Solved cannot remove win32/patched.fl

cspgsl · 2010/08/30

[Resolved] cannot remove win32/patched.fl

AVG reports winlogon infected and all efforts have failed including MalwareBytes and Super AntiSpyWare

Any help appreciated, thanks

Attach.txt

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 7/12/2006 10:15:52 AM
System Uptime: 8/30/2010 4:10:57 PM (0 hours ago)

Motherboard: Dell Inc. | | 0JC474
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 74 GiB total, 16.367 GiB free.
D: is CDROM ()
E: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 8/25/2010 9:16:30 PM - System Checkpoint
RP2: 8/27/2010 8:24:12 AM - System Checkpoint
RP3: 8/28/2010 9:17:40 AM - System Checkpoint
RP4: 8/29/2010 9:25:13 AM - System Checkpoint
RP5: 8/30/2010 9:55:59 AM - System Checkpoint

==== Installed Programs ======================

µTorrent
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Media Player
Adobe Reader 7.1.0
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.0
Adobe® Photoshop® Album Starter Edition 3.0.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 9.0
Bonjour
BufferChm
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder
Dell Resource CD
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
eSupportQFolder
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Deskjet 5400 series
HP Extended Capabilities 5.0
HP Image Zone Express
HP Imaging Device Functions 5.0
HP Software Update
HP Solution Center & Imaging Support Tools 5.0
HPDeskjet5400Series
HPProductAssistant
ImageMixer VCD2
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Standard
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.16)
MSVCRT
Net Assistant
OpenOffice.org Installer 1.0
Personal Colour Viewer
Picture Package
PowerDVD 5.5
QuickTime
RadioBar Toolbar
RealPlayer
RealUpgrade 1.0
Registry Mechanic 9.0
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Segoe UI
SigmaTel Audio
Skype Toolbars
Skypeâ„¢ 4.2
SolutionCenter
Sony USB Driver
Status
TrayApp
Trojan Remover 6.7.5
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VLC media player 1.0.2
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
Yahoo! BrowserPlus 2.9.8

==== Event Viewer Messages From Past Week ========

8/30/2010 4:12:39 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde
8/30/2010 2:42:59 PM, error: Dhcp [1002] - The IP address lease 192.168.2.10 for the Network Card with network address 00167688DD6E has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
8/26/2010 5:09:44 AM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
8/26/2010 5:09:44 AM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
8/26/2010 12:32:59 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'winlogon.exe' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

==== End Of File ===========================

cspgsl · 2010/08/30

DDS (Ver_10-03-17.01) - NTFSx86
Run by Debra Martyn at 16:22:44.85 on Mon 08/30/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.428 [GMT -4:00]

AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
E:\dds.scr

============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://ca.yahoo.com/
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: AutorunsDisabled - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: RadioBar Toolbar: {5b291e6c-9a74-4034-971b-a4b007a0b315} - c:\program files\radiobar\toolbar.ni.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: RadioBar Toolbar: {5b291e6c-9a74-4034-971b-a4b007a0b315} - c:\program files\radiobar\toolbar.ni.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe "
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe "
mRun: [VX1000] c:\windows\vVX1000.exe
dRunOnce: [RunNarrator] Narrator.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: toolbarchrome - {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - c:\program files\radiobar\toolbar.ni.dll
Notify: AutorunsDisabled - wvUoNGwT.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\debram~2\applic~1\mozilla\firefox\profiles\nzzqudik.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\debra martyn\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

============= SERVICES / DRIVERS ===============

R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [2009-12-7 25168]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-2-23 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-23 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-23 29584]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-23 243024]
R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-6-22 308136]
R2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2010-6-22 2331032]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2010-6-22 5897808]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-2-25 632792]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2009-2-23 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSDriver.sys [2009-12-7 122448]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSFilter.sys [2009-12-7 30288]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_xp\AVGIDSShim.sys [2009-12-7 26192]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-11-3 135664]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2009-2-23 30104]

============== File Associations ===============

regfile=regedit.exe "%1" %*
scrfile= "%1" %*

=============== Created Last 30 ================

2010-08-26 01:01:39 0 d-----w- c:\windows\LMIDC.tmp
2010-08-26 00:42:32 0 d-----w- c:\docume~1\debram~2\applic~1\4B23644CBD7F45B9116C433DB971EB15

==================== Find3M ====================

2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22:03 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-22 12:51:13 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-01-24 14:47:23 93234472 -c--a-w- c:\program files\iTunesSetup.exe
2008-09-10 15:47:58 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008091020080911\index.dat

============= FINISH: 16:25:44.71 ===============

Admin. · 2010/08/30

I see you have P2P software ( Azures, Limewire, BitTorrent, uTorrent etc…) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares and their infections.

References for the risk of these programs are here, and here.

I would strongly recommend that you uninstall them, and read the links above for educational value!

Note: Please be advised that continued use of these programs after being warned of the danger of infections from them, may result in the discontinued help of future cleaning of your system here at WindowsBBS Malware and Virus removal.

A Malware expert will have a look at your log in due course.

cspgsl · 2010/08/30

Thanks but it is not my machine and I have instructed the owner that the root of the problem is likely is P2P activity.

If I can convince the owner of the time and trouble it takes to correct the problem then they may remove it but that will be their choice

broni · 2010/08/30

STEP 1. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam.php to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
Alternative downloads:
- http://majorgeeks.com/GMER_d5198.html
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
Do NOT use the computer while GMER is running!
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

STEP 3. Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

cspgsl · 2010/08/31

Hi Broni

Here is the log from the first time I ran MB yesterday. I deleted all infected files at that time and the scan today found nothing (shown below). I did install Kapersky last night before posting here and it finds problems but I have not run it to clean up anything

Thanks - I shall post the other findings shortly

===============================================

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4509

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

8/30/2010 4:09:59 PM
mbam-log-2010-08-30 (16-09-59).txt

Scan type: Full scan (C:\|)
Objects scanned: 213231
Time elapsed: 1 hour(s), 6 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 9
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\cs41275 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PersonalSec (Rogue.PersonalSecurity) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servises (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Common Files\PersonalSecUninstall (Rogue.PersonalSecurity) -> Quarantined and deleted successfully.
C:\Program Files\PersonalSec (Rogue.PersonalSecurity) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\PersonalSec (Rogue.PersonalSecurity) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Debra Martyn\Local Settings\Temp\CF.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Debra Martyn\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.

===========================================

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4509

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

8/31/2010 6:44:49 AM
mbam-log-2010-08-31 (06-44-49).txt

Scan type: Quick scan
Objects scanned: 170455
Time elapsed: 11 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

cspgsl · 2010/08/31

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-31 09:03:31
Windows 5.1.2600 Service Pack 3
Running: spwhbwwz.exe; Driver: C:\DOCUME~1\DEBRAM~2\LOCALS~1\Temp\kwtcakod.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xAA5C2E5E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xAA5C3754]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xAA5C4580]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xAA5C4ACA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateFile [0xAA5C3A30]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateKey [0xAA5C1CD0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xAA5C49B0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0xAA5C2A4E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xAA5C4884]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xAA5C2BF6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xAA5C4BEA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xAA5C33DE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xAA5C491A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xAA5C62C6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xAA5C22DA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xAA5C268E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xAA5C3EB2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xAA5C74DE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xAA5C27DA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xAA5C2872]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwFsControlFile [0xAA5C3CC0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xAA5C63B8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xAA5C1CAC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xAA5C1CBE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xAA5C6B2C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xAA5C299E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xAA5C4B60]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenFile [0xAA5C37D6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenKey [0xAA5C1E90]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xAA5C4A40]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xAA5C3096]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xAA5C68C6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xAA5C4C80]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xAA5C2F8C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xAA5C290A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xAA5C2542]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xAA5C6E66]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xAA5C216C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xAA5C6758]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xAA5C23FC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xAA5C16E6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xAA5C4FE4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xAA5C4EAA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xAA5C6060]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xAA5C1A5E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xAA5C7380]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xAA5C167E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xAA5C42CA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xAA5C35F8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xAA5C5908]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSecurityObject [0xAA5C6556]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xAA5C6FB6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xAA5C1FE6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xAA5C70A8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xAA5C71E2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xAA5C61EA]
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xAA3C0620]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xAA5C318A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xAA5C6D0A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xAA5C3314]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804E9FA0 5 Bytes JMP AA5B590C \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!IoIsOperationSynchronous 804EE87E 5 Bytes JMP AA5B5CE4 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!ZwCallbackReturn + 2458 80501C90 2 Bytes [DE, 33] {FIDIV WORD [EBX]}
.text ntkrnlpa.exe!ZwCallbackReturn + 2508 80501D40 12 Bytes [B8, 63, 5C, AA, AC, 1C, 5C, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 256C 80501DA4 2 Bytes [96, 30]
.text ntkrnlpa.exe!ZwCallbackReturn + 2584 80501DBC 2 Bytes [8C, 2F] {MOV WORD [EDI], GS}
.text ntkrnlpa.exe!ZwCallbackReturn + 2654 80501E8C 2 Bytes [58, 67]
.text ...

cspgsl · 2010/08/31

---- User code sections - GMER 1.0.15 ----

? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] USER32.dll!AlignRects + FFFA5598 7E412A78 4 Bytes [E0, 13, 46, 6C] {LOOPNZ 0x15; INC ESI; INSB }
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] USER32.dll!AlignRects + FFFA5598 7E412A78 4 Bytes [E0, 13, 46, 6C] {LOOPNZ 0x15; INC ESI; INSB }
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD135 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254666 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4B6F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4AA1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4B0C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4972 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E49D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E4BD2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4A36 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 3E2EDB80 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2724] ole32.dll!OleLoadFromStream 77529C85 5 Bytes JMP 3E3E4EF0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3904] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3904] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3904] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4B6F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3904] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4AA1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3904] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4B0C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3904] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4972 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3904] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E49D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3904] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E4BD2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3904] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4A36 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [F6F9DD50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [F6F9DD50] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

cspgsl · 2010/08/31

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 013F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 013F02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 013F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 013F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 01640710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01640780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 016407F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 01640860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 016408D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 01640940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 016409B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 01640A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 01640A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 013F0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 013F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 013F0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 013F06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 013F0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 01640B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 01640BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01640C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 01640CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 01640D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 01640DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 01640E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 013F0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 013F09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 013F0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 01640E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 01640EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 01640F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 013F0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 7D1F0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7D1F07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7D1F08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 013F0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 013F0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 013F0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 013F0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 013F0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 7D1F09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 7D1F0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7D1F0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7D1F0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 013F0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 013F0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 7D1E0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7D1E0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7D1E04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 7D1F0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7D1F0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7D1F0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7D1E0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7D1E05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 01650010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7D1E0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 01650080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 016500F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 01650160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 016501D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01650240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 016502B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 01650320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 01650390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 01650400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7D1E08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01650470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 016504E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 01650550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 016505C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 01650630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 016506A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7D1E09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 7D1E0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 01650710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7D1E0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 7D1E0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7D1E0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01650780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 016507F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 01650860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 016508D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 01650940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 016509B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 01650A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 01650A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7D1E0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 01650B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 01650B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 01650BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7D1E0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01650C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 01650CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 01650D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 01650DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 01650E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 01650E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 01650EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 01650F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 01660010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 01660080

cspgsl · 2010/08/31

IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 016600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7D1E0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 7D1E0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 7D1E0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 01660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 016601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 01660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] 01670010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 01670080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 016700F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01670160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 016708D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 01670940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 016709B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01670A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 01670A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 01670B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 01400EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 01670B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 01670BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA] 01670C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 01680710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 01680780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 016807F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 014105C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 01680860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 016808D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 01680940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 016809B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 01680A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01680A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 01410630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 01690780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 016907F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 01690860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 016908D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 01690940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 016909B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 01410D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 01690A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 01690A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 01690B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 01410DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01690B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 01410E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7D1E0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7D1E02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 7D1F04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 7D1F0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 7D1F02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 7D1F0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\System32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\System32\SAMLIB.dll [KERNEL32.dll!VirtualFree] 7D1E0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\System32\SAMLIB.dll [KERNEL32.dll!VirtualAlloc] 7D1E0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 01120240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 011202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 01120320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 01120390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 01400710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01400780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 014007F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 01400860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 014008D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 01400940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 014009B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 01400A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 01400A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 01120550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 011205C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 01120630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 011206A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 01120780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 01400B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 01400BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01400C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 01400CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 01400D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 01400DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 01400E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 01120860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 011209B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 01120A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 01400E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 01400EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 01400F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 01120A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 7D1F0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7D1F07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7D1F08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 01120BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 01120C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 01120CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 01120D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 01120DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 7D1F09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 7D1F0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7D1F0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7D1F0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 01120EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 01120F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 7D1E0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7D1E0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7D1E04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 7D1F0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7D1F0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7D1F0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7D1E0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7D1E05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 01410010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7D1E0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 01410080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 014100F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 01410160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 014101D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01410240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 014102B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 01410320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 01410390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 01410400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7D1E08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01410470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 014104E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 01410550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 014105C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 01410630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 014106A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7D1E09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 7D1E0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 01410710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7D1E0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 7D1E0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7D1E0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01410780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 014107F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 01410860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 014108D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 01410940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 014109B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 01410A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 01410A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7D1E0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 01410B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 01410B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 01410BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7D1E0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01410C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 01410CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 01410D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 01410DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 01410E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 01410E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 01410EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 01410F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 01420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 01420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 014200F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7D1E0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 7D1E0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 7D1E0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 01420160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 014201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 01420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] 01430010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 01430080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 014300F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01430160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 014308D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 01430940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 014309B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01430A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 01430A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 01430B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 01130EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 01430B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 01430BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA] 01430C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 01440710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 01440780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 014407F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 011405C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 01440860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 014408D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 01440940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 014409B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 01440A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01440A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 01140630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 01450780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 014507F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 01450860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 014508D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 01450940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 014509B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 01140D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 01450A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 01450A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 01450B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 01140DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01450B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 01140E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7D1E0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7D1E02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapCreate] 7D1E0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapDestroy] 7D1E02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 7D1E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 7D1E0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualFree] 7D1E0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualAlloc] 7D1E0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 7D1F04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 7D1F0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 7D1F02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 7D1F0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F01D0
IAT C:\Program Files\Internet Explorer\iexplore.exe[2724] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

cspgsl · 2010/08/31

IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 016600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7D1E0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 7D1E0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 7D1E0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 01660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 016601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 01660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] 01670010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 01670080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 016700F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01670160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 016708D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 01670940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 016709B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01670A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 01670A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 01670B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 01400EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 01670B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 01670BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA] 01670C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 01680710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 01680780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 016807F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 014105C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 01680860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 016808D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 01680940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 016809B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 01680A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01680A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 01410630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 01690780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 016907F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 01690860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 016908D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 01690940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 016909B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 01410D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 01690A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 01690A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 01690B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 01410DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01690B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 01410E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7D1E0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7D1E02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 7D1F04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 7D1F0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 7D1F02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 7D1F0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\System32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\System32\SAMLIB.dll [KERNEL32.dll!VirtualFree] 7D1E0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1224] @ C:\WINDOWS\System32\SAMLIB.dll [KERNEL32.dll!VirtualAlloc] 7D1E0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 01120240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 011202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 01120320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 01120390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 01400710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01400780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 014007F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 01400860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 014008D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 01400940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 014009B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 01400A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 01400A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 01120550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 011205C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 01120630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 011206A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 01120780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 01400B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 01400BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01400C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 01400CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 01400D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 01400DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 01400E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 01120860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 011209B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 01120A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 01400E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 01400EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 01400F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 01120A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 7D1F0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7D1F07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7D1F08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 01120BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 01120C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 01120CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 01120D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 01120DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 7D1F09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 7D1F0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7D1F0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7D1F0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 01120EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 01120F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 7D1E0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7D1E0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7D1E04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 7D1F0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7D1F0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7D1F0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7D1E0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7D1E05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 01410010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7D1E0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 01410080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 014100F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 01410160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 014101D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01410240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 014102B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 01410320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 01410390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 01410400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7D1E08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01410470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 014104E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 01410550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 014105C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 01410630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 014106A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7D1E09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 7D1E0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 01410710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7D1E0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 7D1E0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7D1E0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01410780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 014107F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 01410860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 014108D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 01410940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 014109B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 01410A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 01410A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7D1E0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 01410B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 01410B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 01410BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7D1E0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01410C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 01410CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 01410D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 01410DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 01410E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 01410E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 01410EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 01410F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 01420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 01420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 014200F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7D1E0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 7D1E0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 7D1E0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 01420160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 014201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 01420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] 01430010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 01430080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 014300F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01430160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 014308D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 01430940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 014309B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01430A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 01430A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 01430B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 01130EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 01430B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 01430BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA] 01430C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 01440710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 01440780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 014407F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 011405C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 01440860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 014408D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 01440940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 014409B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 01440A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01440A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 01140630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 01450780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 014507F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 01450860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 014508D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 01450940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 014509B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 01140D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 01450A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 01450A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 01450B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 01140DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01450B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 01140E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7D1E0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7D1E02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapCreate] 7D1E0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapDestroy] 7D1E02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 7D1E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 7D1E0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualFree] 7D1E0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualAlloc] 7D1E0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 7D1F04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 7D1F0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 7D1F02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 7D1F0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1984] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F01D0
IAT C:\Program Files\Internet Explorer\iexplore.exe[2724] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)

cspgsl · 2010/08/31

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

cspgsl · 2010/08/31

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001d

Kernel Drivers (total 136):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D0000 \WINDOWS\system32\hal.dll
0xF7A7E000 \WINDOWS\system32\KDCOM.DLL
0xF798E000 \WINDOWS\system32\BOOTVID.dll
0xF6F5B000 kl1.sys
0xF6F2D000 ACPI.sys
0xF7A80000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF6F1C000 pci.sys
0xF757E000 isapnp.sys
0xF7B46000 pciide.sys
0xF77FE000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF758E000 MountMgr.sys
0xF6EFD000 ftdisk.sys
0xF7806000 PartMgr.sys
0xF759E000 VolSnap.sys
0xF6EE5000 atapi.sys
0xF780E000 cercsr6.sys
0xF6ECD000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xF75AE000 disk.sys
0xF75BE000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF6EAD000 fltmgr.sys
0xF6E96000 KSecDD.sys
0xF6E83000 WudfPf.sys
0xF6DF6000 Ntfs.sys
0xF6DC9000 NDIS.sys
0xF6DAF000 Mup.sys
0xF75CE000 avgrkx86.sys
0xF75DE000 AVGIDSxx.sys
0xF64F7000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF63C6000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xF63B2000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF638A000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF78A6000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF6366000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF78AE000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF6332000 \SystemRoot\system32\DRIVERS\HSFHWBS2.sys
0xF630F000 \SystemRoot\system32\DRIVERS\ks.sys
0xF6210000 \SystemRoot\system32\DRIVERS\HSF_DP.sys
0xF6169000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF78B6000 \SystemRoot\System32\Drivers\Modem.SYS
0xF6143000 \SystemRoot\system32\DRIVERS\e100b325.sys
0xF78BE000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF64E7000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7A4A000 \SystemRoot\System32\Drivers\cdrbsdrv.SYS
0xF64D7000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF64C7000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF78C6000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF7C0E000 \SystemRoot\system32\DRIVERS\lmimirr.sys
0xF78CE000 \SystemRoot\system32\DRIVERS\avgfwdx.sys
0xF760E000 \SystemRoot\system32\DRIVERS\klim5.sys
0xF7C16000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF761E000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7A56000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF612C000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF762E000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF763E000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF78D6000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF611B000 \SystemRoot\system32\DRIVERS\psched.sys
0xF764E000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF78DE000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF78E6000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF765E000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF78EE000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF78F6000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7AB0000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF5F89000 \SystemRoot\system32\DRIVERS\update.sys
0xF7A66000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF769E000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF76BE000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7AB6000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF6D66000 \SystemRoot\system32\drivers\MODEMCSA.sys
0xF78FE000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xAA597000 \SystemRoot\system32\DRIVERS\klif.sys
0xF7A12000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF76EE000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7936000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF7AC2000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7C28000 \SystemRoot\System32\Drivers\Null.SYS
0xF7AC4000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7946000 \SystemRoot\System32\drivers\vga.sys
0xF7AC6000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7AC8000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF794E000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7956000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7A1E000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xF795E000 \SystemRoot\system32\DRIVERS\kl2.sys
0xF7A2E000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xF7A32000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xF76FE000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0xAA4DB000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAA482000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xAA448000 \SystemRoot\System32\Drivers\avgtdix.sys
0xAA422000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF773E000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xAA3FA000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAA7A0000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xAA3D8000 \SystemRoot\System32\drivers\afd.sys
0xF774E000 \SystemRoot\system32\DRIVERS\netbios.sys
0xAA3B6000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
0xF782E000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0xAA38B000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAA798000 \SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS
0xAA2F3000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF776E000 \SystemRoot\System32\Drivers\Fips.SYS
0xF7836000 \SystemRoot\System32\Drivers\avgmfx86.sys
0xAA2BF000 \SystemRoot\System32\Drivers\avgldx86.sys
0xF77CE000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xAA207000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7AF2000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xAA4F2000 \SystemRoot\System32\drivers\Dxapi.sys
0xF7856000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7BC0000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF041000 \SystemRoot\System32\ialmdev5.DLL
0xBF075000 \SystemRoot\System32\ialmdd5.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xAA127000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA9E0A000 \SystemRoot\system32\drivers\wdmaud.sys
0xAA0E7000 \SystemRoot\system32\drivers\sysaudio.sys
0xA9BAF000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7B24000 \??\C:\Program Files\LogMeIn\x86\RaInfo.sys
0xA9A18000 \SystemRoot\system32\DRIVERS\srv.sys
0xA9BFC000 \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
0xA9A0C000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xA91DC000 \SystemRoot\System32\Drivers\HTTP.sys
0xA9050000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xA8AF8000 \SystemRoot\system32\drivers\sthda.sys
0xA8AD4000 \SystemRoot\system32\drivers\portcls.sys
0xA8C10000 \SystemRoot\system32\drivers\drmk.sys
0xF797E000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xA8A92000 \??\C:\DOCUME~1\DEBRAM~2\LOCALS~1\Temp\kwtcakod.sys
0xA8A67000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 150):
0 System Idle Process
4 System
1128 C:\WINDOWS\system32\smss.exe
1272 csrss.exe
1296 C:\WINDOWS\system32\winlogon.exe
1348 C:\WINDOWS\system32\services.exe
1360 C:\WINDOWS\system32\lsass.exe
1540 C:\WINDOWS\system32\svchost.exe
1668 svchost.exe
1828 C:\WINDOWS\system32\svchost.exe
1876 C:\WINDOWS\system32\svchost.exe
1992 svchost.exe
372 svchost.exe
676 C:\WINDOWS\system32\spoolsv.exe
976 C:\WINDOWS\explorer.exe
1068 C:\Program Files\iTunes\iTunesHelper.exe
1092 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
1156 C:\WINDOWS\vVX1000.exe
1176 C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
1448 C:\WINDOWS\system32\ctfmon.exe
1520 C:\Program Files\LogMeIn\x86\LMIGuardian.exe
1788 svchost.exe
1860 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
188 C:\Program Files\Bonjour\mDNSResponder.exe
840 C:\Program Files\LogMeIn\x86\ramaint.exe
1136 C:\Program Files\uTorrent\uTorrent.exe
1144 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
1720 C:\Program Files\Messenger\msmsgs.exe
904 C:\Program Files\LogMeIn\x86\LogMeIn.exe
1556 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
1972 C:\Program Files\LogMeIn\x86\LMIGuardian.exe
248 C:\Program Files\Microsoft LifeCam\MSCamS32.exe
476 C:\WINDOWS\system32\HPZipm12.exe
552 C:\WINDOWS\system32\svchost.exe
3360 C:\Program Files\iPod\bin\iPodService.exe
2268 alg.exe
3904 C:\Program Files\Internet Explorer\iexplore.exe
2724 C:\Program Files\Internet Explorer\iexplore.exe
3584 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
2736 C:\WINDOWS\system32\wscntfy.exe
1588 E:\MBRCheck.exe
2728 C:\Program Files\Real\RealPlayer\realplay.exe
460 C:\Program Files\Real\RealPlayer\realplay.exe
3792 C:\Program Files\Real\RealPlayer\realplay.exe
3704 C:\Program Files\Real\RealPlayer\realplay.exe
3096 C:\Program Files\Real\RealPlayer\realplay.exe
2968 <unknown>
3300 C:\Program Files\Real\RealPlayer\realplay.exe
2164 <unknown>
3540 <unknown>
3236 <unknown>
1024 <unknown>
1044 <unknown>
232 <unknown>
952 <unknown>
2980 <unknown>
224 <unknown>
3884 <unknown>
2908 <unknown>
3720 <unknown>
2860 <unknown>
1048 <unknown>
2880 <unknown>
1892 <unknown>
1080 <unknown>
3912 <unknown>
1700 <unknown>
1676 <unknown>
3060 <unknown>
2732 <unknown>
2912 <unknown>
2372 <unknown>
2948 <unknown>
4032 <unknown>
3228 <unknown>
3080 <unknown>
796 <unknown>
3044 <unknown>
2500 <unknown>
1628 <unknown>
752 <unknown>
2360 <unknown>
3488 <unknown>
772 <unknown>
508 <unknown>
3156 <unknown>
2352 <unknown>
3748 <unknown>
2016 <unknown>
2764 <unknown>
2132 <unknown>
3908 <unknown>
3840 <unknown>
3728 <unknown>
1704 <unknown>
3692 <unknown>
2864 <unknown>
768 <unknown>
1596 <unknown>
1680 <unknown>
2412 <unknown>
3048 <unknown>
3064 <unknown>
2248 <unknown>
464 <unknown>
2920 <unknown>
804 <unknown>
2668 <unknown>
1612 <unknown>
4060 <unknown>
896 <unknown>
2392 <unknown>
3696 <unknown>
3764 <unknown>
2188 <unknown>
644 <unknown>
348 <unknown>
1208 <unknown>
4048 <unknown>
2788 <unknown>
2792 <unknown>
3296 <unknown>
2816 <unknown>
576 <unknown>
3284 <unknown>
3640 <unknown>
3308 <unknown>
1052 <unknown>
2800 <unknown>
2804 <unknown>
2344 <unknown>
3188 <unknown>
3860 <unknown>
4092 <unknown>
1420 <unknown>
2640 <unknown>
3400 <unknown>
2396 <unknown>
1736 <unknown>
1372 <unknown>
1192 <unknown>
2692 <unknown>
2420 <unknown>
2868 <unknown>
3880 <unknown>
1732 <unknown>
3132 <unknown>
3136 <unknown>
2928 <unknown>
1472 <unknown>

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: ST3808110AS, Rev: 3.ADH

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A

Done!

broni · 2010/08/31

Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

[color= "Blue"]**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**[/color]

Please, never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on [color= "Red"]this link[/color] to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

Close any open browsers.

[color= "Red"]WARNING:[/color] Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt"

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

cspgsl · 2010/08/31

Try as I did, I could not disable the AVG real time scanner. I had uninstalled AVG yesterday using revouninstaller and disabled the AVG services but the message continually came up when I ran combofix. It didn't take the computer offline either during the scan

For what it is worth, here is the log

ComboFix 10-08-31.01 - Debra Martyn 08/31/2010 19:14:52.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.553 [GMT -4:00]
Running from: c:\documents and settings\Debra Martyn\Desktop\ComboFix.exe
AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Debra Martyn\GoToAssistDownloadHelper.exe
c:\documents and settings\Debra Martyn\Local Settings\Application Data\Windows Server
c:\documents and settings\Debra Martyn\Local Settings\Application Data\Windows Server\flags.ini
c:\documents and settings\Debra Martyn\Local Settings\Application Data\Windows Server\server.dat
c:\documents and settings\Debra Martyn\Local Settings\Application Data\Windows Server\uses32.dat
c:\documents and settings\Debra Martyn\Start Menu\Programs\Antimalware Doctor

Infected copy of c:\windows\system32\winlogon.exe was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\winlogon.exe

Infected copy of c:\windows\explorer.exe was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\explorer.exe

.
((((((((((((((((((((((((( Files Created from 2010-07-28 to 2010-08-31 )))))))))))))))))))))))))))))))
.

2010-08-31 16:38 . 2010-08-31 16:38 -------- d-----w- c:\program files\Trend Micro
2010-08-30 23:10 . 2010-08-30 23:10 -------- d-----w- c:\program files\VS Revo Group
2010-08-30 22:43 . 2010-08-30 22:43 -------- d-----w- c:\documents and settings\Debra Martyn\Local Settings\Application Data\LogMeIn
2010-08-30 22:43 . 2010-08-30 22:43 -------- d-----w- c:\documents and settings\All Users\Application Data\LogMeIn
2010-08-30 22:43 . 2010-06-02 20:06 53632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2010-08-30 22:43 . 2010-06-02 20:06 29568 ----a-w- c:\windows\system32\LMIport.dll
2010-08-30 22:43 . 2010-06-02 20:06 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-08-30 22:43 . 2010-01-27 16:22 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2010-08-30 22:43 . 2010-01-27 16:21 10144 ----a-w- c:\windows\system32\drivers\lmimirr.sys
2010-08-30 22:42 . 2010-06-02 20:06 87424 ----a-w- c:\windows\system32\LMIinit.dll
2010-08-30 22:42 . 2010-08-31 09:05 -------- d-----w- c:\program files\LogMeIn
2010-08-30 22:39 . 2010-08-31 10:23 -------- d-----w- c:\documents and settings\Debra Martyn\Local Settings\Application Data\Deployment
2010-08-30 22:38 . 2010-08-30 23:01 -------- d-----w- c:\windows\LMI11.tmp
2010-08-30 21:26 . 2010-08-30 21:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-08-26 01:01 . 2010-08-26 01:11 -------- d-----w- c:\windows\LMIDC.tmp
2010-08-26 00:54 . 2010-08-26 00:54 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-31 21:48 . 2009-10-13 18:39 -------- d-----w- c:\documents and settings\Debra Martyn\Application Data\uTorrent
2010-08-31 21:46 . 2009-10-12 01:14 -------- d-----w- c:\documents and settings\Debra Martyn\Application Data\Skype
2010-08-31 00:32 . 2007-03-21 14:59 -------- d-----w- c:\program files\Google
2010-08-30 23:21 . 2009-02-13 11:36 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-08-30 23:19 . 2006-09-03 17:00 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-30 20:33 . 2004-08-04 12:00 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-08-30 20:12 . 2009-12-07 18:00 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-08-30 18:59 . 2009-12-07 22:51 0 -c--a-w- c:\documents and settings\Debra Martyn\Local Settings\Application Data\prvlcl.dat
2010-08-30 01:07 . 2009-10-13 19:50 -------- d-----w- c:\documents and settings\Debra Martyn\Application Data\vlc
2010-08-19 20:04 . 2009-10-13 16:55 -------- d-----w- c:\documents and settings\Debra Martyn\Application Data\skypePM
2010-07-11 16:21 . 2009-12-07 18:01 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2010-06-30 12:31 . 2004-08-04 12:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2004-08-04 12:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-22 12:51 . 2009-02-23 11:09 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-06-22 12:51 . 2009-02-23 11:09 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-06-22 12:51 . 2009-12-07 18:01 25168 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys
2010-06-22 12:51 . 2009-02-23 11:09 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-06-21 15:27 . 2004-08-04 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-04 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2006-07-11 21:21 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2004-08-04 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-01-24 14:47 . 2010-01-24 14:47 93234472 -c--a-w- c:\program files\iTunesSetup.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5B291E6C-9A74-4034-971B-A4B007A0B315}]
2010-01-11 17:18 451808 ----a-w- c:\program files\RadioBar\toolbar.ni.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5B291E6C-9A74-4034-971B-A4B007A0B315} "= "c:\program files\RadioBar\toolbar.ni.dll" [2010-01-11 451808]

[HKEY_CLASSES_ROOT\clsid\{5b291e6c-9a74-4034-971b-a4b007a0b315}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{810FCC0F-2CA3-414a-B8C8-550910C8B664}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{5B291E6C-9A74-4034-971B-A4B007A0B315} "= "c:\program files\RadioBar\toolbar.ni.dll" [2010-01-11 451808]

[HKEY_CLASSES_ROOT\clsid\{5b291e6c-9a74-4034-971b-a4b007a0b315}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{810FCC0F-2CA3-414a-B8C8-550910C8B664}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator "= "Narrator.exe" [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop "= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-06-22 12:51 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-02-13 10:58 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-06-02 20:06 87424 ----a-w- c:\windows\system32\LMIinit.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Net Assistant.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Net Assistant.lnk
backup=c:\windows\pss\Net Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package Menu.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Picture Package Menu.lnk
backup=c:\windows\pss\Picture Package Menu.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package VCD Maker.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk
backup=c:\windows\pss\Picture Package VCD Maker.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-07 03:46 57344 -c--a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-02-23 20:19 53248 -c--a-w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-12 03:12 49152 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-07-19 22:06 77824 ----a-w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-07-19 22:10 114688 ----a-w- c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-07-19 22:09 94208 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-11-12 21:33 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2007-05-17 21:45 279912 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2010-01-27 16:22 63048 ----a-w- c:\program files\LogMeIn\x86\LogMeInSystray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2008-11-13 15:55 397312 -c--a-w- c:\progra~1\Aliant\NETASS~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 20:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-11 04:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-04-06 06:27 26102056 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-06-10 08:27 144784 -c--a-w- c:\program files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-26 15:22 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-05-18 12:12 322352 ----a-w- c:\program files\uTorrent\uTorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
2007-04-10 21:46 709992 ----a-w- c:\windows\vVX1000.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Messenger\\msmsgs.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\uTorrent\\uTorrent.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe "=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe "=
"c:\\Program Files\\Skype\\Phone\\Skype.exe "=

R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [12/7/2009 2:01 PM 25168]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2/23/2009 7:09 AM 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2/23/2009 7:09 AM 216400]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2/23/2009 7:09 AM 243024]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [1/27/2010 12:22 PM 12856]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2/23/2009 7:08 AM 30104]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [11/3/2009 8:43 PM 135664]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2/23/2009 7:08 AM 30104]
S3 AVGIDSDriverxpx;AVG9IDSDriver;\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys --> c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [?]
S3 AVGIDSFilterxpx;AVG9IDSFilter;\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys --> c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [?]
S3 AVGIDSShimxpx;AVG9IDSShim;\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys --> c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [?]
S4 avg9wd;AVG WatchDog; "c:\program files\AVG\AVG9\avgwdsvc.exe" --> c:\program files\AVG\AVG9\avgwdsvc.exe [?]
S4 avgfws9;AVG Firewall; "c:\program files\AVG\AVG9\avgfws9.exe" --> c:\program files\AVG\AVG9\avgfws9.exe [?]
S4 AVGIDSAgent;AVG9IDSAgent; "c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe" AVGIDSAgent --> c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [?]
.
Contents of the 'Scheduled Tasks' folder

2010-08-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-04 00:43]

2010-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-04 00:43]

2010-08-31 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-507921405-789336058-839522115-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 02:09]

2010-08-31 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-507921405-789336058-839522115-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 02:09]

2010-08-31 c:\windows\Tasks\User_Feed_Synchronization-{38B0B232-96E9-44F9-B9DB-6ACB4DC20BF3}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://ca.yahoo.com/
Handler: toolbarchrome - {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - c:\program files\RadioBar\toolbar.ni.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Debra Martyn\Application Data\Mozilla\Firefox\Profiles\nzzqudik.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\Debra Martyn\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
Notify-AutorunsDisabled - wvUoNGwT.dll
SafeBoot-klmdb.sys
MSConfigStartUp-TrojanScanner - c:\program files\Trojan Remover\Trjscan.exe
MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-31 19:24
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Windows\AutorunsDisabled]
"Appinit_Dlls "= "buyuau.dll "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(896)
c:\program files\Citrix\GoToAssist\514\G2AWinLogon.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll

- - - - - - - > 'explorer.exe'(1088)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-08-31 19:28:02 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-31 23:28

Pre-Run: 21,304,463,360 bytes free
Post-Run: 22,164,369,408 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug= "do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS= "Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 8C917584D4C30A1B2EE69C1CE355F477

broni · 2010/08/31

Unfortunately, AVG often does it.
If you want uninstall it completely, try AVG Remover: http://www.avg.com/us-en/download-tools

==============================================================

Open Windows Explorer. Go Tools>Folder Options>View tab, put a checkmark next to Show hidden files, and folders.
Upload following files to http://www.virustotal.com/ for security check:
- c:\windows\explorer.exe
- c:\windows\system32\winlogon.exe
IMPORTANT! If the file is listed as already analyzed, click on Reanalyse file now button.
Post scan results.

cspgsl · 2010/08/31

File name:
explorer.exe
Submission date:
2010-09-01 00:18:43 (UTC)
Current status:
queued (#8) queued (#8) analysing finished
Result:
0/ 43 (0.0%)

VT Community

goodware
Safety score: 100.0%
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.09.01.00 2010.09.01 -
AntiVir 8.2.4.46 2010.08.31 -
Antiy-AVL 2.0.3.7 2010.08.31 -
Authentium 5.2.0.5 2010.08.31 -
Avast 4.8.1351.0 2010.08.31 -
Avast5 5.0.594.0 2010.08.31 -
AVG 9.0.0.851 2010.08.31 -
BitDefender 7.2 2010.09.01 -
CAT-QuickHeal 11.00 2010.08.31 -
ClamAV 0.96.2.0-git 2010.08.31 -
Comodo 5928 2010.09.01 -
DrWeb 5.0.2.03300 2010.09.01 -
Emsisoft 5.0.0.37 2010.08.31 -
eSafe 7.0.17.0 2010.08.30 -
eTrust-Vet 36.1.7829 2010.08.31 -
F-Prot 4.6.1.107 2010.08.31 -
F-Secure 9.0.15370.0 2010.09.01 -
Fortinet 4.1.143.0 2010.08.31 -
GData 21 2010.09.01 -
Ikarus T3.1.1.88.0 2010.08.31 -
Jiangmin 13.0.900 2010.08.30 -
K7AntiVirus 9.63.2406 2010.08.31 -
Kaspersky 7.0.0.125 2010.09.01 -
McAfee 5.400.0.1158 2010.09.01 -
McAfee-GW-Edition 2010.1B 2010.09.01 -
Microsoft 1.6103 2010.08.31 -
NOD32 5413 2010.08.31 -
Norman 6.05.11 2010.08.31 -
nProtect 2010-08-31.01 2010.08.31 -
Panda 10.0.2.7 2010.08.31 -
PCTools 7.0.3.5 2010.09.01 -
Prevx 3.0 2010.09.01 -
Rising 22.63.01.04 2010.08.31 -
Sophos 4.56.0 2010.09.01 -
Sunbelt 6820 2010.09.01 -
SUPERAntiSpyware 4.40.0.1006 2010.08.31 -
Symantec 20101.1.1.7 2010.09.01 -
TheHacker 6.5.2.1.360 2010.09.01 -
TrendMicro 9.120.0.1004 2010.08.31 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.01 -
VBA32 3.12.14.0 2010.08.31 -
ViRobot 2010.8.31.4017 2010.08.31 -
VirusBuster 5.0.27.0 2010.08.31 -
Additional information
Show all
MD5 : 12896823fb95bfb3dc9b46bcaedc9923
SHA1 : 9d2bf84874abc5b6e9a2744b7865c193c08d362f
SHA256: 1e675cb7df214172f7eb0497f7275556038a0d09c6e5a3e6862c5e26885ef455

=========================================

File name:
winlogon.exe
Submission date:
2010-09-01 00:21:45 (UTC)
Current status:
queued (#7) queued analysing finished
Result:
0/ 43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.09.01.00 2010.09.01 -
AntiVir 8.2.4.46 2010.08.31 -
Antiy-AVL 2.0.3.7 2010.08.31 -
Authentium 5.2.0.5 2010.08.31 -
Avast 4.8.1351.0 2010.08.31 -
Avast5 5.0.594.0 2010.08.31 -
AVG 9.0.0.851 2010.08.31 -
BitDefender 7.2 2010.09.01 -
CAT-QuickHeal 11.00 2010.08.31 -
ClamAV 0.96.2.0-git 2010.08.31 -
Comodo 5928 2010.09.01 -
DrWeb 5.0.2.03300 2010.09.01 -
Emsisoft 5.0.0.37 2010.08.31 -
eSafe 7.0.17.0 2010.08.30 -
eTrust-Vet 36.1.7829 2010.08.31 -
F-Prot 4.6.1.107 2010.08.31 -
F-Secure 9.0.15370.0 2010.09.01 -
Fortinet 4.1.143.0 2010.08.31 -
GData 21 2010.09.01 -
Ikarus T3.1.1.88.0 2010.08.31 -
Jiangmin 13.0.900 2010.08.30 -
K7AntiVirus 9.63.2406 2010.08.31 -
Kaspersky 7.0.0.125 2010.09.01 -
McAfee 5.400.0.1158 2010.09.01 -
McAfee-GW-Edition 2010.1B 2010.09.01 -
Microsoft 1.6103 2010.08.31 -
NOD32 5413 2010.08.31 -
Norman 6.05.11 2010.08.31 -
nProtect 2010-08-31.01 2010.08.31 -
Panda 10.0.2.7 2010.08.31 -
PCTools 7.0.3.5 2010.09.01 -
Prevx 3.0 2010.09.01 -
Rising 22.63.01.04 2010.08.31 -
Sophos 4.56.0 2010.09.01 -
Sunbelt 6820 2010.09.01 -
SUPERAntiSpyware 4.40.0.1006 2010.08.31 -
Symantec 20101.1.1.7 2010.09.01 -
TheHacker 6.5.2.1.360 2010.09.01 -
TrendMicro 9.120.0.1004 2010.08.31 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.01 -
VBA32 3.12.14.0 2010.08.31 -
ViRobot 2010.8.31.4017 2010.08.31 -
VirusBuster 5.0.27.0 2010.08.31 -
Additional information
Show all
MD5 : ed0ef0a136dec83df69f04118870003e
SHA1 : f77a7cd78877527023ebfb35e83b75ef59d3df07
SHA256: 45377cb8e9f0120f836fc8261c711f7dbf7199117afb3652ebf100d5f0429b1e

broni · 2010/08/31

Very good

1. Please open Notepad

Click Start , then Run

Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:
Code:
RegLockDel::
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Windows\AutorunsDisabled]
3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:

Combofix.txt

cspgsl · 2010/08/31

ComboFix 10-08-31.01 - Debra Martyn 08/31/2010 20:45:15.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.703 [GMT -4:00]
Running from: c:\documents and settings\Debra Martyn\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Debra Martyn\Desktop\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2010-08-01 to 2010-09-01 )))))))))))))))))))))))))))))))
.

2010-08-31 16:38 . 2010-08-31 16:38 -------- d-----w- c:\program files\Trend Micro
2010-08-30 23:10 . 2010-08-30 23:10 -------- d-----w- c:\program files\VS Revo Group
2010-08-30 22:43 . 2010-08-30 22:43 -------- d-----w- c:\documents and settings\Debra Martyn\Local Settings\Application Data\LogMeIn
2010-08-30 22:43 . 2010-08-30 22:43 -------- d-----w- c:\documents and settings\All Users\Application Data\LogMeIn
2010-08-30 22:43 . 2010-06-02 20:06 53632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2010-08-30 22:43 . 2010-06-02 20:06 29568 ----a-w- c:\windows\system32\LMIport.dll
2010-08-30 22:43 . 2010-06-02 20:06 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-08-30 22:43 . 2010-01-27 16:22 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2010-08-30 22:43 . 2010-01-27 16:21 10144 ----a-w- c:\windows\system32\drivers\lmimirr.sys
2010-08-30 22:42 . 2010-06-02 20:06 87424 ----a-w- c:\windows\system32\LMIinit.dll
2010-08-30 22:42 . 2010-08-31 09:05 -------- d-----w- c:\program files\LogMeIn
2010-08-30 22:39 . 2010-08-31 10:23 -------- d-----w- c:\documents and settings\Debra Martyn\Local Settings\Application Data\Deployment
2010-08-30 22:38 . 2010-08-30 23:01 -------- d-----w- c:\windows\LMI11.tmp
2010-08-30 21:26 . 2010-08-30 21:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-08-26 01:01 . 2010-08-26 01:11 -------- d-----w- c:\windows\LMIDC.tmp
2010-08-26 00:54 . 2010-08-26 00:54 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-31 21:48 . 2009-10-13 18:39 -------- d-----w- c:\documents and settings\Debra Martyn\Application Data\uTorrent
2010-08-31 21:46 . 2009-10-12 01:14 -------- d-----w- c:\documents and settings\Debra Martyn\Application Data\Skype
2010-08-31 00:32 . 2007-03-21 14:59 -------- d-----w- c:\program files\Google
2010-08-30 23:21 . 2009-02-13 11:36 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-08-30 23:19 . 2006-09-03 17:00 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-30 20:33 . 2004-08-04 12:00 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-08-30 18:59 . 2009-12-07 22:51 0 -c--a-w- c:\documents and settings\Debra Martyn\Local Settings\Application Data\prvlcl.dat
2010-08-30 01:07 . 2009-10-13 19:50 -------- d-----w- c:\documents and settings\Debra Martyn\Application Data\vlc
2010-08-19 20:04 . 2009-10-13 16:55 -------- d-----w- c:\documents and settings\Debra Martyn\Application Data\skypePM
2010-06-30 12:31 . 2004-08-04 12:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2004-08-04 12:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-04 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-04 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2006-07-11 21:21 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2004-08-04 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-01-24 14:47 . 2010-01-24 14:47 93234472 -c--a-w- c:\program files\iTunesSetup.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5B291E6C-9A74-4034-971B-A4B007A0B315}]
2010-01-11 17:18 451808 ----a-w- c:\program files\RadioBar\toolbar.ni.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5B291E6C-9A74-4034-971B-A4B007A0B315} "= "c:\program files\RadioBar\toolbar.ni.dll" [2010-01-11 451808]

[HKEY_CLASSES_ROOT\clsid\{5b291e6c-9a74-4034-971b-a4b007a0b315}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{810FCC0F-2CA3-414a-B8C8-550910C8B664}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{5B291E6C-9A74-4034-971B-A4B007A0B315} "= "c:\program files\RadioBar\toolbar.ni.dll" [2010-01-11 451808]

[HKEY_CLASSES_ROOT\clsid\{5b291e6c-9a74-4034-971b-a4b007a0b315}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{810FCC0F-2CA3-414a-B8C8-550910C8B664}]
[HKEY_CLASSES_ROOT\Pugi.PugiObj]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator "= "Narrator.exe" [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-02-13 10:58 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-06-02 20:06 87424 ----a-w- c:\windows\system32\LMIinit.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Net Assistant.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Net Assistant.lnk
backup=c:\windows\pss\Net Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package Menu.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Picture Package Menu.lnk
backup=c:\windows\pss\Picture Package Menu.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package VCD Maker.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk
backup=c:\windows\pss\Picture Package VCD Maker.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-07 03:46 57344 -c--a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-02-23 20:19 53248 -c--a-w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-12 03:12 49152 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-07-19 22:06 77824 ----a-w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-07-19 22:10 114688 ----a-w- c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-07-19 22:09 94208 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-11-12 21:33 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2007-05-17 21:45 279912 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2010-01-27 16:22 63048 ----a-w- c:\program files\LogMeIn\x86\LogMeInSystray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2008-11-13 15:55 397312 -c--a-w- c:\progra~1\Aliant\NETASS~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 20:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-11 04:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-04-06 06:27 26102056 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-06-10 08:27 144784 -c--a-w- c:\program files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-26 15:22 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-05-18 12:12 322352 ----a-w- c:\program files\uTorrent\uTorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
2007-04-10 21:46 709992 ----a-w- c:\windows\vVX1000.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\Messenger\\msmsgs.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\uTorrent\\uTorrent.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe "=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe "=
"c:\\Program Files\\Skype\\Phone\\Skype.exe "=

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [1/27/2010 12:22 PM 12856]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [11/3/2009 8:43 PM 135664]
.
Contents of the 'Scheduled Tasks' folder

2010-08-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-04 00:43]

2010-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-04 00:43]

2010-09-01 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-507921405-789336058-839522115-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 02:09]

2010-08-31 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-507921405-789336058-839522115-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-25 02:09]

2010-09-01 c:\windows\Tasks\User_Feed_Synchronization-{38B0B232-96E9-44F9-B9DB-6ACB4DC20BF3}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://ca.yahoo.com/
Handler: toolbarchrome - {718733BC-AD64-4e5f-AC18-A85FBD75D54D} - c:\program files\RadioBar\toolbar.ni.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Debra Martyn\Application Data\Mozilla\Firefox\Profiles\nzzqudik.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-31 20:49
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Windows\AutorunsDisabled]
"Appinit_Dlls "= "buyuau.dll "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(328)
c:\program files\Citrix\GoToAssist\514\G2AWinLogon.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll

- - - - - - - > 'explorer.exe'(4048)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-08-31 20:51:28
ComboFix-quarantined-files.txt 2010-09-01 00:51
ComboFix2.txt 2010-08-31 23:28

Pre-Run: 24,279,101,440 bytes free
Post-Run: 24,391,983,104 bytes free

- - End Of File - - EEEE2D4D27D3F711248D013113FA2C7E

broni · 2010/08/31

How is computer doing?

Download OTL to your Desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

Under the Custom Scan box paste this in:

netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\system32\spool\prtprocs\w32x86\*.tmp
%systemroot%\*. /mp /s
/md5start
/md5stop
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Log in or Sign up

Solved cannot remove win32/patched.fl

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

Admin. Administrator Administrator Staff

cspgsl Geek Member Thread Starter

broni Moderator Malware Analyst

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

broni Moderator Malware Analyst

cspgsl Geek Member Thread Starter

broni Moderator Malware Analyst

cspgsl Geek Member Thread Starter

broni Moderator Malware Analyst

cspgsl Geek Member Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved cannot remove win32/patched.fl

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

Admin. Administrator Administrator Staff

cspgsl Geek Member Thread Starter

broni Moderator Malware Analyst

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

cspgsl Geek Member Thread Starter

broni Moderator Malware Analyst

cspgsl Geek Member Thread Starter

broni Moderator Malware Analyst

cspgsl Geek Member Thread Starter

broni Moderator Malware Analyst

cspgsl Geek Member Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches