Poslao: 10 Okt 2007 21:57
|
offline
- Rogi
- Mod u pemziji
- Najbolji košarkaš koji
- je ikada igrao ovu igru
- Pridružio: 31 Avg 2005
- Poruke: 11687
|
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-10-10 21:53:56
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.13 ----
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwClose
SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateKey
SSDT \SystemRoot\System32\vsdatant.sys ZwCreatePort
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSymbolicLinkObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateThread
SSDT \SystemRoot\System32\vsdatant.sys ZwCreateWaitablePort
SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwFlushKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwInitializeRegistry
SSDT \SystemRoot\System32\vsdatant.sys ZwLoadDriver
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey2
SSDT \SystemRoot\System32\vsdatant.sys ZwMapViewOfSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwNotifyChangeKey
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenKey
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenSection
SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryMultipleValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQuerySystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryValueKey
SSDT \SystemRoot\System32\vsdatant.sys ZwRenameKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwReplaceKey
SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwRestoreKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwResumeThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSaveKey
SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetContextThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetSecurityObject
SSDT \SystemRoot\System32\vsdatant.sys ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSuspendThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSystemDebugControl
SSDT \SystemRoot\System32\vsdatant.sys ZwTerminateProcess
SSDT \SystemRoot\System32\vsdatant.sys ZwUnloadDriver
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwUnloadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwWriteVirtualMemory
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[284]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[285]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[286]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[287]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[288]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[289]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[290]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[291]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[292]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[293]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[294]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[295]
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[296]
Code \??\C:\WINDOWS\system32\drivers\klif.sys FsRtlCheckLockForReadAccess
Code \??\C:\WINDOWS\system32\drivers\klif.sys IoIsOperationSynchronous
---- Kernel code sections - GMER 1.0.13 ----
.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAE80 5 Bytes JMP B770AA50 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntkrnlpa.exe!IoIsOperationSynchronous 804EF808 5 Bytes JMP B770AF50 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntkrnlpa.exe!KiDispatchInterrupt + 100 80544D00 7 Bytes JMP B770E000 \??\C:\WINDOWS\system32\drivers\klif.sys
? srescan.sys The system cannot find the file specified.
---- Kernel IAT/EAT - GMER 1.0.13 ----
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter] 89AC6E80
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter] 89AC6A70
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] 89AC7050
IAT \SystemRoot\system32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] 89AC68F0
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [B781B9F0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [B781BF10] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [B781C070] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [B781BB60] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [B781BB60] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [B781B9F0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [B781BF10] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [B781C070] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [B781B9F0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [B781C070] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [B781BF10] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [B781BB60] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [B781C070] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [B781BF10] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [B781B9F0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] 89A99870
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] 89A99870
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B781BB60] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B781B9F0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B781BF10] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B781C070] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\rspndr.sys[NDIS.SYS!NdisRegisterProtocol] [B781B9F0] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\rspndr.sys[NDIS.SYS!NdisOpenAdapter] [B781BF10] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\rspndr.sys[NDIS.SYS!NdisDeregisterProtocol] [B781BB60] \SystemRoot\System32\vsdatant.sys
IAT \SystemRoot\system32\DRIVERS\rspndr.sys[NDIS.SYS!NdisCloseAdapter] [B781C070] \SystemRoot\System32\vsdatant.sys
---- User IAT/EAT - GMER 1.0.13 ----
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ctfmon.exe[220] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT D:\ObjectDock\ObjectDock.exe[432] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[624] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[724] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[748] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[792] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\LSASRV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SAMSRV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\lsass.exe[804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WIN
|
|
|
|
Poslao: 11 Okt 2007 11:41
|
offline
- rapha
- Mod u pemziji
- Pridružio: 14 Feb 2005
- Poruke: 9113
- Gde živiš: Beograd
|
Pazi `vako druže,
Posle mnogo razmišljanja, mišljenja drugih ljudi konstatujem da je tvoj slučaj "naj-spooky" do sada..
Šalu na stranu, mnogo čudnih stvari se ovde izdešavalo. Pregledao sam logove i u njima ne vidim ništa sumljivo. Fale neke stvari u logovima ali to si i sam rekao pošto si neke stvari izbacio iz klasične instalacije XP-a.
E sad, nije mi jasno kako to da su oštećeni fajlovi na drugoj particiji a da sistemska radi normalno (nije ni pipnuta). Da je neki malware u pitanju sigurno je da bi prvo stradala sistemska particija.
Drugo, formatirao si sve particije osim sistemske. Ne vidim logiku u tome. Zar nije logičnije da si prvo formatirao sistemsku a da si ostale particije samo bekapovao? Koliko vidim imaš neke programe instalirane i na toj "rezervnoj" particiji, recimo sporni FF?
Konsultovao sam konkretno sa dr Borom u vezi ovog slučaja ali bih voleo da sačekam Bobija da i on da svoje mišljenje u vezi ovoga, jer je sve ovo mnogo čudno..
Iskreno, meni više liči da je problem sa hdd-om (bad sektori, greška sa fajl sistemom..) nego neki malware..
Molio bih te da se strpiš još malo, dok ne ustanovimo šta je u pitanju..
pozdrav
|
|
|
|
Poslao: 11 Okt 2007 12:13
|
offline
- Rogi
- Mod u pemziji
- Najbolji košarkaš koji
- je ikada igrao ovu igru
- Pridružio: 31 Avg 2005
- Poruke: 11687
|
Formatirao sam jednu particiju zato što sam na njoj imao ona četri fajla, koja nisam mogao da obrišem, prethodno sam sve filmove i muziku narezao. A i onako sve što je ostalo na toj particiji su instalacije, a bile su neispravne!
Drugi particiju sam formatirao za svaki slučaj, ona je i onako bila skroz prazna. Sinoć sam proverio RAM, skroz je ispravan, HD ću da proverim sada, pa ću da ti javim.
Ali kad bolje pogledam, bolje je da je neki malwer nego HD.
Hvala još jednom!
|
|
|
|
Poslao: 11 Okt 2007 23:12
|
offline
- rapha
- Mod u pemziji
- Pridružio: 14 Feb 2005
- Poruke: 9113
- Gde živiš: Beograd
|
Particije su formatirane, a nije nađen nikakav dokaz da je u pitanju malware..
Ostaviću temu još koji dan za ne daj Bože jer se dosta čudnog u ovom slučaju izdešavalo a nakon toga je prebacujem u Arhivu Ambulante..
pozdrav
|
|
|
|
Poslao: 11 Okt 2007 23:25
|
offline
- Rogi
- Mod u pemziji
- Najbolji košarkaš koji
- je ikada igrao ovu igru
- Pridružio: 31 Avg 2005
- Poruke: 11687
|
Pozdrav i tebi...
Proverio sam sav hardwer, i sve šljaka kao sat! Komp je star 5 meseci.
Hvala na pomoći, nadam se da se nećemo dopisivati više u Ambulanti, nego na drugim podforumima na MyCity-ju!
|
|
|
|