GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-11-17 23:10:47 Windows 5.1.2600 Dodatek Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-16 ST3160815AS rev.4.CCC Running: m9ep0w2j.exe; Driver: C:\DOCUME~1\dib\USTAWI~1\Temp\kwrcyfow.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xB3C4D55C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xB3BE9A82] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xB3C00962] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xB3BE9FFA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xB3BE9EE0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xB3C00C88] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateProcess [0xB3C4F4D6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateProcessEx [0xB3C4F6F2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xB3C505B2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xB3BEA11A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xB3C4FBB6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xB3C00D56] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xB3C4F37C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xB3BFA9E2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xB3BFC1CA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xB3BE9AC6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xB3C4D69E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xB3BFB9D6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xB3BFC36A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xB3C4D306] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xB3BFB51A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xB3BFB772] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xB3C503AC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xB3BFF126] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xB3BEA090] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xB3BE9F70] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xB3C4EF24] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xB3C5085E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xB3BEA1B0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xB3C4F912] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xB3BFA816] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xB3BFBFD8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryObject [0xB3BFF332] SSDT \??\C:\WINDOWS\system32\drivers\avgtpx86.sys (AVG Technologies) ZwQueryValueKey [0xB81F91EA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xB3C50260] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xB3BFAAF6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xB3BFB168] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xB3C00F96] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xB3C00E24] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePortEx [0xB3C00EDA] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xB3C01006] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xB3BFB36E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xB3C4FF8C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xB3BFAC9A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKeyEx [0xB3BFAE30] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveMergedKeys [0xB3BFAFCC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xB3C00AF0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xB3C500E8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xB3BEA23A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xB3C4D410] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xB3BFBB96] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xB3C4F0C4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xB3C4FE34] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xB3BEA24C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateProcess [0xB3C4F224] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xB3C4FAB2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xB3C509C6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xB3C506F0] ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwCallbackReturn + 2C7C 80504508 12 Bytes [88, 0C, C0, B3, D6, F4, C4, ...] {MOV [EAX+EAX*8], CL; MOV BL, 0xd6; HLT ; LES ESI, DWORD [EBX-0x4c3b090e]} .text ntkrnlpa.exe!ZwCallbackReturn + 2D48 805045D4 12 Bytes [06, D3, C4, B3, 1A, B5, BF, ...] .text ntkrnlpa.exe!ZwCallbackReturn + 2E88 80504714 4 Bytes [EA, 91, 1F, B8] .text ntkrnlpa.exe!ZwCallbackReturn + 2EC4 80504750 20 Bytes [F6, AA, BF, B3, 68, B1, BF, ...] .text ntkrnlpa.exe!ZwCallbackReturn + 2EFC 80504788 20 Bytes [8C, FF, C4, B3, 9A, AC, BF, ...] .text ... .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB63BF380, 0x566445, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Mozilla Firefox\firefox.exe[288] ntdll.dll!LdrLoadDll 7C9163A3 5 Bytes JMP 01495B00 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[288] kernel32.dll!lstrlenW + 43 7C809ADC 7 Bytes JMP 016D7B58 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[288] kernel32.dll!MapViewOfFileEx + 6A 7C80B990 7 Bytes JMP 016D7B35 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[288] kernel32.dll!ValidateLocale + B1E8 7C8449F8 7 Bytes JMP 0149EF12 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[288] GDI32.dll!SetDIBitsToDevice + 209 77F19E04 7 Bytes JMP 016D7AB6 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) ? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch; .text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 6CD01A54 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\ushata.dll (Ushata module/Kaspersky Lab ZAO) ? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch; .text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] USER32.dll!AlignRects 7E362A78 4 Bytes [53, 2A, D0, 6C] {PUSH EBX; SUB DL, AL; INSB } ? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch; .text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] ntdll.dll!NtProtectVirtualMemory 7C90D6D0 5 Bytes JMP 6CD01A54 C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\ushata.dll (Ushata module/Kaspersky Lab ZAO) ? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch; .text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] USER32.dll!AlignRects 7E362A78 4 Bytes [53, 2A, D0, 6C] {PUSH EBX; SUB DL, AL; INSB } ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0520 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 7DFF058C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 7DFF05F8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0664 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtTerminateProcess] 7DFF0E68 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtTerminateProcess] 7DFF0B74 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!HeapCreate] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!HeapDestroy] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\IPHLPAPI.DLL [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\IPHLPAPI.DLL [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[624] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0520 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 7DFF058C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 7DFF05F8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0664 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtTerminateProcess] 7DFF0E68 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!NtTerminateProcess] 7DFF0B74 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0304 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF022C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7DFF0448 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7DFF04B4 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 7DFF0298 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] 7DFF03DC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24 IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe[2496] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0 ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Tcpip \Device\Ip kltdi.sys (Network filtering component/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\Tcp kltdi.sys (Network filtering component/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\Udp kltdi.sys (Network filtering component/Kaspersky Lab) AttachedDevice \Driver\Tcpip \Device\RawIp kltdi.sys (Network filtering component/Kaspersky Lab) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158315a310 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158315a310@000d9280d057 0xC8 0x6C 0x47 0x08 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158315a310@9463d1c7d662 0x92 0x41 0xF2 0x1E ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158315a310@00188d696a51 0x4A 0x79 0x63 0x8B ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158315a310@001c3570a03a 0x17 0x47 0xEB 0x15 ... Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158315a310 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158315a310@000d9280d057 0xC8 0x6C 0x47 0x08 ... Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158315a310@9463d1c7d662 0x92 0x41 0xF2 0x1E ... Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158315a310@00188d696a51 0x4A 0x79 0x63 0x8B ... Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158315a310@001c3570a03a 0x17 0x47 0xEB 0x15 ... ---- EOF - GMER 1.0.15 ----