404 КБ
firefox.exe User 00 69 604 КБ
svchost.exe NETWORK SERVICE 00 1 376 КБ
svchost.exe SYSTEM 00 4 800 КБ
svchost.exe NETWORK SERVICE 00 2 212 КБ
svchost.exe SYSTEM 00 1 920 КБ
lsass.exe SYSTEM 01 916 КБ
services.exe SYSTEM 00 1 664 КБ
winlogon.exe SYSTEM 00 364 КБ
csrss.exe SYSTEM 02 2 292 КБ
smss.exe SYSTEM 00 140 КБ
System SYSTEM 00 72 КБ
Бeздeйcтвиe cиcтeмы SYSTEM 80 16 КБИ обычный режим:
Имя образа Имя пользователя ЦП Память
taskmgr.exe 02 1 808 КБ
ctfmon.exe 00 512 КБ
WINWORD.EXE User 00 35 728 КБ
Explorer.EXE 00 8 184 КБ
k-mania.exe 29 1 624 КБ
svchost.exe 00 1 388 КБ
svchost.exe 00 364 КБ
svchost.exe 14 6 608 КБ
svchost.exe 00 1 656 КБ
svchost.exe 00 1 344 КБ
lsass.exe 00 3 140 КБ
services.exe 00 2 092 КБ
winlogon.exe 00 3 348 КБ
csrss.exe 00 1 580 КБ
smss.exe 00 184 КБ
System 01 44 КБ
Бeздeйcтвиe cиcтeмы SYSTEM 46 16 КБ
wuauclt.exe SYSTEM 00 1440 КБ
SSMMgr.exe 00 496 КБ
SOUNDMAN.exe 00 416 КБ
avp.exe 00 3380КБ
NetworkLicenseServer.exe 00 756 КБ
spoolsv.exe 00 1644 КБ
alg.exe LOCAL SERVICE 00 496 КБ
svchost.exe 00 980 КБ
avp.exe 07 28336 КБСравнение показало, что в обычном режиме файлы занимают памяти меньше, чем те же файлы в безопасном, а также в обычном режиме загружены дополнительно файлы:
wuauclt.exe;
SSMMgr.exe;
SOUNDMAN.exe;
avp.exe;
NetworkLicenseServer.exe;
spoolsv.exe;
alg.exe;
svchost.exe;
avp.exe.Не имеют ли некоторые из них отношение к вирусам?
Также меня насторожило то, что файл avp.exe загружен дважды.Тогда я на всякий случай проверил диск С: на наличие эитх файлов и оказалось что их там 5 штук:
c:Documents and SettingsAll UsersApplication DataKaspersky LabAVP6DataUpdaterTemporary FilestemporaryFolderAutoPatcheskav66.0.2.678avp.exe
c:Documents and SettingsAll UsersApplication DataKaspersky LabAVP6DataUpdaterTemporary FilestemporaryFolderAutoPatcheskav66.0.3.830avp.exe
c:kav_baseAutoPatcheskav66.0.2.678avp.exe
c:kav_baseAutoPatcheskav66.0.3.830avp.exe
c:Program FilesKaspersky LabKaspersky Anti-Virus 6.0 for Windows Workstationsavp.exe
Может быть появились некоторые лишние файлы avp.exe из-за того, что проверка on-line с помощью антивирусника Kaspersky не получилась (писал в первом письме), а он что-то закачивал на ПК.
И еще вот что. Снял файлы в корневом каталоге С:
Имя тип Размер Дата Атрибут
ntldr 250 624 03.08.2004 17:59 rahs
Found 002 32 768 10.12.2008 10:11 —hs
Autoexec bat 0 17.11.2008 20:38 -a—
Bootfont bin 4 952 20.10.2001 11:00 rahs
Ntdetect com 47 564 03.08.2004 17:38 rahs
OTViewIt exe 0 28.12.2008 10:41 -a—
boot ini 214 04.12.2008 19:28 —hs
Config sys 0 17.11.2008 20:38 -a—
Io sys 0 17.11.2008 20:38 rahs
Msdos sys 0 17.11.2008 20:38 rahs
pagefile sys 402 653 184 29.12.2008 21:14 -ahs
1 txt 8 093 24.11.2008 19:10 -a—
SAFEBOOT_REPA R TXT 13 554 02.12.2008 20:57 -a—Вот какие сомнения:
Много файлов архивных, системных, скрытых и только для чтения. Причем некоторые из них имеют огромный размер, а другие – нулевой.
А также вот это что за файлы, не вирус ли:
C:Recycled*.*
Имя тип Размер Дата Атрибут
Info2 1 620 29.12.2008 20:50 -ah-
Dc2 doc 162 29.12.2008 20:28 -ah-
desktop ini 65 29.12.2008 17:12 —hs
Dc1 lnk 2 463 28.12.2008 12:45 -a—Если вирус, то почему его не видят антивирус Касперского и все рекомендованные Вами программы? Может быть мне стоит снять все файлы *.exe и *.ini и среди них выявлять вирусы-трояны?
Отчего же зависает компьютер?
Удалите MaxAntiSpy 1.5
Удалите также Kleptomania 2.4 (в связи с ошибками модуля программы в логах), Антивирус Касперского.
Adobe Reader рекомендую обновить до последней версии.
После удаления антивируса воспользуйтесь утилитой KAVremover9.zip
Cкачайте CureIt и проведите полную проверку системы, установите заново Антивирус Касперского
Судя по записям ошибок в логах и таким записям какO4 — HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
2008-12-23 19:20:30 —-SHD—- C:FOUND.000
[2008.12.10 10:11:32 | 00,032,768 | -HS- | M] () — C:FOUND.002
и
Error — 14.12.2008 6:08:39 | Computer Name = CHELOVEKI | Source = Application Error | ID = 1005
Description = Нет доступа к файлу C:WINDOWSSystem32ESENT.DLL по одной из следующих
причин: либо возникли проблемы с сетевым подключением, диском с файлом или хранилищем
с драйверами, установленными на этом компьютере, либо отсутствует диск. Программа
ESENT.DLL была закрыта вследствие ошибки. Программа: ESENT.DLL Файл: C:WINDOWSSystem32ESENT.DLL3. Проверьте и восстановите
файловую систему, выполняя команду CHKDSK. Чтобы запустить команду CHKDSK, щелкните
«Пуск», «Выполнить», напечатайте «CMD» и нажмите «ОК». В командной строке введите
«CHKDSK /F» и нажмите «ВВОД».Установите WindowsXP SP3 и все последующие обновления — http://windowsupdate.microsoft.com
Попробуйте переустановить драйвера на железо (желательно новые версии, скачивать с сайта производителя)
Возможно ваша проблема не имеет отношения к вирусам и у вас проблемы с железом (почистите от пыли системник, кулеры) , рекомендую проверить, например с помощью Everest, температуру процессора, видеокарты и материнской платы, протестировать память и винчестер (рекомендую подумать о его замене).Pili, вам правильно всё сказал. Попробуйте его советы.
Судя по логам, ничего странного нет, но в логах описывающих системные ошибки проскакивают сообщения об ошибках, которые могут возникать из-за проблем с жестким диском. Тем более на вашем диске C присутствуют каталоги FOUND….
Эти каталоги обозначают наличие потерянных секторов на диске. В таких случаях рекомендуется заменить жесткий диск.
- Для ответа в этой теме необходимо авторизоваться.
