Computer Hope
Software => Computer viruses and spyware => Virus and spyware removal => Topic started by: pancakejohn on April 14, 2010, 09:57:42 AM
-
Hi,
I have been infected with "Rootkit.Win32.TDSS.d" that Kaspersky claims is residing in my system memory. I have also been infected with rogue anitspyware called "vista antivirus" and "total vista security". I believe I have been able to remove both using a combination of malwarebytes, the kaspersky system rescue disk, hitman pro, the kaspersky tool "TDSSkiller" and combofix.
However, I still get redirected on google searches and Kaspersky still informs me I am infected with Rootkit.Win32.TDSS.d residing in system memory. This is even after it performs its "special disinfection procedure" and reboots.
Any help would be greatly appreciated. Thanks
My GSI log:
http://www.getsysteminfo.com/read.php?file=738955a92cfb22e4cbe6d825ce44bc11
------------------------------------------------------------------------------------------------------------------------------------------------
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 04/13/2010 at 05:02 AM
Application Version : 4.35.1002
Core Rules Database Version : 4798
Trace Rules Database Version: 2610
Scan type : Complete Scan
Total Scan Time : 05:57:10
Memory items scanned : 668
Memory threats detected : 0
Registry items scanned : 8717
Registry threats detected : 0
File items scanned : 311224
File threats detected : 72
Adware.Tracking Cookie
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@adbrite[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertise[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertise[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertise[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertise[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertising[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@advertising[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@apmebf[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@atdmt[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@atdmt[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@azjmp[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@casalemedia[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@clicksor[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][6].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][7].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@doubleclick[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@doubleclick[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@doubleclick[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@doubleclick[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@enhance[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@fastclick[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@invitemedia[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@invitemedia[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@invitemedia[4].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@invitemedia[5].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@lucidmedia[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@lynxtrack[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@media6degrees[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@mediaplex[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@mediatraffic[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@myroitracking[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@overture[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@pointroll[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@pointroll[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@questionmarket[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@questionmarket[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@realmedia[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@realmedia[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@realmedia[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@revsci[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@revsci[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@revsci[3].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@sitirifinds[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@specificclick[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@specificmedia[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@statcounter[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt
------------------------------------------------------------------------------------------------------------------------------------------------My MBAM log:
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Database version: 3983
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18904
4/13/2010 8:59:19 PM
mbam-log-2010-04-13 (20-59-19).txt
Scan type: Quick scan
Objects scanned: 107559
Time elapsed: 6 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Windows\Temp\ggak.tmp\svchost.exe (Adware.Agent) -> Quarantined and deleted successfully.
------------------------------------------------------------------------------------------------------------------------------------------------
My HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:02:32 PM, on 4/13/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\sniper.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - MRI_DISABLED - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O13 - Gopher Prefix:
O16 - DPF: {7557F5AA-D486-401D-BE55-0163FA78B5B8} (SkyFex Expert Object) - https://skyfex.com/download/SkyFexExpert.cab
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} (Enlite 2.x Simulation Engine Installer) - http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
O22 - SharedTaskScheduler: Ave's FolderBg - {73526E5A-FD53-4BE7-B5E2-D3C89D7413DC} - C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - (no file)
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
O23 - Service: Access Utility Service - SprintNextel - C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\Windows\system32\CSHelper.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home XII.SP2c\RpcAgentSrv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
--
End of file - 9742 bytes
-
Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.
1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
I am analyzing your logs and I'll be back in a little while with the results.
-
The GSI site is password protected. This is a good tool but not very useful if I can't get into it.
Right click HijackThis and choose Run as Administrator
Next select Do a system scan only
Place a check mark next to the following entries: (if there)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - MRI_DISABLED - (no file)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
(Description: RealPlayer scheduler. Completely unnecessary. Removing this entry will free up a small amount of system resources.)
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - (no file)
Important: Close all open windows except for HijackThis and then click Fix checked.
Once completed, exit HijackThis.
==================================
* Download the following tool: RootRepeal - Rootkit Detector (http://rootrepeal.googlepages.com/)
* Direct download link is here: RootRepeal.zip (http://rootrepeal.googlepages.com/RootRepeal.zip)
* Close all programs and temporarily disable your anti-virus, Firewall and any anti-malware real-time protection before performing a scan.
* Click this link (http://www.bleepingcomputer.com/forums/topic114351.html) to see a list of such programs and how to disable them.
* Extract the program file to a new folder such as C:\RootRepeal
* Run the program RootRepeal.exe and go to the REPORT tab and click on the Scan button.
* Select ALL of the checkboxes and then click OK and it will start scanning your system.
* If you have multiple drives you only need to check the C: drive or the one Windows is installed on.
* When done, click on Save Report
* Save it to the same location where you ran it from, such as C:RootRepeal
* Save it as rootrepeal.txt
* Then open that log and select all and copy/paste it back on your next reply please.
* Close RootRepeal.
-
Hi Dave,
I appreciate your help.
If you don't have a login to the GSI site you may use the following login:
Username: kasperskyantivirus
Password: password
I ran HJT and followed the directions.
Here is my log from RootRepeal:
(Note: at the end of the scan I recieved the error message "Unable to scan the system registry, please contact the program author")
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/04/14 23:35
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP1
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\Windows\System32\Drivers\dump_atapi.sys
Address: 0x98B90000 Size: 32768 File Visible: No Signed: -
Status: -
Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x98B85000 Size: 45056 File Visible: No Signed: -
Status: -
Name: dump_dumpfve.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpfve.sys
Address: 0x98B98000 Size: 69632 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xA8943000 Size: 49152 File Visible: No Signed: -
Status: -
Hidden/Locked Files
-------------------
Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{39df6ed1-4706-11df-b613-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{3ea23e55-41a7-11df-bf1e-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{54718a68-3f3a-11df-8de3-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{54718a81-3f3a-11df-8de3-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{5bfbd797-32fa-11df-9941-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{5bfbd7ba-32fa-11df-9941-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{5bfbd7cc-32fa-11df-9941-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{5bfbd7f7-32fa-11df-9941-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{7e3c21c8-46a8-11df-b99e-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{97d67976-42c2-11df-bbd4-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{9afacf5e-3fa2-11df-bd8a-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{9afacf76-3fa2-11df-bd8a-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{A5A42~1
Status: Locked to the Windows API!
Path: C:\System Volume Information\{A5A42~2
Status: Locked to the Windows API!
Path: C:\System Volume Information\{A5A42~3
Status: Locked to the Windows API!
Path: C:\System Volume Information\{a5a4229b-35f6-11df-a72d-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{AE224~1
Status: Locked to the Windows API!
Path: C:\System Volume Information\{a5a4230b-35f6-11df-a72d-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{a5a4233b-35f6-11df-a72d-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{5bfbd79b-32fa-11df-9941-001fd080afd9}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!
Path: C:\System Volume Information\{A5A42~4
Status: Locked to the Windows API!
Path: C:\Windows\System32\3AC100~1.VBS
Status: Locked to the Windows API!
Path: C:\Windows\System32\GATHER~1.XSL
Status: Locked to the Windows API!
Path: c:\windows\temp\flaff60.tmp
Status: Allocation size mismatch (API: 589824, Raw: 0)
Path: C:\Program Files\Windows Media Player\Network Sharing\RENDER~1.XML
Status: Locked to the Windows API!
Path: C:\Windows\Microsoft.NET\Framework\NETFXS~1.HKF
Status: Locked to the Windows API!
Path: C:\Windows\System32\wbem\MSFEED~1.MOF
Status: Locked to the Windows API!
Path: C:\Windows\System32\wbem\PRINTF~1.MOF
Status: Locked to the Windows API!
Path: C:\Windows\inf\.NET CLR Data\_DATAP~1.H
Status: Locked to the Windows API!
Path: C:\Windows\inf\.NET CLR Networking\_NETWO~1.H
Status: Locked to the Windows API!
Path: C:\Windows\inf\.NET Data Provider for SqlServer\_DATAP~2.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b59bae9d65014b98.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_5d1777c2e857a23b.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_81c25f21d3d46d84.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_abac38a907ee8801.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.30729.1_none_bb1f6aa1308c35eb.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_54c11df268b7c6d9.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.flightsimulator.simconnect_67c7c14424d61b5b_10.0.61242.0_none_e079b46b85043c20.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.debugmfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_bfff6c932d60651e.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_a6e4a7980e9b18a2.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_9193a620671dde41.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.debugmfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_5c94f2bbe7d4aaf6.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_818f59bf601aa775.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.debugcrt_1fc8b3b9a1e18e3b_9.0.30729.1_none_61305e07e4f1bc01.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_7658964504b9f3b6.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_8e053e8c6967ba9d.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_7ab8cc63a6e4c2a3.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_5926f98ceadc42c2.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9818.0_none_b7e811947b297f6d.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_58843c41d2730d3f.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8dd7dea5d5a7a18a.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4ddfc6cd11929a02.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cda6db.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.21022.8_none_bdf22a22ab9e15d5.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9876.0_none_b7e610287b2b4ea5.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc0ea08098.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.1.0.0_none_6c030d6fdc86522c.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_7dd1e0ebd6590e0b.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.flightsimulator.simconnect_67c7c14424d61b5b_10.0.60905.0_none_dd92b94d8a196297.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.21022.8_none_5ce47260749ddc2c.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003bc63e949f6.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_58b19c2866332652.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f0efb442f8a0f46c.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8a14c0566bec5b24.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.21022.8_none_b81d038aaf540e86.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_45e008191e507087.cat
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\msil_jsc_b03f5f7f11d50a3a_6.0.6000.16720_none_a7f9fcdcd724c803\JSCEXE~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\msil_jsc_b03f5f7f11d50a3a_6.0.6000.20883_none_91321380f0c70cf6\JSCEXE~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\msil_jsc_b03f5f7f11d50a3a_6.0.6001.18111_none_a7d4e192d776d4a4\JSCEXE~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\msil_jsc_b03f5f7f11d50a3a_6.0.6001.22230_none_9109522ef11c4db7\JSCEXE~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_caspol_b03f5f7f11d50a3a_6.0.6000.16386_none_6c022a44ef879fba\CASPOL~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_caspol_b03f5f7f11d50a3a_6.0.6000.16720_none_6bfcb0a8ef8c6f2e\CASPOL~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_caspol_b03f5f7f11d50a3a_6.0.6000.20883_none_5534c74d092eb421\CASPOL~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_caspol_b03f5f7f11d50a3a_6.0.6001.18111_none_6bd7955eefde7bcf\CASPOL~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_caspol_b03f5f7f11d50a3a_6.0.6001.22230_none_550c05fb0983f4e2\CASPOL~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.17022_none_0eef72aeb7ba5ba2\APPLIC~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6000.21227_none_0f7e12d1d0d37746\APPLIC~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6000.16386_none_0041f38286aeaf07\MICROS~2.MAN
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6000.16386_none_0041f38286aeaf07\MI2095~1.MAN
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\RENDER~1.XML
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6000.16386_none_2976d78dde7bcc93\PRINTF~1.MOF
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_microsoft-windows-s..component.resources_31bf3856ad364e35_6.0.6001.18000_en-us_817b5730b9a6e374\W32UIRes.dll.mui2
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6001.18000_none_322c7e4ead424897\W32UIRes.dll2
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6000.16720_none_7c654fdc62654993\ASPNET~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6000.20883_none_659d66807c078e86\ASPNET~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6001.18111_none_7c40349262b75634\ASPNET~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6001.22230_none_6574a52e7c5ccf47\ASPNET~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\CHOOSE~1.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\MANAGE~1.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\MANAGE~2.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.20883_none_5c5ddf0bf0ca5e03\CHOOSE~1.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.20883_none_5c5ddf0bf0ca5e03\MANAGE~1.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.20883_none_5c5ddf0bf0ca5e03\MANAGE~2.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.18111_none_7300ad1dd77a25b1\CHOOSE~1.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.18111_none_7300ad1dd77a25b1\MANAGE~1.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.18111_none_7300ad1dd77a25b1\MANAGE~2.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.22230_none_5c351db9f11f9ec4\CHOOSE~1.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.22230_none_5c351db9f11f9ec4\MANAGE~1.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.22230_none_5c351db9f11f9ec4\MANAGE~2.ASP
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\CHOOSE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\MANAGE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\MANAGE~2.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\PROVID~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\CHOOSE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\MANAGE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\MANAGE~2.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\PROVID~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\CHOOSE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\MANAGE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\MANAGE~2.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\PROVID~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6000.16720_none_b103fb905f6db0d9\MANAGE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6000.20883_none_9a3c1234790ff5cc\MANAGE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6001.18111_none_b0dee0465fbfbd7a\MANAGE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6001.22230_none_9a1350e27965368d\MANAGE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WIZARD~2.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WIZARD~3.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WIZARD~4.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WI1344~1.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WI5BF5~1.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WIZARD~2.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WIZARD~3.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WIZARD~4.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WI1344~1.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WI5BF5~1.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WIZARD~2.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WIZARD~3.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WIZARD~4.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WI1344~1.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WI5BF5~1.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webmintrust_config_b03f5f7f11d50a3a_6.0.6000.16720_none_e2c358ab062e054b\WEB_MI~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webmintrust_config_b03f5f7f11d50a3a_6.0.6000.20883_none_cbfb6f4f1fd04a3e\WEB_MI~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webmintrust_config_b03f5f7f11d50a3a_6.0.6001.18111_none_e29e3d61068011ec\WEB_MI~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webmintrust_config_b03f5f7f11d50a3a_6.0.6001.22230_none_cbd2adfd20258aff\WEB_MI~1.CON
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6000.16720_none_ea4958dde0dcb61b\_DATAP~1.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6000.16720_none_ea4958dde0dcb61b\_DATAP~2.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6000.20883_none_d3816f81fa7efb0e\_DATAP~1.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6000.20883_none_d3816f81fa7efb0e\_DATAP~2.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6001.18111_none_ea243d93e12ec2bc\_DATAP~1.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6001.18111_none_ea243d93e12ec2bc\_DATAP~2.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6001.22230_none_d358ae2ffad43bcf\_DATAP~1.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-data_perf_h_b03f5f7f11d50a3a_6.0.6001.22230_none_d358ae2ffad43bcf\_DATAP~2.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-fw_perfcounters_b03f5f7f11d50a3a_6.0.6000.16386_none_96ee0340e66c3abe\_NETWO~1.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-fw_perfcounters_b03f5f7f11d50a3a_6.0.6000.16720_none_96e889a4e6710a32\_NETWO~1.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-fw_perfcounters_b03f5f7f11d50a3a_6.0.6000.20883_none_8020a04900134f25\_NETWO~1.H
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\CHOOSE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\MANAGE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\MANAGE~2.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\PROVID~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6001.18111_none_87ae800b19ca9087\MANAGE~1.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6001.18111_none_87ae800b19ca9087\MANAGE~2.RES
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WIZARD~2.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WIZARD~3.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WIZARD~4.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WI1344~1.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WI5BF5~1.ASC
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-msbuild_commontypes_schema_b03f5f7f11d50a3a_6.0.6000.16720_none_7081409dee51e2d7\4C5DE2~1.XSD
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-msbuild_commontypes_schema_b03f5f7f11d50a3a_6.0.6000.20883_none_59b9574207f427ca\4C5DE2~1.XSD
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-msbuild_commontypes_schema_b03f5f7f11d50a3a_6.0.6001.18111_none_705c2553eea3ef78\4C5DE2~1.XSD
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-msbuild_commontypes_schema_b03f5f7f11d50a3a_6.0.6001.22230_none_599095f00849688b\4C5DE2~1.XSD
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6000.16720_none_b462fc0cbe880bcb\MICROS~1.XSD
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6000.20883_none_9d9b12b0d82a50be\MICROS~1.XSD
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6001.18111_none_b43de0c2beda186c\MICROS~1.XSD
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-msbuild_core_schema__b03f5f7f11d50a3a_6.0.6001.22230_none_9d72515ed87f917f\MICROS~1.XSD
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-netfxsbs12_hkf_31bf3856ad364e35_6.0.6000.16720_none_0bca521ee450d037\NETFXS~1.HKF
Status: Locked to the Windows API!
Path: C:\Windows\winsxs\x86_netfx-ado_net_diag_b03f5f7f11d50a3a_6.0.6000.16386_none_6d869912e7931eda\ADONET~1.MOF
Status: Locked to the Windows API!
Path: c:\windows\winsxs\x86_wcf-m_tx_bridge_perf_c_ini_31bf3856ad364e35_6.0.6000.16386_none_7e4886cd31591fb3\_transactionbridgeperfcounters_d.ini
Status: AllocatioProcesses
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!
Path: C:\Windows\System32\audiodg.exe
PID: 1428 Status: Locked to the Windows API!
SSDT
-------------------
#: 012 Function Name: NtAdjustPrivilegesToken
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732ebd0
#: 021 Function Name: NtAlpcConnectPort
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733052c
#: 022 Function Name: NtAlpcCreatePort
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87330782
#: 038 Function Name: NtAlpcSendWaitReceivePort
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x873309fc
#: 048 Function Name: NtClose
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732f450
#: 054 Function Name: NtConnectPort
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732fb32
#: 058 Function Name: NtCreateEvent
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732ff3c
#: 060 Function Name: NtCreateFile
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732f5f8
#: 067 Function Name: NtCreateMutant
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732fe14
#: 068 Function Name: NtCreateNamedPipeFile
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732e7d6
#: 071 Function Name: NtCreatePort
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732fcd0
#: 075 Function Name: NtCreateSection
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732e992
#: 076 Function Name: NtCreateSemaphore
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733006e
#: 077 Function Name: NtCreateSymbolicLinkObject
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87331cb0
#: 078 Function Name: NtCreateThread
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732f0ee
#: 115 Function Name: NtCreateWaitablePort
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732fd72
#: 116 Function Name: NtDebugActiveProcess
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x873316a2
#: 129 Function Name: NtDuplicateObject
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87332672
#: 150 Function Name: NtFsControlFile
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732f752
#: 165 Function Name: NtLoadDriver
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87331734
#: 177 Function Name: NtMapViewOfSection
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87331d64
#: 184 Function Name: NtOpenEvent
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732ffde
#: 186 Function Name: NtOpenFile
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732f4d2
#: 191 Function Name: NtOpenMutant
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732feac
#: 194 Function Name: NtOpenProcess
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732edd6
#: 197 Function Name: NtOpenSection
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87331cda
#: 198 Function Name: NtOpenSemaphore
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87330110
#: 201 Function Name: NtOpenThread
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732ecfa
#: 219 Function Name: NtQueryDirectoryObject
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87330c3e
#: 242 Function Name: NtQuerySection
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733207c
#: 255 Function Name: NtQueueApcThread
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x873319ca
#: 270 Function Name: NtReplyPort
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733049a
#: 271 Function Name: NtReplyWaitReceivePort
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87330360
#: 276 Function Name: NtRequestWaitReplyPort
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87331442
#: 282 Function Name: NtResumeThread
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87332554
#: 286 Function Name: NtSecureConnectPort
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732f86c
#: 289 Function Name: NtSetContextThread
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732f30c
#: 307 Function Name: NtSetInformationToken
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87330cf2
#: 314 Function Name: NtSetSecurityObject
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733182e
#: 317 Function Name: NtSetSystemInformation
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x873321bc
#: 330 Function Name: NtSuspendProcess
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x873322a0
#: 331 Function Name: NtSuspendThread
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x873323c8
#: 332 Function Name: NtSystemDebugControl
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x873315ce
#: 334 Function Name: NtTerminateProcess
Status: Hooked by "C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS" at address 0x98a8f320
#: 335 Function Name: NtTerminateThread
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732eea4
#: 348 Function Name: NtUnmapViewOfSection
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x87331f32
#: 358 Function Name: NtWriteVirtualMemory
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732f02e
#: 382 Function Name: NtCreateThreadEx
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8732f1ee
Stealth Objects
-------------------
Object: Hidden Module [Name: imageres.dll]
Process: Explorer.EXE (PID: 2028) Address: 0x66190000 Size: 21086208
Shadow SSDT
-------------------
#: 013 Function Name: NtGdiBitBlt
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733fd1c
#: 235 Function Name: NtGdiMaskBlt
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733fde6
#: 245 Function Name: NtGdiPlgBlt
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733fe50
#: 301 Function Name: NtGdiStretchBlt
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733fd80
#: 317 Function Name: NtUserAttachThreadInput
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733f930
#: 333 Function Name: NtUserCallOneParam
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733fce8
#: 391 Function Name: NtUserFindWindowEx
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733fb1e
#: 397 Function Name: NtUserGetAsyncKeyState
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733f898
#: 428 Function Name: NtUserGetKeyboardState
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733fc20
#: 430 Function Name: NtUserGetKeyState
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733f8e4
#: 479 Function Name: NtUserMessageCall
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733fa70
#: 497 Function Name: NtUserPostMessage
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733f9c6
#: 498 Function Name: NtUserPostThreadMessage
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733fa1a
#: 513 Function Name: NtUserRegisterRawInputDevices
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733fbb0
#: 525 Function Name: NtUserSendInput
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733fad0
#: 573 Function Name: NtUserSetWindowsHookEx
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733f7e8
#: 576 Function Name: NtUserSetWinEventHook
Status: Hooked by "C:\Windows\system32\DRIVERS\klif.sys" at address 0x8733f83e
==EOF==
-
Ok. I was able to get into the GSI scan. If you go into it you will see two drivers to update. You can update those drivers from there.
Download ComboFix by sUBs from one of the below links. Be sure to save it to the Desktop.
link # 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link # 2 (http://subs.geekstogo.com/ComboFix.exe)
Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.
Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link (http://www.bleepingcomputer.com/forums/topic114351.html) to see a list of security programs that should be disabled and how to disable them.
Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix log and a new HijackThis log in your next reply.
NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.
Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.
-
I updated my ethernet adapter drivers.
My new GSI:
http://www.getsysteminfo.com/read.php?file=b5c859b27f67367310fdee6eb9f7f0ff
I ran Combofix as an administrator from an administrator account, however I received many lines of the error message "Access denied. Unable to complete the operation. Use an administrator command prompt to complete this operation."
When Combofix finished scanning, I recieved the message "Combofix had detected the presence of rootkit activity and needs to reboot the machine.
Before rebooting, I recieved more lines of the error message, "Access denied. Unable to complete the operation. Use an administrator command prompt to complete this operation."
Upon reboot I recieved no confirmation from Combofix, nor did I get a logfile.
My new HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:04:46 PM, on 4/15/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\sniper.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O13 - Gopher Prefix:
O16 - DPF: {7557F5AA-D486-401D-BE55-0163FA78B5B8} (SkyFex Expert Object) - https://skyfex.com/download/SkyFexExpert.cab
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} (Enlite 2.x Simulation Engine Installer) - http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
O22 - SharedTaskScheduler: Ave's FolderBg - {73526E5A-FD53-4BE7-B5E2-D3C89D7413DC} - C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
O23 - Service: Access Utility Service - SprintNextel - C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\Windows\system32\CSHelper.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home XII.SP2c\RpcAgentSrv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
--
End of file - 9008 bytes
-
Please delete your copy of ComboFix and do this.
Download this << file >> (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) & extract TDSSKiller.exe onto your Desktop
Then create this batch file to be placed next to TDSSKiller
=====
Open NOTEPAD.exe and copy/paste the text in the quotebox below into it:
@ECHO OFF
START /WAIT TDSSKILLER.exe -l Logit.txt -v
START Logit.txt
del %0Save this as fix.bat Choose to "Save type as - All Files"
It should look like this: (http://i266.photobucket.com/albums/ii277/sUBs_/bat_icon.gif)
Double click on fix.bat & allow it to run
Post back to tell me what it says
-
It says:
Scanning Kernel memory ...
Driver "atapi" infected by TDSS rootkit!
File "C:\Windows\system32\drivers\atapi.sys" infected by TDSS rootkit ... will be cured on next reboot.
The machine then rebooted, the driver atapi.sys was not cured though.
-
Here is the log it gave me:
21:15:03:571 2812 TDSS rootkit removing tool 2.2.8.1 Mar 22 2010 10:43:04
21:15:03:571 2812 ================================================================================
21:15:03:571 2812 SystemInfo:
21:15:03:571 2812 OS Version: 6.0.6001 ServicePack: 1.0
21:15:03:571 2812 Product type: Workstation
21:15:03:571 2812 ComputerName: HEAVENH-IPND9NT
21:15:03:571 2812 UserName: Administrator
21:15:03:571 2812 Windows directory: C:\Windows
21:15:03:571 2812 Processor architecture: Intel x86
21:15:03:571 2812 Number of processors: 4
21:15:03:571 2812 Page size: 0x1000
21:15:03:633 2812 Boot type: Normal boot
21:15:03:633 2812 ================================================================================
21:15:03:633 2812 UnloadDriverW: NtUnloadDriver error 2
21:15:03:633 2812 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2
21:15:04:008 2812 wfopen_ex: Trying to open file C:\Windows\system32\config\system
21:15:04:008 2812 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
21:15:04:008 2812 wfopen_ex: Trying to KLMD file open
21:15:04:008 2812 wfopen_ex: File opened ok (Flags 2)
21:15:04:023 2812 wfopen_ex: Trying to open file C:\Windows\system32\config\software
21:15:04:023 2812 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
21:15:04:023 2812 wfopen_ex: Trying to KLMD file open
21:15:04:023 2812 wfopen_ex: File opened ok (Flags 2)
21:15:04:023 2812 Initialize success
21:15:04:023 2812
21:15:04:023 2812 Scanning Services ...
21:15:09:218 2812 Raw services enum returned 509 services
21:15:09:234 2812
21:15:09:234 2812 Scanning Kernel memory ...
21:15:09:234 2812 Devices to scan: 3
21:15:09:234 2812
21:15:09:234 2812 Driver Name: atapi
21:15:09:234 2812 IRP_MJ_CREATE : 86B720FC
21:15:09:234 2812 IRP_MJ_CREATE_NAMED_PIPE : 860D9887
21:15:09:234 2812 IRP_MJ_CLOSE : 86B720FC
21:15:09:234 2812 IRP_MJ_READ : 860D9887
21:15:09:234 2812 IRP_MJ_WRITE : 860D9887
21:15:09:234 2812 IRP_MJ_QUERY_INFORMATION : 860D9887
21:15:09:234 2812 IRP_MJ_SET_INFORMATION : 860D9887
21:15:09:234 2812 IRP_MJ_QUERY_EA : 860D9887
21:15:09:234 2812 IRP_MJ_SET_EA : 860D9887
21:15:09:234 2812 IRP_MJ_FLUSH_BUFFERS : 860D9887
21:15:09:234 2812 IRP_MJ_QUERY_VOLUME_INFORMATION : 860D9887
21:15:09:234 2812 IRP_MJ_SET_VOLUME_INFORMATION : 860D9887
21:15:09:234 2812 IRP_MJ_DIRECTORY_CONTROL : 860D9887
21:15:09:234 2812 IRP_MJ_FILE_SYSTEM_CONTROL : 860D9887
21:15:09:234 2812 IRP_MJ_DEVICE_CONTROL : 86B609D6
21:15:09:234 2812 IRP_MJ_INTERNAL_DEVICE_CONTROL : 86B609A8
21:15:09:234 2812 IRP_MJ_SHUTDOWN : 860D9887
21:15:09:234 2812 IRP_MJ_LOCK_CONTROL : 860D9887
21:15:09:234 2812 IRP_MJ_CLEANUP : 860D9887
21:15:09:234 2812 IRP_MJ_CREATE_MAILSLOT : 860D9887
21:15:09:234 2812 IRP_MJ_QUERY_SECURITY : 860D9887
21:15:09:234 2812 IRP_MJ_SET_SECURITY : 860D9887
21:15:09:234 2812 IRP_MJ_POWER : 86B60A04
21:15:09:234 2812 IRP_MJ_SYSTEM_CONTROL : 86B6DB70
21:15:09:234 2812 IRP_MJ_DEVICE_CHANGE : 860D9887
21:15:09:234 2812 IRP_MJ_QUERY_QUOTA : 860D9887
21:15:09:234 2812 IRP_MJ_SET_QUOTA : 860D9887
21:15:09:234 2812 C:\Windows\system32\drivers\atapi.sys - Verdict: 1
21:15:09:234 2812
21:15:09:234 2812 Driver Name: atapi
21:15:09:234 2812 IRP_MJ_CREATE : 86B720FC
21:15:09:234 2812 IRP_MJ_CREATE_NAMED_PIPE : 860D9887
21:15:09:234 2812 IRP_MJ_CLOSE : 86B720FC
21:15:09:234 2812 IRP_MJ_READ : 860D9887
21:15:09:234 2812 IRP_MJ_WRITE : 860D9887
21:15:09:234 2812 IRP_MJ_QUERY_INFORMATION : 860D9887
21:15:09:234 2812 IRP_MJ_SET_INFORMATION : 860D9887
21:15:09:249 2812 IRP_MJ_QUERY_EA : 860D9887
21:15:09:249 2812 IRP_MJ_SET_EA : 860D9887
21:15:09:249 2812 IRP_MJ_FLUSH_BUFFERS : 860D9887
21:15:09:249 2812 IRP_MJ_QUERY_VOLUME_INFORMATION : 860D9887
21:15:09:249 2812 IRP_MJ_SET_VOLUME_INFORMATION : 860D9887
21:15:09:249 2812 IRP_MJ_DIRECTORY_CONTROL : 860D9887
21:15:09:249 2812 IRP_MJ_FILE_SYSTEM_CONTROL : 860D9887
21:15:09:249 2812 IRP_MJ_DEVICE_CONTROL : 86B609D6
21:15:09:249 2812 IRP_MJ_INTERNAL_DEVICE_CONTROL : 86B609A8
21:15:09:249 2812 IRP_MJ_SHUTDOWN : 860D9887
21:15:09:249 2812 IRP_MJ_LOCK_CONTROL : 860D9887
21:15:09:249 2812 IRP_MJ_CLEANUP : 860D9887
21:15:09:249 2812 IRP_MJ_CREATE_MAILSLOT : 860D9887
21:15:09:249 2812 IRP_MJ_QUERY_SECURITY : 860D9887
21:15:09:249 2812 IRP_MJ_SET_SECURITY : 860D9887
21:15:09:249 2812 IRP_MJ_POWER : 86B60A04
21:15:09:249 2812 IRP_MJ_SYSTEM_CONTROL : 86B6DB70
21:15:09:249 2812 IRP_MJ_DEVICE_CHANGE : 860D9887
21:15:09:249 2812 IRP_MJ_QUERY_QUOTA : 860D9887
21:15:09:249 2812 IRP_MJ_SET_QUOTA : 860D9887
21:15:09:249 2812 C:\Windows\system32\drivers\atapi.sys - Verdict: 1
21:15:09:249 2812
21:15:09:249 2812 Driver Name: atapi
21:15:09:249 2812 IRP_MJ_CREATE : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_CREATE_NAMED_PIPE : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_CLOSE : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_READ : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_WRITE : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_QUERY_INFORMATION : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_SET_INFORMATION : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_QUERY_EA : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_SET_EA : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_FLUSH_BUFFERS : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_QUERY_VOLUME_INFORMATION : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_SET_VOLUME_INFORMATION : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_DIRECTORY_CONTROL : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_FILE_SYSTEM_CONTROL : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_DEVICE_CONTROL : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_INTERNAL_DEVICE_CONTROL : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_SHUTDOWN : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_LOCK_CONTROL : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_CLEANUP : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_CREATE_MAILSLOT : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_QUERY_SECURITY : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_SET_SECURITY : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_POWER : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_SYSTEM_CONTROL : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_DEVICE_CHANGE : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_QUERY_QUOTA : 8EFA6AC8
21:15:09:249 2812 IRP_MJ_SET_QUOTA : 8EFA6AC8
21:15:09:249 2812 Driver "atapi" infected by TDSS rootkit!
21:15:09:249 2812 C:\Windows\system32\drivers\atapi.sys - Verdict: 1
21:15:09:249 2812 File "C:\Windows\system32\drivers\atapi.sys" infected by TDSS rootkit ... 21:15:09:249 2812 Processing driver file: C:\Windows\system32\drivers\atapi.sys
21:15:11:355 2812 vfvi6
21:15:11:574 2812 dsvbh1
21:15:13:759 2812 fdfb1
21:15:13:759 2812 Backup copy found, using it..
21:15:14:367 2812 will be cured on next reboot
21:15:14:367 2812 Reboot required for cure complete..
21:15:14:398 2812 Cure on reboot scheduled successfully
21:15:14:398 2812
21:15:14:398 2812 Completed
21:15:14:398 2812
21:15:14:398 2812 Results:
21:15:14:398 2812 Memory objects infected / cured / cured on reboot: 1 / 0 / 0
21:15:14:398 2812 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
21:15:14:398 2812 File objects infected / cured / cured on reboot: 1 / 0 / 1
21:15:14:398 2812
21:15:14:398 2812 fclose_ex: Trying to close file C:\Windows\system32\config\system
21:15:14:398 2812 fclose_ex: Trying to close file C:\Windows\system32\config\software
21:15:14:398 2812 UnloadDriverW: NtUnloadDriver error 1
21:15:14:414 2812 KLMD(ARK) unloaded successfully
-
Please re-run Combofix as instructed in Reply # 4 and post the log.
-
I re-ran Combofix as instructed in Reply # 4, I got the same results with the error messages. It still stated it found rootkit activity and needed to reboot. Upon reboot no log was generated.
-
Ok. Let's try this. Delete your copy of ComboFix and do this.
Please download ComboFix (http://img7.imageshack.us/img7/4930/combofix.gif) from BleepingComputer.com (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Alternate link: GeeksToGo.com (http://subs.geekstogo.com/ComboFix.exe)
Rename ComboFix.exe to commy.exe before you save it to your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here (http://www.bleepingcomputer.com/forums/topic114351.html)
Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.
If you have problems with ComboFix usage, see How to use ComboFix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)
-
After many tries of running combofix and many BSOD's i finally got it to complete.
Below is the log:
ComboFix 10-04-15.05 - Administrator 04/17/2010 11:18:12.5.4 - x86
Windows Windows Vista™ Extreme Edition 6.0.6001.1.1252.1.1033.18.3326.2047 [GMT -5:00]
Running from: c:\users\Administrator\Desktop\commy.exe
Command switches used :: /stepdel
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Created from 2010-03-17 to 2010-04-17 )))))))))))))))))))))))))))))))
.
2010-04-17 16:28 . 2010-04-17 16:28 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2010-04-17 16:28 . 2010-04-17 16:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-16 02:20 . 2010-01-21 16:46 441168 ----a-w- c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k8nxc5os.default\extensions\[email protected]\plugins\npLogitechDeviceDetection.dll
2010-04-15 23:21 . 2010-03-05 02:50 261152 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2010-04-15 23:21 . 2010-02-04 01:24 94208 ----a-w- c:\windows\system32\RTNUninst32.dll
2010-04-15 23:21 . 2009-12-03 22:27 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-04-15 04:33 . 2010-04-15 04:58 -------- d-----w- C:\RootRepeal
2010-04-14 02:00 . 2010-04-14 02:00 -------- d-----w- c:\program files\Trend Micro
2010-04-13 04:01 . 2010-04-13 04:01 52224 ----a-w- c:\users\Administrator\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-04-13 04:01 . 2010-04-13 04:01 117760 ----a-w- c:\users\Administrator\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-04-13 04:00 . 2010-04-13 04:00 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-04-13 03:59 . 2010-04-13 03:59 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-04-13 03:59 . 2010-04-13 03:59 -------- d-----w- c:\users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
2010-04-13 03:18 . 2010-04-13 03:18 12872 ----a-w- c:\windows\system32\bootdelete.exe
2010-04-13 03:07 . 2010-04-13 03:19 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-04-13 03:07 . 2010-04-13 03:18 -------- d-----w- c:\programdata\Hitman Pro
2010-04-13 03:07 . 2010-04-13 03:07 -------- d-----w- c:\program files\Hitman Pro 3.5
2010-04-13 02:50 . 2010-04-13 02:50 -------- d-----w- c:\windows\Vista
2010-04-09 00:31 . 2010-04-09 00:36 -------- d-----w- C:\CF21711C
2010-04-09 00:23 . 2010-04-09 00:25 -------- d-----w- C:\CF14740C
2010-04-09 00:21 . 2010-04-09 00:23 -------- d-----w- C:\CF26000C
2010-04-09 00:20 . 2010-04-09 00:20 -------- d-----w- C:\CF
2010-04-08 04:12 . 2010-04-08 04:12 -------- d-----w- c:\program files\Sophos
2010-04-06 18:17 . 2010-04-06 18:17 -------- d-----w- c:\program files\FileASSASSIN
2010-04-06 18:12 . 2010-04-06 18:12 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared
2010-04-06 18:12 . 2010-04-06 18:12 -------- d-----w- c:\program files\GiPo@Utilities
2010-04-06 04:16 . 2010-04-06 17:23 -------- d-----w- c:\program files\Common Files\PC Tools
2010-04-04 04:47 . 2010-04-04 04:47 270398 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{F2080246-09F7-4AAA-81D3-797A5D495D65}\_6FEFF9B68218417F98F549.exe
2010-04-04 04:47 . 2010-04-04 04:47 270398 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{F2080246-09F7-4AAA-81D3-797A5D495D65}\_62540AA1BC7B99A206401C.exe
2010-04-04 04:47 . 2010-04-04 04:47 -------- d-----w- c:\program files\Jugaari
2010-04-04 04:22 . 2008-03-19 21:13 36864 ----a-w- c:\windows\system32\V0500Pin.dll
2010-04-04 04:22 . 2008-03-19 21:13 32768 ----a-w- c:\windows\system32\V0500Hwx.dll
2010-04-04 04:22 . 2008-03-19 21:13 262144 ----a-w- c:\windows\system32\V0500Cvw.dll
2010-04-04 04:22 . 2008-03-19 21:13 251264 ----a-w- c:\windows\system32\drivers\V0500Vid.sys
2010-04-04 04:22 . 2008-03-19 21:13 20480 ----a-w- c:\windows\system32\V0500Srv.exe
2010-04-04 04:22 . 2008-03-19 21:12 90112 ----a-w- c:\windows\CtDrvIns.exe
2010-03-31 11:16 . 2010-03-31 11:16 658184 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-03-22 21:04 . 2010-03-22 21:04 255472 ----a-w- c:\users\Administrator\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
2010-03-20 02:29 . 2010-03-20 02:29 23 --sha-w- c:\windows\system32\edacded0.dat
2010-03-20 02:29 . 2010-03-20 02:29 -------- d-----w- c:\program files\jv16 PowerTools 2009
2010-03-19 17:44 . 2010-03-19 17:44 -------- d-----w- c:\program files\SoftLogica
2010-03-19 02:03 . 2010-03-19 02:05 -------- d-----w- c:\users\Administrator\AppData\Local\GPUMonitor
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-17 16:06 . 2009-11-04 03:38 62927 ----a-w- c:\programdata\nvModes.dat
2010-04-17 16:06 . 2009-10-30 18:58 -------- d-----w- c:\programdata\Kaspersky Lab
2010-04-17 16:06 . 2009-05-09 02:19 -------- d-----w- c:\programdata\VMware
2010-04-17 16:06 . 2009-01-18 17:15 -------- d-----w- c:\programdata\NVIDIA
2010-04-16 17:37 . 2006-11-02 08:51 21560 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-04-16 16:00 . 2009-07-11 22:30 -------- d-----w- c:\users\Administrator\AppData\Roaming\vlc
2010-04-15 23:21 . 2009-01-18 17:16 -------- d-----w- c:\program files\Realtek
2010-04-15 04:28 . 2009-02-03 21:01 -------- d-----w- c:\users\Administrator\AppData\Roaming\uTorrent
2010-04-13 14:54 . 2009-09-14 19:46 21520 ----a-w- c:\windows\system32\drivers\klim6.sys
2010-04-13 03:58 . 2009-01-18 17:09 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-08 13:40 . 2006-11-02 08:51 21560 ----a-w- c:\windows\system32\drivers\atapi.svs
2010-04-08 03:59 . 2009-01-18 17:16 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-06 05:51 . 2009-01-25 20:06 -------- d-----w- c:\program files\ASTRA32
2010-04-06 04:29 . 2009-02-03 20:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-06 04:18 . 2009-04-01 02:24 5918776 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-03-29 20:24 . 2009-02-03 20:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 20:24 . 2009-02-03 20:46 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-15 01:36 . 2010-03-15 01:36 -------- d-----w- c:\program files\QS
2010-03-15 01:35 . 2010-03-15 01:35 -------- d-----w- c:\users\Administrator\AppData\Roaming\TeamViewer
2010-03-14 21:17 . 2009-02-03 21:01 -------- d-----w- c:\program files\uTorrent
2010-03-14 03:46 . 2010-03-14 03:44 -------- d-----w- c:\program files\PhotoRescue PC v3.1.14.12271
2010-03-14 03:36 . 2009-06-15 06:40 -------- d-----w- c:\programdata\OfficeRecovery
2010-03-14 03:33 . 2010-03-14 03:33 -------- d-----w- c:\users\Administrator\AppData\Roaming\OfficeRecovery
2010-03-14 03:32 . 2009-06-15 06:40 -------- d-----w- c:\program files\OfficeRecovery
2010-03-14 03:27 . 2010-03-14 03:25 -------- d-----w- c:\users\Administrator\AppData\Roaming\XnView
2010-03-13 22:49 . 2009-01-22 01:21 -------- d-----w- c:\program files\DOSBox-0.72
2010-03-13 04:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-13 04:00 . 2009-01-18 16:48 -------- d-----w- c:\programdata\Microsoft Help
2010-03-04 22:45 . 2009-04-21 01:02 -------- d-----w- c:\program files\Palm
2010-02-24 15:16 . 2009-10-08 16:59 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-24 14:02 . 2009-01-18 16:45 1356 ----a-w- c:\users\Administrator\AppData\Local\d3d9caps.dat
2010-02-23 06:39 . 2010-04-01 02:59 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-04-01 02:59 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-04-01 02:59 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-04-01 02:59 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-20 23:39 . 2010-03-13 03:56 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:37 . 2010-03-13 03:56 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 21:18 . 2010-03-13 03:56 411136 ----a-w- c:\windows\system32\drivers\http.sys
2010-02-18 02:21 . 2010-02-18 02:21 -------- d-----w- c:\program files\PdaNet for iPhone
2010-01-25 12:48 . 2010-03-02 03:39 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:48 . 2010-03-02 03:39 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:48 . 2010-03-02 03:39 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:48 . 2010-03-02 03:39 472064 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 12:45 . 2010-03-02 03:39 329216 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:35 . 2010-03-02 03:39 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:35 . 2010-03-02 03:39 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:34 . 2010-03-02 03:39 511488 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-25 08:34 . 2010-03-02 03:39 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-23 09:44 . 2010-03-02 03:39 2048 ----a-w- c:\windows\system32\tzres.dll
2008-04-04 09:50 . 2008-04-04 09:22 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
------- Sigcheck -------
[-] 2008-01-26 . 2406E3A5FAE743DCE81168A8CDB8573F . 247296 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-04-04 1233920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-04-04 1008184]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-21 340456]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DevconDefaultDB"="c:\windows\system32\READREG" [X]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{73526E5A-FD53-4BE7-B5E2-D3C89D7413DC}"= "c:\windows\System32\Branding\folderbg\VistaFolderBackground.dll" [2008-04-05 90112]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"wave"=DrvTrNTm.dll
"mixer"=DrvTrNTm.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.lnk
backup=c:\windows\pss\GammaTray.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HotSync Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEMonitor.lnk]
path=c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEMonitor.lnk
backup=c:\windows\pss\MEMonitor.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-06-12 03:43 640376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2008-06-12 07:25 37232 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 22:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
2008-05-29 17:49 1085440 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2007-12-21 22:57 86016 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2009-06-23 16:48 19456 ----a-w- c:\windows\System32\CtHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-04-04 09:46 125952 ----a-w- c:\windows\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-24 01:29 133104 ----atw- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 16:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2007-10-12 00:01 46368 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-07-13 19:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
2007-03-20 06:36 36864 ------r- c:\windows\RaidTool\xInsIDE.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicTuneEngine]
2008-10-08 14:04 69632 ----a-w- c:\program files\MagicTune Premium\MagicTuneEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 20:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-09-27 23:47 92776 ----a-w- c:\windows\System32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2007-10-12 00:03 29984 ----a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]
2007-08-31 14:01 328992 ----a-w- c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 22:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
2008-12-29 08:30 24576 ----a-w- c:\program files\RivaTuner v2.22\RivaTunerWrapper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 14:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-10-30 18:13 1217808 ----a-w- c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-03-09 10:19 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-04-10 03:57 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
2009-03-27 03:57 64048 ----a-w- c:\program files\VMware\VMware Player\hqtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys
R2 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [2009-02-15 266240]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS [2009-06-23 99352]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [2009-06-23 99352]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-09-19 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-09-19 79360]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS [2009-06-23 555032]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [2009-06-23 555032]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS [2009-06-23 100888]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [2009-06-23 100888]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS [2009-06-23 566296]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [2009-06-23 566296]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\270.tmp
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2007-12-04 33792]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2007-12-04 33792]
R3 V0500Dev;Dynex 1.3MP Webcam Driver;c:\windows\system32\DRIVERS\V0500Vid.sys [2008-03-19 251264]
R3 VirtualDK;VirtualDK;c:\users\Administrator\Desktop\usb_prep8\vdk.sys [2003-11-10 16283]
R4 BOHCI;BOHCI;
R4 BUHCI;BUHCI;
R4 BUSBD;BUSBD;
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-01-19 717296]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-15 36880]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-13 21520]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-02-17 66632]
S2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\ASTRA32.sys [2007-02-22 30864]
S2 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Professional Home XII.SP2c\RpcAgentSrv.exe [2008-04-24 98488]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2009-03-27 54960]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2010-03-19 14416]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-03 19472]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472]
S3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [2008-04-17 120472]
.
Contents of the 'Scheduled Tasks' folder
2010-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2956117359-1545118147-3684891927-500Core.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-24 01:29]
2010-04-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2956117359-1545118147-3684891927-500UA.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-24 01:29]
.
.
------- Supplementary Scan -------
.
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\VMware\VMware Player\vsocklib.dll
DPF: {7557F5AA-D486-401D-BE55-0163FA78B5B8} - hxxps://skyfex.com/download/SkyFexExpert.cab
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k8nxc5os.default\
FF - component: c:\program files\Mozilla *Blocked Russian URL*\components\KavLinkFilter.dll
FF - plugin: c:\progra~1\Palm\PACKAG~1\NPInstal.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npArtistScope42.dll
FF - plugin: c:\users\Administrator\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k8nxc5os.default\extensions\[email protected]\plugins\npLogitechDeviceDetection.dll
FF - plugin: c:\users\Administrator\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut. enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_ everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_a s_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugi n", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-klmdb.sys
MSConfigStartUp-Ad-Watch - c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe
MSConfigStartUp-FireflyShell - c:\program files\Firefly Media Server\FireflyShell.exe
MSConfigStartUp-HotSync - c:\program files\PalmSource\Desktop\HotSync.exe
MSConfigStartUp-NVIDIA nTune - c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe
AddRemove-BugOff - g:\malware\Utilities\Merijn Tools\BugOff\BugOff.exe
AddRemove-HijackThis - c:\program files\Trend Micro\HijackThis\HijackThis.exe
AddRemove-InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} - c:\program files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe
AddRemove-InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE} - c:\program files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-17 11:28
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8F466AC8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x870ba322
\Driver\ACPI -> acpi.sys @ 0x86a45d4c
\Driver\atapi -> ataport.SYS @ 0x86b549a8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->user & kernel MBR OK
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\270.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5 977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,5c,86,71,22,16,7a,47,80,54,0e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839 E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,5c,86,71,22,16,7a,47,80,54,0e,\
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M3U"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\vlc.exe"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\AcroRd32.exe"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.plist\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\pledit.exe"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.URL"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-04-17 11:32:26
ComboFix-quarantined-files.txt 2010-04-17 16:32
Pre-Run: 186,785,914,880 bytes free
Post-Run: 186,789,507,072 bytes free
- - End Of File - - 6386249BB3B4BA933A3A9BFA214C2DD3
-
Looking over your log it seems you don't have any antivirus software.
Before we continue download and install a free antivirus.
Remember to only install one antivirus!
1) Avast! Home Edition (http://www.majorgeeks.com/Avast_Home_Edition_d1968.html)
2) AVG Free Edition (http://www.majorgeeks.com/download.php?det=886)
3) Avira AntiVir Personal (http://www.majorgeeks.com/AntiVir_Personal_Edition_7_d955.html)
4) Microsoft Security Essentials for Windows Vista\Windows 7 (http://majorgeeks.com/Microsoft_Security_Essentials_for_Windows_VistaWindows_7_d6242.html) - 64 bit Download (http://majorgeeks.com/downloadget.php?id=6242&file=5&evp=9112d44b71f157fc5d7fcd7724b088ca)
4-a) Microsoft Security Essentials for Windows XP (http://majorgeeks.com/Microsoft_Security_Essentials_for_Windows_XP_d6243.html)
5) Comodo Antivirus (http://www.majorgeeks.com/Comodo_AntiVirus_d5109.html) (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" if you choose this one)
6) PC Tools AntiVirus Free Edition (http://www.majorgeeks.com/PC_Tools_AntiVirus_Free_Edition_d5469.html)
It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.
===============================
P2P - I see you have P2P software installed on your machine. (uTorrent) We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.
Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
================================
Please go to Jotti's malware scan (http://virusscan.jotti.org/)
(If more than one file needs scanned they must be done separately and logs posted for each one)
* Copy the file path in the below Code box:
C:\CF21711C
C:\CF14740C
C:\CF26000C
C:\CF
* At the upload site, click once inside the window next to Browse.
* Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
* Next click Submit file
* Your file will possibly be entered into a queue which normally takes less than a minute to clear.
* This will perform a scan across multiple different virus scanning engines.
* Important: Wait for all of the scanning engines to complete.
* Once the scan is finished, Copy and then Paste the link in the address bar into your next reply.
================================
-
I already have antivirus software. I have Kaspersky Internet Security 2010.
Those paths you gave to upload at Jotti's malware scan are directories, not files. Is there a way to scan entire directories using Jotti's malware scan? It would take forever to upload each file in each directory and subdirectory, one at a time. (There are 1,031 files in those 4 directories)
-
Those paths you gave to upload at Jotti's malware scan are directories, not files. Is there a way to scan entire directories using Jotti's malware scan? It would take forever to upload each file in each directory and subdirectory, one at a time. (There are 1,031 files in those 4 directories)
Oops. That's what I get for trying to do too many things at the same time. Sorry. We'll try to check those out some other way.
I already have antivirus software. I have Kaspersky Internet Security 2010.
The ComboFix log only shows Anti-spyware. No evidence of Kaspersky.
Download Security Check by screen317 from one of the following links and save it to your desktop.
Link 1 (http://screen317.spywareinfoforum.org/SecurityCheck.exe)
Link 2 (http://screen317.changelog.fr/SecurityCheck.exe)
* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Open the Security Check folder and double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
=================================
Download this << file >> (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) & extract TDSSKiller.exe onto your Desktop
Then create this batch file to be placed next to TDSSKiller
=====
Open NOTEPAD.exe and copy/paste the text in the quotebox below into it:
@ECHO OFF
START /WAIT TDSSKILLER.exe -l Logit.txt -v
START Logit.txt
del %0Save this as fix.bat Choose to "Save type as - All Files"
It should look like this: (http://i266.photobucket.com/albums/ii277/sUBs_/bat_icon.gif)
Double click on fix.bat & allow it to run
Post back to tell me what it says.
===========================
Note: the below instructions were created specifically for this user. If you are not this user, DO NOT follow these directions as they could damage the workings of your system
Delete these files/folders, as follows:
1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box by highlighting all the text and pressing Ctrl+C
KillAll::
DirLook::
C:\CF
3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!
(http://i154.photobucket.com/albums/s258/evilfantasy69/CFScript-1.gif)
ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.
Note: Do not mouseclick ComboFix's window while it is running. That may cause your system to freeze
==========================
Next post please include log from Security Check, ComboFix log and log from TDSSKiller.
-
My Security check log:
Results of screen317's Security Check version 0.99.3
Windows Vista Service Pack 1 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
Kaspersky Internet Security 2010
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
DH Driver Cleaner Professional Edition
Java(TM) 6 Update 20
Adobe Flash Player 10
Adobe Reader 9.3
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSASCui.exe
Windows Defender MSASCui.exe
Kaspersky Lab Kaspersky Internet Security 2010 avp.exe
Kaspersky Lab Kaspersky Internet Security 2010 klwtblfs.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)
``````````End of Log````````````
----------------------------------------------------------------------------------------------------------------------------------------------
My TDSSkiller log:
12:51:04:596 3000 TDSS rootkit removing tool 2.2.8.1 Mar 22 2010 10:43:04
12:51:04:596 3000 ================================================================================
12:51:04:596 3000 SystemInfo:
12:51:04:596 3000 OS Version: 6.0.6001 ServicePack: 1.0
12:51:04:596 3000 Product type: Workstation
12:51:04:596 3000 ComputerName: HEAVENH-IPND9NT
12:51:04:596 3000 UserName: Administrator
12:51:04:596 3000 Windows directory: C:\Windows
12:51:04:596 3000 Processor architecture: Intel x86
12:51:04:596 3000 Number of processors: 4
12:51:04:596 3000 Page size: 0x1000
12:51:04:596 3000 Boot type: Normal boot
12:51:04:596 3000 ================================================================================
12:51:04:596 3000 UnloadDriverW: NtUnloadDriver error 2
12:51:04:596 3000 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2
12:51:04:939 3000 wfopen_ex: Trying to open file C:\Windows\system32\config\system
12:51:04:939 3000 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
12:51:04:939 3000 wfopen_ex: Trying to KLMD file open
12:51:04:939 3000 wfopen_ex: File opened ok (Flags 2)
12:51:04:954 3000 wfopen_ex: Trying to open file C:\Windows\system32\config\software
12:51:04:954 3000 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
12:51:04:954 3000 wfopen_ex: Trying to KLMD file open
12:51:04:954 3000 wfopen_ex: File opened ok (Flags 2)
12:51:04:954 3000 Initialize success
12:51:04:954 3000
12:51:04:954 3000 Scanning Services ...
12:51:07:139 3000 Raw services enum returned 506 services
12:51:07:154 3000
12:51:07:154 3000 Scanning Kernel memory ...
12:51:07:154 3000 Devices to scan: 3
12:51:07:154 3000
12:51:07:154 3000 Driver Name: atapi
12:51:07:154 3000 IRP_MJ_CREATE : 86B610FC
12:51:07:154 3000 IRP_MJ_CREATE_NAMED_PIPE : 86099887
12:51:07:154 3000 IRP_MJ_CLOSE : 86B610FC
12:51:07:154 3000 IRP_MJ_READ : 86099887
12:51:07:154 3000 IRP_MJ_WRITE : 86099887
12:51:07:154 3000 IRP_MJ_QUERY_INFORMATION : 86099887
12:51:07:154 3000 IRP_MJ_SET_INFORMATION : 86099887
12:51:07:154 3000 IRP_MJ_QUERY_EA : 86099887
12:51:07:154 3000 IRP_MJ_SET_EA : 86099887
12:51:07:154 3000 IRP_MJ_FLUSH_BUFFERS : 86099887
12:51:07:154 3000 IRP_MJ_QUERY_VOLUME_INFORMATION : 86099887
12:51:07:154 3000 IRP_MJ_SET_VOLUME_INFORMATION : 86099887
12:51:07:154 3000 IRP_MJ_DIRECTORY_CONTROL : 86099887
12:51:07:154 3000 IRP_MJ_FILE_SYSTEM_CONTROL : 86099887
12:51:07:154 3000 IRP_MJ_DEVICE_CONTROL : 86B4F9D6
12:51:07:154 3000 IRP_MJ_INTERNAL_DEVICE_CONTROL : 86B4F9A8
12:51:07:154 3000 IRP_MJ_SHUTDOWN : 86099887
12:51:07:154 3000 IRP_MJ_LOCK_CONTROL : 86099887
12:51:07:154 3000 IRP_MJ_CLEANUP : 86099887
12:51:07:154 3000 IRP_MJ_CREATE_MAILSLOT : 86099887
12:51:07:154 3000 IRP_MJ_QUERY_SECURITY : 86099887
12:51:07:154 3000 IRP_MJ_SET_SECURITY : 86099887
12:51:07:154 3000 IRP_MJ_POWER : 86B4FA04
12:51:07:154 3000 IRP_MJ_SYSTEM_CONTROL : 86B5CB70
12:51:07:154 3000 IRP_MJ_DEVICE_CHANGE : 86099887
12:51:07:154 3000 IRP_MJ_QUERY_QUOTA : 86099887
12:51:07:154 3000 IRP_MJ_SET_QUOTA : 86099887
12:51:07:186 3000 C:\Windows\system32\drivers\atapi.sys - Verdict: 1
12:51:07:186 3000
12:51:07:186 3000 Driver Name: atapi
12:51:07:186 3000 IRP_MJ_CREATE : 86B610FC
12:51:07:186 3000 IRP_MJ_CREATE_NAMED_PIPE : 86099887
12:51:07:186 3000 IRP_MJ_CLOSE : 86B610FC
12:51:07:186 3000 IRP_MJ_READ : 86099887
12:51:07:186 3000 IRP_MJ_WRITE : 86099887
12:51:07:186 3000 IRP_MJ_QUERY_INFORMATION : 86099887
12:51:07:186 3000 IRP_MJ_SET_INFORMATION : 86099887
12:51:07:186 3000 IRP_MJ_QUERY_EA : 86099887
12:51:07:186 3000 IRP_MJ_SET_EA : 86099887
12:51:07:186 3000 IRP_MJ_FLUSH_BUFFERS : 86099887
12:51:07:186 3000 IRP_MJ_QUERY_VOLUME_INFORMATION : 86099887
12:51:07:186 3000 IRP_MJ_SET_VOLUME_INFORMATION : 86099887
12:51:07:186 3000 IRP_MJ_DIRECTORY_CONTROL : 86099887
12:51:07:186 3000 IRP_MJ_FILE_SYSTEM_CONTROL : 86099887
12:51:07:186 3000 IRP_MJ_DEVICE_CONTROL : 86B4F9D6
12:51:07:186 3000 IRP_MJ_INTERNAL_DEVICE_CONTROL : 86B4F9A8
12:51:07:186 3000 IRP_MJ_SHUTDOWN : 86099887
12:51:07:186 3000 IRP_MJ_LOCK_CONTROL : 86099887
12:51:07:186 3000 IRP_MJ_CLEANUP : 86099887
12:51:07:186 3000 IRP_MJ_CREATE_MAILSLOT : 86099887
12:51:07:186 3000 IRP_MJ_QUERY_SECURITY : 86099887
12:51:07:186 3000 IRP_MJ_SET_SECURITY : 86099887
12:51:07:186 3000 IRP_MJ_POWER : 86B4FA04
12:51:07:186 3000 IRP_MJ_SYSTEM_CONTROL : 86B5CB70
12:51:07:186 3000 IRP_MJ_DEVICE_CHANGE : 86099887
12:51:07:186 3000 IRP_MJ_QUERY_QUOTA : 86099887
12:51:07:186 3000 IRP_MJ_SET_QUOTA : 86099887
12:51:07:186 3000 C:\Windows\system32\drivers\atapi.sys - Verdict: 1
12:51:07:186 3000
12:51:07:186 3000 Driver Name: atapi
12:51:07:186 3000 IRP_MJ_CREATE : 86B610FC
12:51:07:186 3000 IRP_MJ_CREATE_NAMED_PIPE : 86099887
12:51:07:186 3000 IRP_MJ_CLOSE : 86B610FC
12:51:07:186 3000 IRP_MJ_READ : 86099887
12:51:07:186 3000 IRP_MJ_WRITE : 86099887
12:51:07:186 3000 IRP_MJ_QUERY_INFORMATION : 86099887
12:51:07:186 3000 IRP_MJ_SET_INFORMATION : 86099887
12:51:07:186 3000 IRP_MJ_QUERY_EA : 86099887
12:51:07:186 3000 IRP_MJ_SET_EA : 86099887
12:51:07:186 3000 IRP_MJ_FLUSH_BUFFERS : 86099887
12:51:07:186 3000 IRP_MJ_QUERY_VOLUME_INFORMATION : 86099887
12:51:07:186 3000 IRP_MJ_SET_VOLUME_INFORMATION : 86099887
12:51:07:186 3000 IRP_MJ_DIRECTORY_CONTROL : 86099887
12:51:07:186 3000 IRP_MJ_FILE_SYSTEM_CONTROL : 86099887
12:51:07:186 3000 IRP_MJ_DEVICE_CONTROL : 86B4F9D6
12:51:07:186 3000 IRP_MJ_INTERNAL_DEVICE_CONTROL : 86B4F9A8
12:51:07:186 3000 IRP_MJ_SHUTDOWN : 86099887
12:51:07:186 3000 IRP_MJ_LOCK_CONTROL : 86099887
12:51:07:186 3000 IRP_MJ_CLEANUP : 86099887
12:51:07:186 3000 IRP_MJ_CREATE_MAILSLOT : 86099887
12:51:07:186 3000 IRP_MJ_QUERY_SECURITY : 86099887
12:51:07:186 3000 IRP_MJ_SET_SECURITY : 86099887
12:51:07:186 3000 IRP_MJ_POWER : 86B4FA04
12:51:07:186 3000 IRP_MJ_SYSTEM_CONTROL : 86B5CB70
12:51:07:186 3000 IRP_MJ_DEVICE_CHANGE : 86099887
12:51:07:186 3000 IRP_MJ_QUERY_QUOTA : 86099887
12:51:07:186 3000 IRP_MJ_SET_QUOTA : 86099887
12:51:07:186 3000 C:\Windows\system32\drivers\atapi.sys - Verdict: 1
12:51:07:186 3000
12:51:07:186 3000 Completed
12:51:07:186 3000
12:51:07:186 3000 Results:
12:51:07:186 3000 Memory objects infected / cured / cured on reboot: 0 / 0 / 0
12:51:07:186 3000 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
12:51:07:186 3000 File objects infected / cured / cured on reboot: 0 / 0 / 0
12:51:07:186 3000
12:51:07:186 3000 fclose_ex: Trying to close file C:\Windows\system32\config\system
12:51:07:186 3000 fclose_ex: Trying to close file C:\Windows\system32\config\software
12:51:07:232 3000 MyDeleteFileW: MyNtCreateFile (C:\Windows\system32\drivers\klmd.sys) error 32
12:51:07:232 3000 KLMD(ARK) unloaded successfully
----------------------------------------------------------------------------------------------------------------------------------------------My combofix log:
ComboFix 10-04-15.05 - Administrator 04/18/2010 12:59:28.6.4 - x86
Windows Windows Vista™ Extreme Edition 6.0.6001.1.1252.1.1033.18.3326.1740 [GMT -5:00]
Running from: C:\Users\Administrator\Desktop\commy.exe
Command switches used :: C:\Users\Administrator\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
-
ISOBurner (http://www.ntfs.com/iso-burning.htm) this will allow you to burn OTLPE ISO to a cd and make it bootable. Just install the program, from there on in it is fairly automatic. Instructions (http://www.ntfs.com/iso_burner_free.htm)
Second
- Download OTLPE.iso (http://oldtimer.geekstogo.com/OTLPE.iso) and burn to a CD using ISO Burner. NOTE: This file is 292Mb in size so it may take some time to download.
- When downloaded double click and this will then open ISOBurner to burn the file to CD
- Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here (http://www.hiren.info/pages/bios-boot-cdrom)
- Your system should now display a REATOGO-X-PE desktop.
- Double-click on the OTLPE icon.
- When asked "Do you wish to load the remote registry", select Yes
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK
- OTL should now start. Change the following settings
- Change Drivers to Non-Microsoft
- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\_OTL\MovedFiles
- Copy this file to your USB drive if you do not have internet connection on this system
- Please post the contents of the OTL.txt file in your reply.
-
my OTL log:
OTL logfile created on: 4/19/2010 11:51:15 PM - Run
OTLPE by OldTimer - Version 3.1.37.2 Folder = X:\Programs\OTLPE
Windows Vista (TM) Ultimate Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 9.72 Gb Free Space | 6.52% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 464.32 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 163.22 Gb Free Space | 35.04% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 276.80 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto] -- -- (WSearch)
SRV - File not found [On_Demand] -- -- (wbengine)
SRV - File not found [Auto] -- -- (VMware NAT Service)
SRV - File not found [Auto] -- -- (VMnetDHCP)
SRV - File not found [Auto] -- -- (VMAuthdService)
SRV - File not found [On_Demand] -- -- (vds)
SRV - File not found [On_Demand] -- -- (UI0Detect)
SRV - File not found [On_Demand] -- -- (ufad-ws60)
SRV - File not found [On_Demand] -- -- (TrustedInstaller)
SRV - File not found [Auto] -- -- (Stereo Service)
SRV - File not found [On_Demand] -- -- (Steam Client Service)
SRV - File not found [On_Demand] -- -- (SNMPTRAP)
SRV - File not found [Auto] -- -- (slsvc)
SRV - File not found [Auto] -- -- (SandraAgentSrv)
SRV - File not found [Auto] -- -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - File not found [Auto] -- -- (nvsvc)
SRV - File not found [On_Demand] -- -- (NMIndexingService)
SRV - File not found [On_Demand] -- -- (NBService)
SRV - File not found [On_Demand] -- -- (Microsoft Office Groove Audit Service)
SRV - File not found [On_Demand] -- -- (IDriverT)
SRV - File not found [On_Demand] -- -- (FLEXnet Licensing Service)
SRV - File not found [On_Demand] -- -- (Fax)
SRV - File not found [On_Demand] -- -- (ehSched)
SRV - File not found [On_Demand] -- -- (ehRecvr)
SRV - File not found [On_Demand] -- -- (DFSR)
SRV - File not found [Auto] -- -- (CTAudSvcService)
SRV - File not found [Auto] -- -- (CSHelper)
SRV - File not found [On_Demand] -- -- (Creative Audio Engine Licensing Service)
SRV - File not found [On_Demand] -- -- (Creative ALchemy AL6 Licensing Service)
SRV - File not found [Auto] -- -- (AVP)
SRV - [2008/04/04 05:44:51 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2008/04/04 05:42:27 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\System32\svchost.exe -- (gpsvc)
SRV - [2008/04/04 05:42:27 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\System32\svchost.exe -- (ehstart)
SRV - [2008/04/04 05:41:43 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2007/06/28 14:54:44 | 000,151,552 | ---- | M] (SprintNextel) [Auto] -- C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe -- (Access Utility Service)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WmXlCore)
DRV - File not found [Kernel | On_Demand] -- -- (WmVirHid)
DRV - File not found [Kernel | On_Demand] -- -- (WmFilter)
DRV - File not found [Kernel | On_Demand] -- -- (WmBEnum)
DRV - File not found [Kernel | Auto] -- -- (WinRing0_1_2_0)
DRV - File not found [Kernel | Auto] -- -- (WIBUKEY)
DRV - File not found [Kernel | Boot] -- -- (Wdf01000)
DRV - File not found [Kernel | Auto] -- -- (vstor2-ws60)
DRV - File not found [Kernel | Boot] -- -- (volmgrx)
DRV - File not found [Kernel | Boot] -- -- (volmgr)
DRV - File not found [Kernel | Auto] -- -- (vmx86)
DRV - File not found [Kernel | On_Demand] -- -- (vmusb)
DRV - File not found [Kernel | Auto] -- -- (VMparport)
DRV - File not found [Kernel | Auto] -- -- (VMnetuserif)
DRV - File not found [Kernel | Auto] -- -- (VMnetBridge)
DRV - File not found [Kernel | On_Demand] -- -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand] -- -- (vmkbd)
DRV - File not found [Kernel | Auto] -- -- (vmci)
DRV - File not found [Kernel | On_Demand] -- -- (VirtualDK)
DRV - File not found [Kernel | On_Demand] -- -- (V0500Dev)
DRV - File not found [Kernel | On_Demand] -- -- (umbus)
DRV - File not found [Kernel | On_Demand] -- -- (uliagpkx)
DRV - File not found [Kernel | On_Demand] -- -- (tunnel)
DRV - File not found [Kernel | On_Demand] -- -- (tssecsrv)
DRV - File not found [Kernel | On_Demand] -- -- (TotRec7)
DRV - File not found [Kernel | On_Demand] -- -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)
DRV - File not found [Kernel | System] -- -- (tdx)
DRV - File not found [Kernel | Auto] -- -- (tcpipreg)
DRV - File not found [Kernel | On_Demand] -- -- (StillCam)
DRV - File not found [Kernel | On_Demand] -- -- (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM)
DRV - File not found [Kernel | On_Demand] -- -- (sscdmdm)
DRV - File not found [Kernel | On_Demand] -- -- (sscdmdfl)
DRV - File not found [Kernel | On_Demand] -- -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - File not found [File_System | On_Demand] -- -- (srvnet)
DRV - File not found [File_System | On_Demand] -- -- (srv2)
DRV - File not found [Kernel | Boot] -- -- (spldr)
DRV - File not found [Kernel | System] -- -- (Smb)
DRV - File not found [Kernel | On_Demand] -- -- (SANDRA)
DRV - File not found [Kernel | On_Demand] -- -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.0)
DRV - File not found [Kernel | On_Demand] -- -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)
DRV - File not found [Kernel | On_Demand] -- -- (RTL8169)
DRV - File not found [Kernel | Auto] -- -- (rspndr)
DRV - File not found [Kernel | On_Demand] -- -- (RivaTuner32)
DRV - File not found [Kernel | System] -- -- (RDPENCDD)
DRV - File not found [Kernel | On_Demand] -- -- (RasSstp)
DRV - File not found [Kernel | On_Demand] -- -- (QWAVEdrv)
DRV - File not found [Kernel | On_Demand] -- -- (pnetmdm)
DRV - File not found [Kernel | Auto] -- -- (PEAUTH)
DRV - File not found [Kernel | On_Demand] -- -- (PalmUSBD)
DRV - File not found [Kernel | Auto] -- -- (P2k)
DRV - File not found [Kernel | On_Demand] -- -- (nvlddmkm)
DRV - File not found [Kernel | On_Demand] -- -- (nv_agp)
DRV - File not found [Kernel | System] -- -- (nsiproxy)
DRV - File not found [Kernel | On_Demand] -- -- (NativeWifiP)
DRV - File not found [Kernel | On_Demand] -- -- (MsRPC)
DRV - File not found [Kernel | Boot] -- -- (msisadrv)
DRV - File not found [File_System | On_Demand] -- -- (mrxsmb20)
DRV - File not found [File_System | On_Demand] -- -- (mrxsmb10)
DRV - File not found [Kernel | On_Demand] -- -- (mpsdrv)
DRV - File not found [Kernel | On_Demand] -- -- (motmodem)
DRV - File not found [Kernel | On_Demand] -- -- (monitor)
DRV - File not found [Kernel | On_Demand] -- -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand] -- -- (MarvinBus)
DRV - File not found [Kernel | System] -- -- (MagicTune)
DRV - File not found [File_System | Auto] -- -- (luafv)
DRV - File not found [Kernel | Auto] -- -- (lltdio)
DRV - File not found [File_System | Boot] -- -- (Lbd)
DRV - File not found [Kernel | On_Demand] -- -- (klmouflt)
DRV - File not found [Kernel | System] -- -- (KLIM6)
DRV - File not found [File_System | System] -- -- (KLIF)
DRV - File not found [Kernel | Boot] -- -- (klbg)
DRV - File not found [Kernel | System] -- -- (kl1)
DRV - File not found [File_System | System] -- -- (ISODrive)
DRV - File not found [Kernel | On_Demand] -- -- (iScsiPrt)
DRV - File not found [Kernel | Auto] -- -- (hcmon)
DRV - File not found [Kernel | On_Demand] -- -- (hap17v2k)
DRV - File not found [Kernel | On_Demand] -- -- (hap16v2k)
DRV - File not found [Kernel | Boot] -- -- (fvevol)
DRV - File not found [File_System | On_Demand] -- -- (Filetrace)
DRV - File not found [File_System | Boot] -- -- (FileInfo)
DRV - File not found [File_System | On_Demand] -- -- (exfat)
DRV - File not found [Kernel | Boot] -- -- (Ecache)
DRV - File not found [Kernel | On_Demand] -- -- (E1G60) Intel(R)
DRV - File not found [Kernel | On_Demand] -- -- (DXGKrnl)
DRV - File not found [File_System | System] -- -- (DfsC)
DRV - File not found [Kernel | On_Demand] -- -- (CTSBLFX.SYS)
DRV - File not found [Kernel | On_Demand] -- -- (CTERFXFX.SYS)
DRV - File not found [Kernel | On_Demand] -- -- (CTERFXFX)
DRV - File not found [Kernel | On_Demand] -- -- (ctdvda2k)
DRV - File not found [Kernel | On_Demand] -- -- (CTAUDFX.SYS)
DRV - File not found [Kernel | On_Demand] -- -- (CTAUDFX)
DRV - File not found [Kernel | System] -- -- (CSC)
DRV - File not found [Kernel | Boot] -- -- (crcdisk)
DRV - File not found [Kernel | On_Demand] -- -- (COMMONFX.SYS)
DRV - File not found [Kernel | Boot] -- -- (CLFS) Common Log (CLFS)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - File not found [Kernel | On_Demand] -- -- (BrFiltUp)
DRV - File not found [Kernel | On_Demand] -- -- (BrFiltLo)
DRV - File not found [File_System | On_Demand] -- -- (bowser)
DRV - File not found [Kernel | Boot] -- -- (atapi)
DRV - File not found [Kernel | Auto] -- -- (ASTRA32)
DRV - [2009/12/13 16:45:31 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009/05/08 12:42:50 | 000,215,872 | ---- | M] (TrueCrypt Foundation) [Kernel | System] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2009/04/23 12:15:06 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/10/06 12:22:56 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/07/30 22:21:08 | 000,079,960 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- C:\Windows\system32\drivers\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\sisagp.sys -- (sisagp)
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/07/23 10:23:46 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/07/23 10:23:46 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/07/23 10:23:44 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/01/18 16:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/12/12 12:28:26 | 000,052,224 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2006/09/03 10:53:54 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2004/03/17 16:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2002/07/24 01:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/07/18 22:55:42 | 000,643,072 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTSBLFX.DLL -- (CTSBLFX)
DRV - [2002/07/18 22:54:10 | 000,110,592 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\COMMONFX.DLL -- (COMMONFX)
DRV - [2002/07/18 22:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/07/18 22:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/07/18 22:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/07/18 22:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/07/18 22:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002/07/18 22:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\Administrator_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/19 00:27:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/11 22:01:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.21\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt
[2009/10/31 13:09:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/12/03 14:46:05 | 000,061,440 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\FFComm.dll
[2004/07/02 15:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\components\np32asw.dll
[2004/07/02 15:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32asw.dll
Hosts file not found
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll File not found
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll File not found
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll File not found
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll File not found
O3 - HKU\Administrator_ON_E\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe File not found
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe File not found
O4 - HKU\.DEFAULT..\Run: [DevconDefaultDB] C:\Windows\READREG.exe (Creative Technology Limited)
O4 - HKU\Administrator_ON_E..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe File not found
O4 - HKLM..\RunOnce: [Uninstall Adobe Download Manager] File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Administrator_ON_E\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Administrator_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\Administrator_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_E\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_E\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\systemprofile_ON_E\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\NLAapi.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\napinsp.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Player\vsocklib.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Player\vsocklib.dll File not found
O16 - DPF: {7557F5AA-D486-401D-BE55-0163FA78B5B8} https://skyfex.com/download/SkyFexExpert.cab (SkyFex Expert Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll File not found
O22 - SharedTaskScheduler: {73526E5A-FD53-4BE7-B5E2-D3C89D7413DC} - Ave's FolderBg - C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll File not found
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll File not found
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll File not found
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - StardockDreamController - C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll File not found
O24 - Desktop WallPaper: C:\Windows\resources\Themes\GlassGlow\Ginkakuji Default 169.jpg
O24 - Desktop BackupWallPaper: C:\Windows\resources\Themes\GlassGlow\Ginkakuji Default 169.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{1cab8272-e57e-11dd-a7ee-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1cab8272-e57e-11dd-a7ee-806e6f6e6963}\Shell\AutoRun\command - "" = G:\reatogoMenu.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/04/12 22:50:54 | 000,000,000 | ---D | C] -- C:\Windows\XP
[2008/10/02 21:45:31 | 000,065,536 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/10/18 20:54:31 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008/12/14 22:56:43 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2008/12/11 17:11:17 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008/11/12 21:53:48 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2008/10/28 19:40:48 | 000,173,552 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008/10/25 19:48:25 | 000,000,204 | ---- | C] () -- C:\Windows\RtlRack.ini
[2008/10/22 19:35:38 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/10/22 19:35:38 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008/10/22 19:35:01 | 000,000,225 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2008/10/22 19:35:01 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2008/10/22 19:34:12 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2008/10/22 19:34:12 | 000,000,086 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2008/10/22 19:33:18 | 000,031,567 | ---- | C] () -- C:\Windows\maxlink.ini
[2008/10/19 22:07:31 | 000,000,000 | ---- | C] () -- C:\Windows\ATIMMC.INI
[2008/10/18 15:07:56 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008/10/04 20:07:17 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008/10/02 21:45:57 | 000,000,000 | ---- | C] () -- C:\Windows\SBWIN.INI
[2008/10/02 21:45:48 | 000,000,231 | ---- | C] () -- C:\Windows\AC3API.INI
[2008/10/02 21:45:35 | 000,037,727 | ---- | C] () -- C:\Windows\System32\Emu10kx.ini
[2008/10/02 21:45:35 | 000,000,029 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2008/10/02 21:45:27 | 000,000,180 | ---- | C] () -- C:\Windows\System32\KILL.INI
[2008/10/02 21:42:46 | 000,000,073 | ---- | C] () -- C:\Windows\wb.ini
[2008/10/02 21:34:03 | 000,363,520 | ---- | C] () -- C:\Windows\System32\psisdecd.dll
[2008/06/11 11:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/06/11 11:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/06/11 11:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/06/11 11:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/06/11 11:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/06/11 11:02:34 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/06/11 11:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/06/11 11:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/06/11 11:02:32 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/06/05 10:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/06/01 03:13:10 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2008/04/23 20:34:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2007/03/12 14:01:30 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2007/01/31 15:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/05/18 10:56:29 | 001,703,936 | ---- | C] () -- C:\Windows\System32\nvwdmcpl.dll
[2006/05/18 10:56:29 | 001,019,904 | ---- | C] () -- C:\Windows\System32\nvwimg.dll
[2006/05/18 10:56:25 | 000,466,944 | ---- | C] () -- C:\Windows\System32\nvshell.dll
[2006/05/18 10:56:21 | 001,486,848 | ---- | C] () -- C:\Windows\System32\nview.dll
[2006/05/18 10:56:21 | 000,286,720 | ---- | C] () -- C:\Windows\System32\nvnt4cpl.dll
[2006/05/18 10:56:20 | 000,573,440 | ---- | C] () -- C:\Windows\System32\nvhwvid.dll
[2004/10/15 20:31:56 | 000,218,264 | ---- | C] () -- C:\Windows\System32\SetAid.dll
[2004/01/28 12:42:06 | 000,066,560 | ---- | C] () -- C:\Windows\System32\atiyuv12.dll
[2004/01/28 12:42:06 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2004/01/28 12:42:06 | 000,013,601 | ---- | C] () -- C:\Windows\System32\vctest.ini
[2003/01/03 13:07:20 | 000,589,824 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2002/05/15 20:38:40 | 000,091,136 | ---- | C] () -- C:\Windows\System32\mp4fil32.dll
[2002/05/04 10:19:00 | 000,049,152 | ---- | C] () -- C:\Windows\System32\avisynthEx.dll
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
========== LOP Check ==========
========== Purity Check ==========
< End of report >
-
Please re-boot in Normal Mode and run this scan.
Download GMER Rootkit Detector (http://majorgeeks.com/GMER_d5198.html) and save it your desktop.
* Extract it to your desktop and double-click GMER.exe
* Make sure all of the boxes on the right of the screen are checked, EXCEPT for "Show All".
* Click the Rootkit tab and then Scan.
* Don't check the Show All box while scanning in progress!
* When scanning is finished click Copy.
* This copies the log to clipboard
* Post the log in your reply.
-
I cannot get GMER to complete the scan. It keeps crashing, which locks up my computer until I reboot.
-
That is weird. Let's try to run this one to see what's happening with your computer.
Download WhoCrashed (http://www.resplendence.com/download/whocrashedSetup.exe) from here
This program checks for any drivers which may have been causing your computer to crash....
Click on the file you just downloaded and run it.
Put a tick in Accept then click on Next
Put a tick in the Don't create a start menu folder then click Next
Put a tick in Create a Desktop Icon then click on Install and make sure there is a tick in Launch Whocrashed before clicking Finish
Click Analyze
It will want to download the Debugger and install it say Yes
WhoCrashed will create report but you have to scroll down to see it
Copy and paste it into your next reply
-
Sorry, should have been more specific.
When I said "It keeps crashing" I meant GMER.exe stops responding, not that the PC crashes or bluescreens, however, when GMER.exe stops responding the PC completely locks up so I must reboot.
Nevertheless here is my whocrashed log, note the last time is 4/17/10 from when I was trying to run combofix , nothing from yesterday or today.
Analysis
--------------------------------------------------------------------------------
Crash dump directory: C:\Windows\Minidump
Crash dumps are enabled on your computer.
On Sat 4/17/2010 4:06:09 PM your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000007E (0xC0000005, 0x860A8EB3, 0x807B0858, 0x807B0554)
Error: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
Dump file: C:\Windows\Minidump\Mini041710-01.dmp
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.
On Fri 4/16/2010 3:57:52 AM your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000007E (0xC0000005, 0x860DAEB3, 0x807BC858, 0x807BC554)
Error: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
Dump file: C:\Windows\Minidump\Mini041610-03.dmp
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.
On Fri 4/16/2010 3:40:38 AM your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000007E (0xC0000005, 0x860A8EB3, 0x807B0858, 0x807B0554)
Error: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
Dump file: C:\Windows\Minidump\Mini041610-02.dmp
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.
On Fri 4/16/2010 3:27:04 AM your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000007E (0xC0000005, 0x860D4EB3, 0x807B8858, 0x807B8554)
Error: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
Dump file: C:\Windows\Minidump\Mini041610-01.dmp
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit is in another driver on your system which cannot be identified at this time.
-
I know it's frustrating but please try this:
Launch GMER and in the right panel, untick all except the following:- Modules
- Processes
- Libraries
- Services
- Show All
Then click the scan button & show me the log it produces.
-
I know it's frustrating but please try this:
Yes it's quite frustrating, but I sincerely appreciate all the help you have given me so far and hopefully we can resolve the problem.
I was able to run the scan and get a log, the system freezes up about 5 seconds after the scan completes, but some very fast copy and paste and save and I was able to get the log.
The log you requested: (broken up due to 50000 character limit)
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-23 14:25:28
Windows 6.0.6001 Service Pack 1
Running: gmer.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\pggdikod.sys
---- Modules - GMER 1.0.15 ----
Module \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 85E06000-861BF000 (3903488 bytes)
Module \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 861BF000-861F2000 (208896 bytes)
Module \SystemRoot\system32\kdcom.dll (Kernel Debugger HW Extension DLL/Microsoft Corporation) 80602000-8060A000 (32768 bytes)
Module \SystemRoot\system32\mcupdate_GenuineIntel.dll (Intel Microcode Update Library/Microsoft Corporation) 8060A000-8066A000 (393216 bytes)
Module \SystemRoot\system32\PSHED.dll (Platform Specific Hardware Error Driver/Microsoft Corporation) 8066A000-8067B000 (69632 bytes)
Module \SystemRoot\system32\BOOTVID.dll (VGA Boot Driver/Microsoft Corporation) 8067B000-80683000 (32768 bytes)
Module \SystemRoot\system32\CLFS.SYS (Common Log File System Driver/Microsoft Corporation) 80683000-806C4000 (266240 bytes)
Module \SystemRoot\system32\CI.dll (Code Integrity Module/Microsoft Corporation) 806C4000-807A4000 (917504 bytes)
Module \SystemRoot\system32\drivers\klbg.sys (Kaspersky Lab Boot Guard Driver/Kaspersky Lab) 807A4000-807B1000 (53248 bytes)
Module \SystemRoot\system32\drivers\Wdf01000.sys (WDF Dynamic/Microsoft Corporation) 86809000-86885000 (507904 bytes)
Module \SystemRoot\system32\drivers\WDFLDR.SYS (WDFLDR/Microsoft Corporation) 86885000-86892000 (53248 bytes)
Module \SystemRoot\system32\drivers\acpi.sys (ACPI Driver for NT/Microsoft Corporation) 86892000-868D8000 (286720 bytes)
Module \SystemRoot\system32\drivers\WMILIB.SYS (WMILIB WMI support library Dll/Microsoft Corporation) 868D8000-868E1000 (36864 bytes)
Module \SystemRoot\system32\drivers\msisadrv.sys (ISA Driver/Microsoft Corporation) 868E1000-868E9000 (32768 bytes)
Module \SystemRoot\system32\drivers\pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) 868E9000-86910000 (159744 bytes)
Module \SystemRoot\System32\drivers\partmgr.sys (Partition Management Driver/Microsoft Corporation) 86910000-8691F000 (61440 bytes)
Module \SystemRoot\system32\drivers\volmgr.sys (Volume Manager Driver/Microsoft Corporation) 8691F000-8692E000 (61440 bytes)
Module \SystemRoot\System32\drivers\volmgrx.sys (Volume Manager Extension Driver/Microsoft Corporation) 8692E000-86978000 (303104 bytes)
Module \SystemRoot\system32\drivers\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) 86978000-8697F000 (28672 bytes)
Module \SystemRoot\system32\drivers\PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation) 8697F000-8698D000 (57344 bytes)
Module \SystemRoot\System32\drivers\mountmgr.sys (Mount Point Manager/Microsoft Corporation) 8698D000-8699D000 (65536 bytes)
Module \SystemRoot\system32\drivers\atapi.sys (ATAPI IDE Miniport Driver/Microsoft Corporation) 8699D000-869A5000 (32768 bytes)
Module \SystemRoot\system32\drivers\ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) 869A5000-869C3000 (122880 bytes)
Module \SystemRoot\system32\DRIVERS\jraid.sys (JMicron JMB36X RAID Driver/JMicron Technology Corp.) 869C3000-869DB000 (98304 bytes)
Module \SystemRoot\system32\DRIVERS\SCSIPORT.SYS (SCSI Port Driver/Microsoft Corporation) 807B1000-807D7000 (155648 bytes)
Module \SystemRoot\system32\drivers\fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) 86A0C000-86A3E000 (204800 bytes)
Module \SystemRoot\system32\drivers\fileinfo.sys (FileInfo Filter Driver/Microsoft Corporation) 86A3E000-86A4E000 (65536 bytes)
Module \SystemRoot\system32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) 86A4E000-86A57000 (36864 bytes)
Module \SystemRoot\System32\Drivers\ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation) 86A57000-86AC8000 (462848 bytes)
Module \SystemRoot\system32\drivers\ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) 86AC8000-86BD3000 (1093632 bytes)
Module \SystemRoot\system32\drivers\msrpc.sys (Kernel Remote Procedure Call Provider/Microsoft Corporation) 86BD3000-86BFE000 (176128 bytes)
Module \SystemRoot\system32\drivers\NETIO.SYS (Network I/O Subsystem/Microsoft Corporation) 86C05000-86C3F000 (237568 bytes)
Module \SystemRoot\System32\drivers\tcpip.sys (TCP/IP Driver/Microsoft Corporation) 86C3F000-86D28000 (954368 bytes)
Module \SystemRoot\System32\drivers\fwpkclnt.sys (FWP/IPsec Kernel-Mode API/Microsoft Corporation) 86D28000-86D43000 (110592 bytes)
Module \SystemRoot\System32\Drivers\Ntfs.sys (NT File System Driver/Microsoft Corporation) 86E00000-86F0F000 (1110016 bytes)
Module \SystemRoot\system32\drivers\volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) 86F0F000-86F48000 (233472 bytes)
Module \SystemRoot\System32\Drivers\spldr.sys (loader for security processor/Microsoft Corporation) 86F48000-86F50000 (32768 bytes)
Module \SystemRoot\System32\Drivers\mup.sys (Multiple UNC Provider driver/Microsoft Corporation) 86F50000-86F5F000 (61440 bytes)
Module \SystemRoot\System32\drivers\ecache.sys (Special Memory Device Cache/Microsoft Corporation) 86F5F000-86F86000 (159744 bytes)
Module \SystemRoot\System32\DRIVERS\fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) 86F86000-86FAA000 (147456 bytes)
Module \SystemRoot\system32\drivers\disk.sys (PnP Disk Driver/Microsoft Corporation) 86FAA000-86FBB000 (69632 bytes)
Module \SystemRoot\system32\drivers\CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation) 86FBB000-86FDC000 (135168 bytes)
Module \SystemRoot\system32\drivers\crcdisk.sys (Disk Block Verification Filter Driver/Microsoft Corporation) 86FDC000-86FE5000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\tunnel.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) 86D5C000-86D67000 (45056 bytes)
Module \SystemRoot\system32\drivers\TotRec7.sys (Total Recorder WDM audio driver/High Criteria inc.) 86D67000-86D8F000 (163840 bytes)
Module \SystemRoot\system32\drivers\portcls.sys (Port Class (Class Driver for Port/Miniport Devices)/Microsoft Corporation) 86D8F000-86DBC000 (184320 bytes)
Module \SystemRoot\system32\drivers\drmk.sys (Microsoft Kernel DRM Descrambler Filter/Microsoft Corporation) 86DBC000-86DE1000 (151552 bytes)
Module \SystemRoot\system32\drivers\ks.sys (Kernel CSA Library/Microsoft Corporation) 95A0E000-95A38000 (172032 bytes)
Module \SystemRoot\system32\DRIVERS\tunmp.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) 95A38000-95A41000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\intelppm.sys (Processor Device Driver/Microsoft Corporation) 95A41000-95A50000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\nvlddmkm.sys (NVIDIA Windows Kernel Mode Driver, Version 191.07 /NVIDIA Corporation) 95C04000-96515000 (9506816 bytes)
Module \SystemRoot\system32\DRIVERS\nvBridge.kmd (NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 191.07 /NVIDIA Corporation) 96515000-96517000 (8192 bytes)
Module \SystemRoot\System32\drivers\dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) 96517000-965B6000 (651264 bytes)
Module \SystemRoot\System32\drivers\watchdog.sys (Watchdog Driver/Microsoft Corporation) 965B6000-965C3000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) 965C3000-965CE000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) 95A50000-95A8E000 (253952 bytes)
Module \SystemRoot\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) 965CE000-965DD000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver/Microsoft Corporation) 965DD000-965EF000 (73728 bytes)
Module \SystemRoot\system32\DRIVERS\Rtlh86.sys (Realtek 8136/8168/8169 NDIS6 32-bit Driver /Realtek ) 95A8E000-95AD0000 (270336 bytes)
Module \SystemRoot\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) 965EF000-965FA000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\serial.sys (Serial Device Driver/Microsoft Corporation) 95AD0000-95AEA000 (106496 bytes)
Module \SystemRoot\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) 95AEA000-95AF4000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\parport.sys (Parallel Port Driver/Microsoft Corporation) 95AF4000-95B0C000 (98304 bytes)
Module \SystemRoot\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) 95B0C000-95B24000 (98304 bytes)
Module \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) 95B24000-95B2E000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\serscan.sys (Serial Imaging Device Driver/Microsoft Corporation) 95B2E000-95B36000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\msiscsi.sys (Microsoft iSCSI Initiator Driver/Microsoft Corporation) 95B36000-95B64000 (188416 bytes)
Module \SystemRoot\system32\DRIVERS\storport.sys (Microsoft Storage Port Driver/Microsoft Corporation) 95B64000-95BA5000 (266240 bytes)
Module \SystemRoot\system32\DRIVERS\TDI.SYS (TDI Wrapper/Microsoft Corporation) 95BA5000-95BB0000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) 95BB0000-95BC7000 (94208 bytes)
Module \SystemRoot\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) 95BC7000-95BD2000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) 95BD2000-95BF5000 (143360 bytes)
Module \SystemRoot\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) 86DE1000-86DF0000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) 869DB000-869EF000 (81920 bytes)
Module \SystemRoot\system32\DRIVERS\rassstp.sys (RAS SSTP Miniport Call Manager/Microsoft Corporation) 807D7000-807EC000 (86016 bytes)
Module \SystemRoot\System32\Drivers\pcouffin.sys (low level access layer for CD/DVD/BD devices/VSO Software) 95A00000-95A0C000 (49152 bytes)
Module \SystemRoot\system32\DRIVERS\pnetmdm.sys (PdaNet Driver/June Fabrics Technology) 965FA000-965FD000 (12288 bytes)
Module \SystemRoot\system32\drivers\modem.sys (Modem Device Driver/Microsoft Corporation) 86DF0000-86DFD000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) 96802000-9688B000 (561152 bytes)
Module \SystemRoot\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) 9688B000-9689B000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) 9689B000-968A6000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) 968A6000-968B1000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) 968B1000-968B3000 (8192 bytes)
Module \SystemRoot\system32\drivers\WmBEnum.sys (Logitech WingMan Virtual Bus Enumerator Driver/Logitech Inc.) 968B3000-968B7000 (16384 bytes)
Module \SystemRoot\system32\drivers\WmXlCore.sys (Logitech WingMan Translation Driver/Logitech Inc.) 968B7000-968C2000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) 968C2000-968CC000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\umbus.sys (User-Mode Bus Enumerator/Microsoft Corporation) 968CC000-968D9000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) 968D9000-9690D000 (212992 bytes)
Module \SystemRoot\system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation) 9690D000-96917000 (40960 bytes)
Module \SystemRoot\System32\Drivers\NDProxy.SYS (NDIS Proxy/Microsoft Corporation) 96917000-96928000 (69632 bytes)
Module \SystemRoot\system32\drivers\HdAudio.sys (High Definition Audio Function Driver/Microsoft Corporation) 96928000-96967000 (258048 bytes)
Module \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) 96967000-969B8000 (331776 bytes)
Module \SystemRoot\System32\Drivers\Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) 969B8000-969C1000 (36864 bytes)
Module \SystemRoot\System32\Drivers\Null.SYS (NULL Driver/Microsoft Corporation) 969C1000-969C8000 (28672 bytes)
Module \SystemRoot\System32\Drivers\Beep.SYS (BEEP Driver/Microsoft Corporation) 969C8000-969CF000 (28672 bytes)
Module \SystemRoot\system32\drivers\MTiCtwl.sys (MagicTunePremium Driver/Samsung Electronics, Inc. ) 969CF000-969D8000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\HIDPARSE.SYS (Hid Parsing Library/Microsoft Corporation) 969E1000-969E8000 (28672 bytes)
Module \SystemRoot\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) 969E8000-969F4000 (49152 bytes)
Module \SystemRoot\System32\drivers\VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) 96A05000-96A26000 (135168 bytes)
Module \SystemRoot\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) 96A26000-96A2E000 (32768 bytes)
Module \SystemRoot\system32\drivers\rdpencdd.sys (RDP Miniport/Microsoft Corporation) 96A2E000-96A36000 (32768 bytes)
Module \SystemRoot\System32\Drivers\Msfs.SYS (Mailslot driver/Microsoft Corporation) 96A36000-96A41000 (45056 bytes)
Module \SystemRoot\System32\Drivers\Npfs.SYS (NPFS Driver/Microsoft Corporation) 96A41000-96A4F000 (57344 bytes)
Module \SystemRoot\System32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) 96A4F000-96A58000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\tdx.sys (TDI Translation Driver/Microsoft Corporation) 96A58000-96A6E000 (90112 bytes)
Module \SystemRoot\system32\DRIVERS\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) 96C00000-97120000 (5373952 bytes)
Module \SystemRoot\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) 97120000-97129000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\HIDCLASS.SYS (Hid Class Library/Microsoft Corporation) 97129000-97139000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\USBD.SYS (Universal Serial Bus Driver/Microsoft Corporation) 97139000-9713B000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) 9713B000-97143000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\klmouflt.sys (KLMOUFLT Mouse Device Filter [fre_wlh_x86]/Kaspersky Lab) 97143000-9714C000 (36864 bytes)
Module \Sys
-
---- Processes - GMER 1.0.15 ----
Process System Idle 0
Process System 4
Process C:\Windows\System32\smss.exe (Windows Session Manager/Microsoft Corporation) 516
Library C:\Windows\System32\smss.exe (Windows Session Manager/Microsoft Corporation) 0x475D0000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Process C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 584
Library C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 0x4A0F0000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\CSRSRV.dll (Client Server Runtime Process/Microsoft Corporation) 0x758B0000
Library C:\Windows\system32\basesrv.dll (Windows NT BASE API Server DLL/Microsoft Corporation) 0x75890000
Library C:\Windows\system32\winsrv.dll (Multi-User Windows Server DLL/Microsoft Corporation) 0x75830000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\KERNEL32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x756D0000
Process C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 644
Library C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 0x4A0F0000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\CSRSRV.dll (Client Server Runtime Process/Microsoft Corporation) 0x758B0000
Library C:\Windows\system32\basesrv.dll (Windows NT BASE API Server DLL/Microsoft Corporation) 0x75890000
Library C:\Windows\system32\winsrv.dll (Multi-User Windows Server DLL/Microsoft Corporation) 0x75830000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\KERNEL32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x756D0000
Process C:\Windows\system32\wininit.exe (Windows Start-Up Application/Microsoft Corporation) 652
Library C:\Windows\system32\wininit.exe (Windows Start-Up Application/Microsoft Corporation) 0x00BA0000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75790000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x74F80000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x74C40000
Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75060000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75090000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Process C:\Windows\system32\services.exe (Services and Controller app/Microsoft Corporation) 688
Library C:\Windows\system32\services.exe (Services and Controller app/Microsoft Corporation) 0x00FB0000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\SCESRV.dll (Windows Security Configuration Editor Engine/Microsoft Corporation) 0x75740000
Library C:\Windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x757D0000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\NCObjAPI.DLL (Microsoft Corporation) 0x757C0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75090000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75790000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x74F80000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x74C40000
Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75060000
Process C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) 704
Library C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) 0x00870000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\LSASRV.dll (LSA Server DLL/Microsoft Corporation) 0x75510000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\SAMSRV.dll (SAM Server DLL/Microsoft Corporation) 0x75490000
Library C:\Windows\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x75470000
Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation)
-
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\SHSVCS.dll (Windows Shell Services Dll/Microsoft Corporation) 0x73C10000
Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x74830000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\system32\WindowsCodecs.dll (Microsoft Windows Codecs Library/Microsoft Corporation) 0x739A0000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75260000
Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x753A0000
Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 924
Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00940000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library c:\windows\system32\umpnpmgr.dll (User-mode Plug-and-Play Service/Microsoft Corporation) 0x74C00000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\system32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74C60000
Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x74EE0000
Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75260000
Library c:\windows\system32\rpcss.dll (Distributed COM Services/Microsoft Corporation) 0x74AE0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x74B90000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75090000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x74770000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x750A0000
Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75790000
Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Process C:\Windows\system32\nvvsvc.exe (NVIDIA Driver Helper Service, Version 191.07/NVIDIA Corporation) 972
Library C:\Windows\system32\nvvsvc.exe (NVIDIA Driver Helper Service, Version 191.07/NVIDIA Corporation) 0x00400000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75790000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1000
Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00940000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library c:\windows\system32\rpcss.dll (Distributed COM Services/Microsoft Corporation) 0x74AE0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x74B90000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75090000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x74F80000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x74C40000
Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75060000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x73570000
Process C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1068
Library C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00940000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
-
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\System32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x74AB0000
Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x75C40000
Library C:\Windows\System32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\System32\audioses.dll (Audio Session/Microsoft Corporation) 0x73E00000
Library C:\Windows\System32\audioeng.dll (Audio Engine/Microsoft Corporation) 0x73D90000
Library C:\Windows\System32\AVRT.dll (Multimedia Realtime Runtime/Microsoft Corporation) 0x74790000
Library c:\windows\system32\lmhsvc.dll (TCPIP NetBios Transport Services DLL/Microsoft Corporation) 0x73AB0000
Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x751F0000
Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x751A0000
Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75170000
Process C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1172
Library C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00940000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\System32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\System32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library c:\windows\system32\audiosrv.dll (Windows Audio Service/Microsoft Corporation) 0x743A0000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library c:\windows\system32\MMDevAPI.DLL (MMDevice API/Microsoft Corporation) 0x747D0000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library c:\windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Library c:\windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x750A0000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\System32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x74AB0000
Library C:\Windows\System32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\System32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\System32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Windows\System32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x75C40000
Library c:\windows\system32\cscsvc.dll (CSC Service DLL/Microsoft Corporation) 0x73C90000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library c:\windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x753A0000
Library C:\Windows\System32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\System32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x74EE0000
Library C:\Windows\System32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75260000
Library c:\windows\system32\uxsms.dll (Microsoft User Experience Session Management Service/Microsoft Corporation) 0x73C60000
Library c:\windows\system32\tabsvc.dll (Microsoft Tablet PC Input Service/Microsoft Corporation) 0x73A90000
Library c:\windows\system32\HID.DLL (Hid User Library/Microsoft Corporation) 0x73C80000
Library c:\windows\system32\wudfsvc.dll (Windows Driver Foundation - User-mode Driver Framework Service/Microsoft Corporation) 0x73C00000
Library c:\windows\system32\WUDFPlatform.dll (Windows Driver Foundation - User-mode Platform Library/Microsoft Corporation) 0x73A60000
Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library c:\windows\system32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x75220000
Library C:\Windows\System32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75790000
Library c:\windows\system32\emdmgmt.dll (ReadyBoost Service/Microsoft Corporation) 0x6F2A0000
Library c:\windows\system32\WDSCORE.dll (Panther Engine Module/Microsoft Corporation) 0x70930000
Library c:\windows\system32\SLWGA.dll (Software Licensing WGA API/Microsoft Corporation) 0x732C0000
Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x760D0000
Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x76460000
Library c:\windows\system32\hidserv.dll (HID Service/Microsoft Corporation) 0x740C0000
Library c:\windows\system32\netman.dll (Network Connections Manager/Microsoft Corporation) 0x6F180000
Library c:\windows\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x6F370000
Library c:\windows\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x6F350000
Library c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation) 0x6F140000
Library c:\windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74380000
Library c:\windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x74080000
Library c:\windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x74040000
Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x751A0000
Library c:\windows\system32\pcasvc.dll (Program Compatibility Assistant Service/Microsoft Corporation) 0x6F340000
Library c:\windows\system32\sysmain.dll (Superfetch Service Host/Microsoft Corporation) 0x6E8E0000
Library c:\windows\system32\trkwks.dll (Distributed Link Tracking Client/Microsoft Corporation) 0x6F010000
Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75090000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library c:\windows\system32\wpdbusenum.dll (Portable Device Enumerator/Microsoft Corporation) 0x6E8C0000
Library C:\Windows\system32\PortableDeviceApi.dll (Windows Portable Device API Components/Microsoft Corporation) 0x6E660000
Library C:\Windows\System32\netshell.dll (Network Connections Shell/Microsoft Corporation) 0x6CE50000
Library C:\Windows\System32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x751F0000
Library C:\Windows\System32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library C:\Windows\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library C:\Windows\System32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75170000
Library C:\Windows\System32\nlaapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74030000
Library C:\Windows\System32\RASDLG.dll (Remote Access Common Dialog API/Microsoft Corporation) 0x6D5E0000
Library C:\Windows\System32\MPRAPI.dll (Windows NT MP Router Administration DLL/Microsoft Corporation) 0x6DBD0000
Library C:\Windows\System32\ACTIVEDS.dll (ADs Router Layer DLL/Microsoft Corporation) 0x733F0000
Library C:\Windows\System32\adsldpc.dll (ADs LDAP Provider C DLL/Microsoft Corporation) 0x733B0000
Library C:\Windows\System32\credui.dll (Credential Manager User Interface/Microsoft Corporation) 0x73380000
Library C:\Windows\System32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x73D70000
Library C:\Windows\system32\cscobj.dll (In-proc COM object used by clients of CSC API/Microsoft Corporation) 0x6D160000
Library C:\Windows\system32\CSCAPI.dll (Offline Files Win32 API/Microsoft Corporation) 0x719F0000
Library C:\Windows\System32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x6DEB0000
Library C:\Windows\System32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x73510000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x74F80000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x74C40000
Library C:\Windows\system32\upnp.dll (UPnP Control Point API/Microsoft Corporation) 0x6C630000
Library C:\Windows\system32\SSDPAPI.dll (SSDP Client API DLL/Microsoft Corporation) 0x70920000
Library C:\Windows\System32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x756D0000
Library C:\Windows\System32\msxml3.dll (MSXML 3.0 SP10/Microsoft Corporation) 0x70FE0000
Library C:\Windows\system32\netcfgx.dll (Network Configuration Objects/Microsoft Corporation) 0x6E240000
Library C:\Windows\System32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x74770000
Library C:\Windows\system32\wbem\wbemprox.dll (WMI/Microsoft Corporation) 0x6E7A0000
Library C:\Windows\system32\wbemcomn.dll (WMI/Microsoft Corporation) 0x6E6B0000
Library C:\Windows\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x6E230000
Library C:\Windows\system32\wbem\fastprox.dll (WMI Custom Marshaller/Microsoft Corporation) 0x6DC90000
Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x753E0000
Library C:\Windows\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) &
-
Library C:\Windows\system32\RESUTILS.DLL (Microsoft Cluster Resource Utility DLL/Microsoft Corporation) 0x73670000
Library C:\Windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x73F20000
Library C:\Windows\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x756D0000
Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75790000
Library C:\Windows\system32\tschannel.dll (Task Scheduler Proxy/Microsoft Corporation) 0x72E90000
Library C:\Windows\system32\ACTXPRXY.DLL (ActiveX Interface Marshaling Library/Microsoft Corporation) 0x71840000
Library c:\windows\system32\browser.dll (Computer Browser Service DLL/Microsoft Corporation) 0x74360000
Library c:\windows\system32\aelupsvc.dll (Application Experience Service/Microsoft Corporation) 0x74390000
Library c:\windows\system32\ikeext.dll (IKE extension/Microsoft Corporation) 0x6F230000
Library c:\windows\system32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x73570000
Library C:\Windows\system32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x75120000
Library C:\Windows\system32\BCRYPT.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x750D0000
Library c:\windows\system32\seclogon.dll (Secondary Logon Service DLL/Microsoft Corporation) 0x6F120000
Library c:\windows\system32\wbem\wmisvc.dll (WMI/Microsoft Corporation) 0x6E7E0000
Library C:\Windows\system32\wbemcomn.dll (WMI/Microsoft Corporation) 0x6E6B0000
Library c:\windows\system32\iphlpsvc.dll (Service that offers IPv6 connectivity over an IPv4 network./Microsoft Corporation) 0x6E1E0000
Library c:\windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74380000
Library c:\windows\system32\sqmapi.dll (SQM Client/Microsoft Corporation) 0x6E890000
Library c:\windows\system32\rasmans.dll (Remote Access Connection Manager/Microsoft Corporation) 0x6E2A0000
Library C:\Windows\system32\rastapi.dll (Remote Access TAPI Compliance Layer/Microsoft Corporation) 0x6EF20000
Library C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation) 0x6F140000
Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x74080000
Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x74040000
Library C:\Windows\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x74770000
Library C:\Windows\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x6DEB0000
Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x74EE0000
Library C:\Windows\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x73510000
Library C:\Windows\system32\VSSAPI.DLL (Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL/Microsoft Corporation) 0x6F3C0000
Library C:\Windows\system32\vsstrace.dll (Microsoft® Volume Shadow Copy Requestor/Writer tracing DLL/Microsoft Corporation) 0x74340000
Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x747A0000
Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x753A0000
Library C:\Windows\system32\wbem\wbemcore.dll (Windows Management Instrumentation/Microsoft Corporation) 0x6DD30000
Library C:\Windows\system32\wbem\esscli.dll (WMI/Microsoft Corporation) 0x6DE60000
Library C:\Windows\system32\wbem\FastProx.dll (WMI Custom Marshaller/Microsoft Corporation) 0x6DC90000
Library C:\Windows\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x6E230000
Library C:\Windows\system32\wbem\wmiutils.dll (WMI/Microsoft Corporation) 0x6DE40000
Library C:\Windows\system32\wbem\repdrvfs.dll (WMI Repository Driver/Microsoft Corporation) 0x6DC40000
Library C:\Windows\system32\rasppp.dll (Remote Access PPP/Microsoft Corporation) 0x6DBF0000
Library C:\Windows\system32\MPRAPI.dll (Windows NT MP Router Administration DLL/Microsoft Corporation) 0x6DBD0000
Library C:\Windows\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x6F370000
Library C:\Windows\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x6F350000
Library C:\Windows\system32\kerberos.dll (Kerberos Security Package/Microsoft Corporation) 0x74FC0000
Library C:\Windows\system32\RASQEC.DLL (RAS Quarantine Enforcement Client/Microsoft Corporation) 0x6DBB0000
Library C:\Windows\system32\QUtil.dll (Quarantine Utilities/Microsoft Corporation) 0x6DB90000
Library C:\Windows\system32\wbem\wmiprvsd.dll (WMI/Microsoft Corporation) 0x6DA90000
Library C:\Windows\system32\NCObjAPI.DLL (Microsoft Corporation) 0x757C0000
Library C:\Windows\System32\raschap.dll (Remote Access PPP CHAP/Microsoft Corporation) 0x6DA40000
Library C:\Windows\System32\rastls.dll (Remote Access PPP EAP-TLS/Microsoft Corporation) 0x6DB10000
Library C:\Windows\system32\CRYPTUI.dll (Microsoft Trust UI Provider/Microsoft Corporation) 0x6F650000
Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74B70000
Library C:\Windows\system32\WinSCard.dll (Microsoft Smart Card API/Microsoft Corporation) 0x6DB70000
Library C:\Windows\system32\wbem\wbemess.dll (WMI/Microsoft Corporation) 0x6D980000
Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x713C0000
Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x711D0000
Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x71200000
Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000
Library C:\Windows\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x72EA0000
Library C:\Windows\system32\wbem\ncprov.dll (Non-COM WMI Event Provision APIs/Microsoft Corporation) 0x6CE00000
Library C:\Windows\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x74F40000
Process C:\Windows\system32\AUDIODG.EXE (Windows Audio Device Graph Isolation /Microsoft Corporation) 1320
Library C:\Windows\system32\AUDIODG.EXE (Windows Audio Device Graph Isolation /Microsoft Corporation) 0x00A30000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\System32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\System32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\System32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\System32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\System32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\System32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\System32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\System32\MMDevAPI.DLL (MMDevice API/Microsoft Corporation) 0x747D0000
Library C:\Windows\System32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\System32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\System32\audioses.dll (Audio Session/Microsoft Corporation) 0x73E00000
Library C:\Windows\System32\audioeng.dll (Audio Engine/Microsoft Corporation) 0x73D90000
Library C:\Windows\System32\AVRT.dll (Multimedia Realtime Runtime/Microsoft Corporation) 0x74790000
Library C:\Windows\System32\audiokse.dll (Audio Ks Endpoint/Microsoft Corporation) 0x73B20000
Library C:\Windows\System32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\System32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\System32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\System32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Windows\System32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\System32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x74AB0000
Library C:\Windows\System32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x75C40000
Library C:\Windows\System32\ksuser.dll (User CSA Library/Microsoft Corporation) 0x74B80000
Process C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Audio Service/Creative Technology Ltd) 1348
Library C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Audio Service/Creative Technology Ltd) 0x00400000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73ED0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\DSOUND.dll (DirectSound/Microsoft Corporation) 0x73E60000
Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x74080000
Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/
-
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x74830000
Library C:\Windows\system32\IMM32.dll (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\dwmredir.dll (Microsoft Desktop Window Manager Redirection Component/Microsoft Corporation) 0x732D0000
Library C:\Windows\system32\SLWGA.dll (Software Licensing WGA API/Microsoft Corporation) 0x732C0000
Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x760D0000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x76460000
Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75260000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\milcore.dll (Microsoft MIL Core Library/Microsoft Corporation) 0x730D0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\d3d9.dll (Microsoft Direct3D/Microsoft Corporation) 0x72F10000
Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\system32\d3d8thk.dll (Microsoft Direct3D OS Thunk Layer/Microsoft Corporation) 0x72F00000
Library C:\Windows\system32\dwmapi.dll (Microsoft Desktop Window Manager API/Microsoft Corporation) 0x73C50000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\nvd3dum.dll (NVIDIA Compatible Vista WDDM D3D Driver, Version 191.07 /NVIDIA Corporation) 0x721A0000
Library C:\Windows\system32\uDWM.dll (Microsoft Desktop Window Manager/Microsoft Corporation) 0x72EC0000
Library C:\Windows\system32\WindowsCodecs.dll (Microsoft Windows Codecs Library/Microsoft Corporation) 0x739A0000
Library C:\Windows\system32\powrprof.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74C60000
Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1476
Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00940000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library c:\windows\system32\es.dll (COM+/Microsoft Corporation) 0x73AD0000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library c:\windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x73F20000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library c:\windows\system32\nsisvc.dll (Network Store Interface RPC server/Microsoft Corporation) 0x73970000
Library C:\Windows\system32\secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75090000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library c:\windows\system32\webclnt.dll (Web DAV Service DLL/Microsoft Corporation) 0x73690000
Library c:\windows\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x73510000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x760D0000
Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x76460000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\shell32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\WinInet.dll (Internet Extensions for Win32/Microsoft Corporation) 0x762A0000
Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x77400000
Library c:\windows\system32\wkssvc.dll (Workstation Service DLL/Microsoft Corporation) 0x73460000
Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x751F0000
Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x751A0000
Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75170000
Library c:\windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x753E0000
Library c:\windows\system32\WINBRAND.dll (Windows Branding Resources/Microsoft Corporation) 0x74D60000
Library c:\windows\system32\fdrespub.dll (Function Discovery Resource Publication Service/Microsoft Corporation) 0x74330000
Library c:\windows\system32\wsdapi.dll (Web Services for Devices API DLL/Microsoft Corporation) 0x71470000
Library c:\windows\system32\HTTPAPI.dll (HTTP Protocol Stack API/Microsoft Corporation) 0x71510000
Library c:\windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x74AB0000
Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x75C40000
Library c:\windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x747A0000
Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x74B90000
Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\system32\FunDisc.dll (Function Discovery Dll/Microsoft Corporation) 0x71400000
Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x73D70000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x74F80000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x74C40000
Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75060000
Library c:\windows\system32\ssdpsrv.dll (SSDP Service DLL/Microsoft Corporation) 0x6F0E0000
Library c:\windows\system32\sstpsvc.dll (Provides the facility of using Secure Socket Tunneling Protocol (SSTP) to connect to remote computers (using VPN)./Microsoft Corporation) 0x6F050000
Library c:\windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74380000
Library C:\Windows\System32\msxml3.dll (MSXML 3.0 SP10/Microsoft Corporation) 0x70FE0000
Library C:\Windows\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x756D0000
Library c:\windows\system32\w32time.dll (Windows Time Service/Microsoft Corporation) 0x6E840000
Library c:\windows\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x75470000
Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x74EE0000
Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75260000
Library C:\Windows\system32\NLAapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74030000
Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x713C0000
Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x711D0000
Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) &
-
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x74830000
Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x750A0000
Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75790000
Process C:\Windows\system32\taskeng.exe (Task Scheduler Engine/Microsoft Corporation) 1628
Library C:\Windows\system32\taskeng.exe (Task Scheduler Engine/Microsoft Corporation) 0x00B00000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x747A0000
Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x753A0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\tschannel.dll (Task Scheduler Proxy/Microsoft Corporation) 0x72E90000
Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x74830000
Library C:\Windows\System32\HotStartUserAgent.dll (Microsoft Windows HotStart User Agent/Microsoft Corporation) 0x72E80000
Library C:\Windows\System32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75260000
Library C:\Windows\system32\MsCtfMonitor.dll (MsCtfMonitor DLL/Microsoft Corporation) 0x72E60000
Library C:\Windows\system32\MSUTB.dll (MSUTB Server DLL/Microsoft Corporation) 0x71FC0000
Library C:\Windows\system32\dwmapi.dll (Microsoft Desktop Window Manager API/Microsoft Corporation) 0x73C50000
Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Library C:\Windows\System32\PlaySndSrv.dll (PlaySound Service/Microsoft Corporation) 0x72E50000
Library C:\Windows\System32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x74080000
Library C:\Windows\System32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x74040000
Library C:\Windows\system32\DrvTrNTm.dll (Wave sound driver for the Total Recorder (Professional Edition)/High Criteria inc.) 0x6BC00000
Library C:\Windows\system32\DrvTrNTl.dll (Wave sound driver for the Total Recorder (Professional Edition), additional dll/High Criteria inc.) 0x6BC20000
Library C:\Windows\system32\wdmaud.drv (Winmm audio system driver/Microsoft Corporation) 0x73E30000
Library C:\Windows\system32\ksuser.dll (User CSA Library/Microsoft Corporation) 0x74B80000
Library C:\Windows\system32\MMDevAPI.DLL (MMDevice API/Microsoft Corporation) 0x747D0000
Library C:\Windows\system32\AVRT.dll (Multimedia Realtime Runtime/Microsoft Corporation) 0x74790000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x74AB0000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x75C40000
Library C:\Windows\system32\AUDIOSES.DLL (Audio Session/Microsoft Corporation) 0x73E00000
Library C:\Windows\system32\audioeng.dll (Audio Engine/Microsoft Corporation) 0x73D90000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\msacm32.drv (Microsoft Sound Mapper/Microsoft Corporation) 0x74020000
Library C:\Windows\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x73D10000
Library C:\Windows\system32\midimap.dll (Microsoft MIDI Mapper/Microsoft Corporation) 0x73D60000
Library C:\Windows\System32\QAgent.dll (Quarantine Agent Proxy/Microsoft Corporation) 0x6D8B0000
Library C:\Windows\System32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x73570000
Library C:\Windows\System32\QUtil.dll (Quarantine Utilities/Microsoft Corporation) 0x6DB90000
Library C:\Windows\System32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x75220000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\dimsjob.dll (DIMS Job DLL/Microsoft Corporation) 0x71180000
Library C:\Windows\system32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x75120000
Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x74EE0000
Library C:\Windows\system32\pautoenr.dll (Auto Enrollment DLL/Microsoft Corporation) 0x6DB50000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\certcli.dll (Microsoft® Active Directory Certificate Services Client/Microsoft Corporation) 0x6D8E0000
Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x73D70000
Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x762A0000
Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x77400000
Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x760D0000
Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x76460000
Library C:\Windows\system32\certenroll.dll (Microsoft® Active Directory Certificate Services Enrollment Client/Microsoft Corporation) 0x6D190000
Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x753E0000
Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library C:\Windows\system32\WinSCard.dll (Microsoft Smart Card API/Microsoft Corporation) 0x6DB70000
Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x750A0000
Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1632
Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00940000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library c:\windows\system32\dnsrslvr.dll (DNS Caching Resolver Service/Microsoft Corporation) 0x73980000
Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x751A0000
Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75170000
Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x751F0000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x74F80000
Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75060000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x74C40000
Library c:\windows\system32\cryptsvc.dll (Cryptographic Services/Microsoft Corporation) 0x74300000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
L
-
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library C:\Windows\System32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\System32\SPOOLSS.DLL (Spooler SubSystem DLL/Microsoft Corporation) 0x73940000
Library C:\Windows\System32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Library C:\Windows\System32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x750A0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x74F80000
Library C:\Windows\System32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x751F0000
Library C:\Windows\System32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library C:\Windows\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library C:\Windows\System32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x751A0000
Library C:\Windows\System32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75170000
Library C:\Windows\System32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x72EA0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\System32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x74AB0000
Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x75C40000
Library C:\Windows\System32\localspl.dll (Local Spooler DLL/Microsoft Corporation) 0x72100000
Library C:\Windows\System32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\System32\sfc.dll (Windows File Protection/Microsoft Corporation) 0x72EB0000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\System32\winspool.drv (Windows Spooler Driver/Microsoft Corporation) 0x73ED0000
Library C:\Windows\System32\AdobePDF.dll (Adobe PDF Port Monitor DLL/Adobe Systems Inc) 0x00680000
Library C:\Windows\System32\CNYMLM11.DLL (SELPHY CP Family Driver Language Monitor/Canon INC.) 0x10000000
Library C:\Windows\System32\FXSMON.DLL (Microsoft Fax Print Monitor/Microsoft Corporation) 0x719E0000
Library C:\Windows\System32\FXSRESM.DLL (Microsoft Fax Resource DLL/Microsoft Corporation) 0x71730000
Library C:\Windows\System32\msonpmon.dll (Microsoft Office OneNote 2007 Printer Driver/Microsoft Corporation) 0x71900000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x71AA0000
Library C:\Windows\System32\msi.dll (Windows Installer/Microsoft Corporation) 0x71520000
Library C:\Windows\System32\tcpmon.dll (Standard TCP/IP Port Monitor DLL/Microsoft Corporation) 0x718D0000
Library C:\Windows\System32\snmpapi.dll (SNMP Utility Library/Microsoft Corporation) 0x718C0000
Library C:\Windows\System32\wsnmp32.dll (Microsoft WinSNMP v2.0 Manager API/Microsoft Corporation) 0x718B0000
Library C:\Windows\System32\msxml6.dll (MSXML 6.0 SP2/Microsoft Corporation) 0x71260000
Library C:\Windows\System32\tcpmib.dll (Standard TCP/IP Port Monitor Helper DLL/Microsoft Corporation) 0x718A0000
Library C:\Windows\System32\mgmtapi.dll (Microsoft SNMP Manager API (uses WinSNMP)/Microsoft Corporation) 0x71830000
Library C:\Windows\System32\sugo3l3.dll 0x00720000
Library C:\Windows\System32\usbmon.dll (Standard Dynamic Printing Port Monitor DLL/Microsoft Corporation) 0x71820000
Library C:\Windows\system32\wls0wndh.dll (Session0 Viewer Window Hook DLL/Microsoft Corporation) 0x71500000
Library C:\Windows\System32\WSDMon.dll (WSD Printer Port Monitor/Microsoft Corporation) 0x714D0000
Library C:\Windows\System32\wsdapi.dll (Web Services for Devices API DLL/Microsoft Corporation) 0x71470000
Library C:\Windows\System32\HTTPAPI.dll (HTTP Protocol Stack API/Microsoft Corporation) 0x71510000
Library C:\Windows\System32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x73510000
Library C:\Windows\System32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x747A0000
Library C:\Windows\System32\CFGMGR32.dll (Configuration Manager Forwarder DLL/Microsoft Corporation) 0x71460000
Library C:\Windows\system32\FunDisc.dll (Function Discovery Dll/Microsoft Corporation) 0x71400000
Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x73D70000
Library C:\Windows\System32\msxml3.dll (MSXML 3.0 SP10/Microsoft Corporation) 0x70FE0000
Library C:\Windows\system32\spool\PRTPROCS\W32X86\msonpppr.dll (Microsoft Office OneNote 2007 Printer Driver/Microsoft Corporation) 0x71430000
Library C:\Windows\system32\spool\PRTPROCS\W32X86\sugo3pc.dll (Windows?Server 2003 Driver Development Kit Print DLL/Windows (R) 2000 DDK provider) 0x00A60000
Library C:\Windows\System32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\System32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\System32\inetpp.dll (Internet Print Provider DLL/Microsoft Corporation) 0x71210000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x74C40000
Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75060000
Library C:\Windows\system32\NLAapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74030000
Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x713C0000
Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x711D0000
Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x71200000
Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000
Library C:\Windows\System32\win32spl.dll (Client Side Rendering Print Provider/Microsoft Corporation) 0x70EA0000
Library C:\Windows\System32\NETRAP.dll (Net Remote Admin Protocol DLL/Microsoft Corporation) 0x71450000
Library C:\Windows\system32\printcom.dll (Print System COM component host/Microsoft Corporation) 0x711C0000
Library C:\Windows\system32\SensApi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x711F0000
Library C:\Windows\System32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x74EE0000
Library C:\Windows\System32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 1884
Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00940000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library c:\windows\system32\bfe.dll (Base Filtering Engine/Microsoft Corporation) 0x73610000
Library c:\windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x757D0000
Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library c:\windows\system32\mpssvc.dll (Microsoft Protection Service/Microsoft Corporation) 0x73490000
Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x74B90000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library c:\windows\system32\nlaapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74030000
Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x751F0000
Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x751A0000
Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75170000
Library c:\windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library c:\windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library c:\windows\system32\bcrypt.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x750D0000
Library c:\windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library c:\windows\system32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x73570000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75090000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x74EE0000
Library C
-
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\WindowsCodecs.dll (Microsoft Windows Codecs Library/Microsoft Corporation) 0x739A0000
Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x75790000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (GrooveShellExtensions Module/Microsoft Corporation) 0x71C60000
Library C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL (GrooveUtil Module/Microsoft Corporation) 0x71B40000
Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x762A0000
Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x77400000
Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x760D0000
Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x76460000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x71AA0000
Library C:\Program Files\Microsoft Office\Office12\GrooveNew.DLL (GrooveNew Module/Microsoft Corporation) 0x72E70000
Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL (ATL Module for Windows (Unicode)/Microsoft Corporation) 0x71C40000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\system32\MSImg32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74B70000
Library C:\Windows\System32\cscui.dll (Client Side Caching UI/Microsoft Corporation) 0x71A00000
Library C:\Windows\System32\CSCDLL.dll (Offline Files Temporary Shim/Microsoft Corporation) 0x72E40000
Library C:\Windows\System32\CSCAPI.dll (Offline Files Win32 API/Microsoft Corporation) 0x719F0000
Library C:\Windows\system32\IconCodecService.dll (Converts a PNG part of the icon to a legacy bmp icon/Microsoft Corporation) 0x719D0000
Library C:\Windows\system32\timedate.cpl (Time Date Control Panel Applet/Microsoft Corporation) 0x71910000
Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x73D70000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x74040000
Library C:\Windows\system32\ACTXPRXY.DLL (ActiveX Interface Marshaling Library/Microsoft Corporation) 0x71840000
Library C:\Program Files\iTunes\iTunesMiniPlayer.dll (iTunes Mini Player DLL/Apple Inc.) 0x713D0000
Library C:\Program Files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll (iTunes Mini Player Resource Library/Apple Inc.) 0x71440000
Library C:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll (iTunes Mini Player Resource Library/Apple Inc.) 0x71230000
Library C:\Windows\system32\WINBRAND.dll (Windows Branding Resources/Microsoft Corporation) 0x74D60000
Library C:\Windows\System32\shacct.dll (Shell Accounts Classes/Microsoft Corporation) 0x73FE0000
Library C:\Windows\System32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\System32\msshsq.dll (Structured Query/Microsoft Corporation) 0x71130000
Library C:\Windows\System32\NaturalLanguage6.dll (Natural Language Development Platform 6/Microsoft Corporation) 0x70DD0000
Library C:\Windows\System32\NLSData0009.dll (Microsoft English Natural Language Server Data and Code/Microsoft Corporation) 0x70470000
Library C:\Windows\System32\NLSLexicons0009.dll (Microsoft English Natural Language Server Data and Code/Microsoft Corporation) 0x701E0000
Library C:\Windows\system32\authui.dll (Windows Authentication UI/Microsoft Corporation) 0x74460000
Library C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (GrooveSystemServices Module/Microsoft Corporation) 0x70FB0000
Library C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll (GrooveMisc Module/Microsoft Corporation) 0x70AD0000
Library C:\Windows\System32\msxml3.dll (MSXML 3.0 SP10/Microsoft Corporation) 0x70FE0000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\ieframe.dll (Internet Explorer/Microsoft Corporation) 0x6F740000
Library C:\Windows\system32\LINKINFO.dll (Windows Volume Tracking/Microsoft Corporation) 0x711B0000
Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x74080000
Library C:\Windows\system32\wdmaud.drv (Winmm audio system driver/Microsoft Corporation) 0x73E30000
Library C:\Windows\system32\ksuser.dll (User CSA Library/Microsoft Corporation) 0x74B80000
Library C:\Windows\system32\MMDevAPI.DLL (MMDevice API/Microsoft Corporation) 0x747D0000
Library C:\Windows\system32\AVRT.dll (Multimedia Realtime Runtime/Microsoft Corporation) 0x74790000
Library C:\Windows\system32\ntshrui.dll (Shell extensions for sharing/Microsoft Corporation) 0x709D0000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x74AB0000
Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x75C40000
Library C:\Windows\system32\AUDIOSES.DLL (Audio Session/Microsoft Corporation) 0x73E00000
Library C:\Windows\system32\audioeng.dll (Audio Engine/Microsoft Corporation) 0x73D90000
Library C:\Windows\system32\msacm32.drv (Microsoft Sound Mapper/Microsoft Corporation) 0x74020000
Library C:\Windows\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x73D10000
Library C:\Windows\system32\midimap.dll (Microsoft MIDI Mapper/Microsoft Corporation) 0x73D60000
Library C:\Windows\system32\ExplorerFrame.dll (ExplorerFrame/Microsoft Corporation) 0x70A30000
Library C:\Windows\system32\stobject.dll (Systray shell service object/Microsoft Corporation) 0x6D770000
Library C:\Windows\system32\BatMeter.dll (Battery Meter Helper DLL/Microsoft Corporation) 0x6D6B0000
Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x750A0000
Library C:\Windows\system32\es.dll (COM+/Microsoft Corporation) 0x73AD0000
Library C:\Windows\System32\SndVolSSO.dll (SCA Volume/Microsoft Corporation) 0x6D880000
Library C:\Windows\ehome\ehSSO.dll (Windows Media Center Shell Service Object/Microsoft Corporation) 0x6D850000
Library C:\Windows\system32\HID.DLL (Hid User Library/Microsoft Corporation) 0x73C80000
Library C:\Windows\System32\netshell.dll (Network Connections Shell/Microsoft Corporation) 0x6CE50000
Library C:\Windows\System32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x751F0000
Library C:\Windows\System32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library C:\Windows\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library C:\Windows\System32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x751A0000
Library C:\Windows\System32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75170000
Library C:\Windows\System32\nlaapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74030000
Library C:\Windows\system32\pnidui.dll (Network System Icon/Microsoft Corporation) 0x6D2B0000
Library C:\Windows\system32\QUtil.dll (Quarantine Utilities/Microsoft Corporation) 0x6DB90000
Library C:\Windows\system32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x75220000
Library C:\Windows\system32\wlanutil.dll (Windows Wireless LAN 802.11 Utility DLL/Microsoft Corporation) 0x70970000
Library C:\Windows\System32\npmproxy.dll (Network List Manager Proxy/Microsoft Corporation) 0x6E7D0000
Library C:\Windows\system32\Wlanapi.dll (Windows WLAN AutoConfig Client Side API DLL/Microsoft Corporation) 0x709B0000
Library C:\Windows\system32\OneX.DLL (IEEE 802.1X supplicant library/Microsoft Corporation) 0x6F4D0000
Library C:\Windows\system32\eappprxy.dll (Microsoft EAPHost Peer Client DLL/Microsoft Corporation) 0x70A20000
Library C:\Windows\system32\eappcfg.dll (Eap Peer Config/Microsoft Corporation) 0x70980000
Library C:\Windows\system32\bcrypt.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x750D0000
Library C:\Windows\System32\AltTab.dll (Windows Shell Alt Tab/Microsoft Corporation) 0x6DA20000
Library C:\Windows\system32\wpdshserviceobj.dll (Windows Portable Device Shell Service Object/Microsoft Corporation) 0x6D820000
Library C:\Windows\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x73510000
Library C:\Windows\System32\srchadmin.dll (Indexing Options/Microsoft Corporation) 0x6CDB0000
Library C:\Windows\System32\cscobj.dll (In-proc COM object used by clients of CSC API/Microsoft Corporation) 0x6D160000
Library C:\Windows\System32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x753A0000
Library C:\Windows\System32\webcheck.dll (Web Site Monitor/Microsoft Corporation) 0x6CE10000
Library C:\Windows\System32\MLANG.dll (Multi Language Support DLL/Microsoft Corporation) 0x6D9F0000
Library C:\Windows\System32\SyncCenter.dll (Microsoft Sync Center/Microsoft Corporation) 0x6C970000
Library C:\Windows\system32\wscntfy.dll (Windows Security Center Notification App/Microsoft Corporation) 0x6CD70000
Library C:\Windows\system32\WSCAPI.dll (Windows Security Center API/Microsoft Corporation) 0x73370000
Library C:\Windows\System32\QAgent.dll (Quarantine Agent Proxy/Microsoft Corporation) 0x6D8B0000
Library C:\Windows\System32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x73570000
Library C:\Windows\system32\wbem\wbemprox.dll (WMI/Microsoft Corporation) 0x6E7A0000
Library C:\Windows\system32\wbemcomn.dll (WMI/Microsoft Corporation) 0x6E6B0000
Library C:\Windows\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x6E230000
Library C:\Windows\system32\imapi2.dll (Image Mastering API v2/Microsoft Corporation) 0x6CCB0000
Library C:\Windows\system32\wbem\fastprox.dll (WMI Custom Marshaller/Microsoft Corporation) 0x6DC90000
Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x753E0000
Library C:\Program Files\WinSCP\DragExt.dll (Drag&Drop shell extension for WinSCP (32-bit)/Martin Prikryl) 0x03EF0000
Library C:\Windows\system32\mssprxy.dll (mssprxy.dll/Microsoft Corporation) 0x6D9E0000
Library C:\Windows\System32\DreamScene.dll (Microsoft Windows Vista Ultimate Extra: Windows DreamScene/Microsoft Corporation) 0x6CC70000
Library C:\Windows\System32\d3d9.dll (Microsoft Direct3D/Microsoft Corporation) 0x72F10000
Library C:\Windows\System32\d3d8thk.dll (Microsoft Direct3D OS Thunk Layer/Microsoft Corporation) 0x72F00000
Library C:\Windows\
-
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCP80.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x70A40000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x71AA0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll (FSSYNC.DLL/Kaspersky Lab) 0x6D380000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\FLTLIB.DLL (Filter Library/Microsoft Corporation) 0x711A0000
Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x00190000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x74830000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll (Ushata module/Kaspersky Lab) 0x6DAA0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CLLDR.DLL (CLLDR/Kaspersky Lab) 0x6D330000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll (Prague Loader/Kaspersky Lab) 0x6D8D0000
Library C:\Windows\system32\userenv.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pxstub.ppl (Proxy Stubs/Kaspersky Lab) 0x6E730000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\params.ppl (Structure Serializer/Kaspersky Lab) 0x6E420000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\winreg.ppl (WINREG/Kaspersky Lab) 0x6ED30000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mkavio.ppl (64-bit IO wrapper/Kaspersky Lab) 0x6E320000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\hashmd5.ppl (HASHMD5/Kaspersky Lab) 0x6E050000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl (NFIO/Kaspersky Lab) 0x6E3A0000
Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x753A0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fsdrvplg.ppl (Plugin for FSDrv/Kaspersky Lab) 0x6E040000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgui.ppl (Kaspersky Anti-Virus GUI Logic/Kaspersky Lab) 0x6DC10000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl (Kaspersky Anti-Virus GUI Windows part/Kaspersky Lab) 0x6DD80000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74B70000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x01BB0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl (Thread Pool/Kaspersky Lab) 0x6EA80000
Library C:\Windows\system32\wtsapi32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x750A0000
Process C:\Program Files\Common Files\Java\Java Update\jusched.exe (Java(TM) Update Scheduler/Sun Microsystems, Inc.) 2172
Library C:\Program Files\Common Files\Java\Java Update\jusched.exe (Java(TM) Update Scheduler/Sun Microsystems, Inc.) 0x00400000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x762A0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x77400000
Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x760D0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x76460000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x74830000
Process C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe (Adobe Acrobat SpeedLauncher/Adobe Systems Incorporated) 2212
Library C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe (Adobe Acrobat SpeedLauncher/Adobe Systems Incorporated) 0x00400000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCP80.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x70A40000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x71AA0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x74830000
Process C:\Program Files\Windows Sidebar\sidebar.exe (Windows Sidebar/Microsoft Corporation) 2304
Library C:\Program Files\Windows Sidebar\sidebar.exe (Windows Sidebar/Microsoft Corporation) 0x007F0000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x73D70000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x74100000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x760D0000
Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x76460000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\sfc.dll (Windows File Protection/Microsoft Corporation) 0x72EB0000
Library C:\Windows\system32\sfc_os.DLL (Windows File Protection/Microsoft Corporation) 0x71120000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\system32\dwmapi.dll (Microsoft Desktop Window Manager API/Microsoft Corporation) 0x73C50000
Library C:\Windows\system32\CRYPTUI.dll (Microsoft Trust UI Provider/Microsoft Corporation) 0x6F650000
Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x74AB0000
Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x75C40000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) &nbs
-
Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x75C40000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x74B70000
Library C:\Windows\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x74830000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\msiltcfg.dll (Windows Installer Configuration API Stub/Microsoft Corporation) 0x70F10000
Library C:\Windows\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x71520000
Library C:\Windows\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x756D0000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x750A0000
Library C:\Windows\system32\Wlanapi.dll (Windows WLAN AutoConfig Client Side API DLL/Microsoft Corporation) 0x709B0000
Library C:\Windows\system32\OneX.DLL (IEEE 802.1X supplicant library/Microsoft Corporation) 0x6F4D0000
Library C:\Windows\system32\eappprxy.dll (Microsoft EAPHost Peer Client DLL/Microsoft Corporation) 0x70A20000
Library C:\Windows\system32\eappcfg.dll (Eap Peer Config/Microsoft Corporation) 0x70980000
Library C:\Windows\system32\DUser.dll (Windows DirectUser Engine/Microsoft Corporation) 0x74800000
Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x74040000
Library C:\Windows\system32\bcrypt.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x750D0000
Library C:\Windows\system32\wlanutil.dll (Windows Wireless LAN 802.11 Utility DLL/Microsoft Corporation) 0x70970000
Library C:\Windows\System32\msxml3.dll (MSXML 3.0 SP10/Microsoft Corporation) 0x70FE0000
Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x762A0000
Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x77400000
Library C:\Windows\system32\mshtml.dll (Microsoft (R) HTML Viewer/Microsoft Corporation) 0x6E970000
Library C:\Windows\system32\msls31.dll (Microsoft Line Services library file/Microsoft Corporation) 0x74410000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll (COM Explorer Injector and HOOK DLL/Andreas Verhoeven) 0x10000000
Library C:\Windows\system32\COMDLG32.dll (Common Dialogs DLL/Microsoft Corporation) 0x76390000
Library C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL (ATL Module for Windows (Unicode)/Microsoft Corporation) 0x71C40000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x71AA0000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCP80.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x70A40000
Library C:\Windows\system32\MLANG.dll (Multi Language Support DLL/Microsoft Corporation) 0x6D9F0000
Library C:\Windows\system32\msimtf.dll (Active IMM Server DLL/Microsoft Corporation) 0x6D810000
Library C:\Windows\system32\ieframe.dll (Internet Explorer/Microsoft Corporation) 0x6F740000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\scrchpg.dll (Script Checker/Kaspersky Lab) 0x6D940000
Library C:\Windows\system32\jscript.dll (Microsoft (R) JScript/Microsoft Corporation) 0x6C820000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klscav.dll (Script Checker AV Plugin/Kaspersky Lab) 0x6D500000
Library C:\Windows\system32\wbem\wbemdisp.dll (WMI Scripting/Microsoft Corporation) 0x6CBF0000
Library C:\Windows\system32\wbemcomn.dll (WMI/Microsoft Corporation) 0x6E6B0000
Library C:\Windows\system32\wbem\wbemprox.dll (WMI/Microsoft Corporation) 0x6E7A0000
Library C:\Windows\system32\wbem\wmiutils.dll (WMI/Microsoft Corporation) 0x6DE40000
Library C:\Windows\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x6E230000
Library C:\Windows\system32\wbem\fastprox.dll (WMI Custom Marshaller/Microsoft Corporation) 0x6DC90000
Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x753E0000
Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library C:\Program Files\Windows Sidebar\wlsrvc.dll (Windows Live Services/Microsoft Corporation) 0x6C550000
Library C:\Windows\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x6F370000
Library C:\Windows\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x6F350000
Library C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation) 0x6F140000
Library C:\Windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74380000
Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x74080000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75090000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library C:\Windows\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x74F40000
Library C:\Windows\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x75470000
Library C:\Windows\system32\ImgUtil.dll (IE plugin image decoder support DLL/Microsoft Corporation) 0x6C5E0000
Library C:\Windows\system32\pngfilt.dll (IE PNG plugin image decoder/Microsoft Corporation) 0x6C570000
Library C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll (Microsoft Vector Graphics Rendering(VML)/Microsoft Corporation) 0x6C3B0000
Library C:\Windows\system32\sensapi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x711F0000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x74F80000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x74C40000
Library C:\Windows\system32\mscms.dll (Microsoft Color Matching System DLL/Microsoft Corporation) 0x6C4E0000
Library C:\Windows\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73ED0000
Library C:\Windows\system32\wshom.ocx (Windows Script Host Runtime Library/Microsoft Corporation) 0x6C480000
Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x753A0000
Library C:\Windows\system32\ScrRun.dll (Microsoft (R) Script Runtime/Microsoft Corporation) 0x6C4B0000
Library C:\Windows\system32\icm32.dll (Microsoft Color Management Module (CMM)/Microsoft Corporation) 0x6C370000
Library C:\Windows\system32\mscoree.dll (Microsoft .NET Runtime Execution Engine/Microsoft Corporation) 0x6C7D0000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll (Microsoft .NET Runtime Common Language Runtime - WorkStation/Microsoft Corporation) 0x6BCB0000
Library C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll (Microsoft Common Language Runtime Class Library/Microsoft Corporation) 0x68DE0000
Library C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\IntelDTSReader.dll (IntelDTSReader/Orbmu2k) 0x6CD40000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll (Microsoft .NET Runtime Just-In-Time Compiler/Microsoft Corporation) 0x6C310000
Library C:\Windows\system32\shfolder.dll (Shell Folder Service/Microsoft Corporation) 0x6E7B0000
Library C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll (.NET Framework/Microsoft Corporation) 0x6B6B0000
Library C:\Windows\system32\ddrawex.dll (Direct Draw Ex/Microsoft Corporation) 0x6C8F0000
Library C:\Windows\system32\DDRAW.dll (Microsoft DirectDraw/Microsoft Corporation) 0x6B3E0000
Library C:\Windows\system32\DCIMAN32.dll (DCI Manager/Microsoft Corporation) 0x6C900000
Library C:\Windows\system32\nvd3dum.dll (NVIDIA Compatible Vista WDDM D3D Driver, Version 191.07 /NVIDIA Corporation) 0x721A0000
Library C:\Windows\system32\powrprof.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74C60000
Library C:\Windows\system32\D3DIM700.DLL (Microsoft Direct3D/Microsoft Corporation) 0x6B1E0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll (PR_REMOTE/Kaspersky Lab) 0x6D900000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll (Prague Loader/Kaspersky Lab) 0x6D8D0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\params.ppl (Structure Serializer/Kaspersky Lab) 0x6E420000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pxstub.ppl (Proxy Stubs/Kaspersky Lab) 0x6E730000
Library C:\Windows\system32\wbem\WmiPerfInst.dll (WbemPerf V2 Instance Provider/Microsoft Corporation) 0x6C940000
Library C:\Windows\system32\pdh.dll (Windows Performance Data Helper DLL/Microsoft Corporation) 0x6CC30000
Library C:\Windows\system32\Perfctrs.dll (Performance Counters/Microsoft Corporation) 0x6C600000
Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x751F0000
Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x751A0000
Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75170000
Library C:\Windows\system32\Dxtrans.dll (DirectX Media -- DirectX Transform Core/Microsoft Corporation) 0x6ADF0000
Library C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.dll (WinRing0/OpenLibSys.org) 0x03980000
Library C:\Windows\system32\Dxtmsft.dll (DirectX Media -- Image DirectX Transforms/Microsoft Corporation) 0x6AD30000
Process C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe (CMSPCSUtilSvc/SprintNextel) 2516
Library C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe (CMSPCSUtilSvc/SprintNextel) 0x00400000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x751F0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) &n
-
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl (Thread Pool/Kaspersky Lab) 0x6EA80000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ndetect.ppl (Nertwork Detection/Kaspersky Lab) 0x6E350000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\crpthlpr.ppl (CryptoHelper/Kaspersky Lab) 0x6DFB0000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\system32\wtsapi32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\dtreg.ppl (DTREG/Kaspersky Lab) 0x6DFF0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sfdb.ppl (SFDB/Kaspersky Lab) 0x6E9B0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\schedule.ppl (Scheduler/Kaspersky Lab) 0x6E9A0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\timer.ppl (Timer/Kaspersky Lab) 0x6EA90000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\report.ppl (Report System/Kaspersky Lab) 0x6E790000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\reportdb.ppl (Report DB System/Kaspersky Lab) 0x6E7A0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\lic.ppl (Licensing Library/Kaspersky Lab) 0x6E210000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\icheck3.ppl (ichecker and iswift tech/Kaspersky Lab) 0x6E150000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avs.ppl (AV Server/Kaspersky Lab) 0x6DCF0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avlib.ppl (Anti-Virus functions library/Kaspersky Lab) 0x6DBD0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avspm.ppl (AV Server Performance Monitor/Kaspersky Lab) 0x6DD30000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\dmap.ppl (Direct Mapper plugin/Kaspersky Lab) 0x6DFE0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\qb.ppl (QBStorage/Kaspersky Lab) 0x6E740000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\procmon.ppl (Process Monitor/Kaspersky Lab) 0x6E5E0000
Library C:\Windows\system32\WSOCK32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x74400000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sandbox.ppl (Virtual environment for executing applications/Kaspersky Lab) 0x6E960000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klsrlsvc.ppl (KLSRL transport service/Kaspersky Lab) 0x6E1D0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\propmap.ppl (PROPMAP/Kaspersky Lab) 0x6E670000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\filemap.ppl (File Mapping Helper/Kaspersky Lab) 0x6E030000
Library C:\Windows\system32\NLAapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74030000
Library C:\Windows\system32\napinsp.dll (E-mail Naming Shim Provider/Microsoft Corporation) 0x713C0000
Library C:\Windows\system32\pnrpnsp.dll (PNRP Name Space Provider/Microsoft Corporation) 0x711D0000
Library C:\Windows\System32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x74F80000
Library C:\Windows\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x71200000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc.) 0x16080000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x74C40000
Library C:\ProgramData\Kaspersky Lab\AVP9\Bases\kavbase.kdl (AV engine/Kaspersky Lab ZAO) 0x6C250000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\syswatch.ppl (SysWatch/Kaspersky Lab) 0x6EA60000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\netwatch.ppl (Network Watcher/Kaspersky Lab) 0x6E380000
Library C:\Windows\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x6F370000
Library C:\Windows\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x6F350000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation) 0x6F140000
Library C:\Windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74380000
Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x74080000
Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x74040000
Library C:\Windows\system32\wlanapi.dll (Windows WLAN AutoConfig Client Side API DLL/Microsoft Corporation) 0x709B0000
Library C:\Windows\system32\OneX.DLL (IEEE 802.1X supplicant library/Microsoft Corporation) 0x6F4D0000
Library C:\Windows\system32\eappprxy.dll (Microsoft EAPHost Peer Client DLL/Microsoft Corporation) 0x70A20000
Library C:\Windows\system32\eappcfg.dll (Eap Peer Config/Microsoft Corporation) 0x70980000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x74100000
Library C:\Windows\system32\DUser.dll (Windows DirectUser Engine/Microsoft Corporation) 0x74800000
Library C:\Windows\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x74830000
Library C:\Windows\system32\bcrypt.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x750D0000
Library C:\Windows\system32\wlanutil.dll (Windows Wireless LAN 802.11 Utility DLL/Microsoft Corporation) 0x70970000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\hips.ppl (HIPS/Kaspersky Lab) 0x6E070000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHUM.dll (Kaspersky Anti-Hacker User Mode Component/Kaspersky Lab) 0x6D2D0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHComm.dll (Kaspersky Anti-Hacker Communication Library/Kaspersky Lab) 0x6D260000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ckahrule.dll (Kaspersky Anti-Hacker Rules Manager/Kaspersky Lab) 0x6D270000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHStat.dll (Kaspersky Anti-Hacker Statistic Componet/Kaspersky Lab) 0x6D2A0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\antispam.ppl (AntiSpam mail fiter/Kaspersky Lab) 0x6DB30000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\oas.ppl (File Monitor/Kaspersky Lab) 0x6E3E0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\volenum.ppl (Volume enumeration/Kaspersky Lab) 0x6ECD0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\imc.ppl (IM Checker Monitor/Kaspersky Lab) 0x6E190000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgs.ppl (Driver Communication Module/Kaspersky Lab) 0x6DBF0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sc.ppl (ScriptChecker/Kaspersky Lab) 0x6E990000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\httpscan.ppl (HTTP Scanner/Kaspersky Lab) 0x6E140000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ahids.ppl (ids task/Kaspersky Lab) 0x6DB20000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mc.ppl (Mail Monitor/Kaspersky Lab) 0x6E2C0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl (Behavior PDM2rt/Kaspersky Lab) 0x6E4F0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\smtpprtc.ppl (SMTP Protocoller/Kaspersky Lab) 0x6E9C0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pop3prtc.ppl (POP3 Protocoller/Kaspersky Lab) 0x6E5D0000
Library C:\Windows\system32\wintrust.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x74AB0000
Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x75C40000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\trafmon2.ppl (Traffic Monitor/Kaspersky Lab) 0x6EAD0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\maildisp.ppl (MailDispatcher/Kaspersky Lab) 0x6E270000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\imapprtc.ppl (IMAP Protocoller/Kaspersky Lab) 0x6E170000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nntpprtc.ppl (NNTP Protocoller/Kaspersky Lab) 0x6E3C0000
Library C:\Windows\system32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x75120000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\urlflt.ppl (UrlFiltering/Kaspersky Lab) 0x6EC40000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\webnetstat.ppl (Web Network Statistics/Kaspersky Lab) 0x6ECF0000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x74EE0000
Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75260000
Library C:\Windows\system32\cryptnet.dll (Crypto Network Related API/Microsoft Corporation) 0x70C50000
Library C:\Windows\system32\SensApi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x711F0000
Library C:\Windows\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x74770000
Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75060000
Library C:\ProgramData\Kaspersky Lab\AVP9\Bases\kjim.kdl (Script Heuristics Engine/Kaspersky Lab ZAO) 0x38800000
Library C:\ProgramData\Kaspersky Lab\AVP9\Bases\vlns.kdl (Vulnerability scanner/Kaspersky Lab) 0x38200000
Library C:\ProgramData\Kaspersky Lab\AVP9\Bases\klavemu.kdl (Heuristics engine/Kaspersky Lab) 0x38400000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avzkrnl.dll 0x6D040000
Library C:\Windows\system32\winspool.drv (Windows Spooler Driver/Microsoft Corporation) 0x73ED0000
Library C:\Windows\system32\wininet.dll (Internet Extensions for Win32/Microsoft Corporation) 0x762A0000
Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x77400000
Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x760D0000
Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x76460000
Library C:\Windows\system32\comdlg32.dll (Common Dialogs DLL/Microsoft Corporation) 0x76390000
Library C:\ProgramData\Kaspersky Lab\AVP9\Bases\mark.kdl (Anti-Rootkit Engine/Kaspersky Lab) 0x38300000
Library C:\ProgramData\Kaspersky Lab\AVP9\Bases\qscan.kdl (Initial Scan Engine/Kaspersky Lab) 0x38C00000
Library C:\ProgramData\Kaspersky Lab\AVP9\Bases\kavsys.kdl (set of system interfaces/Kaspersky Lab) 0x38D00000
Library C:\Windows\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x71520000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl (External Protocoller task/Kaspersky Lab) 0x6E010000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ICQprtc.dll (ICQ Protocoller/Kaspersky Lab) 0x6D410000
Library C:\ProgramData\Kaspersky Lab\AVP9\Bases\webav.kdl (WebAV engine/Kaspersky Lab) 0x10000000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MSNprtc.dll (MSN Protocoller/Kaspersky Lab) 0x6D810000
Library C:\ProgramData\Kaspersky Lab\AVP9\Bases\pdm.kdl (AV engine/Kaspersky Lab) 0x6B1A0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\httpanlz.ppl (HTTP Protocoller/Kaspersky Lab) 0x6E0E0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\JbrPrtc.dll (Jabber Protocoller/Kaspersky Lab) 0x6D460000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\IRCPrtc.dll (IRC Protocoller/Kaspersky Lab) 0x6D440000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\uniarc.ppl (UniArchiver plugin/Kaspersky Lab) 0x6EBF0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl (MDB/Kaspersky Lab) 0x6E2D0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\minizip.ppl (ZIP MiniArchiver plugin/Kaspersky Lab) 0x6E310000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Yhoprtc.dll (Yahoo Protocoller/Kaspersky Lab) 0x6DAD0000
Library C:\Windows\system32\mapi32.dll (Extended MAPI 1.0 for Windows NT/Microsoft Corporation) 0x6C2B0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl (CAB MiniArchiver plugin/Kaspersky Lab) 0x6DF90000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\arj.ppl (ARJ MiniArchiver plugin/Kaspersky Lab) 0x6DBB0000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\msoe.ppl (MSOE/Kaspersky Lab) 0x6E330000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\rar.ppl (RAR/Kaspersky Lab) 0x6E760000
Library C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MMPprtc.dll *Blocked Russian URL* Agent Protocoller/Kaspersky Lab) &nbs
-
Library C:\Windows\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x6E230000
Library C:\Windows\system32\wbem\fastprox.dll (WMI Custom Marshaller/Microsoft Corporation) 0x6DC90000
Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x753E0000
Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\wbem\wmiutils.dll (WMI/Microsoft Corporation) 0x6DE40000
Library C:\Windows\system32\wbem\wmiprov.dll (WMI/Microsoft Corporation) 0x6CB90000
Library C:\Windows\system32\WMI.dll (WMI DC and DP functionality/Microsoft Corporation) 0x71190000
Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 2676
Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00940000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library c:\windows\system32\ipsecsvc.dll (Windows IPsec SPD Server DLL/Microsoft Corporation) 0x6F080000
Library c:\windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x757D0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x751F0000
Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x751A0000
Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75170000
Library c:\windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library c:\windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library c:\windows\system32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x73570000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x74B90000
Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library c:\windows\system32\FwRemoteSvr.DLL (Windows Firewall Remote APIs Server/Microsoft Corporation) 0x6F330000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75090000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x74F80000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x74C40000
Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75060000
Process C:\Program Files\CyberLink\Shared files\RichVideo.exe 2696
Library C:\Program Files\CyberLink\Shared files\RichVideo.exe 0x00400000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\MSVCRT.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Process C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Stereo Vision Control Panel API Server/NVIDIA Corporation) 2804
Library C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Stereo Vision Control Panel API Server/NVIDIA Corporation) 0x00400000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x74040000
Library C:\Windows\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73ED0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x74770000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 2900
Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00940000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library c:\windows\system32\wiaservc.dll (Still Image Devices Service/Microsoft Corporation) 0x6EF40000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\system32\COMDLG32.dll (Common Dialogs DLL/Microsoft Corporation)
-
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\msstrc.dll (msstrc.dll/Microsoft Corporation) 0x6EFC0000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75090000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library C:\Windows\system32\mssrch.dll (mssrch.dll/Microsoft Corporation) 0x6E080000
Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Library C:\Windows\system32\dbghelp.dll (Windows Image Helper/Microsoft Corporation) 0x6DFA0000
Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\system32\Msidle.dll (User Idle Monitor/Microsoft Corporation) 0x6F040000
Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x750A0000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\system32\propdefs.dll (propdefs.dll/Microsoft Corporation) 0x6DF30000
Library C:\Windows\system32\en-us\tQuery.dll.mui (tquery.dll/Microsoft Corporation) 0x6D940000
Library C:\Windows\system32\esent.dll (Extensible Storage Engine for Microsoft(R) Windows(R)/Microsoft Corporation) 0x6D470000
Library C:\Windows\system32\msscb.dll (msscb.dll/Microsoft Corporation) 0x6DB60000
Library C:\Windows\system32\mssprxy.dll (mssprxy.dll/Microsoft Corporation) 0x6D9E0000
Library C:\Windows\system32\VSSAPI.DLL (Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL/Microsoft Corporation) 0x6F3C0000
Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x73D70000
Library C:\Windows\system32\vsstrace.dll (Microsoft® Volume Shadow Copy Requestor/Writer tracing DLL/Microsoft Corporation) 0x74340000
Library C:\Windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x757D0000
Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x747A0000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\es.dll (COM+/Microsoft Corporation) 0x73AD0000
Library C:\Windows\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x756D0000
Process C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware Authorization Service/VMware, Inc.) 3132
Library C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware Authorization Service/VMware, Inc.) 0x00400000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x71AA0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75650000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x751F0000
Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x75440000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x751A0000
Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75170000
Library C:\Program Files\VMware\VMware Player\vmwarebase.DLL (VMware base library/VMware, Inc.) 0x11100000
Library C:\Program Files\VMware\VMware Player\vmcryptolib.DLL (VMware Software Cryptographic Implementation v1.0/VMware, Inc.) 0x10000000
Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x74080000
Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x74040000
Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x762A0000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x77400000
Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x760D0000
Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x76460000
Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x753A0000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73ED0000
Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x73510000
Library C:\Program Files\VMware\VMware Player\libxml2.dll 0x00160000
Library C:\Windows\system32\WSOCK32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x74400000
Library C:\Program Files\VMware\VMware Player\iconv.dll (LGPLed libiconv for Windows NT/2000/XP and Windows 95/98/ME/Free Software Foundation) 0x00B20000
Library C:\Program Files\VMware\VMware Player\zlib1.dll 0x00250000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\shfolder.dll (Shell Folder Service/Microsoft Corporation) 0x6E7B0000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x74F80000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x74C40000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\perfos.dll (Windows System Performance Objects DLL/Microsoft Corporation) 0x6C7C0000
Library C:\Windows\system32\perfproc.dll (Windows System Process Performance Objects DLL/Microsoft Corporation) 0x6C7B0000
Process C:\Windows\system32\vmnetdhcp.exe (VMware VMnet DHCP service/VMware, Inc.) 3228
Library C:\Windows\system32\vmnetdhcp.exe (VMware VMnet DHCP service/VMware, Inc.) 0x00400000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x71AA0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x75BC0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x75DB0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x773E0000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Process C:\Windows\system32\taskeng.exe (Task Scheduler Engine/Microsoft Corporation) 3352
Library C:\Windows\system32\taskeng.exe (Task Scheduler Engine/Microsoft Corporation) 0x00B00000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x772B0000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x75DC0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x77410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x75BF0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x75C80000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76650000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x75EA0000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x757F0000
Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) &
-
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x75D30000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74C80000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x75420000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x76210000
Library C:\Windows\system32\wbem\wbemprox.dll (WMI/Microsoft Corporation) 0x6E7A0000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74F00000
Library C:\Windows\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x6E230000
Library C:\Windows\system32\wbem\wmiutils.dll (WMI/Microsoft Corporation) 0x6DE40000
Library C:\Windows\system32\wbem\WmiPerfClass.dll (WbemPerf V2 Class Provider/Microsoft Corporation) 0x6CD10000
Library C:\Windows\system32\pdh.dll (Windows Performance Data Helper DLL/Microsoft Corporation) 0x6CC30000
Library C:\Windows\system32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x75220000
Library C:\Windows\system32\wbem\wmiprov.dll (WMI/Microsoft Corporation) 0x6CB90000
Library C:\Windows\system32\WMI.dll (WMI DC and DP functionality/Microsoft Corporation) 0x71190000
Library C:\Windows\system32\netfxperf.dll (netfxperf.lib/Microsoft Corporation) 0x79FD0000
Library C:\Windows\system32\mscoree.dll (Microsoft .NET Runtime Execution Engine/Microsoft Corporation) 0x6C7D0000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x774B0000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x748C0000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\perfcounter.dll (Microsoft performance counter extension for .NET Runtime/Microsoft Corporation) 0x640D0000
Library C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x71AA0000
Library C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll (Microsoft .NET Runtime Common Language Runtime - WorkStation/Microsoft Corporation) 0x6BCB0000
Library C:\Windows\system32\emdmgmt.dll (ReadyBoost Service/Microsoft Corporation) 0x6F2A0000
Library C:\Windows\system32\WDSCORE.dll (Panther Engine Module/Microsoft Corporation) 0x70930000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x767A0000
Library C:\Windows\system32\SLWGA.dll (Software Licensing WGA API/Microsoft Corporation) 0x732C0000
Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x760D0000
Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x76460000
Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x74C50000
Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x75260000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x75A30000
Library C:\Windows\system32\esentprf.dll (Extensible Storage Engine Performance Monitoring Library for Microsoft(R) Windows(R)/Microsoft Corporation) 0x6CBE0000
Library C:\Windows\system32\msdtcuiu.DLL (MS DTCadministrative component DLL/Microsoft Corporation) 0x6C750000
Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x73D70000
Library C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation) 0x6C6C0000
Library C:\Windows\system32\MTXCLU.DLL (MS DTC amd MTS clustering support DLL/Microsoft Corporation) 0x6C670000
Library C:\Windows\system32\CLUSAPI.dll (Cluster API Library/Microsoft Corporation) 0x73850000
Library C:\Windows\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x75470000
Library C:\Windows\system32\ACTIVEDS.dll (ADs Router Layer DLL/Microsoft Corporation) 0x733F0000
Library C:\Windows\system32\adsldpc.dll (ADs LDAP Provider C DLL/Microsoft Corporation) 0x733B0000
Library C:\Windows\system32\credui.dll (Credential Manager User Interface/Microsoft Corporation) 0x73380000
Library C:\Windows\system32\RESUTILS.dll (Microsoft Cluster Resource Utility DLL/Microsoft Corporation) 0x73670000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75810000
Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75070000
Library C:\Windows\system32\bcrypt.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x750D0000
Library C:\Windows\system32\ktmw32.dll (Windows KTM Win32 Client DLL/Microsoft Corporation) 0x73AC0000
Library C:\Windows\system32\msscntrs.dll (msscntrs.dll/Microsoft Corporation) 0x6CBD0000
Library C:\PROGRA~1\MICROS~2\Office12\OLMAPI32.DLL (Extended MAPI 1.0 for Windows NT/Microsoft Corporation) 0x6B9C0000
Library C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation) 0x698E0000
Library C:\Windows\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x71520000
Library C:\Windows\system32\perfnet.dll (Windows Network Service Performance Objects DLL/Microsoft Corporation) 0x6CBC0000
Library C:\Windows\system32\perfos.dll (Windows System Performance Objects DLL/Microsoft Corporation) 0x6C7C0000
Library C:\Windows\system32\perfproc.dll (Windows System Process Performance Objects DLL/Microsoft Corporation) 0x6C7B0000
Library C:\Windows\system32\pacerprf.dll (Microsoft® Windows(TM) PSched Performance Monitor/Microsoft Corporation) 0x6C7A0000
Library C:\Windows\system32\TRAFFIC.dll (Microsoft Traffic Control 1.0 DLL/Microsoft Corporation) 0x6CD60000
Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x751F0000
Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x751B0000
Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x751A0000
Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75170000
Library C:\Windows\system32\rasctrs.dll (Windows NT Remote Access Perfmon Counter dll/Microsoft Corporation) 0x6C620000
Library C:\Windows\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x6F350000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75400000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75090000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x74D10000
Library C:\Windows\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x74F40000
Library C:\Windows\system32\winspool.drv (Windows Spooler Driver/Microsoft Corporation) 0x73ED0000
Library C:\Windows\system32\tapiperf.dll (Microsoft® Windows(TM) Telephony Performance Monitor/Microsoft Corporation) 0x6C610000
Library C:\Windows\system32\tapi32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation) 0x6F140000
Library C:\Windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x74380000
Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x74080000
Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x74040000
Library C:\Windows\system32\Perfctrs.dll (Performance Counters/Microsoft Corporation) 0x6C600000
Library C:\Windows\system32\perfts.dll (Windows Terminal Services Performance Objects/Microsoft Corporation) 0x6C5F0000
Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x750A0000
Library C:\Windows\system32\UTILDLL.dll (WinStation utility support DLL/Microsoft Corporation) 0x6C790000
Library C:\Windows\system32\usbperf.dll (USB Performance Objects DLL/Microsoft Corporation) 0x6C5D0000
Library C:\Program Files\VMware\VMware Player\vmPerfmon.dll (vmwarePerfmon DLL/VMware, Inc.) 0x69500000
Library C:\Windows\system32\wbem\wmiaprpl.dll (WMI Performance Reverse Adapter/Microsoft Corporation) 0x6C590000
Library C:\Windows\system32\loadperf.dll (Load & Unload Performance Counters/Microsoft Corporation) 0x6C5B0000
Library C:\Windows\system32\tquery.dll (tquery.dll/Microsoft Corporation) 0x6E4E0000
Library C:\Windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x73F20000
Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x74AB0000
Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x75C40000
Library C:\Windows\system32\query.dll (Content Index Utility DLL/Microsoft Corporation) 0x6E380000
---- Services - GMER 1.0.15 ----
Service .NET CLR Data
Service .NET CLR Networking
Service .NET Data Provider for Oracle
Service .NET Data Provider for SqlServer
Service .NETFramework
Service C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe (CMSPCSUtilSvc/SprintNextel) [AUTO] Access Utility Service
Service C:\Windows\system32\drivers\acpi.sys (ACPI Driver for NT/Microsoft Corporation) [BOOT] ACPI
Service C:\Windows\system32\drivers\adp94xx.sys (Adaptec Windows SAS/SATA Storport Driver/Adaptec, Inc.) [DISABLED] adp94xx
Service C:\Windows\system32\drivers\adpahci.sys (Adaptec Windows SATA Storport Driver/Adaptec, Inc.) [DISABLED] adpahci
Service C:\Windows\system32\drivers\adpu160m.sys (Adaptec LH Ultra160 Driver (x86)/Adaptec, Inc.) [DISABLED] adpu160m
Service C:\Windows\system32\drivers\adpu320.sys (Adaptec StorPort Ultra320 SCSI Driver/Adaptec, Inc.) [DISABLED] adpu320
Service adsi
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] AeLookupSvc
Service C:\Windows\system32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service C:\Windows\system32\drivers\agp440.sys (440 NT AGP Filter/Microsoft Corporation) [MANUAL] agp440
Service C:\Windows\system32\drivers\djsvs.sys (Adaptec Ultra SCSI miniport/Adaptec, Inc.) [DISABLED] aic78xx
Service C:\Windows\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG
Service C:\Windows\system32\drivers\aliide.sys (ALi mini IDE Driver/Acer Laboratories Inc.) [DISABLED] aliide
Service C:\Windows\system32\drivers\amdagp.sys (AMD NT AGP Filter/Microsoft Corporation) [MANUAL] amdagp
Service C:\Windows\system32\drivers\amdide.sys (AMD IDE Driver/Microsoft Corporation) [DISABLED] amdide
Service C:\Windows\system32\drivers\amdk7.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] AmdK7
Service C:\Windows\system32\drivers\amdk8.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] AmdK8
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Appinfo
Service C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) [AUTO] Apple Mobile Device
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] AppMgmt
Service C:\Windows\system32\drivers\arc.sys (Adaptec RAID Storport Driver/Adaptec, Inc.) [DISABLED] arc
Service C:\Windows\system32\drivers\arcsas.sys (Adaptec SAS RAID WS03 Driver/Adaptec, Inc.) [DISABLED] arcsas
Service C:\??\C:\Program Files\ASTRA32\ASTRA32.sys [AUTO] ASTRA32
Service C:\Windows\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\Windows\system32\drivers\atapi.sys (ATAPI IDE Miniport Driver/Microsoft Corporation) &
-
Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Activation Licensing Service/Macrovision Europe Ltd.) [MANUAL] FLEXnet Licensing Service
Service C:\Windows\system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation) [MANUAL] flpydisk
Service C:\Windows\system32\drivers\fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr
Service C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (PresentationFontCache.exe/Microsoft Corporation) [MANUAL] FontCache3.0.0.0
Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec
Service C:\Windows\System32\DRIVERS\fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) [BOOT] fvevol
Service C:\Windows\system32\drivers\gagp30kx.sys (MS Generic AGPv3.0 Filter for K8/9 Processor Platforms/Microsoft Corporation) [MANUAL] gagp30kx
Service C:\??\C:\Windows\gdrv.sys [MANUAL] gdrv
Service C:\Windows\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc.) [MANUAL] GEARAspiWDM
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] gpsvc
Service C:\Windows\system32\drivers\ha10kx2k.sys (Creative EMU10KX HAL (WDM)/Creative Technology Ltd) [MANUAL] ha10kx2k
Service C:\Windows\system32\DRIVERS\hamachi.sys (Hamachi Virtual Network Interface Driver/LogMeIn, Inc.) [MANUAL] hamachi
Service C:\Windows\system32\drivers\hap16v2k.sys (Creative EMU10KX-P16v HAL (WDM)/Creative Technology Ltd) [MANUAL] hap16v2k
Service C:\Windows\system32\drivers\hap17v2k.sys (Creative EMU10KX-P17v HAL (WDM)/Creative Technology Ltd) [MANUAL] hap17v2k
Service C:\??\C:\Windows\system32\drivers\hcmon.sys [AUTO] hcmon
Service C:\Windows\system32\drivers\HdAudio.sys (High Definition Audio Function Driver/Microsoft Corporation) [MANUAL] HdAudAddService
Service C:\Windows\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver/Microsoft Corporation) [MANUAL] HDAudBus
Service C:\Windows\system32\drivers\hidbth.sys (Bluetooth Miniport Driver for HID Devices/Microsoft Corporation) [DISABLED] HidBth
Service C:\Windows\system32\drivers\hidir.sys (Infrared Miniport Driver for Input Devices/Microsoft Corporation) [DISABLED] HidIr
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] hidserv
Service C:\Windows\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidUsb
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] hkmsvc
Service C:\Windows\system32\drivers\hpcisss.sys (Smart Array Storport Driver/Hewlett-Packard Company) [DISABLED] HpCISSs
Service C:\Windows\system32\drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP
Service C:\Windows\system32\drivers\i2omp.sys (I2O Miniport Driver/Microsoft Corporation) [DISABLED] i2omp
Service C:\Windows\system32\DRIVERS\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) [DISABLED] i8042prt
Service C:\Windows\system32\drivers\iastorv.sys (Intel Matrix Storage Manager driver (base)/Intel Corporation) [DISABLED] iaStorV
Service C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT
Service C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Windows CardSpace/Microsoft Corporation) [MANUAL] idsvc
Service C:\Windows\system32\drivers\iirsp.sys (Intel/ICP Raid Storport Driver/Intel Corp./ICP vortex GmbH) [DISABLED] iirsp
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] IKEEXT
Service inetaccs
Service C:\Windows\system32\drivers\intelide.sys (Intel PCI IDE Driver/Microsoft Corporation) [DISABLED] intelide
Service C:\Windows\system32\DRIVERS\intelppm.sys (Processor Device Driver/Microsoft Corporation) [MANUAL] intelppm
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] IPBusEnum
Service C:\Windows\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] iphlpsvc
Service system32\DRIVERS\ipinip.sys [MANUAL] IpInIp
Service C:\Windows\system32\drivers\ipmidrv.sys (WMI IPMI DRIVER/Microsoft Corporation) [DISABLED] IPMIDRV
Service C:\Windows\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IPNAT
Service C:\Program Files\iPod\bin\iPodService.exe (iPodService Module/Apple Inc.) [MANUAL] iPod Service
Service C:\Windows\system32\drivers\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service C:\Windows\system32\drivers\isapnp.sys (PNP ISA Bus Driver/Microsoft Corporation) [DISABLED] isapnp
Service C:\Windows\system32\DRIVERS\msiscsi.sys (Microsoft iSCSI Initiator Driver/Microsoft Corporation) [MANUAL] iScsiPrt
Service C:\??\C:\Program Files\UltraISO\drivers\ISODrive.sys [SYSTEM] ISODrive
Service C:\Windows\system32\drivers\iteatapi.sys (ITE IT8211 ATA/ATAPI SCSI miniport/Integrated Technology Express, Inc.) [DISABLED] iteatapi
Service C:\Windows\system32\drivers\iteraid.sys (ITE IT8212 ATA RAID SCSI miniport/Integrated Technology Express, Inc.) [DISABLED] iteraid
Service C:\Windows\system32\DRIVERS\jraid.sys (JMicron JMB36X RAID Driver/JMicron Technology Corp.) [BOOT] JRAID
Service C:\Windows\system32\DRIVERS\kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) [SYSTEM] kbdclass
Service C:\Windows\system32\DRIVERS\kbdhid.sys (HID Keyboard Filter Driver/Microsoft Corporation) [SYSTEM] kbdhid
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] KeyIso
Service C:\Windows\system32\DRIVERS\kl1.sys (Kaspersky Unified Driver/Kaspersky Lab) [SYSTEM] kl1
Service C:\Windows\system32\drivers\klbg.sys (Kaspersky Lab Boot Guard Driver/Kaspersky Lab) [BOOT] klbg
Service C:\Windows\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) [SYSTEM] KLIF
Service C:\Windows\system32\DRIVERS\klim6.sys (Kaspersky Lab Intermediate Network Driver/Kaspersky Lab) [SYSTEM] KLIM6
Service C:\Windows\system32\DRIVERS\klmouflt.sys (KLMOUFLT Mouse Device Filter [fre_wlh_x86]/Kaspersky Lab) [MANUAL] klmouflt
Service C:\Windows\System32\Drivers\ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] KtmRm
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] LanmanServer
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] LanmanWorkstation
Service system32\DRIVERS\Lbd.sys [BOOT] Lbd
Service ldap
Service C:\Windows\system32\DRIVERS\lltdio.sys (Link-Layer Topology Mapper I/O Driver/Microsoft Corporation) [AUTO] lltdio
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] lltdsvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] lmhosts
Service Lsa
Service C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic Fusion-MPT FC Driver (StorPort)/LSI Logic) [DISABLED] LSI_FC
Service C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic Fusion-MPT SAS Driver (StorPort)/LSI Logic) [DISABLED] LSI_SAS
Service C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic Fusion-MPT SCSI Driver (StorPort)/LSI Logic) [DISABLED] LSI_SCSI
Service C:\Windows\system32\drivers\luafv.sys (LUA File Virtualization Filter Driver/Microsoft Corporation) [AUTO] luafv
Service C:\Windows\system32\drivers\MTiCtwl.sys (MagicTunePremium Driver/Samsung Electronics, Inc. ) [SYSTEM] MagicTune
Service C:\Windows\system32\DRIVERS\MarvinBus.sys (Pinnacle Marvin Discrete Bus Enumerator/Pinnacle Systems GmbH) [MANUAL] MarvinBus
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] Mcx2Svc
Service C:\Windows\system32\drivers\megasas.sys (MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x86/LSI Corporation) [DISABLED] megasas
Service C:\Windows\system32\drivers\megasr.sys (LSI MegaRAID Software RAID Driver/LSI Corporation, Inc.) [DISABLED] MegaSR
Service C:\Windows\system32\270.tmp [MANUAL] MEMSWEEP2
Service Messenger
Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Groove Audit Service/Microsoft Corporation) [MANUAL] Microsoft Office Groove Audit Service
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MMCSS
Service C:\Windows\system32\drivers\modem.sys (Modem Device Driver/Microsoft Corporation) [MANUAL] Modem
Service C:\Windows\system32\DRIVERS\monitor.sys (Monitor Driver/Microsoft Corporation) [MANUAL] monitor
Service C:\Windows\system32\DRIVERS\motmodem.sys (Motorola USB Modem and Ports Driver/Motorola) [MANUAL] motmodem
Service C:\Windows\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) [SYSTEM] mouclass
Service C:\Windows\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) [MANUAL] mouhid
Service C:\Windows\System32\drivers\mountmgr.sys (Mount Point Manager/Microsoft Corporation) [BOOT] MountMgr
Service C:\Windows\system32\drivers\mpio.sys (MultiPath Support Bus-Driver/Microsoft Corporation) [DISABLED] mpio
Service C:\Windows\System32\drivers\mpsdrv.sys (Microsoft Protection Service Driver/Microsoft Corporation) [MANUAL] mpsdrv
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MpsSvc
Service C:\Windows\system32\drivers\mraid35x.sys (MegaRAID RAID Controller Driver for Windows Vista/Longhorn for x86/LSI Logic Corporation) [DISABLED] Mraid35x
Service C:\Windows\system32\drivers\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\Windows\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [MANUAL] mrxsmb
Service C:\Windows\system32\DRIVERS\mrxsmb10.sys (Longhorn SMB Downlevel SubRdr/Microsoft Corporation) [MANUAL] mrxsmb10
Service C:\Windows\system32\DRIVERS\mrxsmb20.sys (Longhorn SMB 2.0 Redirector/Microsoft Corporation) [MANUAL] mrxsmb20
Service C:\Windows\system32\drivers\msahci.sys (MS AHCI 1.0 Standard Driver/Microsoft Corporation) [DISABLED] msahci
Service C:\Windows\system32\drivers\msdsm.sys (Microsoft Device Specific Module/Microsoft Corporation) [DISABLED] msdsm
Service C:\Windows\System32\msdtc.exe (MS DTCconsole program/Microsoft Corporation) [MANUAL] MSDTC
Service MSDTC Bridge 3.0.0.0
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\Windows\system32\drivers\msisadrv.sys (ISA Driver/Microsoft Corporation) [BOOT] msisadrv
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] MSiSCSI
Service C:\Windows\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] msiserver
Service C:\Windows\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\Windows\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\Windows\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service (Kernel Remote Procedure Call Provider/Microsoft Corporation) [MANUAL] MsRPC
Service MSSCNTRS
Service C:\Windows\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service C:\Windows\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE
Service C:\Windows\System32\Drivers\mup.sys (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] napagent
Service C:\Windows\system32\DRIVERS\nwifi.sys (NativeWiFi Miniport Driver/Microsoft Corporation) [MANUAL] NativeWifiP
Service C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero BackItUp/Nero AG) [MANUAL] NBService
Service C:\Windows\system32\drivers\ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation)
-
Service C:\Windows\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr
Service C:\Windows\system32\drivers\rdpencdd.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPENCDD
Service RDPNP
Service (RDP Terminal Stack Driver/Microsoft Corporation) [MANUAL] RDPWD
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RemoteRegistry
Service C:\Program Files\CyberLink\Shared files\RichVideo.exe [AUTO] RichVideo
Service C:\??\C:\Program Files\RivaTuner v2.22\RivaTuner32.sys [MANUAL] RivaTuner32
Service C:\Windows\System32\Drivers\RootMdm.sys (Legacy Non-Pnp Modem Device Driver/Microsoft Corporation) [MANUAL] ROOTMODEM
Service C:\Windows\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\Windows\system32\DRIVERS\rspndr.sys (Link-Layer Topology Responder Driver for NDIS 6/Microsoft Corporation) [AUTO] rspndr
Service C:\Windows\system32\DRIVERS\Rtlh86.sys (Realtek 8136/8168/8169 NDIS6 32-bit Driver /Realtek ) [MANUAL] RTL8169
Service C:\Windows\system32\DRIVERS\RtTeam60.sys (Realtek NDIS 6.0 Intermediate Miniport Driver for Teaming/Realtek Corporation) [MANUAL] RTTEAMPT
Service C:\Windows\system32\DRIVERS\RtVlan60.sys (Sample NDIS 6.0 Intermediate Miniport Driver/Windows (R) Codename Longhorn DDK provider) [MANUAL] RTVLANPT
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [AUTO] SamSs
Service C:\??\C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home XII.SP2c\WNt500x86\Sandra.sys [MANUAL] SANDRA
Service C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home XII.SP2c\RpcAgentSrv.exe (SiSoftware Deployment Agent Service (NT)(Unicode)/SiSoftware) [AUTO] SandraAgentSrv
Service C:\Windows\system32\drivers\sbp2port.sys (SBP-2 Protocol Driver/Microsoft Corporation) [DISABLED] sbp2port
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SCardSvr
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Schedule
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SCPolicySvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SDRSVC
Service (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] secdrv
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] seclogon
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SENS
Service C:\Windows\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] Serenum
Service C:\Windows\system32\DRIVERS\serial.sys (Serial Device Driver/Microsoft Corporation) [SYSTEM] Serial
Service C:\Windows\system32\drivers\sermouse.sys (Serial Mouse Filter Driver/Microsoft Corporation) [DISABLED] sermouse
Service ServiceModelEndpoint 3.0.0.0
Service ServiceModelOperation 3.0.0.0
Service ServiceModelService 3.0.0.0
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SessionEnv
Service C:\Windows\system32\drivers\sffdisk.sys (Small Form Factor Disk Driver/Microsoft Corporation) [DISABLED] sffdisk
Service C:\Windows\system32\drivers\sffp_mmc.sys (Small Form Factor MMC Protocol Driver/Microsoft Corporation) [MANUAL] sffp_mmc
Service C:\Windows\system32\drivers\sffp_sd.sys (Small Form Factor SD Protocol Driver/Microsoft Corporation) [MANUAL] sffp_sd
Service C:\Windows\system32\DRIVERS\sfloppy.sys (SCSI Floppy Driver/Microsoft Corporation) [MANUAL] sfloppy
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SharedAccess
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ShellHWDetection
Service C:\Windows\system32\drivers\sisagp.sys (SIS NT AGP Filter/Microsoft Corporation) [MANUAL] sisagp
Service C:\Windows\system32\drivers\sisraid2.sys (SiS RAID Stor Miniport Driver/Microsoft Corporation) [DISABLED] SiSRaid2
Service C:\Windows\system32\drivers\sisraid4.sys (SiS AHCI Stor-Miniport Driver/Silicon Integrated Systems) [DISABLED] SiSRaid4
Service C:\Windows\system32\SLsvc.exe (Microsoft Software Licensing Service/Microsoft Corporation) [AUTO] slsvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SLUINotify
Service C:\Windows\system32\DRIVERS\smb.sys (SMB Transport driver/Microsoft Corporation) [SYSTEM] Smb
Service SMSvcHost 3.0.0.0
Service C:\Windows\System32\snmptrap.exe (SNMP Trap/Microsoft Corporation) [MANUAL] SNMPTRAP
Service (loader for security processor/Microsoft Corporation) [BOOT] spldr
Service C:\Windows\System32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\Windows\System32\Drivers\sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) [DISABLED] sptd
Service C:\Windows\System32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] srv
Service C:\Windows\System32\DRIVERS\srv2.sys (Smb 2.0 Server driver/Microsoft Corporation) [MANUAL] srv2
Service C:\Windows\System32\DRIVERS\srvnet.sys (Server Network driver/Microsoft Corporation) [MANUAL] srvnet
Service C:\Windows\system32\DRIVERS\sscdbus.sys (SAMSUNG USB Composite Device Driver/MCCI) [MANUAL] sscdbus
Service C:\Windows\system32\DRIVERS\sscdmdfl.sys (SAMSUNG CDMA Modem Filter Driver/MCCI) [MANUAL] sscdmdfl
Service C:\Windows\system32\DRIVERS\sscdmdm.sys (SAMSUNG CDMA Modem WDM/MCCI) [MANUAL] sscdmdm
Service C:\Windows\system32\DRIVERS\sscdserd.sys (SAMSUNG CDMA Modem Diagnostic Serial Port Device Driver/MCCI) [MANUAL] sscdserd
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SSDPSRV
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SstpSvc
Service C:\Program [MANUAL] Steam Client Service
Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Stereo Vision Control Panel API Server/NVIDIA Corporation) [AUTO] Stereo Service
Service C:\Windows\system32\DRIVERS\serscan.sys (Serial Imaging Device Driver/Microsoft Corporation) [MANUAL] StillCam
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] stisvc
Service C:\Windows\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] swprv
Service C:\Windows\system32\drivers\symc8xx.sys (LSI Logic 8XX SCSI Miniport Driver/LSI Logic) [DISABLED] Symc8xx
Service C:\Windows\system32\drivers\sym_hi.sys (LSI Logic Hi-Perf SCSI Miniport Driver/LSI Logic) [DISABLED] Sym_hi
Service C:\Windows\system32\drivers\sym_u3.sys (LSI Logic Ultra160 SCSI Miniport Driver/LSI Logic) [DISABLED] Sym_u3
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SysMain
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TabletInputService
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TBS
Service C:\Windows\System32\drivers\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [BOOT] Tcpip
Service C:\Windows\system32\DRIVERS\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [MANUAL] Tcpip6
Service C:\Windows\System32\drivers\tcpipreg.sys (TCP/IP Registry Compatibility Driver/Microsoft Corporation) [AUTO] tcpipreg
Service C:\Windows\system32\drivers\tdpipe.sys (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service C:\Windows\system32\drivers\tdtcp.sys (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\Windows\system32\DRIVERS\tdx.sys (TDI Translation Driver/Microsoft Corporation) [SYSTEM] tdx
Service C:\Windows\system32\DRIVERS\RtTeam60.sys (Realtek NDIS 6.0 Intermediate Miniport Driver for Teaming/Realtek Corporation) [MANUAL] TEAM
Service C:\Windows\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TermService
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Themes
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] THREADORDER
Service C:\Windows\system32\drivers\TotRec7.sys (Total Recorder WDM audio driver/High Criteria inc.) [MANUAL] TotRec7
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TrkWks
Service C:\Windows\System32\drivers\truecrypt.sys (TrueCrypt Driver/TrueCrypt Foundation) [SYSTEM] truecrypt
Service C:\Windows\servicing\TrustedInstaller.exe (Windows Modules Installer/Microsoft Corporation) [MANUAL] TrustedInstaller
Service TSDDD
Service C:\Windows\System32\DRIVERS\tssecsrv.sys (TS Security Filter Driver/Microsoft Corporation) [MANUAL] tssecsrv
Service C:\Windows\system32\DRIVERS\tunmp.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) [MANUAL] tunmp
Service C:\Windows\system32\DRIVERS\tunnel.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) [MANUAL] tunnel
Service C:\Windows\system32\drivers\uagp35.sys (MS AGPv3.5 Filter/Microsoft Corporation) [MANUAL] uagp35
Service C:\Windows\system32\DRIVERS\udfs.sys (UDF File System Driver/Microsoft Corporation) [DISABLED] udfs
Service C:\Program Files\VMware\VMware Player\vmware-ufad.exe (VMware Host Process for Ufa Services/VMware, Inc.) [MANUAL] ufad-ws60
Service UGatherer
Service UGTHRSVC
Service C:\Windows\system32\UI0Detect.exe (Interactive services detection/Microsoft Corporation) [MANUAL] UI0Detect
Service C:\Windows\system32\drivers\uliagpkx.sys (ULi AGPv3.0 Filter for K8/9 Processor Platforms/Microsoft Corporation) [MANUAL] uliagpkx
Service C:\Windows\system32\drivers\uliahci.sys (ULi SATA Controller Driver/ULi Electronics Inc.) [DISABLED] uliahci
Service C:\Windows\system32\drivers\ulsata.sys (Promise Ultra/Sata Series Driver for Win2003/Promise Technology, Inc.) [DISABLED] UlSata
Service C:\Windows\system32\drivers\ulsata2.sys (Promise SATAII150 Series Windows Drivers/Promise Technology, Inc.) [DISABLED] ulsata2
Service C:\Windows\system32\DRIVERS\umbus.sys (User-Mode Bus Enumerator/Microsoft Corporation) [MANUAL] umbus
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] UmRdpService
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] upnphost
Service usb
Service C:\Windows\System32\Drivers\usbaapl.sys (Apple Mobile Device USB Driver/Apple, Inc.) [MANUAL] USBAAPL
Service C:\Windows\system32\drivers\usbaudio.sys (USB Audio Class Driver/Microsoft Corporation) [MANUAL] usbaudio
Service C:\Windows\system32\DRIVERS\lgusbbus.sys (LG CDMA USB Multi function Driver/LG Electronics Inc.) [MANUAL] usbbus
Service C:\Windows\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp
Service C:\Windows\system32\drivers\usbcir.sys (USB Consumer IR Driver for eHome/Microsoft Corporation) [DISABLED] usbcir
Service C:\Windows\system32\DRIVERS\lgusbdiag.sys (LG CDMA USB Diagnostics Driver/LG Electronics Inc.) [MANUAL] UsbDiag
Service C:\Windows\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation)
-
Service C:\Program Files\Windows Media Player\wmpnetwk.exe (Windows Media Player Network Sharing Service/Microsoft Corporation) [MANUAL] WMPNetworkSvc
Service C:\Windows\system32\drivers\WmVirHid.sys (Logitech WingMan Virtual Hid Device Driver/Logitech Inc.) [MANUAL] WmVirHid
Service C:\Windows\system32\drivers\WmXlCore.sys (Logitech WingMan Translation Driver/Logitech Inc.) [MANUAL] WmXlCore
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WPCSvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] WPDBusEnum
Service C:\Windows\system32\DRIVERS\wpdusb.sys (WPD USB Driver/Microsoft Corporation) [MANUAL] WpdUsb
Service C:\Windows\system32\drivers\ws2ifsl.sys (Winsock2 IFS Layer/Microsoft Corporation) [SYSTEM] ws2ifsl
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wscsvc
Service C:\Windows\system32\SearchIndexer.exe (Microsoft Windows Search Indexer/Microsoft Corporation) [AUTO] WSearch
Service WSearchIdxPi
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wuauserv
Service C:\Windows\system32\DRIVERS\WUDFRd.sys (Windows Driver Foundation - User-mode Driver Framework Reflector/Microsoft Corporation) [MANUAL] WUDFRd
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wudfsvc
Service xmlprov
Service {221A22F6-DE83-4FEE-95FE-8A699C8394D8}
Service {2ACA1F88-ED3C-444F-96C6-73CE26A2ED07}
Service {581CF5C4-4998-4834-9A9E-31B16E4652DD}
Service {C9366D02-C371-4552-B5AC-B2D2A97F11E5}
---- EOF - GMER 1.0.15 ----
-
I am just going to step in here for a moment.
Delete your copy of GMER, and download a new one from here: http://www2.gmer.net/gmer.zip
Launch GMER and in the right panel, untick all except the following:- Sections
- IAT/EAT
- Services
- Show All
Then click the scan button & show me the log it produces.
-
Hi Dragonmasterjay I was hoping I would hear from you sooner or later. I had the same problem with this new version of GMER locking up my system about 5 seconds after the scan completed. I was able to get a log though:
(Broken up due to 50000 character limit)
GMER 1.0.15.15281 - http://www.gmer.netRootkit scan 2010-04-23 20:23:41
Windows 6.0.6001 Service Pack 1
Running: gmer.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\pggdikod.sys
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!RtlPrefetchMemoryNonTemporal 85EA2068 1 Byte [90]
.text ntkrnlpa.exe!ZwQueryLicenseValue + D21 85EA5BD9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 4FA 85F02EEA 18 Bytes [E0, 25, 7F, FF, FF, FF, 0F, ...]
.text ntkrnlpa.exe!KiDispatchInterrupt + 512 85F02F02 1 Byte [00]
.text ntkrnlpa.exe!KeSetTimerEx + 34C 85F06A10 4 Bytes [D0, FB, 58, 96] {SAR BL, 0x1; POP EAX; XCHG ESI, EAX}
.text ntkrnlpa.exe!KeSetTimerEx + 370 85F06A34 8 Bytes [2C, 15, 59, 96, 82, 17, 59, ...] {SUB AL, 0x15; POP ECX; XCHG ESI, EAX; ADC BYTE [EDI], 0x59; XCHG ESI, EAX}
.text ntkrnlpa.exe!KeSetTimerEx + 3B4 85F06A78 4 Bytes [FC, 19, 59, 96] {CLD ; SBB [ECX-0x6a], EBX}
.text ntkrnlpa.exe!KeSetTimerEx + 3DC 85F06AA0 4 Bytes [50, 04, 59, 96] {PUSH EAX; ADD AL, 0x59; XCHG ESI, EAX}
.text ntkrnlpa.exe!KeSetTimerEx + 3F4 85F06AB8 4 Bytes [32, 0B, 59, 96] {XOR CL, [EBX]; POP ECX; XCHG ESI, EAX}
.text ...
PAGE spsys.sys!?SPVersion@@3PADA + 1A67 8244F03F 105 Bytes [8B, FF, 55, 8B, EC, 8B, 45, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 1AD1 8244F0A9 134 Bytes [82, 8B, C1, F0, 0F, B1, 16, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 1B58 8244F130 6 Bytes [0E, 83, 78, 14, 01, 75]
PAGE spsys.sys!?SPVersion@@3PADA + 1B5F 8244F137 2214 Bytes [83, 78, 18, 37, 75, 02, B3, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 2406 8244F9DE 47 Bytes [04, BB, A8, 01, 00, 00, 8D, ...]
PAGE ...
---- User code sections - GMER 1.0.15 ----
.text C:\Windows\System32\spoolsv.exe[1836] msonpmon.dll!InitializePrintMonitor2 + FFFFF09C 72391418 4 Bytes [D0, D4, 98, EA]
.text C:\Windows\System32\spoolsv.exe[1836] msonpppr.dll!EnumPrintProcessorDatatypesW + FFFFCA40 71E612FC 4 Bytes [B0, B8, 96, EA]
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] C:\Windows\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: 32.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] USER32.dll!GetAppCompatFlags2 + 880 77CB6390 4 Bytes [70, 11, 33, 6D]
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\Windows\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: 32.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] USER32.dll!GetAppCompatFlags2 + 880 77CB6390 4 Bytes [70, 11, 33, 6D]
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\klavemu.kdl section is writeable [0x38401000, 0x17C000, 0xE0000020]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\klavemu.kdl entry point in ".pklav" section [0x3870B1A8]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\klavemu.kdl unknown last code section [0x3870B000, 0x2000, 0xE00000E0]
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kjim.kdl section is writeable [0x38801000, 0x6E000, 0xE0000020]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kjim.kdl entry point in ".pklav" section [0x38978118]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kjim.kdl unknown last code section [0x38978000, 0x2000, 0xE00000E0]
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\mark.kdl section is writeable [0x38301000, 0x1F000, 0xE0000020]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\mark.kdl entry point in ".pklav" section [0x3832B1E0]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\mark.kdl unknown last code section [0x3832B000, 0x2000, 0xE00000E0]
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\qscan.kdl section is writeable [0x38C01000, 0x7B000, 0xE0000020]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\qscan.kdl entry point in ".pklav" section [0x38C9317C]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\qscan.kdl unknown last code section [0x38C93000, 0x2000, 0xE00000E0]
CODE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avzkrnl.dll entry point in "CODE" section [0x6D1E6CB4]
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kavsys.kdl section is writeable [0x38D01000, 0x1E000, 0xE0000020]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kavsys.kdl entry point in ".pklav" section [0x38D2B260]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kavsys.kdl unknown last code section [0x38D2B000, 0x2000, 0xE00000E0]
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\webav.kdl number of sections mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\webav.kdl section is writeable [0x10001000, 0x26000, 0xE0000020]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\webav.kdl entry point in ".pklav" section [0x1002E110]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] C:\ProgramData\Kaspersky Lab\AVP9\Bases\webav.kdl unknown last code section [0x1002E000, 0x2000, 0xE00000E0]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] mshtml.dll!IERegisterXMLNS + FFC9943E 6DCEC2A0 4 Bytes [40, 09, CB, 70]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] mshtml.dll!IERegisterXMLNS + FFC9945A 6DCEC2BC 16 Bytes [B0, 09, CB, 70, 20, 0A, CB, ...]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] mshtml.dll!DllGetClassObject + E81B 6DCFBC30 4 Bytes [10, 07, CB, 70]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] mshtml.dll!DllGetClassObject + E833 6DCFBC48 4 Bytes [80, 07, CB, 70]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] mshtml.dll!DllGetClassObject + C41BF 6DDB15D4 4 Bytes [70, 04, CB, 70]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] mshtml.dll!DllGetClassObject + C41DB 6DDB15F0 16 Bytes [E0, 04, CB, 70, 50, 05, CB, ...]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] mshtml.dll!DllGetClassObject + CD237 6DDBA64C 4 Bytes [A0, 06, CB, 70]
? C:\Program Files\Windows Sidebar\sidebar.exe[2532] C:\Windows\system32\ieframe.dll time/date stamp mismatch; unknown module: IEFRAME.dllunknown module: MSIMG32.dllunknown module: VERSION.dllunknown module: WINMM.dllunknown module: MPR.dllunknown module: OCCACHE.dllunknown module: urlmon.dllunknown module: OLEACC.dllunknown module: MLANG.dllunknown module: CRYPTUI.dllunknown module: WINTRUST.dllunknown module: IMM32.dllunknown module: msi.dllunknown module: MSHTML.dllunknown module: INETCOMM.dllunknown module: MSRATING.dllunknown module: gdiplus.dllunknown module: UxTheme.dllunknown module: IEUI.dllunknown module: msfeeds.dllunknown module: RASAPI32.dllunknown module: USP10.dllunknown module: credui.dllunknown module: IEShims.dllunknown module: wer.dllunknown module: OLEAUT32.dllunknown module: iertutil.dllunknown module: ieframe.dll)),argb(0,0,0,0))" /></if> <if keyfocused="true"><button contentalign = "middlecenter | focusrect" /></if> <if pressed="true" mousefocused="true"><button background = "themeable(resbmp(0xA602,6,-1,21,20,0,0,library(ieframe.dll)),argb(0,0,0,0))" padding = "theme
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] ieframe.dll!DllCanUnloadNow + 9CCB 7021E8CC 3 Bytes [D0, 08, CB] {ROR BYTE [EAX], 0x1; RETF }
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] jscript.dll!DllRegisterServer + FFF98077 6E6B00D8 4 Bytes [80, 00, CB, 70]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] jscript.dll!DllRegisterServer + FFF9D5CB 6E6B562C 4 Bytes [20, 03, CB, 70]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] jscript.dll!DllRegisterServer + FFF9D5DF 6E6B5640 4 Bytes [90, 03, CB, 70]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] jscript.dll!DllRegisterServer + FFF9D607 6E6B5668 4 Bytes [00, 04, CB, 70]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] jscript.dll!DllGetClassObject + 67E3 6E6BD818 4 Bytes [F0, 00, CB, 70]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] jscript.dll!DllGetClassObject + 67EB 6E6BD820 8 Bytes [60, 01, CB, 70, D0, 01, CB, ...]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] jscript.dll!DllGetClassObject + 67F7 6E6BD82C 4 Bytes [40, 02, CB, 70]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] jscript.dll!DllGetClassObject + 681F 6E6BD854 4 Bytes [B0, 02, CB, 70]
.text C:\Program Files\Windows Sidebar\sidebar.exe[2532] jscript.dll!DllGetClassObject + 6B1F 6E6BDB54 4 Bytes [60, 08, CB, 70]
.text ...
UPX1 C:\Users\Administrator\Desktop\gmer.exe[3992] C:\Users\Administrator\Desktop\gmer.exe entry point in "UPX1" section [0x004B3F40]
.text C:\Windows\system32\wbem\wmiprvse.exe[4024] OLMAPI32.DLL!HrACLCopy@8 + 29CDD 6AF9BFB4 4 Bytes [C8, 80, 42, 31] {ENTER 0x4280, 0x31}
.text C:\Windows\system32\wbem\wmiprvse.exe[4024] mso.dll!_MsoFSetTooltips@4 + 1DC2A0 6927E568 4 Bytes [75, A4, 50, 31]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\System32\svchost.exe[1148] @ c:\windows\system32\RASAPI32.dll [TAPI32.dll!lineTranslateAddressW] [6FC43F8E] c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\System32\svchost.exe[1148] @ c:\windows\system32\RASAPI32.dll [TAPI32.dll!lineGetCountryW] [6FC2E2C1] c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\System32\svchost.exe[1148] @ c:\windows\system32\RASAPI32.dll [TAPI32.dll!lineGetTranslateCapsW] [6FC43B50] c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\System32\svchost.exe[1148] @ C:\Windows\System32\RASDLG.dll [TAPI32.dll!lineTranslateAddressW] [6FC43F8E] c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\System32\svchost.exe[1148] @ C:\Windows\System32\RASDLG.dll [TAPI32.dll!LOpenDialAsst] [6FC2B079] c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\System32\svchost.exe[1148] @ C:\Windows\System32\RASDLG.dll [TAPI32.dll!lineSetCurrentLocation] [6FC42833] c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\System32\svchost.exe[1148] @ C:\Windows\System32\RASDLG.dll [TAPI32.dll!lineGetCountryW] [6FC2E2C1] c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\System32\svchost.exe[1148] @ C:\Windows\System32\RASDLG.dll [TAPI32.dll!lineGetTranslateCapsW] [6FC43B50] c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\System32\svchost.exe[1148] @ C:\Windows\System32\RASDLG.dll [TAPI32.dll!lineConfigDialogW] [6FC33D76] c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\System32\svchost.exe[1148] @ C:\Windows\System32\RASDLG.dll [TAPI32.dll!lineTranslateDialogW] [6FC426BB] c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineDrop] [6FC2CB42] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineGetTranslateCapsA] [6FC43A93] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineAccept] [6FC2BD0B] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineAnswer] [6FC2BECC] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineMakeCallA] [6FC2F6CA] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineGetDevConfigA] [6FC2E83E] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineSetDevConfigA] [6FC30BD3] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineInitializeExA] [6FC259A6] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineDevSpecific] [6FC2C7BE] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineSetStatusMessages] [6FC30EFD] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineGetCallInfoA] [6FC2E10D] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1168] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineNegotiateAPIVersion] &nb
-
IAT C:\Windows\Explorer.EXE[1680] @ C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL [COMCTL32.dll!ImageList_Destroy] [75382E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [COMCTL32.dll!InitCommonControlsEx] [75371322] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipSetSmoothingMode] [74BA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDrawLineI] [74BE04E6] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipGraphicsClear] [74BE95B2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipFillEllipse] [74C31A45] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCreateRegionPath] [74C27A2F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCloneBitmapAreaI] [74BC5CD8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCloneBrush] [74C2907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCloneImage] [74BE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdiplusStartup] [74BA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipSetCompositingQuality] [74BA76C1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDrawImageRectI] [74BAB9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipSetCompositingMode] [74BA2465] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipReleaseDC] [74BCA684] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCreateFromHDC] [74B9EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipAddPathEllipseI] [74C2525C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCreateSolidFill] [74BCEEBA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipBitmapSetPixel] [74C2E5E0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74BDB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCreateBitmapFromStream] [74BABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdiplusShutdown] [74BA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipGetRegionHRgn] [74BF79EF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDeleteRegion] [74BCC353] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDeletePath] [74BCF286] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCreatePath] [74BD2B99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDeletePen] [74BFE48D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCreatePen1] [74BFDF99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDeleteBrush] [74BCF3C3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipAlloc] [74B969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipFree] [74B9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\authui.dll [COMCTL32.dll!ImageList_Destroy] [75382E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\authui.dll [COMCTL32.dll!ImageList_GetImageCount] [75357392] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\authui.dll [COMCTL32.dll!ImageList_LoadImageW] [7536885D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\authui.dll [COMCTL32.dll!ImageList_DrawEx] [7535D25A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\authui.dll [COMCTL32.dll!InitCommonControlsEx] [75371322] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\System32\SndVolSSO.dll [gdiplus.dll!GdiplusStartup] [74BA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\System32\SndVolSSO.dll [gdiplus.dll!GdiplusShutdown] [74BA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdiplusStartup] [74BA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdiplusShutdown] [74BA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipGetImageThumbnail] [74C2E1DA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipFree] [74B9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipAlloc] [74B969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipCreateBitmapFromFile] [74BE0405] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipCreateBitmapFromFileICM] [74C2E2A6] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipCreateHICONFromBitmap] [74BCA2F2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipDrawImageRectI] [74BAB9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipCreateFromHDC] [74B9EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipSetSmoothingMode] [74BA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipCloneImage] [74BE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipFree] [74B9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipAlloc] [74B969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateImageAttributes] [74BCB716] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImageAttributes] [74BCB797] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusStartup] [74BA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusShutdown] [74BA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCloneImage] [74BE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetImageAttributesWrapMode] [74BC4D93] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [74BAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74BDB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStream] [74BABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\System32\DreamScene.dll [COMCTL32.dll!ImageList_Create] [75372AF7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\System32\DreamScene.dll [COMCTL32.dll!ImageList_ReplaceIcon] [753897AE] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\System32\DreamScene.dll [COMCTL32.dll!ImageList_Destroy] [75382E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Wi
-
controls_6595b64144ccf1df_6.0.6001.1800 0_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!PropertySheetW] [7542806C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!CreateToolbarEx] [75429C52] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Destroy] [75382E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Draw] [753E910F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_GetIconSize] [75370E7A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipAlloc] [74B969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [74BAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipCreateBitmapFromStream] [74BABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipCloneImage] [74BE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipFree] [74B9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdiplusStartup] [74BA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdiplusShutdown] [74BA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\fxsst.dll [COMCTL32.dll!ImageList_Destroy] [75382E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\fxsst.dll [COMCTL32.dll!ImageList_Create] [75372AF7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1680] @ C:\Windows\system32\fxsst.dll [COMCTL32.dll!ImageList_Add] [753A2208] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipSetSmoothingMode] [74BA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCloneBrush] [74C2907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCreateFontFromLogfontA] [74BC5BBD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCreateFontFromDC] [74C35FE9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDrawImageRectI] [74BAB9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipMeasureString] [74BC5894] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDrawString] [74BEA2D5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipFillRectangleI] [74BDD25D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDrawLineI] [74BE04E6] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipSetTextRenderingHint] [74BA24F6] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipLoadImageFromStream] [74BAD246] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipLoadImageFromStreamICM] [74BB298C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCreateFromHDC] [74B9EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCreatePath] [74BD2B99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDeletePath] [74BCF286] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipGetSmoothingMode] [74C2F19C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipFillPath] [74BD1122] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCreateLineBrushFromRectI] [74BDD396] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCreateSolidFill] [74BCEEBA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDeleteFont] [74BAC02A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDeleteStringFormat] [74BF5622] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCreateStringFormat] [74BF5C81] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDeletePen] [74BFE48D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCreatePen1] [74BFDF99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDeleteBrush] [74BCF3C3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdiplusShutdown] [74BA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCloneImage] [74BE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74BDB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCreateBitmapFromStream] [74BABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipAlloc] [74B969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipFree] [74B9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDrawPath] [74C30884] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipDrawRectangleI] [74BDF1EF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipGetDC] [74BCA5CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipReleaseDC] [74BCA684] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipGetImagePixelFormat] [74BA2CB0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipImageRotateFlip] [74BDC531] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCreateHICONFromBitmap] [74BCA2F2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipClosePathFigure] [74C23ED0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipAddPathLineI] [74C24232] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipAddPathArcI] [74C244B6] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdipCloneBitmapAreaI] [74BC5CD8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [gdiplus.dll!GdiplusStartup] [74BA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [COMCTL32.dll!ImageList_Create] [75372AF7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [COMCTL32.dll!ImageList_ReplaceIcon] [753897AE] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [COMCTL32.dll!ImageList_LoadImageW] [7536885D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [COMCTL32.dll!ImageList_Destroy] [75382E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Defender\MSASCui.exe[2116] @ C:\Program Files\Windows Defender\MSASCui.exe [COMCTL32.dll!InitCommonControlsEx] [75371322] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!SetUnhandledExceptionFilter] 00C80010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateProcessA] 00C80080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetModuleFileNameA] 00C800F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateThread] 00170010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetModuleFileNameW] 00C80160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateProcessW] 00C801D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!SetErrorMode] 00C80240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!LoadLibraryW] 00C802B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!VirtualAlloc] 00170080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!VirtualFree] 001700F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!LoadLibraryA] 00C80320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetProcAddress] 00C80390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!FreeLibrary] 00C80400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!HeapFree] 00170160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00170240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 001702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 00170320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00170390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\memmng.dll [KERNEL32.dll!VirtualAlloc] 00170470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\memmng.dll [KERNEL32.dll!GetProcAddress] 00C80470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetModuleFileNameW] 00C804E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetProcAddress] 00C80550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!LoadLibraryA] 00C805C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!FreeLibrary] 00C80630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetModuleFileNameA] 00C806A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!LoadLibraryExA] 00C80710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!CreateThread] 001704E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00C80780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!CreateProcessA] &
-
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00C80F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 76660550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766605C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 76660630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 766606A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 76660710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 76660780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 00170E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 00170EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766607F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 76660860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 766608D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 76660940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 766609B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 76660A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCP80.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76660A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!GetModuleFileNameA] 76660B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!GetModuleFileNameW] 76660B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!GetProcAddress] 76660BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!HeapFree] 00170F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!CreateThread] 77E70470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!HeapDestroy] 77E704E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!VirtualFree] 77E70550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!VirtualAlloc] 77E70630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76660C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!FreeLibrary] 76660CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!LoadLibraryA] 76660D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!LoadLibraryW] 76660DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!SetErrorMode] 76660E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!CreateProcessA] 76660E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!CreateProcessW] 76660EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 76660F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 00C90010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 00C90080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 00C900F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 00C90160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 00C901D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 77E70780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 77E707F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapFree] 77E70860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 77E70940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00C90240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 00C902B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00C90320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] 00C90390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 77E70A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!HeapFree] 77E70B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!GetModuleFileNameW] 00C90400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!CreateThread] 77E70B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00C90470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 77E70BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 77E70C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00C904E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00C90550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 77E70CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 77E70D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00C905C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 00C90630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00C906A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00C90710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00C90780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00C907F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00C90860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapFree] 77E70DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00C908D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 77E70EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00C90940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00C909B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 77E70F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00180080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00C90A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00C90A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00C90B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00C90B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00C90BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00C90C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00C90CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree] 00180160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] 001802B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00C90D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy] 00180320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00C90DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 00180390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00C90E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00C90E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00C90EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00C90F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00CA0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00CA0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 00CA00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00180400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 00180470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 001804E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\FLTLIB.DLL [ntdll.dll!RtlAllocateHeap] 00180550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\FLTLIB.DLL [ntdll.dll!RtlFreeHeap] 001805C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\FLTLIB.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00CA0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!FreeLibrary] 00CA01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!GetProcAddress] 00CA0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!LoadLibraryW] 00CA02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!LoadLibraryExW] 00CA0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!SetErrorMode] 00CA0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CA0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\VERSION.dll [ntdll.dll!RtlAllocateHeap] 00180630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00CA0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!FreeLibrary] 00CA04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!LoadLibraryW] 00CA0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!GetProcAddress] 00CA05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CA0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!FreeLibrary] 00CA06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!CreateProcessW] 00CA0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!LoadLibraryExW] 00CA0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!LoadLibraryW] 00CA07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!GetProcAddress] 00CA0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!GetModuleFileNameW] 00CA08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\LPK.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00CA0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!GetProcAddress] 00CA09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!LoadLibraryA] 00CA0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CA0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!GetModuleFileNameA] 00CA0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!HeapFree] &nb
-
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00CF0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00CF0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00CF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00CF0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00CF0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00CF0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pxstub.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\params.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\winreg.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\winreg.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mkavio.ppl [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mkavio.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!SetErrorMode] 76660470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!CreateProcessA] 76660010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!CreateProcessW] 76660080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fsdrvplg.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fsdrvplg.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgui.ppl [KERNEL32.dll!CreateProcessW] 76660080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgui.ppl [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgui.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgui.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgui.ppl [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgui.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgui.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgui.ppl [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!LoadLibraryExA] 76660320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!VirtualFree] 77E70390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!CreateProcessA] 76660010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!CreateProcessW] 76660080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\MSIMG32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!SetErrorMode] 76660470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\NSI.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!CreateProcessW] 76660080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!VirtualFree] 77E70390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!LoadLibraryExA] 76660320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\rsaenh.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\rsaenh.dll [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2128] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [COMCTL32.dll!PropertySheetW] [7542806C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPropertyItem] [74BFB51F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCloneImage] [74BE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawImageRectI] [74BAB9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetInterpolationMode]
-
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipPathIterNextSubpath] [74C264AF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenMode] [74C2B8D3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenStartCap] [74C2AFD9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenEndCap] [74C2B063] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenCompoundArray] [74C2C826] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenDashCap197819] [74C2B0ED] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenDashArray] [74C2C63E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenMiterLimit] [74C2B7A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenLineJoin] [74C2B352] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipFree] [74B9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAlloc] [74B969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSaveImageToStream] [74B986F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathRectangle] [74C24FDD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathEllipse] [74BD3E68] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathPath] [74BF8BC0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathBezier] [74C2450D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipClosePathFigure] [74C23ED0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipResetPath] [74C2382C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeletePathIter] [74C377C1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteCustomLineCap] [74C2CCF0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipMeasureString] [74BC5894] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateStringFormat] [74BF5C81] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPenColor] [74C2C052] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipTransformPath] [74C25BF7] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetClipPath] [74BF8F15] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawPath] [74C30884] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteMatrix] [74BA0165] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteStringFormat] [74BF5622] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [74BAB331] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateMatrix] [74BA7486] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateMatrix2] [74BD3BF4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetStringFormatFlags] [74C3657E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetWorldTransform] [74BA7752] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawString] [74BEA2D5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateImageAttributes] [74BCB716] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDisposeImageAttributes] [74BCB797] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreatePen1] [74BFDF99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeletePen] [74BFE48D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteRegion] [74BCC353] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetImageAttributesColorMatrix] [74BCCE9D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenColor] [74C2BFBF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenDashStyle] [74C2C3F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipTranslateWorldTransform] [74BA7FFF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawRectangle] [74BDF23B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawImageRectRect] [74BA08E7] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetClipRect] [74BCC954] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetClipRegion] [74BCD29A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetClip] [74BCC46F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipIsVisibleRect] [74BCCB82] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSaveGraphics] [74BCC07A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipRestoreGraphics] [74BCC6A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateRegion] [74BCC3D9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateFromHDC] [74B9EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteBrush] [74BCF3C3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipImageRotateFlip] [74BDC531] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateSolidFill] [74BCEEBA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawLine] [74BFD361] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCloneBrush] [74C2907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipLoadImageFromStream] [74BAD246] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipLoadImageFromStreamICM] [74BB298C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathLine] [74BFDA63] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathArc] [74C243FA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPixelOffsetMode] [74B9FF84] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawRectangleI] [74BDF1EF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipFillRectangleI] [74BDD25D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipBitmapLockBits] [74BA345D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipBitmapUnlockBits] [74BA34E8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetImageAttributesColorKeys] [74BE9416] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdiplusStartup] [74BA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdiplusShutdown] [74BA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipFillRectangle] [74BFE25A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateBitmapFromHICON] [74C2E4B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeletePath] [74BCF286] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteFont] [74BAC02A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteFontFamily] [74BF59FF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetDC] [74BCA5CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipReleaseDC] [74BCA684] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetMatrixElements] [74BA58AD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImageEncoders] [74BCD552] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImageEncodersSize] [74BCD6DC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImagePixelFormat] [74BA2CB0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPathPoints] [74C23A55] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPathTypes] [74C23957] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPointCount] &
-
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetCompositingQuality] [74BA594B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetCompositingMode] [74BA6405] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathRectangleI] [74C25087] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreatePath] [74BD2B99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetClipHrgn] [74C34225] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetClipRectI] [74BF786B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipRecordMetafile] [74C35165] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipLoadImageFromFileICM] [74C2D848] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateFromHWND] [74BE4C05] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetVisibleClipBoundsI] [74BA59C0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetStringFormatAlign] [74BF5D8D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImageBounds] [74BB29F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPenWidth] [74C2AD66] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPenMode] [74C2B95F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipIsVisiblePathPoint] [74C26066] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipWidenPath] [74C2592B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipFlattenPath] [74C2571B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipFree] [74B9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipAlloc] [74B969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateImageAttributes] [74BCB716] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImageAttributes] [74BCB797] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusStartup] [74BA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusShutdown] [74BA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCloneImage] [74BE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetImageAttributesWrapMode] [74BC4D93] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [74BAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74BDB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStream] [74BABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!_TrackMouseEvent] [7539F7E6] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetSmoothingMode] [74BA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromFile] [74BE0405] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [74BAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!InitCommonControlsEx] [75371322] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!PropertySheetW] [7542806C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!CreateToolbarEx] [75429C52] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Destroy] [75382E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Draw] [753E910F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2284] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_GetIconSize] [75370E7A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!SetUnhandledExceptionFilter] 00B80010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateProcessA] 00B80080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetModuleFileNameA] 00B800F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateThread] 00170010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetModuleFileNameW] 00B80160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateProcessW] 00B801D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!SetErrorMode] 00B80240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!LoadLibraryW] 00B802B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!VirtualAlloc] 00170080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!VirtualFree] 001700F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!LoadLibraryA] 00B80320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetProcAddress] 00B80390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!FreeLibrary] 00B80400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!HeapFree] 00170160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00170240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 001702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 00170320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00170390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\memmng.dll [KERNEL32.dll!VirtualAlloc] 00170470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\memmng.dll [KERNEL32.dll!GetProcAddress] 00B80470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetModuleFileNameW] 00B804E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetProcAddress] 00B80550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!LoadLibraryA] 00B805C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!FreeLibrary] 00B80630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetModuleFileNameA] 00B806A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!LoadLibraryExA] 00B80710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!CreateThread] 001704E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B80780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!CreateProcessA] 00B807F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 00170550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 001705C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B80860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00B808D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00B80940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00B809B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00B80A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00B80A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 001706A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 00170710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!HeapFree] 001707F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 00170860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 001708D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 00170940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00B80B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00B80B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 001709B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00B80BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00B80C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] &nbs
-
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!HeapDestroy] 77E704E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!VirtualFree] 77E70550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!VirtualAlloc] 77E70630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76660C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!FreeLibrary] 76660CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!LoadLibraryA] 76660D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!LoadLibraryW] 76660DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!SetErrorMode] 76660E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!CreateProcessA] 76660E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!CreateProcessW] 76660EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 76660F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 00B90010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 00B90080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 00B900F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 00B90160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 00B901D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 77E70780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 77E707F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapFree] 77E70860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 77E70940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00B90240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 00B902B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B90320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] 00B90390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 77E70A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!HeapFree] 77E70B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!GetModuleFileNameW] 00B90400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!CreateThread] 77E70B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B90470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 77E70BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 77E70C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B904E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00B90550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 77E70CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 77E70D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00B905C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 00B90630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00B906A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00B90710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00B90780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00B907F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00B90860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapFree] 77E70DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00B908D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 77E70EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00B90940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00B909B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 77E70F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00180080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00B90A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B90A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00B90B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00B90B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00B90BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00B90C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00B90CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree] 00180160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] 001802B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00B90D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy] 00180320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00B90DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 00180390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B90E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00B90E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00B90EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00B90F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00BA0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00BA0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 00BA00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00180400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 00180470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 001804E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\FLTLIB.DLL [ntdll.dll!RtlAllocateHeap] 00180550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\FLTLIB.DLL [ntdll.dll!RtlFreeHeap] 001805C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\FLTLIB.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00BA0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!FreeLibrary] 00BA01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!GetProcAddress] 00BA0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!LoadLibraryW] 00BA02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!LoadLibraryExW] 00BA0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!SetErrorMode] 00BA0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BA0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\VERSION.dll [ntdll.dll!RtlAllocateHeap] 00180630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00BA0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!FreeLibrary] 00BA04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!LoadLibraryW] 00BA0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!GetProcAddress] 00BA05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BA0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!FreeLibrary] 00BA06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!CreateProcessW] 00BA0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!LoadLibraryExW] 00BA0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!LoadLibraryW] 00BA07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!GetProcAddress] 00BA0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!GetModuleFileNameW] 00BA08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\LPK.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00BA0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!GetProcAddress] 00BA09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!LoadLibraryA] 00BA0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BA0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!GetModuleFileNameA] 00BA0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!GetProcAddress] 00BA0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!FreeLibrary] 00BA0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!LoadLibraryA] 00BA0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!LoadLibraryExW] 00BA0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!LoadLibraryW] 00BA0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!GetModuleFileNameW] 00BA0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BA0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BA0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00BA0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00BA0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 00BB0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00BB0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00BB00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!GetProcAddress] 00BB01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!LoadLibraryA] 00BB0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!VirtualFree] 77E70390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!GetModuleFileNameA] 00BB02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CLLDR.DLL [KERNEL32.dll!GetProcAddress] 00BB0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CLLDR.DLL [KERNEL32.dll!SetUnhandledExceptionFilter]
-
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\bl.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\bl.ppl [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\bl.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\bl.ppl [KERNEL32.dll!CreateProcessW] 76660080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\bl.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc.DLL [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc.DLL [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc.DLL [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc.DLL [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc.DLL [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc.DLL [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\DNSAPI.dll [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\DNSAPI.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\DNSAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\DNSAPI.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\DNSAPI.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\DNSAPI.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\DNSAPI.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\DNSAPI.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\DNSAPI.dll [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\DNSAPI.dll [ntdll.dll!RtlReAllocateHeap] 77E700F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\DNSAPI.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NSI.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINNSI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINNSI.DLL [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wmihlpr.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wmihlpr.ppl [KERNEL32.dll!CreateProcessW] 76660080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wmihlpr.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wmihlpr.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wmihlpr.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!SetErrorMode] 76660470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\regmap.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ndetect.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ndetect.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ndetect.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ndetect.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\crpthlpr.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\crpthlpr.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\crpthlpr.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\crpthlpr.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\MSASN1.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\dtreg.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sfdb.ppl [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sfdb.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\schedule.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\timer.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\timer.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\report.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\reportdb.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\reportdb.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\lic.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\lic.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\lic.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!LoadLibraryExA] 76660320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rsaenh.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rsaenh.dll [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\icheck3.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\icheck3.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avs.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avs.ppl [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avs.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avlib.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avspm.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avspm.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avspm.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avspm.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avspm.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CLBCatQ.DLL [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CLBCatQ.DLL [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!CreateProcessW] 76660080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Pr
-
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WLDAP32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WLDAP32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Bonjour\mdnsNSP.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Bonjour\mdnsNSP.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Bonjour\mdnsNSP.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Bonjour\mdnsNSP.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Bonjour\mdnsNSP.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Bonjour\mdnsNSP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Bonjour\mdnsNSP.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Bonjour\mdnsNSP.dll [KERNEL32.dll!VirtualFree] 77E70390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Bonjour\mdnsNSP.dll [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Bonjour\mdnsNSP.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\System32\wshtcpip.dll [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\syswatch.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\syswatch.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\netwatch.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\netwatch.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\netwatch.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\netwatch.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\netwatch.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RASAPI32.dll [TAPI32.dll!lineTranslateAddressW] [6FC43F8E] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RASAPI32.dll [TAPI32.dll!lineGetCountryW] [6FC2E2C1] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RASAPI32.dll [TAPI32.dll!lineGetTranslateCapsW] [6FC43B50] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RASAPI32.dll [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RASAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RASAPI32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RASAPI32.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RASAPI32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RASAPI32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RASAPI32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\RASAPI32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rasman.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rasman.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rasman.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rasman.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rasman.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!SetErrorMode] 76660470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wlanapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wlanapi.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wlanapi.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wlanapi.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipFree] [74B9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipAlloc] [74B969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateImageAttributes] [74BCB716] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImageAttributes] [74BCB797] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusStartup] [74BA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusShutdown] [74BA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCloneImage] [74BE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetImageAttributesWrapMode] [74BC4D93] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [74BAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74BDB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStream] [74BABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\eappprxy.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\eappprxy.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\eappprxy.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\eappprxy.dll [KERNEL32.dll!HeapFree] &nbs
-
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\hips.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\hips.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHUM.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHUM.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHUM.dll [KERNEL32.dll!SetErrorMode] 76660470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHUM.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHUM.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHUM.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHComm.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHComm.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHComm.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ckahrule.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHStat.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHStat.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHStat.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHStat.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHStat.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHStat.dll [KERNEL32.dll!VirtualFree] 77E70390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHStat.dll [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHStat.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CKAHStat.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\antispam.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\antispam.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\antispam.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\antispam.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ahids.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\oas.ppl [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\oas.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\volenum.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mc.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\imc.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\imc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgs.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgs.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgs.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgs.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!LoadLibraryExA] 76660320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wintrust.dll [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wintrust.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!VirtualFree] 77E70390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ncrypt.dll [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ncrypt.dll [ntdll.dll!RtlSizeHeap] 77E70160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ncrypt.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NTMARTA.DLL [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\NTMARTA.DLL [ntdll.dll!RtlAllocateHeap] 77E70010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SAMLIB.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\httpscan.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\GPAPI.dll [ntdll.dll!RtlFreeHeap] 77E70080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\slc.dll [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\slc.dll [KERNEL32.dll!VirtualFree] 77E70390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\slc.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\slc.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\slc.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\slc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\smtpprtc.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\smtpprtc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pop3prtc.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pop3prtc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\trafmon2.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\trafmon2.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\trafmon2.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\trafmon2.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\maildisp.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\maildisp.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\maildisp.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\maildisp.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!LoadLibraryExA] 76660320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SensApi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SensApi.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\imapprtc.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\imapprtc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nntpprtc.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nntpprtc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\Cabinet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\urlflt.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\urlflt.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\urlflt.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\urlflt.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\webnetstat.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!CreateProcessW] 76660080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!LoadLibraryA]
-
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!SetErrorMode] 76660470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!CreateProcessA] 76660010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!LoadLibraryExA] 76660320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!CreateProcessW] 76660080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!SetErrorMode] 76660470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!InitCommonControlsEx] [75371322] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!PropertySheetW] [7542806C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!CreateToolbarEx] [75429C52] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!ImageList_Destroy] [75382E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!ImageList_Draw] [753E910F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!ImageList_GetIconSize] [75370E7A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!LoadLibraryExW] 76660390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!GetModuleFileNameW] 766601D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!SetErrorMode] 76660470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!CreateProcessW] 76660080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!VirtualFree] 77E70390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\msi.dll [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ICQprtc.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ICQprtc.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ICQprtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MSNprtc.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MSNprtc.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MSNprtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\httpanlz.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\httpanlz.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\JbrPrtc.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\JbrPrtc.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\JbrPrtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\uniarc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!LoadLibraryW] 76660400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\IRCPrtc.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\IRCPrtc.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\IRCPrtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\minizip.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!CreateThread] 77E701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!GetModuleFileNameA] 76660160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!VirtualFree] 77E70390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!VirtualAlloc] 77E70320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\arj.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\msoe.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\msoe.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\msoe.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\msoe.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\rar.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Yhoprtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Yhoprtc.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Yhoprtc.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\lha.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mailmsg.ppl [KERNEL32.dll!FreeLibrary] 766600F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mailmsg.ppl [KERNEL32.dll!GetProcAddress] 76660240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mailmsg.ppl [KERNEL32.dll!LoadLibraryA] 766602B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mailmsg.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mailmsg.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MMPprtc.dll [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MMPprtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MMPprtc.dll [KERNEL32.dll!HeapDestroy] 77E70240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wdiskio.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wdiskio.ppl [KERNEL32.dll!HeapFree] 77E702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2460] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\btimages.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 766604E0
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [COMCTL32.dll!PropertySheetW] [7542806C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPropertyItem] [74BFB51F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCloneImage] [74BE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawImageRectI] [74BAB9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateHatchBrush] [74C37845] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateTexture2] [74C37A2B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetTextureTransform] [74BD3A3D] C:\Windows\Win
-
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipPathIterNextSubpath] [74C264AF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenMode] [74C2B8D3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenStartCap] [74C2AFD9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenEndCap] [74C2B063] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenCompoundArray] [74C2C826] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenDashCap197819] [74C2B0ED] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenDashArray] [74C2C63E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenMiterLimit] [74C2B7A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenLineJoin] [74C2B352] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipFree] [74B9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAlloc] [74B969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSaveImageToStream] [74B986F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathRectangle] [74C24FDD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathEllipse] [74BD3E68] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathPath] [74BF8BC0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathBezier] [74C2450D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipClosePathFigure] [74C23ED0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipResetPath] [74C2382C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeletePathIter] [74C377C1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteCustomLineCap] [74C2CCF0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipMeasureString] [74BC5894] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateStringFormat] [74BF5C81] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPenColor] [74C2C052] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipTransformPath] [74C25BF7] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetClipPath] [74BF8F15] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawPath] [74C30884] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteMatrix] [74BA0165] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteStringFormat] [74BF5622] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [74BAB331] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateMatrix] [74BA7486] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateMatrix2] [74BD3BF4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetStringFormatFlags] [74C3657E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetWorldTransform] [74BA7752] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawString] [74BEA2D5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateImageAttributes] [74BCB716] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDisposeImageAttributes] [74BCB797] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreatePen1] [74BFDF99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeletePen] [74BFE48D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteRegion] [74BCC353] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetImageAttributesColorMatrix] [74BCCE9D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenColor] [74C2BFBF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPenDashStyle] [74C2C3F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipTranslateWorldTransform] [74BA7FFF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawRectangle] [74BDF23B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawImageRectRect] [74BA08E7] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetClipRect] [74BCC954] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetClipRegion] [74BCD29A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetClip] [74BCC46F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipIsVisibleRect] [74BCCB82] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSaveGraphics] [74BCC07A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipRestoreGraphics] [74BCC6A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateRegion] [74BCC3D9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateFromHDC] [74B9EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteBrush] [74BCF3C3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipImageRotateFlip] [74BDC531] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateSolidFill] [74BCEEBA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawLine] [74BFD361] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCloneBrush] [74C2907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipLoadImageFromStream] [74BAD246] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipLoadImageFromStreamICM] [74BB298C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathLine] [74BFDA63] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathArc] [74C243FA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetPixelOffsetMode] [74B9FF84] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawRectangleI] [74BDF1EF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipFillRectangleI] [74BDD25D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipBitmapLockBits] [74BA345D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipBitmapUnlockBits] [74BA34E8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetImageAttributesColorKeys] [74BE9416] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdiplusStartup] [74BA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdiplusShutdown] [74BA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipFillRectangle] [74BFE25A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateBitmapFromHICON] [74C2E4B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeletePath] [74BCF286] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteFont] [74BAC02A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipDeleteFontFamily] [74BF59FF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetDC] [74BCA5CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipReleaseDC] [74BCA684] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetMatrixElements] [74BA58AD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImageEncoders] [74BCD552] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImageEncodersSize] [74BCD6DC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImagePixelFormat] [74BA2CB0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPathPoints] [74C23A55] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPathTypes] [74C23957] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPointCount] &nbs
-
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetCompositingQuality] [74BA594B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetCompositingMode] [74BA6405] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipAddPathRectangleI] [74C25087] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreatePath] [74BD2B99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetClipHrgn] [74C34225] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetClipRectI] [74BF786B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipRecordMetafile] [74C35165] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipLoadImageFromFileICM] [74C2D848] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipCreateFromHWND] [74BE4C05] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetVisibleClipBoundsI] [74BA59C0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipSetStringFormatAlign] [74BF5D8D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetImageBounds] [74BB29F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPenWidth] [74C2AD66] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipGetPenMode] [74C2B95F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipIsVisiblePathPoint] [74C26066] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipWidenPath] [74C2592B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Windows Sidebar\sidebar.exe [gdiplus.dll!GdipFlattenPath] [74C2571B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipFree] [74B9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipAlloc] [74B969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateImageAttributes] [74BCB716] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImageAttributes] [74BCB797] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusStartup] [74BA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusShutdown] [74BA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCloneImage] [74BE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetImageAttributesWrapMode] [74BC4D93] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [74BAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74BDB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStream] [74BABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\RASAPI32.dll [TAPI32.dll!lineTranslateAddressW] [6FC43F8E] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\RASAPI32.dll [TAPI32.dll!lineGetCountryW] [6FC2E2C1] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\RASAPI32.dll [TAPI32.dll!lineGetTranslateCapsW] [6FC43B50] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetPropertyItem] [74BFB51F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetPropertyItemSize] [74BFB4BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipWarpPath] [74C25AA4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipTransformPath] [74C25BF7] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateMatrix2] [74BD3BF4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipClonePen] [74C2AC19] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPathGradientPresetBlend] [74BD30C9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetLinePresetBlend] [74BD190D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDrawImageRectI] [74BAB9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipFillRectangleI] [74BDD25D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPixelOffsetMode] [74B9FF84] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreatePathGradientFromPath] [74BD41A2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreatePathGradient] [74C37DC1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipAddPathEllipse] [74BD3E68] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipClosePathFigures] [74C23F5C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenCompoundArray] [74C2C826] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenDashArray] [74C2C63E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenDashStyle] [74C2C3F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenMode] [74C2B8D3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenMiterLimit] [74C2B7A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetImageBounds] [74BB29F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenCustomStartCap] [74C2B475] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenLineJoin] [74C2B352] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenEndCap] [74C2B063] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenStartCap] [74C2AFD9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenLineCap197819] [74C2AF49] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateHatchBrush] [74C37845] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateLineBrush] [74BD2E57] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetCustomLineCapStrokeCaps] [74C2CD73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDeleteCustomLineCap] [74C2CCF0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateCustomLineCap] [74C2C972] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPathGradientWrapMode] [74C2A78B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPathGradientFocusScales] [74C2AA41] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPathGradientLinearBlend] [74C2A651] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPathGradientSigmaBlend] [74C2A5B6] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPathGradientGammaCorrection] [74BD3B89] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPathGradientCenterPoint] [74C2A174] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPathGradientSurroundColorsWithCo unt] [74C29EB8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetPathGradientPointCount] [74C2A26E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPathGradientCenterColor] [74C29D14] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreatePen2] [74C2AAD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetLineWrapMode] [74BD4108] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetLineLinearBlend] [74C2A651] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetLineSigmaBlend] [74C2A5B6] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetLineGammaCorrection] [74BD3B34] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetTextureTransform] [74BD3A3D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDisposeImageAttributes] [74BCB797] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateImageAttributes] [74BCB716] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipClonePath] [74C23769] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipFillPolygon] [74C3163B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDrawPolygon] [74C30685] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDrawLines] [74C2FA20] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDrawLine] [74BFD361] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none
-
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDeleteMatrix] [74BA0165] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetPathWorldBoundsI] [74C25EAF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipIsVisiblePathPointI] [74C261DF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipIsOutlineVisiblePathPointI] [74C2643F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateMatrix] [74BA7486] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateMatrix3] [74C26E71] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetMatrixElements] [74BCF190] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetMatrixElements] [74BA58AD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenWidth] [74C2ACDF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetPenWidth] [74C2AD66] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateFromHDC] [74B9EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetDC] [74BCA5CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipReleaseDC] [74BCA684] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetCompositingQuality] [74BA76C1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetSmoothingMode] [74C2F19C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetSmoothingMode] [74BA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetWorldTransform] [74BA7752] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPageUnit] [74BA5598] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDrawPath] [74C30884] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipFillPath] [74BD1122] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipFillRegion] [74C32154] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSaveGraphics] [74BCC07A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipRestoreGraphics] [74BCC6A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDeleteBrush] [74BCF3C3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreatePath] [74BD2B99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDeletePath] [74BCF286] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDeleteRegion] [74BCC353] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetEmpty] [74C27E39] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCombineRegionPath] [74C27FE9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateSolidFill] [74BCEEBA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipResetPath] [74C2382C] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetPathFillMode] [74C23C88] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPathFillMode] [74C23D2A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipAddPathPath] [74BF8BC0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateRegion] [74BCC3D9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCloneBrush] [74C2907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDeletePathIter] [74C377C1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetPathWorldBounds] [74C25CF8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipStartPathFigure] [74C23E46] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipClosePathFigure] [74C23ED0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipAddPathLine2] [74C2427B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipAddPathArc] [74C243FA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipAddPathBeziers] [74C24640] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipWidenPath] [74C2592B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreatePathIter] [74C37721] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipPathIterNextSubpath] [74C264AF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipPathIterRewind] [74C26BE8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipPathIterCopyData] [74C26D77] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateStringFormat] [74BF5C81] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDeleteStringFormat] [74BF5622] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDeleteFont] [74BAC02A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipLoadImageFromFile] [74BC7379] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipLoadImageFromFileICM] [74C2D848] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetImageType] [74BDD1E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetImageRawFormat] [74BDD028] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetImagePixelFormat] [74BA2CB0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipImageGetFrameCount] [74BB2411] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipImageSelectActiveFrame] [74BFB44E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateBitmapFromGraphics] [74BE5484] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateTextureIA] [74C37B62] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetStringFormatTrimming] [74C36A80] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDrawString] [74BEA2D5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDrawImageRect] [74BABA20] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateMetafileFromFile] [74C34F20] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateFontFromDC] [74C35FE9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreateFontFromLogfontA] [74BC5BBD] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCloneImage] [74BE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetSolidFillColor] [74BD1C47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipCreatePen1] [74BFDF99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipDeletePen] [74BFE48D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipSetPenColor] [74C2BFBF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipAddPathLine] [74BFDA63] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll [gdiplus.dll!GdipAddPathPolygon] [74C253B8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!_TrackMouseEvent] [7539F7E6] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetSmoothingMode] [74BA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromFile] [74BE0405] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [74BAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!InitCommonControlsEx] [75371322] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Windows Sidebar\sidebar.exe[2532] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!PropertySheetW]
-
[75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!CreateToolbarEx] [75429C52] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Destroy] [75382E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Draw] [753E910F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_GetIconSize] [75370E7A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!_TrackMouseEvent] [7539F7E6] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetSmoothingMode] [74BA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromFile] [74BE0405] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\NOTEPAD.EXE[3484] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [74BAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!_TrackMouseEvent] [7539F7E6] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetSmoothingMode] [74BA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromFile] [74BE0405] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [74BAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!InitCommonControlsEx] [75371322] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!PropertySheetW] [7542806C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!CreateToolbarEx] [75429C52] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Destroy] [75382E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Draw] [753E910F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\wbem\unsecapp.exe[3960] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_GetIconSize] [75370E7A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!_TrackMouseEvent] [7539F7E6] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDrawImageRectRectI] [74BA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetSmoothingMode] [74BA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetInterpolationMode] [74B9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageGraphicsContext] [74BA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromScan0] [74B9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromFile] [74BE0405] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageHeight] [74BA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageWidth] [74BA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDisposeImage] [74B971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDeleteGraphics] [74B9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [74BAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!InitCommonControlsEx] [75371322] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!PropertySheetW] [7542806C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!CreatePropertySheetPageW] [75422A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!CreateToolbarEx] [75429C52] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Destroy] [75382E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Draw] [753E910F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[3992] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_GetIconSize] [75370E7A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MSDTCPRX.dll!CreateLegacyTmInstance] [6C1F006C] C:\Windows\system32\MTXCLU.DLL (MS DTC amd MTS clustering support DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MSDTCPRX.dll!CreateLocalTmInstance] [6C1F0054] C:\Windows\system32\MTXCLU.DLL (MS DTC amd MTS clustering support DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MSDTCPRX.dll!CreateTmInstanceForRemoteAdmin] [6C1F01C2] C:\Windows\system32\MTXCLU.DLL (MS DTC amd MTS clustering support DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MTXCLU.DLL!MtxCluSetDefaultClusterResource] [6C29B4A5] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MTXCLU.DLL!MtxCluGetResourceIdStringFromName] [6C2974E3] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MTXCLU.DLL!MtxCluGetDTCVirtualServerNameW] [6C29572F] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MTXCLU.DLL!MtxCluGetNameFromResourceIdStringNonAdm in] [6C297A23] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MTXCLU.DLL!MtxCluEnumerateDtcResources] [6C29F9A9] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MTXCLU.DLL!MtxCluGetNameFromResourceIdString] [6C297753] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MTXCLU.DLL!MtxCluGetDefaultClusterResource] [6C2925D9] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MTXCLU.DLL!MtxCluIsClusterPresentExW] [6C295714] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MTXCLU.DLL!MtxCluGetDtcDiskResourceDrive] [6C29D8FD] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MTXCLU.DLL!MtxCluCreateClusterTmInstance] [6C28ACB7] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\msdtcuiu.DLL [MTXCLU.DLL!MtxCluGetDefaultClusterResourceNonAdmin] [6C2931F7] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!LoadStringW] 0878890C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!DialogBoxParamW] F8686CEB
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!GetProcessWindowStation] E86C1F11
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!GetThreadDesktop] 0001B045
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!OpenWindowStationW] 1A75D73B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!SetProcessWindowStation] 7408483B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!OpenDesktopW] 11A06807
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!SetThreadDesktop] EBEB6C1F
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!GetDesktopWindow] 8908518B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!GetWindowRect] 518B0850
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!GetClientRect] 0C7A8908
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!MapWindowPoints] 8B5644EB
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!SetWindowPos] F73B0871
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!EndDialog] 483B1775
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!SetDlgItemTextW] 6807740C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!CloseWindowStation] [6C1F1148] C:\Windows\system32\MTXCLU.DLL (MS DTC amd MTS clustering support DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [USER32.dll!CloseDesktop] 5089C9EB
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!CreateDirectoryW] EB087A89
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetCurrentProcessId] 0C4E3B24
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!CloseHandle] E8680774
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!lstrcmpiW] EB6C1F10
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!LoadLibraryExW]
-
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!ExpandEnvironmentStringsW] 006B006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!CreateProcessW] 90900000
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!WaitForSingleObject] 90909090
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetExitCodeProcess] 006E0049
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!FindFirstFileW] 006F0063
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!FindNextFileW] 0073006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!SetFileAttributesW] 00730069
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!FindClose] 00650074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetModuleHandleW] 0074006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!FindResourceW] 00550020
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!LoadResource] 004C0054
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!LockResource] 006E0069
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!FormatMessageW] 0020006B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetModuleFileNameW] 002D002D
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!TlsGetValue] 00490020
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!TlsSetValue] 0063006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!TlsFree] 0072006F
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!TlsAlloc] 00650072
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00740063
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!UnhandledExceptionFilter] 006D0020
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetSystemTimeAsFileTime] 0070005F
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetCurrentThreadId] 0065004E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetTickCount] 00740078
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!QueryPerformanceCounter] 0069004C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!InterlockedExchange] 006B006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!FreeLibrary] 90900000
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetProcAddress] 90909090
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!LoadLibraryA] 00540055
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!TerminateProcess] 0069004C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetCurrentProcess] 006B006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!OutputDebugStringW] 00200073
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!LocalAlloc] 006F006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetCurrentThread] 00200074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetFullPathNameW] 00680074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetComputerNameExW] 00200065
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetSystemWindowsDirectoryA] 0061006C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!GetLocalTime] 00740073
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [KERNEL32.dll!lstrlenA] 0074006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ole32.dll!CoTaskMemAlloc] 0020006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ole32.dll!CoCreateInstance] 00680074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ole32.dll!CoGetObjectContext] 00200065
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ole32.dll!StringFromGUID2] 0069006C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ole32.dll!CoTaskMemFree] 00740073
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!LookupPrivilegeValueA] 00540055
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!ConvertStringSecurityDescriptorToSecuri tyDescriptorW] 0069004C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!GetSecurityDescriptorOwner] 006B006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!GetSecurityDescriptorGroup] 00690020
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!GetSecurityDescriptorSacl] 00200073
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!OpenThreadToken] 006F006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!DuplicateTokenEx] 00200074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!AdjustTokenPrivileges] 00680074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!SetThreadToken] 00200065
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegEnumKeyA] 00690066
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegEnumKeyW] 00730072
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegFlushKey] 00200074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegDeleteValueA] 006C0065
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegDeleteValueW] 006D0065
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegDeleteKeyA] 006E0065
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegDeleteKeyW] 00200074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!GetSecurityDescriptorDacl] 006E0069
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!GetAclInformation] 00740020
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!GetAce] 00650068
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!EqualSid] 006C0020
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!AddAce] 00730069
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!AddAccessAllowedAceEx] 00000074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!InitializeAcl] 00540055
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!InitializeSecurityDescriptor] 0069004C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!SetSecurityDescriptorDacl] 006B006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!IsWellKnownSid] 00690020
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!SetNamedSecurityInfoW] 00200073
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!GetNamedSecurityInfoW] 006F006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!GetSecurityDescriptorLength] 00200074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!OpenProcessToken] 00680074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!GetSecurityDescriptorControl] 00200065
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!MakeAbsoluteSD] 006E006F
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!LsaClose] 0079006C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!GetSidLengthRequired] 00650020
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!LookupAccountNameW] 0065006C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!ConvertStringSidToSidW] 0065006D
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!AllocateAndInitializeSid] 0074006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!FreeSid] 00690020
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!GetLengthSid] 0020006E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!CopySid] 00680074
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegCreateKeyExW] 00200065
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegSetValueExW] 0069006C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegisterEventSourceW] 00740073
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!ReportEventW] 90900000
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!ConvertSidToStringSidW] 8B909090
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!QueryServiceStatus] EC8B55FF
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!CloseServiceHandle] FF5D018B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!OpenServiceW] 90900C60
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!OpenSCManagerW] C7909090
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegCloseKey] 1B41D801
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegQueryValueExW] 9090C36C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegOpenKeyExW] 8B909090
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!RegConnectRegistryW] C0850441
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!DeleteService] 41890974
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!EnumServicesStatusExW] 08408B08
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!EnumServicesStatusExA] 33044189
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!OpenSCManagerA] 044139C0
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!MakeSelfRelativeSD] C2C0950F
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!ChangeServiceConfig2W] 90900004
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!ChangeServiceConfigW] 8B909090
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ADVAPI32.dll!CreateServiceW] EC8B55FF
IAT &n
-
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [msvcrt.dll!_wstrdate] 00003C24
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [msvcrt.dll!wcscpy_s] 0774C085
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ntdll.dll!RtlInitUnicodeString] 8B46EB80
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ntdll.dll!RtlCreateServiceSid] 75FF530E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ntdll.dll!RtlNtStatusToDosError] [75E85708] C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ntdll.dll!RtlReportException] 8B000041
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ntdll.dll!RtlFreeHeap] [75DB85D8] C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ntdll.dll!RtlAllocateHeap] E8CF8B1D
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ntdll.dll!RtlImageNtHeader] FFFFF939
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ntdll.dll!RtlOemStringToUnicodeString] 8F8D168B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [ntdll.dll!RtlInitAnsiString] 000000A0
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [WS2_32.dll!GetAddrInfoW] 00000364
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [WS2_32.dll!FreeAddrInfoW] 0450FF52
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!OpenCluster] 50E80000
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!GetClusterKey] 8B000035
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterRegQueryInfoKey] 05EB5BC3
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterRegSetValue] 070057B8
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterRegQueryValue] 5D5E5F80
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterRegEnumKey] 900008C2
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterRegDeleteValue] 90909090
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterRegDeleteKey] 8B56FF8B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterRegCreateKey] 1C7E83F1
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!OpenClusterResource] 3D8B5700
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!OfflineClusterResource] [6C1B10A8] C:\Windows\system32\wbem\wmiaprpl.dll (WMI Performance Reverse Adapter/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!GetClusterResourceState] 7E831B74
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!CloseClusterResource] 07750140
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!CloseCluster] FFF8FEE8
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!GetClusterResourceNetworkName] E805EBFF
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!GetClusterResourceKey] FFFFF92F
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterRegOpenKey] FF1C76FF
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterRegCloseKey] 1C6683D7
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterResourceControl] 20468B00
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterEnum] 0774C085
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!OnlineClusterResource] 83D7FF50
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterControl] 8B002066
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterGroupEnum] C0852446
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterGroupOpenEnum] FF500774
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterCloseEnum] 246683D7
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterGetEnumCount] C35E5F00
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterResourceTypeControl] 90909090
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterOpenEnum] 55FF8B90
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!GetClusterNotify] 7D83EC8B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!CreateClusterNotifyPort] 5653010C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!ClusterGroupCloseEnum] 75F98B57
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!GetClusterResourceTypeKey] 1C8F8D0A
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!GetNodeClusterState] 8B000001
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!CloseClusterGroup] 8D10FF01
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [CLUSAPI.dll!OpenClusterGroup] B78D084D
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ClusWorkerCheckTerminate] 8B51068B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ResUtilTerminateServiceProcessFromResDl l] 2450FFCE
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ResUtilEnumProperties] FB83D88B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ResUtilGetProperties] 8B0C7501
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ResUtilSetPropertyTable] 8356084D
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ResUtilVerifyPropertyTable] 26E81CC1
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ClusWorkerTerminate] 83FFFFFB
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ClusWorkerCreate] 75010C7D
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ResUtilFindDependentDiskResourceDriveLe tter] 1C8F8D0B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ResUtilEnumResourcesEx] 8B000001
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ResUtilFindSzProperty] 0450FF01
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ResUtilFindBinaryProperty] C38B5E5F
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [RESUTILS.dll!ResUtilPropertyListFromParameterBlock] 08C25D5B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [VERSION.dll!VerQueryValueW] 106A9090
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [bcrypt.dll!BCryptGenerateSymmetricKey] 916FE86C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [bcrypt.dll!BCryptDestroyKey] C1810001
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [bcrypt.dll!BCryptGetProperty] 000000A0
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [bcrypt.dll!BCryptSetProperty] E44D8D51
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [bcrypt.dll!BCryptGenRandom] 00ACECE8
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [bcrypt.dll!BCryptOpenAlgorithmProvider] FC658300
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [bcrypt.dll!BCryptCloseAlgorithmProvider] 8B1AEB00
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [bcrypt.dll!BCryptExportKey] 4D8DE445
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [MSDTCPRX.dll!CreateTmInstanceForRemoteAdmin] 5A15E850
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [MSDTCPRX.dll!CreateLocalTmInstance] 458B0000
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [MSDTCPRX.dll!CreateLegacyTmInstance] 8D006AE4
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [MSDTCPRX.dll!CreateRemoteProxyTmInstance] 50FFE44D
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\MTXCLU.DLL [NETAPI32.dll!NetAlertRaiseEx] FFE44D8D
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\perfts.dll [UTILDLL.dll!StrConnectState] [6C273D58] C:\Windows\system32\MSDTCPRX.dll (MS DTCOLE Transactions interface proxy DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!?terminate@@YAXXZ] [7651C0C6] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!wcschr] [764F3B73] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!_wtol] [764F0A5B] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!??0exception@@QAE@ABQBD@Z] [764F488F] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!strlen] [764E1CA9] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!wcsrchr] [7651CC4E] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!_vsnwprintf] [76518BA6] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!??1exception@@UAE@XZ] [764F956D] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!??0exception@@QAE@ABV0@@Z] [76518A41] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!free] [76518591] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!_CxxThrowException] [76518DA1] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!_callnewh] [764F4926] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!malloc] [76518AC0] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!_XcptFilter] [764D1C36] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!_initterm] [764FCEC9] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!_amsg_exit] [765185EC] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!_adjust_fdiv] [7651A37A] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!??1type_info@@UAE@XZ] [77D8298C] C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!_unlock] [764D6FAD] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!__dllonexit] [764EA770] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!_lock] [764EBBA2] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!?what@exception@@UBEPBDXZ] [77D898AC] C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!??0exception@@QAE@XZ] [764E9FF7] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!_onexit] [76514293] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [msvcrt.dll!memmove] &n
-
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!GetCurrentProcess] [7651C8AF] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!SwitchToThread] [764FCE5C] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!InterlockedExchange] [764F951A] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!InterlockedCompareExchange] [76515851] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!OutputDebugStringA] [764F6E2D] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!QueryPerformanceCounter] [7656F4A1] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!GetTickCount] [764D18EF] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!GetCurrentThreadId] [764D18C0] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!GetCurrentProcessId] [7651C5AF] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!GetSystemTimeAsFileTime] [764F9491] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!TerminateProcess] [7651B8B6] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!UnhandledExceptionFilter] [765108F8] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [7651D198] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!GetLocaleInfoW] [77D82F9F] C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!lstrlenA] [77D87DC0] C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!GetVersionExW] [77D87D80] C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [KERNEL32.dll!WideCharToMultiByte] [7651BDC0] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegEnumValueW] [764F429D] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegOpenKeyW] [7651C6AE] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegisterEventSourceW] [7651BDFC] C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!DeregisterEventSource] 00000000
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!OpenProcessToken] [768EE188] C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!GetTokenInformation] [768BB36E] C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!IsValidSid] [768F0E28] C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!GetLengthSid] [768EDAB0] C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!CopySid] [768EC4B8] C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegQueryValueExW] [768B8BAE] C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegCreateKeyExW] [768EE59E] C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegSetValueExW] [768F4E90] C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegDeleteValueW] [768EDC40] C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegOpenKeyExW] 00000000
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegEnumKeyExW] [76774524] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegDeleteKeyW] [767C6BB1] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegCloseKey] [767C76C1] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!OpenServiceW] [7675EECF] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!QueryServiceStatus] [76783BEE] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!StartServiceW] [76759D63] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!OpenSCManagerW] [7677F79F] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!CloseServiceHandle] [7676BCE1] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!MakeAbsoluteSD] [7675B8F1] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!InitializeSecurityDescriptor] [7676BA90] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!ConvertStringSecurityDescriptorToSecuri tyDescriptorW] [7675B5E7] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ADVAPI32.dll!RegQueryInfoKeyW] [7675A275] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [USER32.dll!LoadStringW] [767543DB] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [USER32.dll!CharNextW] [7675748D] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ole32.dll!CoInitializeEx] [7676D80B] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ole32.dll!CoUninitialize] [76773D0E] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ole32.dll!CoSetProxyBlanket] [7675B0C7] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [ole32.dll!CoCreateInstance] [7677412D] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [loadperf.dll!LoadPerfCounterTextStringsW] [7676A6E2] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [loadperf.dll!UnloadPerfCounterTextStringsW] [7677FC09] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [wbemcomn.dll!??1CStaticCritSec@@QAE@XZ] [767A3DEA] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [wbemcomn.dll!?Throttle@@YGJKKKKK@Z] [76772EDB] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [wbemcomn.dll!?anyFailure@CStaticCritSec@@SGHXZ] [7675FFC3] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\wbem\wmiaprpl.dll [wbemcomn.dll!??0CStaticCritSec@@QAE@XZ] [767C6FA9] C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation)
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!wprintf] DB335308
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!memset] 0041063D
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!fprintf] F18B5600
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!_iob] 053D4C7F
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!iswctype] 7D000041
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!_except_handler4_common] 74C32B7D
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!_adjust_fdiv] 09E8831E
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!_amsg_exit] FA2D1174
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!_initterm] 74000040
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!free] 41754850
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!malloc] 0B6C46C7
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!_XcptFilter] 8B000000
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!_vsnwprintf] 5D5B5EC3
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!_wfopen] 57000CC2
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!fgetws] 8B087E8D
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!fclose] 6C46C7CF
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!vfwprintf] 0000000B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!_ultow_s] FFD592E8
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!wcsstr] E8CF8BFF
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!wcschr] FFFFD8FA
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!wcstoul] 70E8CE8B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!swscanf_s] 5FFFFFF7
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!_wsplitpath_s] 072DD5EB
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [msvcrt.dll!memcpy] 74000041
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [ntdll.dll!NtOpenPrivateNamespace] 741AE883
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [ntdll.dll!NtCreatePrivateNamespace] FB98E80C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [ntdll.dll!NtCreateMutant] FFBBFFFF
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [ntdll.dll!RtlNtStatusToDosError] EB8000FF
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!SearchPathW] 0000000B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!AddSIDToBoundaryDescriptor] 3B70768B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!SetUnhandledExceptionFilter] B80775F3
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!UnhandledExceptionFilter] 8000FFFF
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!GetCurrentProcess] 068BA7EB
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!TerminateProcess] 0C50FF56
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!GetCurrentProcessId] 46C79DEB
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!GetCurrentThreadId] 00000B6C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!GetTickCount] 70768B00
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!QueryPerformanceCounter] E374F33B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!Sleep] FF56068B
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!InterlockedExchange] 87EB1450
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!SetLastError] 90909090
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!GetLastError] 55FF8B90
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [KERNEL32.dll!CompareStringW]
-
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [ADVAPI32.dll!RegisterEventSourceW] 00000B6C
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\loadperf.dll [USER32.dll!LoadStringW] 00000001
IAT C:\Windows\system32\wbem\wmiprvse.exe[4024] @ C:\Windows\system32\tquery.dll [query.dll!CITextToSelectTreeEx] [6F4D523A] C:\Windows\system32\query.dll (Content Index Utility DLL/Microsoft Corporation)
---- Services - GMER 1.0.15 ----
Service .NET CLR Data
Service .NET CLR Networking
Service .NET Data Provider for Oracle
Service .NET Data Provider for SqlServer
Service .NETFramework
Service C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe (CMSPCSUtilSvc/SprintNextel) [AUTO] Access Utility Service
Service C:\Windows\system32\drivers\acpi.sys (ACPI Driver for NT/Microsoft Corporation) [BOOT] ACPI
Service C:\Windows\system32\drivers\adp94xx.sys (Adaptec Windows SAS/SATA Storport Driver/Adaptec, Inc.) [DISABLED] adp94xx
Service C:\Windows\system32\drivers\adpahci.sys (Adaptec Windows SATA Storport Driver/Adaptec, Inc.) [DISABLED] adpahci
Service C:\Windows\system32\drivers\adpu160m.sys (Adaptec LH Ultra160 Driver (x86)/Adaptec, Inc.) [DISABLED] adpu160m
Service C:\Windows\system32\drivers\adpu320.sys (Adaptec StorPort Ultra320 SCSI Driver/Adaptec, Inc.) [DISABLED] adpu320
Service adsi
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] AeLookupSvc
Service C:\Windows\system32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service C:\Windows\system32\drivers\agp440.sys (440 NT AGP Filter/Microsoft Corporation) [MANUAL] agp440
Service C:\Windows\system32\drivers\djsvs.sys (Adaptec Ultra SCSI miniport/Adaptec, Inc.) [DISABLED] aic78xx
Service C:\Windows\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG
Service C:\Windows\system32\drivers\aliide.sys (ALi mini IDE Driver/Acer Laboratories Inc.) [DISABLED] aliide
Service C:\Windows\system32\drivers\amdagp.sys (AMD NT AGP Filter/Microsoft Corporation) [MANUAL] amdagp
Service C:\Windows\system32\drivers\amdide.sys (AMD IDE Driver/Microsoft Corporation) [DISABLED] amdide
Service C:\Windows\system32\drivers\amdk7.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] AmdK7
Service C:\Windows\system32\drivers\amdk8.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] AmdK8
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Appinfo
Service C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) [AUTO] Apple Mobile Device
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] AppMgmt
Service C:\Windows\system32\drivers\arc.sys (Adaptec RAID Storport Driver/Adaptec, Inc.) [DISABLED] arc
Service C:\Windows\system32\drivers\arcsas.sys (Adaptec SAS RAID WS03 Driver/Adaptec, Inc.) [DISABLED] arcsas
Service C:\??\C:\Program Files\ASTRA32\ASTRA32.sys [AUTO] ASTRA32
Service C:\Windows\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\Windows\system32\drivers\atapi.sys (ATAPI IDE Miniport Driver/Microsoft Corporation) [BOOT] atapi
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] AudioEndpointBuilder
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Audiosrv
Service C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Anti-Virus/Kaspersky Lab) [AUTO] AVP
Service (Battery Class Driver/Microsoft Corporation) BattC
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] BFE
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] BITS
Service C:\Windows\system32\drivers\blbdrive.sys (BLB Drive Driver/Microsoft Corporation) [DISABLED] blbdrive
Service [DISABLED] BOHCI
Service C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc.) [AUTO] Bonjour Service
Service C:\Windows\system32\DRIVERS\bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation) [MANUAL] bowser
Service C:\Windows\system32\drivers\brfiltlo.sys (Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltLo
Service C:\Windows\system32\drivers\brfiltup.sys (Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltUp
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Browser
Service C:\Windows\system32\drivers\brserid.sys (Brotehr Serial I/F Driver (WDM)/Brother Industries Ltd.) [DISABLED] Brserid
Service C:\Windows\System32\Drivers\BrSerIf.sys (Brotehr Serial I/F Driver (WDM)/Brother Industries Ltd.) [MANUAL] BrSerIf
Service C:\Windows\system32\drivers\brserwdm.sys (Brother Serial driver (WDM version)/Brother Industries Ltd.) [DISABLED] BrSerWdm
Service C:\Windows\system32\drivers\brusbmdm.sys (Brother USB MDM Driver /Brother Industries Ltd.) [DISABLED] BrUsbMdm
Service C:\Windows\System32\Drivers\BrUsbSer.sys (Brother USB Serial Driver/Brother Industries Ltd.) [MANUAL] BrUsbSer
Service C:\Windows\system32\drivers\bthmodem.sys (Bluetooth Communications Driver/Microsoft Corporation) [DISABLED] BTHMODEM
Service [DISABLED] BUHCI
Service [DISABLED] BUSBD
Service C:\Users\ADMINI~1\AppData\Local\Temp\catchme.sys [MANUAL] catchme
Service C:\Windows\system32\DRIVERS\cdfs.sys (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] cdfs
Service C:\Windows\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] cdrom
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] CertPropSvc
Service C:\Windows\system32\drivers\circlass.sys (Consumer IR Class Driver for eHome/Microsoft Corporation) [DISABLED] circlass
Service C:\Windows\System32\CLFS.sys (Common Log File System Driver/Microsoft Corporation) [BOOT] CLFS
Service C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [MANUAL] clr_optimization_v2.0.50727_32
Service C:\Windows\system32\drivers\cmdide.sys (CMD PCI IDE Bus Driver/CMD Technology, Inc.) [DISABLED] cmdide
Service C:\Windows\system32\drivers\COMMONFX.SYS (Creative Common FX Plug-in/Creative Technology Ltd) [MANUAL] COMMONFX
Service C:\Windows\System32\drivers\COMMONFX.SYS (Creative Common FX Plug-in/Creative Technology Ltd) [MANUAL] COMMONFX.SYS
Service C:\Windows\system32\drivers\compbatt.sys (Composite Battery Driver/Microsoft Corporation) [DISABLED] Compbatt
Service C:\Windows\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service C:\Windows\system32\drivers\crcdisk.sys (Disk Block Verification Filter Driver/Microsoft Corporation) [BOOT] crcdisk
Service C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (System Level Service Utility/Creative Labs) [MANUAL] Creative ALchemy AL6 Licensing Service
Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (System Level Service Utility/Creative Labs) [MANUAL] Creative Audio Engine Licensing Service
Service C:\Windows\system32\drivers\crusoe.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] Crusoe
Service crypt32
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] CryptSvc
Service C:\Windows\system32\drivers\csc.sys (Windows Client Side Caching Driver/Microsoft Corporation) [SYSTEM] CSC
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] CscService
Service C:\Windows\system32\CSHelper.exe [AUTO] CSHelper
Service C:\Windows\system32\drivers\ctac32k.sys (Creative AC3 SW Decoder Device Driver (WDM)/Creative Technology Ltd) [MANUAL] ctac32k
Service C:\Windows\system32\drivers\ctaud2k.sys (Creative WDM Audio Device Driver/Creative Technology Ltd) [MANUAL] ctaud2k
Service C:\Windows\system32\drivers\CTAUDFX.SYS (Creative SB FX Plug-in/Creative Technology Ltd) [MANUAL] CTAUDFX
Service C:\Windows\System32\drivers\CTAUDFX.SYS (Creative SB FX Plug-in/Creative Technology Ltd) [MANUAL] CTAUDFX.SYS
Service C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Audio Service/Creative Technology Ltd) [AUTO] CTAudSvcService
Service C:\Windows\system32\drivers\ctdvda2k.sys (Creative DVD-Audio Device Driver (WDM)/Creative Technology Ltd) [MANUAL] ctdvda2k
Service C:\Windows\system32\drivers\CTERFXFX.SYS (E-MU E-DSP Effects Plugin Module/Creative Technology Ltd) [MANUAL] CTERFXFX
Service C:\Windows\System32\drivers\CTERFXFX.SYS (E-MU E-DSP Effects Plugin Module/Creative Technology Ltd) [MANUAL] CTERFXFX.SYS
Service C:\Windows\system32\drivers\ctprxy2k.sys (Creative Proxy Device Driver (WDM)/Creative Technology Ltd) [MANUAL] ctprxy2k
Service C:\Windows\system32\drivers\CTSBLFX.SYS (Creative SB FX Plug-in/Creative Technology Ltd) [MANUAL] CTSBLFX
Service C:\Windows\System32\drivers\CTSBLFX.SYS (Creative SB FX Plug-in/Creative Technology Ltd) [MANUAL] CTSBLFX.SYS
Service C:\Windows\system32\drivers\ctsfm2k.sys (SoundFont(R) Manager (WDM)/Creative Technology Ltd) [MANUAL] ctsfm2k
Service C:\Windows\system32\DRIVERS\CVirtA.sys (Cisco Systems VPN Adapter/Cisco Systems, Inc.) [MANUAL] CVirtA
Service DCLocator
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\Windows\System32\Drivers\dfsc.sys (DFS Namespace Client Driver/Microsoft Corporation) [SYSTEM] DfsC
Service C:\Windows\system32\DFSR.exe (Distributed File System Replication/Microsoft Corporation) [MANUAL] DFSR
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporatio
-
Service C:\Windows\System32\Drivers\ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] KtmRm
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] LanmanServer
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] LanmanWorkstation
Service system32\DRIVERS\Lbd.sys [BOOT] Lbd
Service ldap
Service C:\Windows\system32\DRIVERS\lltdio.sys (Link-Layer Topology Mapper I/O Driver/Microsoft Corporation) [AUTO] lltdio
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] lltdsvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] lmhosts
Service Lsa
Service C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic Fusion-MPT FC Driver (StorPort)/LSI Logic) [DISABLED] LSI_FC
Service C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic Fusion-MPT SAS Driver (StorPort)/LSI Logic) [DISABLED] LSI_SAS
Service C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic Fusion-MPT SCSI Driver (StorPort)/LSI Logic) [DISABLED] LSI_SCSI
Service C:\Windows\system32\drivers\luafv.sys (LUA File Virtualization Filter Driver/Microsoft Corporation) [AUTO] luafv
Service C:\Windows\system32\drivers\MTiCtwl.sys (MagicTunePremium Driver/Samsung Electronics, Inc. ) [SYSTEM] MagicTune
Service C:\Windows\system32\DRIVERS\MarvinBus.sys (Pinnacle Marvin Discrete Bus Enumerator/Pinnacle Systems GmbH) [MANUAL] MarvinBus
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] Mcx2Svc
Service C:\Windows\system32\drivers\megasas.sys (MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x86/LSI Corporation) [DISABLED] megasas
Service C:\Windows\system32\drivers\megasr.sys (LSI MegaRAID Software RAID Driver/LSI Corporation, Inc.) [DISABLED] MegaSR
Service C:\Windows\system32\270.tmp [MANUAL] MEMSWEEP2
Service Messenger
Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Groove Audit Service/Microsoft Corporation) [MANUAL] Microsoft Office Groove Audit Service
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MMCSS
Service C:\Windows\system32\drivers\modem.sys (Modem Device Driver/Microsoft Corporation) [MANUAL] Modem
Service C:\Windows\system32\DRIVERS\monitor.sys (Monitor Driver/Microsoft Corporation) [MANUAL] monitor
Service C:\Windows\system32\DRIVERS\motmodem.sys (Motorola USB Modem and Ports Driver/Motorola) [MANUAL] motmodem
Service C:\Windows\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) [SYSTEM] mouclass
Service C:\Windows\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) [MANUAL] mouhid
Service C:\Windows\System32\drivers\mountmgr.sys (Mount Point Manager/Microsoft Corporation) [BOOT] MountMgr
Service C:\Windows\system32\drivers\mpio.sys (MultiPath Support Bus-Driver/Microsoft Corporation) [DISABLED] mpio
Service C:\Windows\System32\drivers\mpsdrv.sys (Microsoft Protection Service Driver/Microsoft Corporation) [MANUAL] mpsdrv
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MpsSvc
Service C:\Windows\system32\drivers\mraid35x.sys (MegaRAID RAID Controller Driver for Windows Vista/Longhorn for x86/LSI Logic Corporation) [DISABLED] Mraid35x
Service C:\Windows\system32\drivers\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\Windows\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [MANUAL] mrxsmb
Service C:\Windows\system32\DRIVERS\mrxsmb10.sys (Longhorn SMB Downlevel SubRdr/Microsoft Corporation) [MANUAL] mrxsmb10
Service C:\Windows\system32\DRIVERS\mrxsmb20.sys (Longhorn SMB 2.0 Redirector/Microsoft Corporation) [MANUAL] mrxsmb20
Service C:\Windows\system32\drivers\msahci.sys (MS AHCI 1.0 Standard Driver/Microsoft Corporation) [DISABLED] msahci
Service C:\Windows\system32\drivers\msdsm.sys (Microsoft Device Specific Module/Microsoft Corporation) [DISABLED] msdsm
Service C:\Windows\System32\msdtc.exe (MS DTCconsole program/Microsoft Corporation) [MANUAL] MSDTC
Service MSDTC Bridge 3.0.0.0
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\Windows\system32\drivers\msisadrv.sys (ISA Driver/Microsoft Corporation) [BOOT] msisadrv
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] MSiSCSI
Service C:\Windows\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] msiserver
Service C:\Windows\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\Windows\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\Windows\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service (Kernel Remote Procedure Call Provider/Microsoft Corporation) [MANUAL] MsRPC
Service MSSCNTRS
Service C:\Windows\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service C:\Windows\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE
Service C:\Windows\System32\Drivers\mup.sys (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] napagent
Service C:\Windows\system32\DRIVERS\nwifi.sys (NativeWiFi Miniport Driver/Microsoft Corporation) [MANUAL] NativeWifiP
Service C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero BackItUp/Nero AG) [MANUAL] NBService
Service C:\Windows\system32\drivers\ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\Windows\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\Windows\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\Windows\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\Windows\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\Windows\System32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] netbt
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] Netlogon
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Netman
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] netprofm
Service C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetTcpPortSharing
Service C:\Windows\system32\drivers\nfrd960.sys (IBM ServeRAID Controller Driver/IBM Corporation) [DISABLED] nfrd960
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] NlaSvc
Service C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero Home/Nero AG) [MANUAL] NMIndexingService
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] nsi
Service C:\Windows\system32\drivers\nsiproxy.sys (NSI Proxy/Microsoft Corporation) [SYSTEM] nsiproxy
Service NTDS
Service (NT File System Driver/Microsoft Corporation) [MANUAL] Ntfs
Service C:\Windows\system32\drivers\ntrigdigi.sys (N-trig tablet digitizer in-box driver/N-trig Innovative Technologies) [DISABLED] ntrigdigi
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service C:\Windows\system32\DRIVERS\nvlddmkm.sys (NVIDIA Windows Kernel Mode Driver, Version 191.07 /NVIDIA Corporation) [MANUAL] nvlddmkm
Service C:\Windows\system32\drivers\nvraid.sys (NVIDIA® nForce(TM) RAID Driver/NVIDIA Corporation) [DISABLED] nvraid
Service C:\Windows\system32\drivers\nvstor.sys (NVIDIA® nForce(TM) Sata Performance Driver/NVIDIA Corporation) [DISABLED] nvstor
Service C:\Windows\system32\nvvsvc.exe (NVIDIA Driver Helper Service, Version 191.07/NVIDIA Corporation) [AUTO] nvsvc
Service C:\Windows\system32\drivers\nv_agp.sys (NForce NT AGP Filter/Microsoft Corporation) [MANUAL] nv_agp
Service system32\DRIVERS\nwlnkflt.sys [MANUAL] NwlnkFlt
Service system32\DRIVERS\nwlnkfwd.sys [MANUAL] NwlnkFwd
Service C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Office Diagnostics/Microsoft Corporation) [MANUAL] odserv
Service C:\Windows\system32\DRIVERS\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) [MANUAL] ohci1394
Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose
Service C:\Windows\system32\drivers\ctoss2k.sys (Creative OS Services Driver (WDM)/Creative Technology Ltd.) [MANUAL] ossrv
Service Outlook
Service [AUTO] P2k
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] p2pimsvc
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] p2psvc
Service C:\Windows\system32\drivers\PalmUSBD.sys (USB Driver for Palm OS Handheld Devices/PalmSource, Inc.) [MANUAL] PalmUSBD
Service C:\Windows\system32\DRIVERS\parport.sys (Parallel Port Driver/Microsoft Corporation)
-
[MANUAL] Parport
Service C:\Windows\System32\drivers\partmgr.sys (Partition Management Driver/Microsoft Corporation) [BOOT] partmgr
Service C:\Windows\system32\DRIVERS\parvdm.sys (VDM Parallel Driver/Microsoft Corporation) [AUTO] Parvdm
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PcaSvc
Service C:\Windows\system32\drivers\pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) [BOOT] pci
Service C:\Windows\system32\drivers\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [BOOT] pciide
Service C:\Windows\system32\drivers\pcmcia.sys (PCMCIA Bus Driver/Microsoft Corporation) [DISABLED] pcmcia
Service C:\Windows\System32\Drivers\pcouffin.sys (low level access layer for CD/DVD/BD devices/VSO Software) [MANUAL] pcouffin
Service C:\Windows\system32\drivers\peauth.sys (Protected Environment Authentication and Authorization Export Driver/Microsoft Corporation) [AUTO] PEAUTH
Service PerfDisk
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] pla
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PlugPlay
Service C:\Windows\system32\DRIVERS\pnetmdm.sys (PdaNet Driver/June Fabrics Technology) [MANUAL] pnetmdm
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] PNRPAutoReg
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] PNRPsvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PolicyAgent
Service PortProxy
Service C:\Windows\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service C:\Windows\system32\drivers\processr.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] Processor
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ProfSvc
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] ProtectedStorage
Service C:\Windows\system32\DRIVERS\pacer.sys (QoS Packet Scheduler/Microsoft Corporation) [SYSTEM] PSched
Service C:\Windows\system32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20
Service C:\Windows\system32\drivers\ql2300.sys (QLogic Fibre Channel Stor Miniport Driver/QLogic Corporation) [DISABLED] ql2300
Service C:\Windows\system32\drivers\ql40xx.sys (QLogic iSCSI Storport Miniport Driver/QLogic Corporation) [DISABLED] ql40xx
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] QWAVE
Service C:\Windows\system32\drivers\qwavedrv.sys (Microsoft Quality Windows Audio Video Experience (qWave) Support Driver/Microsoft Corporation) [MANUAL] QWAVEdrv
Service C:\Windows\System32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RasAuto
Service C:\Windows\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RasMan
Service C:\Windows\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service C:\Windows\system32\DRIVERS\rassstp.sys (RAS SSTP Miniport Call Manager/Microsoft Corporation) [MANUAL] RasSstp
Service C:\Windows\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] rdbss
Service C:\Windows\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service C:\Windows\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr
Service C:\Windows\system32\drivers\rdpencdd.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPENCDD
Service RDPNP
Service (RDP Terminal Stack Driver/Microsoft Corporation) [MANUAL] RDPWD
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RemoteRegistry
Service C:\Program Files\CyberLink\Shared files\RichVideo.exe [AUTO] RichVideo
Service C:\??\C:\Program Files\RivaTuner v2.22\RivaTuner32.sys [MANUAL] RivaTuner32
Service C:\Windows\System32\Drivers\RootMdm.sys (Legacy Non-Pnp Modem Device Driver/Microsoft Corporation) [MANUAL] ROOTMODEM
Service C:\Windows\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\Windows\system32\DRIVERS\rspndr.sys (Link-Layer Topology Responder Driver for NDIS 6/Microsoft Corporation) [AUTO] rspndr
Service C:\Windows\system32\DRIVERS\Rtlh86.sys (Realtek 8136/8168/8169 NDIS6 32-bit Driver /Realtek ) [MANUAL] RTL8169
Service C:\Windows\system32\DRIVERS\RtTeam60.sys (Realtek NDIS 6.0 Intermediate Miniport Driver for Teaming/Realtek Corporation) [MANUAL] RTTEAMPT
Service C:\Windows\system32\DRIVERS\RtVlan60.sys (Sample NDIS 6.0 Intermediate Miniport Driver/Windows (R) Codename Longhorn DDK provider) [MANUAL] RTVLANPT
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [AUTO] SamSs
Service C:\??\C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home XII.SP2c\WNt500x86\Sandra.sys [MANUAL] SANDRA
Service C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home XII.SP2c\RpcAgentSrv.exe (SiSoftware Deployment Agent Service (NT)(Unicode)/SiSoftware) [AUTO] SandraAgentSrv
Service C:\Windows\system32\drivers\sbp2port.sys (SBP-2 Protocol Driver/Microsoft Corporation) [DISABLED] sbp2port
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SCardSvr
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Schedule
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SCPolicySvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SDRSVC
Service (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] secdrv
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] seclogon
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SENS
Service C:\Windows\system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] Serenum
Service C:\Windows\system32\DRIVERS\serial.sys (Serial Device Driver/Microsoft Corporation) [SYSTEM] Serial
Service C:\Windows\system32\drivers\sermouse.sys (Serial Mouse Filter Driver/Microsoft Corporation) [DISABLED] sermouse
Service ServiceModelEndpoint 3.0.0.0
Service ServiceModelOperation 3.0.0.0
Service ServiceModelService 3.0.0.0
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SessionEnv
Service C:\Windows\system32\drivers\sffdisk.sys (Small Form Factor Disk Driver/Microsoft Corporation) [DISABLED] sffdisk
Service C:\Windows\system32\drivers\sffp_mmc.sys (Small Form Factor MMC Protocol Driver/Microsoft Corporation) [MANUAL] sffp_mmc
Service C:\Windows\system32\drivers\sffp_sd.sys (Small Form Factor SD Protocol Driver/Microsoft Corporation) [MANUAL] sffp_sd
Service C:\Windows\system32\DRIVERS\sfloppy.sys (SCSI Floppy Driver/Microsoft Corporation) [MANUAL] sfloppy
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SharedAccess
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ShellHWDetection
Service C:\Windows\system32\drivers\sisagp.sys (SIS NT AGP Filter/Microsoft Corporation) [MANUAL] sisagp
Service C:\Windows\system32\drivers\sisraid2.sys (SiS RAID Stor Miniport Driver/Microsoft Corporation) [DISABLED] SiSRaid2
Service C:\Windows\system32\drivers\sisraid4.sys (SiS AHCI Stor-Miniport Driver/Silicon Integrated Systems) [DISABLED] SiSRaid4
Service C:\Windows\system32\SLsvc.exe (Microsoft Software Licensing Service/Microsoft Corporation) [AUTO] slsvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SLUINotify
Service C:\Windows\system32\DRIVERS\smb.sys (SMB Transport driver/Microsoft Corporation) [SYSTEM] Smb
Service SMSvcHost 3.0.0.0
Service C:\Windows\System32\snmptrap.exe (SNMP Trap/Microsoft Corporation) [MANUAL] SNMPTRAP
Service (loader for security processor/Microsoft Corporation) [BOOT] spldr
Service C:\Windows\System32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\Windows\System32\Drivers\sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) [DISABLED] sptd
Service C:\Windows\System32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] srv
Service C:\Windows\System32\DRIVERS\srv2.sys (Smb 2.0 Server driver/Microsoft Corporation) [MANUAL] srv2
Service C:\Windows\System32\DRIVERS\srvnet.sys (Server Network driver/Microsoft Corporation) [MANUAL] srvnet
Service C:\Windows\system32\DRIVERS\sscdbus.sys (SAMSUNG USB Composite Device Driver/MCCI) [MANUAL] sscdbus
Service C:\Windows\system32\DRIVERS\sscdmdfl.sys (SAMSUNG CDMA Modem Filter Driver/MCCI) [MANUAL] sscdmdfl
Service C:\Windows\system32\DRIVERS\sscdmdm.sys (SAMSUNG CDMA Modem WDM/MCCI) &n
-
Service C:\Windows\system32\DRIVERS\sscdserd.sys (SAMSUNG CDMA Modem Diagnostic Serial Port Device Driver/MCCI) [MANUAL] sscdserd
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SSDPSRV
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SstpSvc
Service C:\Program [MANUAL] Steam Client Service
Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Stereo Vision Control Panel API Server/NVIDIA Corporation) [AUTO] Stereo Service
Service C:\Windows\system32\DRIVERS\serscan.sys (Serial Imaging Device Driver/Microsoft Corporation) [MANUAL] StillCam
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] stisvc
Service C:\Windows\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] swprv
Service C:\Windows\system32\drivers\symc8xx.sys (LSI Logic 8XX SCSI Miniport Driver/LSI Logic) [DISABLED] Symc8xx
Service C:\Windows\system32\drivers\sym_hi.sys (LSI Logic Hi-Perf SCSI Miniport Driver/LSI Logic) [DISABLED] Sym_hi
Service C:\Windows\system32\drivers\sym_u3.sys (LSI Logic Ultra160 SCSI Miniport Driver/LSI Logic) [DISABLED] Sym_u3
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SysMain
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TabletInputService
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TBS
Service C:\Windows\System32\drivers\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [BOOT] Tcpip
Service C:\Windows\system32\DRIVERS\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [MANUAL] Tcpip6
Service C:\Windows\System32\drivers\tcpipreg.sys (TCP/IP Registry Compatibility Driver/Microsoft Corporation) [AUTO] tcpipreg
Service C:\Windows\system32\drivers\tdpipe.sys (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service C:\Windows\system32\drivers\tdtcp.sys (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\Windows\system32\DRIVERS\tdx.sys (TDI Translation Driver/Microsoft Corporation) [SYSTEM] tdx
Service C:\Windows\system32\DRIVERS\RtTeam60.sys (Realtek NDIS 6.0 Intermediate Miniport Driver for Teaming/Realtek Corporation) [MANUAL] TEAM
Service C:\Windows\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TermService
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Themes
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] THREADORDER
Service C:\Windows\system32\drivers\TotRec7.sys (Total Recorder WDM audio driver/High Criteria inc.) [MANUAL] TotRec7
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TrkWks
Service C:\Windows\System32\drivers\truecrypt.sys (TrueCrypt Driver/TrueCrypt Foundation) [SYSTEM] truecrypt
Service C:\Windows\servicing\TrustedInstaller.exe (Windows Modules Installer/Microsoft Corporation) [MANUAL] TrustedInstaller
Service TSDDD
Service C:\Windows\System32\DRIVERS\tssecsrv.sys (TS Security Filter Driver/Microsoft Corporation) [MANUAL] tssecsrv
Service C:\Windows\system32\DRIVERS\tunmp.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) [MANUAL] tunmp
Service C:\Windows\system32\DRIVERS\tunnel.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) [MANUAL] tunnel
Service C:\Windows\system32\drivers\uagp35.sys (MS AGPv3.5 Filter/Microsoft Corporation) [MANUAL] uagp35
Service C:\Windows\system32\DRIVERS\udfs.sys (UDF File System Driver/Microsoft Corporation) [DISABLED] udfs
Service C:\Program Files\VMware\VMware Player\vmware-ufad.exe (VMware Host Process for Ufa Services/VMware, Inc.) [MANUAL] ufad-ws60
Service UGatherer
Service UGTHRSVC
Service C:\Windows\system32\UI0Detect.exe (Interactive services detection/Microsoft Corporation) [MANUAL] UI0Detect
Service C:\Windows\system32\drivers\uliagpkx.sys (ULi AGPv3.0 Filter for K8/9 Processor Platforms/Microsoft Corporation) [MANUAL] uliagpkx
Service C:\Windows\system32\drivers\uliahci.sys (ULi SATA Controller Driver/ULi Electronics Inc.) [DISABLED] uliahci
Service C:\Windows\system32\drivers\ulsata.sys (Promise Ultra/Sata Series Driver for Win2003/Promise Technology, Inc.)
---- EOF - GMER 1.0.15 ----
-
Open GMER, only checkmark Sections. Do the scan, and post a log, please.
-
My "Sections" only log:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-24 11:02:19
Windows 6.0.6001 Service Pack 1
Running: gmer.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\pggdikod.sys
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetTimerEx + 34C 85EFCA10 4 Bytes [D0, 5B, 78, 96] {RCR BYTE [EBX+0x78], 0x1; XCHG ESI, EAX}
.text ntkrnlpa.exe!KeSetTimerEx + 370 85EFCA34 8 Bytes [2C, 75, 78, 96, 82, 77, 78, ...] {SUB AL, 0x75; JS 0xffffffffffffff9a; XOR BYTE [EDI+0x78], -0x6a}
.text ntkrnlpa.exe!KeSetTimerEx + 3B4 85EFCA78 4 Bytes [FC, 79, 78, 96] {CLD ; JNS 0x7b; XCHG ESI, EAX}
.text ntkrnlpa.exe!KeSetTimerEx + 3DC 85EFCAA0 4 Bytes [50, 64, 78, 96]
.text ntkrnlpa.exe!KeSetTimerEx + 3F4 85EFCAB8 4 Bytes [32, 6B, 78, 96] {XOR CH, [EBX+0x78]; XCHG ESI, EAX}
.text ...
PAGE spsys.sys!?SPVersion@@3PADA + 1A67 81E5403F 240 Bytes [8B, FF, 55, 8B, EC, 8B, 45, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 1B58 81E54130 6 Bytes [0E, 83, 78, 14, 01, 75]
PAGE spsys.sys!?SPVersion@@3PADA + 1B5F 81E54137 2214 Bytes [83, 78, 18, 37, 75, 02, B3, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 2406 81E549DE 47 Bytes [04, BB, A8, 01, 00, 00, 8D, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 2436 81E54A0E 44 Bytes [05, 00, 00, 39, 54, 8D, D0, ...]
PAGE ...
---- User code sections - GMER 1.0.15 ----
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2152] C:\Windows\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2152] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: 32.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2152] USER32.dll!GetAppCompatFlags2 + 880 76706390 4 Bytes [70, 11, 33, 6D]
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2556] C:\Windows\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2556] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: 32.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2556] USER32.dll!GetAppCompatFlags2 + 880 76706390 4 Bytes [70, 11, 33, 6D]
---- EOF - GMER 1.0.15 ----
-
- Please go to VirSCAN.org FREE on-line scan (http://virscan.org/)
service[/u][/color][/url]
- Browse for the following file path into the "Suspicious files to scan" box on the top of the page:
- C:\windows\system32\drivers\spsys.sys
- Click on the Upload button
- If a pop-up appears saying the file has been scanned already, please select the ReScan button.
- Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
- Paste the contents of the Clipboard in your next reply.
-
VirSCAN.org Scanned Report :
Scanned time : 2010/04/24 13:23:38 (CDT)
Scanner results: Scanners did not find malware!
File Name : spsys.sys
File Size : 681984 byte
File Type : PE32 executable for MS Windows (native) Intel 80386 32-bit
MD5 : f713e67c329ce82ff1e1ebb497887427
SHA1 : 5cf16ea140cfd9b1b555776d936ae63df4cca0e b
Online report : http://virscan.org/report/55fe8b3c24fb9ef257844cb8e8cd14b2.html
Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20100424050718 2010-04-24 5.46 -
AhnLab V3 2010.04.25.00 2010.04.25 2010-04-25 1.24 -
AntiVir 8.2.1.224 7.10.6.197 2010-04-23 0.26 -
Antiy 2.0.18 20100423.4250129 2010-04-23 0.02 -
Arcavir 2009 201004232019 2010-04-23 0.10 -
Authentium 5.1.1 201004240338 2010-04-24 4.27 -
AVAST! 4.7.4 100424-0 2010-04-24 0.03 -
AVG 8.5.720 271.1.1/2832 2010-04-24 0.22 -
BitDefender 7.81008.5687802 7.31365 2010-04-25 3.65 -
ClamAV 0.95.3 10807 2010-04-24 0.10 -
Comodo 3.13.579 4675 2010-04-24 0.91 -
CP Secure 1.3.0.5 2010.04.20 2010-04-20 0.10 -
Dr.Web 5.0.2.3300 2010.04.24 2010-04-24 6.74 -
F-Prot 4.4.4.56 20100424 2010-04-24 3.87 -
F-Secure 7.02.73807 2010.04.24.05 2010-04-24 10.95 -
Fortinet 4.0.14 11.739 2010-04-24 0.23 -
GData 21.17/21.7 20100424 2010-04-24 11.09 -
ViRobot 20100423 2010.04.23 2010-04-23 0.41 -
Ikarus T3.1.01.80 2010.04.24.75707 2010-04-24 5.95 -
JiangMin 13.0.900 2010.04.24 2010-04-24 3.92 -
Kaspersky 5.5.10 2010.04.24 2010-04-24 0.09 -
KingSoft 2009.2.5.15 2010.4.24.17 2010-04-24 0.65 -
McAfee 5400.1158 5955 2010-04-18 0.02 -
Microsoft 1.5703 2010.04.24 2010-04-24 7.27 -
Norman 6.04.11 6.04.00 2010-04-22 8.01 -
Panda 9.05.01 2010.04.24 2010-04-24 4.28 -
Trend Micro 9.120-1004 7.124.07 2010-04-24 0.00 -
Quick Heal 10.00 2010.04.23 2010-04-23 1.94 -
Rising 20.0 22.44.05.04 2010-04-24 1.29 -
Sophos 3.06.0 4.52 2010-04-25 3.60 -
Sunbelt 3.9.2418.2 6215 2010-04-23 5.52 -
Symantec 1.3.0.24 20100424.006 2010-04-24 0.22 -
nProtect 20100424.01 8042441 2010-04-24 8.49 -
The Hacker 6.5.2.0 v00268 2010-04-23 0.76 -
VBA32 3.12.12.4 20100423.0824 2010-04-23 3.00 -
VirusBuster 4.5.11.10 10.125.1/2032637 2010-04-23 2.97 -
-
Delete any old version of TDSSKiller.
Download this << file >> (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) & extract TDSSKiller.exe onto your Desktop.. but first rename it to WINlogON.exe
Then create this batch file to be placed next to TDSSKiller
=====
Open NOTEPAD.exe and copy/paste the text in the quotebox below into it:
@ECHO OFF
START /WAIT WINlogON.exe -l Logit.txt -v
START Logit.txt
del %0Save this as fix.bat Choose to "Save type as - All Files"
It should look like this: (http://i266.photobucket.com/albums/ii277/sUBs_/bat_icon.gif)
Double click on fix.bat & allow it to run
Post back to tell me what it says
-
10:11:32:838 4560 TDSS rootkit removing tool 2.2.8.1 Mar 22 2010 10:43:04
10:11:32:838 4560 ================================================================================
10:11:32:838 4560 SystemInfo:
10:11:32:838 4560 OS Version: 6.0.6001 ServicePack: 1.0
10:11:32:838 4560 Product type: Workstation
10:11:32:838 4560 ComputerName: HEAVENH-IPND9NT
10:11:32:838 4560 UserName: Administrator
10:11:32:838 4560 Windows directory: C:\Windows
10:11:32:838 4560 Processor architecture: Intel x86
10:11:32:838 4560 Number of processors: 4
10:11:32:838 4560 Page size: 0x1000
10:11:32:838 4560 Boot type: Normal boot
10:11:32:838 4560 ================================================================================
10:11:32:838 4560 UnloadDriverW: NtUnloadDriver error 2
10:11:32:838 4560 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2
10:11:32:947 4560 wfopen_ex: Trying to open file C:\Windows\system32\config\system
10:11:32:947 4560 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
10:11:32:947 4560 wfopen_ex: Trying to KLMD file open
10:11:32:947 4560 wfopen_ex: File opened ok (Flags 2)
10:11:32:979 4560 wfopen_ex: Trying to open file C:\Windows\system32\config\software
10:11:32:979 4560 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
10:11:32:979 4560 wfopen_ex: Trying to KLMD file open
10:11:32:979 4560 wfopen_ex: File opened ok (Flags 2)
10:11:32:979 4560 Initialize success
10:11:32:979 4560
10:11:32:979 4560 Scanning Services ...
10:11:35:256 4560 Raw services enum returned 506 services
10:11:35:256 4560
10:11:35:256 4560 Scanning Kernel memory ...
10:11:35:256 4560 Devices to scan: 3
10:11:35:256 4560
10:11:35:256 4560 Driver Name: atapi
10:11:35:256 4560 IRP_MJ_CREATE : 869C10FC
10:11:35:256 4560 IRP_MJ_CREATE_NAMED_PIPE : 85E38013
10:11:35:256 4560 IRP_MJ_CLOSE : 869C10FC
10:11:35:256 4560 IRP_MJ_READ : 85E38013
10:11:35:256 4560 IRP_MJ_WRITE : 85E38013
10:11:35:256 4560 IRP_MJ_QUERY_INFORMATION : 85E38013
10:11:35:256 4560 IRP_MJ_SET_INFORMATION : 85E38013
10:11:35:256 4560 IRP_MJ_QUERY_EA : 85E38013
10:11:35:256 4560 IRP_MJ_SET_EA : 85E38013
10:11:35:256 4560 IRP_MJ_FLUSH_BUFFERS : 85E38013
10:11:35:256 4560 IRP_MJ_QUERY_VOLUME_INFORMATION : 85E38013
10:11:35:256 4560 IRP_MJ_SET_VOLUME_INFORMATION : 85E38013
10:11:35:256 4560 IRP_MJ_DIRECTORY_CONTROL : 85E38013
10:11:35:256 4560 IRP_MJ_FILE_SYSTEM_CONTROL : 85E38013
10:11:35:256 4560 IRP_MJ_DEVICE_CONTROL : 869AF9D6
10:11:35:256 4560 IRP_MJ_INTERNAL_DEVICE_CONTROL : 869AF9A8
10:11:35:256 4560 IRP_MJ_SHUTDOWN : 85E38013
10:11:35:256 4560 IRP_MJ_LOCK_CONTROL : 85E38013
10:11:35:256 4560 IRP_MJ_CLEANUP : 85E38013
10:11:35:256 4560 IRP_MJ_CREATE_MAILSLOT : 85E38013
10:11:35:256 4560 IRP_MJ_QUERY_SECURITY : 85E38013
10:11:35:256 4560 IRP_MJ_SET_SECURITY : 85E38013
10:11:35:256 4560 IRP_MJ_POWER : 869AFA04
10:11:35:256 4560 IRP_MJ_SYSTEM_CONTROL : 869BCB70
10:11:35:256 4560 IRP_MJ_DEVICE_CHANGE : 85E38013
10:11:35:256 4560 IRP_MJ_QUERY_QUOTA : 85E38013
10:11:35:256 4560 IRP_MJ_SET_QUOTA : 85E38013
10:11:35:272 4560 C:\Windows\system32\drivers\atapi.sys - Verdict: 1
10:11:35:272 4560
10:11:35:272 4560 Driver Name: atapi
10:11:35:272 4560 IRP_MJ_CREATE : 869C10FC
10:11:35:272 4560 IRP_MJ_CREATE_NAMED_PIPE : 85E38013
10:11:35:272 4560 IRP_MJ_CLOSE : 869C10FC
10:11:35:272 4560 IRP_MJ_READ : 85E38013
10:11:35:272 4560 IRP_MJ_WRITE : 85E38013
10:11:35:272 4560 IRP_MJ_QUERY_INFORMATION : 85E38013
10:11:35:272 4560 IRP_MJ_SET_INFORMATION : 85E38013
10:11:35:272 4560 IRP_MJ_QUERY_EA : 85E38013
10:11:35:272 4560 IRP_MJ_SET_EA : 85E38013
10:11:35:272 4560 IRP_MJ_FLUSH_BUFFERS : 85E38013
10:11:35:272 4560 IRP_MJ_QUERY_VOLUME_INFORMATION : 85E38013
10:11:35:272 4560 IRP_MJ_SET_VOLUME_INFORMATION : 85E38013
10:11:35:272 4560 IRP_MJ_DIRECTORY_CONTROL : 85E38013
10:11:35:272 4560 IRP_MJ_FILE_SYSTEM_CONTROL : 85E38013
10:11:35:272 4560 IRP_MJ_DEVICE_CONTROL : 869AF9D6
10:11:35:272 4560 IRP_MJ_INTERNAL_DEVICE_CONTROL : 869AF9A8
10:11:35:272 4560 IRP_MJ_SHUTDOWN : 85E38013
10:11:35:272 4560 IRP_MJ_LOCK_CONTROL : 85E38013
10:11:35:272 4560 IRP_MJ_CLEANUP : 85E38013
10:11:35:272 4560 IRP_MJ_CREATE_MAILSLOT : 85E38013
10:11:35:272 4560 IRP_MJ_QUERY_SECURITY : 85E38013
10:11:35:272 4560 IRP_MJ_SET_SECURITY : 85E38013
10:11:35:272 4560 IRP_MJ_POWER : 869AFA04
10:11:35:272 4560 IRP_MJ_SYSTEM_CONTROL : 869BCB70
10:11:35:272 4560 IRP_MJ_DEVICE_CHANGE : 85E38013
10:11:35:272 4560 IRP_MJ_QUERY_QUOTA : 85E38013
10:11:35:272 4560 IRP_MJ_SET_QUOTA : 85E38013
10:11:35:272 4560 C:\Windows\system32\drivers\atapi.sys - Verdict: 1
10:11:35:272 4560
10:11:35:272 4560 Driver Name: atapi
10:11:35:272 4560 IRP_MJ_CREATE : 869C10FC
10:11:35:272 4560 IRP_MJ_CREATE_NAMED_PIPE : 85E38013
10:11:35:272 4560 IRP_MJ_CLOSE : 869C10FC
10:11:35:272 4560 IRP_MJ_READ : 85E38013
10:11:35:272 4560 IRP_MJ_WRITE : 85E38013
10:11:35:272 4560 IRP_MJ_QUERY_INFORMATION : 85E38013
10:11:35:272 4560 IRP_MJ_SET_INFORMATION : 85E38013
10:11:35:272 4560 IRP_MJ_QUERY_EA : 85E38013
10:11:35:272 4560 IRP_MJ_SET_EA : 85E38013
10:11:35:272 4560 IRP_MJ_FLUSH_BUFFERS : 85E38013
10:11:35:272 4560 IRP_MJ_QUERY_VOLUME_INFORMATION : 85E38013
10:11:35:272 4560 IRP_MJ_SET_VOLUME_INFORMATION : 85E38013
10:11:35:272 4560 IRP_MJ_DIRECTORY_CONTROL : 85E38013
10:11:35:272 4560 IRP_MJ_FILE_SYSTEM_CONTROL : 85E38013
10:11:35:272 4560 IRP_MJ_DEVICE_CONTROL : 869AF9D6
10:11:35:272 4560 IRP_MJ_INTERNAL_DEVICE_CONTROL : 869AF9A8
10:11:35:272 4560 IRP_MJ_SHUTDOWN : 85E38013
10:11:35:272 4560 IRP_MJ_LOCK_CONTROL : 85E38013
10:11:35:272 4560 IRP_MJ_CLEANUP : 85E38013
10:11:35:272 4560 IRP_MJ_CREATE_MAILSLOT : 85E38013
10:11:35:272 4560 IRP_MJ_QUERY_SECURITY : 85E38013
10:11:35:272 4560 IRP_MJ_SET_SECURITY : 85E38013
10:11:35:272 4560 IRP_MJ_POWER : 869AFA04
10:11:35:272 4560 IRP_MJ_SYSTEM_CONTROL : 869BCB70
10:11:35:272 4560 IRP_MJ_DEVICE_CHANGE : 85E38013
10:11:35:272 4560 IRP_MJ_QUERY_QUOTA : 85E38013
10:11:35:272 4560 IRP_MJ_SET_QUOTA : 85E38013
10:11:35:272 4560 C:\Windows\system32\drivers\atapi.sys - Verdict: 1
10:11:35:272 4560
10:11:35:272 4560 Completed
10:11:35:272 4560
10:11:35:272 4560 Results:
10:11:35:272 4560 Memory objects infected / cured / cured on reboot: 0 / 0 / 0
10:11:35:272 4560 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
10:11:35:272 4560 File objects infected / cured / cured on reboot: 0 / 0 / 0
10:11:35:272 4560
10:11:35:287 4560 fclose_ex: Trying to close file C:\Windows\system32\config\system
10:11:35:287 4560 fclose_ex: Trying to close file C:\Windows\system32\config\software
10:11:35:334 4560 MyDeleteFileW: MyNtCreateFile (C:\Windows\system32\drivers\klmd.sys) error 32
10:11:35:334 4560 KLMD(ARK) unloaded successfully
-
Hmm....
Please download DrWeb-CureIt and save it to your Desktop. Do NOT perform a scan yet
Link:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
- Double-click on drweb-cureit.exe to start the program.
An Express Scan of your PC notice will appear.
- Under Start the Express Scan Now, Click OK to start the scan.
This is a short scan that will scan the files currently running in memory.
If something is found, click the Yes button when it asks you if you want to cure it.
- Once the short scan has finished, Click Options > Change settings
- Choose the Scan tab and UNcheck Heuristic analysis
- Back at the main window, click Custom Scan, then Select drives (a red dot will show which drives have been chosen).
- Then click the Start/Stop Scanning button (green arrow on the right, and the scan will start.
- When finished, a message will be displayed at the bottom advising if any viruses were found.
- Click Yes to all if it asks if you want to cure/move the file.
- When the scan has finished, look if you can see the icon next to the files found.
If so, click it, then click the next icon right below and select Move incurable.
(This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
- Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
- Save the DrWeb.csv report to your Desktop.
- Exit Dr.Web Cureit when you have finished.
- Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
- After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)
-
Hi,
The scan finally completed. It took about 20 hours. The log file it created is 172 MB and over 4000 pages long. I cannot attach it because the maximum attachment size allowed is 700 KB and I am not going to sit here and copy and paste 4000 pages into the forum. Let me know what to do from here. Thanks
Here are the scan statistics though:
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Scanned: 1275155
Infected: 0
Modifications: 4
Suspicious: 0
Adware: 0
Dialers: 0
Jokes: 0
Riskware: 0
Hacktools: 0
Cured: 0
Deleted: 0
Renamed: 0
Moved: 4
Ignored: 0
Scan speed: 50 Kb/s
Scan time: 20:11:27
-----------------------------------------------------------------------------
=============================================================================
Total session statistics
=============================================================================
Scanned: 1316457
Infected: 0
Modifications: 4
Suspicious: 0
Adware: 0
Dialers: 0
Jokes: 0
Riskware: 0
Hacktools: 0
Cured: 0
Deleted: 0
Renamed: 0
Moved: 4
Ignored: 0
Scan speed: 55 Kb/s
Scan time: 20:44:51
=============================================================================
-
Odd.
Delete your copy of ComboFix, and download an updated one from here and run it, post a log:
BleepingComputer.com (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
-
ComboFix 10-04-26.05 - Administrator 04/28/2010 0:14.7.4 - x86
Windows Windows Vista™ Extreme Edition 6.0.6001.1.1252.1.1033.18.3325.1874 [GMT -5:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Created from 2010-03-28 to 2010-04-28 )))))))))))))))))))))))))))))))
.
2010-04-28 05:24 . 2010-04-28 05:24 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-28 05:24 . 2010-04-28 05:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-26 03:13 . 2010-04-27 03:57 -------- d-----w- c:\users\Administrator\DoctorWeb
2010-04-23 19:37 . 2010-04-23 19:37 658184 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-04-22 23:59 . 2010-04-23 00:01 -------- d-----w- c:\program files\WhoCrashed
2010-04-20 05:12 . 2010-02-23 11:32 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-20 05:12 . 2010-02-23 11:32 78848 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-20 05:12 . 2010-02-23 11:32 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-20 05:12 . 2010-02-18 14:49 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-20 05:12 . 2010-02-18 14:49 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-20 05:12 . 2010-02-18 14:49 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-20 05:12 . 2010-02-18 14:11 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-20 05:12 . 2010-02-18 11:52 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-20 05:12 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-04-20 05:12 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll
2010-04-20 05:11 . 2010-01-15 00:04 98304 ----a-w- c:\windows\system32\cabview.dll
2010-04-19 19:59 . 2010-04-19 19:59 255472 ----a-w- c:\users\Administrator\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
2010-04-18 18:24 . 2010-02-01 01:45 38784 ----a-w- c:\users\Administrator\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-04-18 18:24 . 2010-02-01 01:45 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-04-18 18:24 . 2010-04-18 18:24 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-04-18 18:23 . 2010-04-18 18:23 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe
2010-04-18 18:21 . 2010-04-18 18:21 -------- d-----w- c:\program files\Common Files\Java
2010-04-18 18:21 . 2010-04-12 22:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-18 18:20 . 2010-04-20 05:05 -------- d-----w- c:\programdata\NOS
2010-04-18 17:51 . 2010-04-25 15:11 36488 ----a-w- c:\windows\system32\drivers\klmd.sys
2010-04-18 00:08 . 2010-04-18 00:08 932368 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2010-04-18 00:08 . 2010-04-18 00:08 678416 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2010-04-18 00:08 . 2010-04-18 00:08 604688 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2010-04-18 00:08 . 2010-04-18 00:08 522768 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2010-04-18 00:08 . 2010-04-18 00:08 1096208 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2010-04-17 16:32 . 2010-04-28 05:24 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2010-04-17 16:15 . 2010-04-17 16:32 -------- d-----w- C:\commy
2010-04-16 02:20 . 2010-01-21 16:46 441168 ----a-w- c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k8nxc5os.default\extensions\[email protected]\plugins\npLogitechDeviceDetection.dll
2010-04-15 23:21 . 2010-03-05 02:50 261152 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2010-04-15 23:21 . 2010-02-04 01:24 94208 ----a-w- c:\windows\system32\RTNUninst32.dll
2010-04-15 23:21 . 2009-12-03 22:27 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-04-15 04:33 . 2010-04-15 04:58 -------- d-----w- C:\RootRepeal
2010-04-14 02:00 . 2010-04-14 02:00 -------- d-----w- c:\program files\Trend Micro
2010-04-13 04:00 . 2010-04-13 04:00 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-04-13 03:59 . 2010-04-17 20:37 -------- d-----w- c:\users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
2010-04-13 03:59 . 2010-04-17 20:37 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-04-13 03:18 . 2010-04-13 03:18 12872 ----a-w- c:\windows\system32\bootdelete.exe
2010-04-13 03:07 . 2010-04-13 03:19 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-04-13 03:07 . 2010-04-13 03:18 -------- d-----w- c:\programdata\Hitman Pro
2010-04-13 03:07 . 2010-04-13 03:07 -------- d-----w- c:\program files\Hitman Pro 3.5
2010-04-13 02:50 . 2010-04-13 02:50 -------- d-----w- c:\windows\Vista
2010-04-09 00:31 . 2010-04-09 00:36 -------- d-----w- C:\CF21711C
2010-04-09 00:23 . 2010-04-09 00:25 -------- d-----w- C:\CF14740C
2010-04-09 00:21 . 2010-04-09 00:23 -------- d-----w- C:\CF26000C
2010-04-09 00:20 . 2010-04-09 00:20 -------- d-----w- C:\CF
2010-04-08 04:12 . 2010-04-08 04:12 -------- d-----w- c:\program files\Sophos
2010-04-06 18:17 . 2010-04-06 18:17 -------- d-----w- c:\program files\FileASSASSIN
2010-04-06 18:12 . 2010-04-06 18:12 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared
2010-04-06 18:12 . 2010-04-06 18:12 -------- d-----w- c:\program files\GiPo@Utilities
2010-04-06 04:16 . 2010-04-06 17:23 -------- d-----w- c:\program files\Common Files\PC Tools
2010-04-04 04:47 . 2010-04-04 04:47 270398 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{F2080246-09F7-4AAA-81D3-797A5D495D65}\_6FEFF9B68218417F98F549.exe
2010-04-04 04:47 . 2010-04-04 04:47 270398 ----a-r- c:\users\Administrator\AppData\Roaming\Microsoft\Installer\{F2080246-09F7-4AAA-81D3-797A5D495D65}\_62540AA1BC7B99A206401C.exe
2010-04-04 04:47 . 2010-04-04 04:47 -------- d-----w- c:\program files\Jugaari
2010-04-04 04:22 . 2008-03-19 21:13 36864 ----a-w- c:\windows\system32\V0500Pin.dll
2010-04-04 04:22 . 2008-03-19 21:13 32768 ----a-w- c:\windows\system32\V0500Hwx.dll
2010-04-04 04:22 . 2008-03-19 21:13 262144 ----a-w- c:\windows\system32\V0500Cvw.dll
2010-04-04 04:22 . 2008-03-19 21:13 251264 ----a-w- c:\windows\system32\drivers\V0500Vid.sys
2010-04-04 04:22 . 2008-03-19 21:13 20480 ----a-w- c:\windows\system32\V0500Srv.exe
2010-04-04 04:22 . 2008-03-19 21:12 90112 ----a-w- c:\windows\CtDrvIns.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-27 04:19 . 2009-10-30 18:58 -------- d-----w- c:\programdata\Kaspersky Lab
2010-04-27 04:19 . 2009-11-04 03:38 62927 ----a-w- c:\programdata\nvModes.dat
2010-04-27 04:19 . 2009-05-09 02:19 -------- d-----w- c:\programdata\VMware
2010-04-27 04:19 . 2009-01-18 17:15 -------- d-----w- c:\programdata\NVIDIA
2010-04-25 15:07 . 2009-01-18 16:45 1356 ----a-w- c:\users\Administrator\AppData\Local\d3d9caps.dat
2010-04-21 17:15 . 2009-07-11 22:30 -------- d-----w- c:\users\Administrator\AppData\Roaming\vlc
2010-04-20 05:29 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-04-20 05:18 . 2009-01-18 16:48 -------- d-----w- c:\programdata\Microsoft Help
2010-04-18 18:26 . 2009-01-22 19:23 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-18 18:21 . 2009-03-06 01:34 -------- d-----w- c:\program files\Java
2010-04-18 01:48 . 2009-02-03 21:01 -------- d-----w- c:\users\Administrator\AppData\Roaming\uTorrent
2010-04-18 00:07 . 2010-04-18 00:07 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\fssync.dll
2010-04-18 00:07 . 2010-04-18 00:07 397328 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\oeas.dll
2010-04-18 00:07 . 2010-04-18 00:07 311312 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\sys\i386\6.0\klif.sys
2010-04-18 00:07 . 2010-04-18 00:07 19472 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\kloehk.dll
2010-04-18 00:07 . 2010-04-18 00:07 109072 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\mzvkbd3.dll
2010-04-18 00:07 . 2010-04-18 00:07 80400 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\fssync.dll
2010-04-18 00:07 . 2010-04-18 00:07 397328 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\oeas.dll
2010-04-18 00:07 . 2010-04-18 00:07 17936 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\kloehk.dll
2010-04-18 00:07 . 2010-04-18 00:07 109072 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\mzvkbd3.dll
2010-04-18 00:07 . 2010-04-18 00:07 311312 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\sys\i386\6.0\klif.sys
2010-04-17 20:45 . 2010-04-17 20:45 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2010-04-17 20:45 . 2010-04-17 20:45 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2010-04-17 20:43 . 2009-02-04 04:15 -------- d-----w- c:\program files\Kaspersky Lab
2010-04-17 20:37 . 2009-01-18 17:09 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-17 20:35 . 2009-02-04 04:14 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2010-04-16 17:37 . 2006-11-02 08:51 21560 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-04-15 23:21 . 2009-01-18 17:16 -------- d-----w- c:\program files\Realtek
2010-04-08 13:40 . 2006-11-02 08:51 21560 ----a-w- c:\windows\system32\drivers\atapi.svs
2010-04-08 03:59 . 2009-01-18 17:16 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-06 05:51 . 2009-01-25 20:06 -------- d-----w- c:\program files\ASTRA32
2010-04-06 04:29 . 2009-02-03 20:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-06 04:18 . 2009-04-01 02:24 5918776 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-03-29 20:24 . 2009-02-03 20:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 20:24 . 2009-02-03 20:46 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-20 02:29 . 2010-03-20 02:29 23 --sha-w- c:\windows\system32\edacded0.dat
2010-03-20 02:29 . 2010-03-20 02:29 -------- d-----w- c:\program files\jv16 PowerTools 2009
2010-03-19 17:44 . 2010-03-19 17:44 -------- d-----w- c:\program files\SoftLogica
2010-03-15 01:36 . 2010-03-15 01:36 -------- d-----w- c:\program files\QS
2010-03-15 01:35 . 2010-03-15 01:35 -------- d-----w- c:\users\Administrator\AppData\Roaming\TeamViewer
2010-03-14 21:17 . 2009-02-03 21:01 -------- d-----w- c:\program files\uTorrent
2010-03-14 03:46 . 2010-03-14 03:44 -------- d-----w- c:\program files\PhotoRescue PC v3.1.14.12271
2010-03-14 03:36 . 2009-06-15 06:40 -------- d-----w- c:\programdata\OfficeRecovery
2010-03-14 03:33 . 2010-03-14 03:33 -------- d-----w- c:\users\Administrator\AppData\Roaming\OfficeRecovery
2010-03-14 03:32 . 2009-06-15 06:40 -------- d-----w- c:\program files\OfficeRecovery
2010-03-14 03:27 . 2010-03-14 03:25 -------- d-----w- c:\users\Administrator\AppData\Roaming\XnView
2010-03-13 22:49 . 2009-01-22 01:21 -------- d-----w- c:\program files\DOSBox-0.72
2010-03-04 22:45 . 2009-04-21 01:02 -------- d-----w- c:\program files\Palm
2010-02-24 15:16 . 2009-10-08 16:59 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 06:39 . 2010-04-01 02:59 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-04-01 02:59 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-04-01 02:59 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-04-01 02:59 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-20 23:39 . 2010-03-13 03:56 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:37 . 2010-03-13 03:56 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 21:18 . 2010-03-13 03:56 411136 ----a-w- c:\windows\system32\drivers\http.sys
2008-04-04 09:50 . 2008-04-04 09:22 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
------- Sigcheck -------
[-] 2008-01-26 . 2406E3A5FAE743DCE81168A8CDB8573F . 247296 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-04-04 1233920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-04-04 1008184]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-21 340456]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DevconDefaultDB"="c:\windows\system32\READREG" [X]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{73526E5A-FD53-4BE7-B5E2-D3C89D7413DC}"= "c:\windows\System32\Branding\folderbg\VistaFolderBackground.dll" [2008-04-05 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"wave"=DrvTrNTm.dll
"mixer"=DrvTrNTm.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.lnk
backup=c:\windows\pss\GammaTray.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HotSync Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEMonitor.lnk]
path=c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEMonitor.lnk
backup=c:\windows\pss\MEMonitor.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-06-12 03:43 640376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2008-06-12 07:25 37232 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
2008-05-29 17:49 1085440 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2007-12-21 22:57 86016 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2009-06-23 16:48 19456 ----a-w- c:\windows\System32\CtHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-04-04 09:46 125952 ----a-w- c:\windows\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-24 01:29 133104 ----atw- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 16:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2007-10-12 00:01 46368 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-07-13 19:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
2007-03-20 06:36 36864 ------r- c:\windows\RaidTool\xInsIDE.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicTuneEngine]
2008-10-08 14:04 69632 ----a-w- c:\program files\MagicTune Premium\MagicTuneEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 20:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-09-27 23:47 92776 ----a-w- c:\windows\System32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2007-10-12 00:03 29984 ----a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]
2007-08-31 14:01 328992 ----a-w- c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 22:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
2008-12-29 08:30 24576 ----a-w- c:\program files\RivaTuner v2.22\RivaTunerWrapper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 14:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-10-30 18:13 1217808 ----a-w- c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-04-10 03:57 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
2009-03-27 03:57 64048 ----a-w- c:\program files\VMware\VMware Player\hqtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys
R2 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [2009-02-15 266240]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS [2009-06-23 99352]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [2009-06-23 99352]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-09-19 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-09-19 79360]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS [2009-06-23 555032]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [2009-06-23 555032]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS [2009-06-23 100888]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [2009-06-23 100888]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS [2009-06-23 566296]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [2009-06-23 566296]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\270.tmp
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2007-12-04 33792]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2007-12-04 33792]
R3 V0500Dev;Dynex 1.3MP Webcam Driver;c:\windows\system32\DRIVERS\V0500Vid.sys [2008-03-19 251264]
R3 VirtualDK;VirtualDK;c:\users\Administrator\Desktop\usb_prep8\vdk.sys [2003-11-10 16283]
R4 BOHCI;BOHCI;
R4 BUHCI;BUHCI;
R4 BUSBD;BUSBD;
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-01-19 717296]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-15 36880]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-09-14 21520]
S2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\ASTRA32.sys [2007-02-22 30864]
S2 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Professional Home XII.SP2c\RpcAgentSrv.exe [2008-04-24 98488]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2009-03-27 54960]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2010-03-19 14416]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-03 19472]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472]
S3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [2008-04-17 120472]
.
Contents of the 'Scheduled Tasks' folder
2010-04-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2956117359-1545118147-3684891927-500Core.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-24 01:29]
2010-04-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2956117359-1545118147-3684891927-500UA.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-24 01:29]
.
.
------- Supplementary Scan -------
.
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\VMware\VMware Player\vsocklib.dll
DPF: {7557F5AA-D486-401D-BE55-0163FA78B5B8} - hxxps://skyfex.com/download/SkyFexExpert.cab
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k8nxc5os.default\
FF - component: c:\program files\Mozilla *Blocked Russian URL*\components\KavLinkFilter.dll
FF - plugin: c:\progra~1\Palm\PACKAG~1\NPInstal.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npArtistScope42.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\users\Administrator\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k8nxc5os.default\extensions\[email protected]\plugins\npLogitechDeviceDetection.dll
FF - plugin: c:\users\Administrator\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut. enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_ everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_a s_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugi n", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-28 00:24
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\270.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5 977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,5c,86,71,22,16,7a,47,80,54,0e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839 E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,5c,86,71,22,16,7a,47,80,54,0e,\
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M3U"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\vlc.exe"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\AcroRd32.exe"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.plist\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\pledit.exe"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.URL"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(5640)
c:\progra~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
c:\progra~1\Stardock\OBJECT~1\DESKSC~1\deskscape.dll
c:\windows\System32\Branding\folderbg\VistaFolderBackground.dll
c:\progra~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
.
Completion time: 2010-04-28 00:27:42
ComboFix-quarantined-files.txt 2010-04-28 05:27
ComboFix2.txt 2010-04-17 16:32
Pre-Run: 236,719,255,552 bytes free
Post-Run: 236,916,846,592 bytes free
Current=1 Default=1 Failed=0 LastKnownGood=3 Sets=1,2,3,19
- - End Of File - - 5F791E5AAD870CC746A24722FFADC6F0
-
Follow these instructions carefully.
Re-running ComboFix to remove infections:
- Close any open browsers.
- Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Open notepad and copy/paste the text in the quotebox below into it:
killall::
seccenter::
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
tdl::
c:\windows\System32\shsvcs.dll
file::
c:\windows\system32\270.tmp
driver::
MEMSWEEP2
reboot::
- Save this as CFScript.txt, in the same location as ComboFix.exe
(http://i35.tinypic.com/2v3rg44.jpg)
- Referring to the picture above, drag CFScript into ComboFix.exe
- When finished, it shall produce a log for you at C:\ComboFix.txt
- Please post the contents of the log in your next reply.
-
Combofix log using CFScript.txt :
ComboFix 10-04-28.03 - Administrator 04/28/2010 22:53:51.8.4 - x86
Windows Windows Vista™ Extreme Edition 6.0.6001.1.1252.1.1033.18.3325.1887 [GMT -5:00]
Running from: c:\users\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\users\Administrator\Desktop\CFScript.txt
FILE ::
"c:\windows\system32\270.tmp"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MEMSWEEP2
-------\Service_MEMSWEEP2
((((((((((((((((((((((((( Files Created from 2010-03-28 to 2010-04-29 )))))))))))))))))))))))))))))))
.
2010-04-29 04:02 . 2010-04-29 04:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-29 04:02 . 2010-04-29 04:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-26 03:13 . 2010-04-27 03:57 -------- d-----w- c:\users\Administrator\DoctorWeb
2010-04-22 23:59 . 2010-04-23 00:01 -------- d-----w- c:\program files\WhoCrashed
2010-04-20 05:12 . 2010-02-23 11:32 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-20 05:12 . 2010-02-23 11:32 78848 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-20 05:12 . 2010-02-23 11:32 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-20 05:12 . 2010-02-18 14:49 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-20 05:12 . 2010-02-18 14:49 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-20 05:12 . 2010-02-18 14:49 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-20 05:12 . 2010-02-18 14:11 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-20 05:12 . 2010-02-18 11:52 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-20 05:12 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-04-20 05:12 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll
2010-04-20 05:11 . 2010-01-15 00:04 98304 ----a-w- c:\windows\system32\cabview.dll
2010-04-18 18:24 . 2010-04-18 18:24 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-04-18 18:21 . 2010-04-18 18:21 -------- d-----w- c:\program files\Common Files\Java
2010-04-18 18:21 . 2010-04-12 22:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-18 18:20 . 2010-04-20 05:05 -------- d-----w- c:\programdata\NOS
2010-04-18 17:51 . 2010-04-25 15:11 36488 ----a-w- c:\windows\system32\drivers\klmd.sys
2010-04-17 20:45 . 2010-04-29 03:49 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-04-17 20:45 . 2010-04-29 03:49 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-04-17 16:32 . 2010-04-29 04:05 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2010-04-17 16:15 . 2010-04-17 16:32 -------- d-----w- C:\commy
2010-04-15 23:21 . 2010-03-05 02:50 261152 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2010-04-15 23:21 . 2010-02-04 01:24 94208 ----a-w- c:\windows\system32\RTNUninst32.dll
2010-04-15 23:21 . 2009-12-03 22:27 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-04-15 04:33 . 2010-04-15 04:58 -------- d-----w- C:\RootRepeal
2010-04-14 02:00 . 2010-04-14 02:00 -------- d-----w- c:\program files\Trend Micro
2010-04-13 04:00 . 2010-04-13 04:00 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-04-13 03:59 . 2010-04-17 20:37 -------- d-----w- c:\users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
2010-04-13 03:59 . 2010-04-17 20:37 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-04-13 03:18 . 2010-04-13 03:18 12872 ----a-w- c:\windows\system32\bootdelete.exe
2010-04-13 03:07 . 2010-04-13 03:19 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-04-13 03:07 . 2010-04-13 03:18 -------- d-----w- c:\programdata\Hitman Pro
2010-04-13 03:07 . 2010-04-13 03:07 -------- d-----w- c:\program files\Hitman Pro 3.5
2010-04-13 02:50 . 2010-04-13 02:50 -------- d-----w- c:\windows\Vista
2010-04-09 00:31 . 2010-04-09 00:36 -------- d-----w- C:\CF21711C
2010-04-09 00:23 . 2010-04-09 00:25 -------- d-----w- C:\CF14740C
2010-04-09 00:21 . 2010-04-09 00:23 -------- d-----w- C:\CF26000C
2010-04-09 00:20 . 2010-04-09 00:20 -------- d-----w- C:\CF
2010-04-08 04:12 . 2010-04-08 04:12 -------- d-----w- c:\program files\Sophos
2010-04-06 18:17 . 2010-04-06 18:17 -------- d-----w- c:\program files\FileASSASSIN
2010-04-06 18:12 . 2010-04-06 18:12 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared
2010-04-06 18:12 . 2010-04-06 18:12 -------- d-----w- c:\program files\GiPo@Utilities
2010-04-06 04:16 . 2010-04-06 17:23 -------- d-----w- c:\program files\Common Files\PC Tools
2010-04-04 04:47 . 2010-04-04 04:47 -------- d-----w- c:\program files\Jugaari
2010-04-04 04:22 . 2008-03-19 21:13 36864 ----a-w- c:\windows\system32\V0500Pin.dll
2010-04-04 04:22 . 2008-03-19 21:13 32768 ----a-w- c:\windows\system32\V0500Hwx.dll
2010-04-04 04:22 . 2008-03-19 21:13 262144 ----a-w- c:\windows\system32\V0500Cvw.dll
2010-04-04 04:22 . 2008-03-19 21:13 251264 ----a-w- c:\windows\system32\drivers\V0500Vid.sys
2010-04-04 04:22 . 2008-03-19 21:13 20480 ----a-w- c:\windows\system32\V0500Srv.exe
2010-04-04 04:22 . 2008-03-19 21:12 90112 ----a-w- c:\windows\CtDrvIns.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-29 04:05 . 2009-10-30 18:58 -------- d-----w- c:\programdata\Kaspersky Lab
2010-04-29 04:05 . 2009-11-04 03:38 62927 ----a-w- c:\programdata\nvModes.dat
2010-04-29 04:04 . 2009-05-09 02:19 -------- d-----w- c:\programdata\VMware
2010-04-29 04:04 . 2009-01-18 17:15 -------- d-----w- c:\programdata\NVIDIA
2010-04-25 15:07 . 2009-01-18 16:45 1356 ----a-w- c:\users\Administrator\AppData\Local\d3d9caps.dat
2010-04-21 17:15 . 2009-07-11 22:30 -------- d-----w- c:\users\Administrator\AppData\Roaming\vlc
2010-04-20 05:29 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-04-20 05:18 . 2009-01-18 16:48 -------- d-----w- c:\programdata\Microsoft Help
2010-04-18 18:26 . 2009-01-22 19:23 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-18 18:21 . 2009-03-06 01:34 -------- d-----w- c:\program files\Java
2010-04-18 01:48 . 2009-02-03 21:01 -------- d-----w- c:\users\Administrator\AppData\Roaming\uTorrent
2010-04-17 20:43 . 2009-02-04 04:15 -------- d-----w- c:\program files\Kaspersky Lab
2010-04-17 20:37 . 2009-01-18 17:09 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-17 20:35 . 2009-02-04 04:14 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2010-04-16 17:37 . 2006-11-02 08:51 21560 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-04-15 23:21 . 2009-01-18 17:16 -------- d-----w- c:\program files\Realtek
2010-04-08 13:40 . 2006-11-02 08:51 21560 ----a-w- c:\windows\system32\drivers\atapi.svs
2010-04-08 03:59 . 2009-01-18 17:16 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-06 05:51 . 2009-01-25 20:06 -------- d-----w- c:\program files\ASTRA32
2010-04-06 04:29 . 2009-02-03 20:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-29 20:24 . 2009-02-03 20:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 20:24 . 2009-02-03 20:46 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-20 02:29 . 2010-03-20 02:29 23 --sha-w- c:\windows\system32\edacded0.dat
2010-03-20 02:29 . 2010-03-20 02:29 -------- d-----w- c:\program files\jv16 PowerTools 2009
2010-03-19 17:44 . 2010-03-19 17:44 -------- d-----w- c:\program files\SoftLogica
2010-03-15 01:36 . 2010-03-15 01:36 -------- d-----w- c:\program files\QS
2010-03-15 01:35 . 2010-03-15 01:35 -------- d-----w- c:\users\Administrator\AppData\Roaming\TeamViewer
2010-03-14 21:17 . 2009-02-03 21:01 -------- d-----w- c:\program files\uTorrent
2010-03-14 03:46 . 2010-03-14 03:44 -------- d-----w- c:\program files\PhotoRescue PC v3.1.14.12271
2010-03-14 03:36 . 2009-06-15 06:40 -------- d-----w- c:\programdata\OfficeRecovery
2010-03-14 03:33 . 2010-03-14 03:33 -------- d-----w- c:\users\Administrator\AppData\Roaming\OfficeRecovery
2010-03-14 03:32 . 2009-06-15 06:40 -------- d-----w- c:\program files\OfficeRecovery
2010-03-14 03:27 . 2010-03-14 03:25 -------- d-----w- c:\users\Administrator\AppData\Roaming\XnView
2010-03-13 22:49 . 2009-01-22 01:21 -------- d-----w- c:\program files\DOSBox-0.72
2010-03-04 22:45 . 2009-04-21 01:02 -------- d-----w- c:\program files\Palm
2010-02-24 15:16 . 2009-10-08 16:59 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 06:39 . 2010-04-01 02:59 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-04-01 02:59 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-04-01 02:59 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-04-01 02:59 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-20 23:39 . 2010-03-13 03:56 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:37 . 2010-03-13 03:56 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 21:18 . 2010-03-13 03:56 411136 ----a-w- c:\windows\system32\drivers\http.sys
2008-04-04 09:50 . 2008-04-04 09:22 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
------- Sigcheck -------
[-] 2008-01-26 . 2406E3A5FAE743DCE81168A8CDB8573F . 247296 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-04-04 1233920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-04-04 1008184]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-21 340456]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DevconDefaultDB"="c:\windows\system32\READREG" [X]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableInstallerDetection"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{73526E5A-FD53-4BE7-B5E2-D3C89D7413DC}"= "c:\windows\System32\Branding\folderbg\VistaFolderBackground.dll" [2008-04-05 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"wave"=DrvTrNTm.dll
"mixer"=DrvTrNTm.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GammaTray.lnk
backup=c:\windows\pss\GammaTray.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HotSync Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEMonitor.lnk]
path=c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEMonitor.lnk
backup=c:\windows\pss\MEMonitor.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-06-12 03:43 640376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2008-06-12 07:25 37232 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
2008-05-29 17:49 1085440 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2007-12-21 22:57 86016 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2009-06-23 16:48 19456 ----a-w- c:\windows\System32\CtHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-04-04 09:46 125952 ----a-w- c:\windows\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-24 01:29 133104 ----atw- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 16:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2007-10-12 00:01 46368 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-07-13 19:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
2007-03-20 06:36 36864 ------r- c:\windows\RaidTool\xInsIDE.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicTuneEngine]
2008-10-08 14:04 69632 ----a-w- c:\program files\MagicTune Premium\MagicTuneEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 20:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-09-27 23:47 92776 ----a-w- c:\windows\System32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2007-10-12 00:03 29984 ----a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]
2007-08-31 14:01 328992 ----a-w- c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 22:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
2008-12-29 08:30 24576 ----a-w- c:\program files\RivaTuner v2.22\RivaTunerWrapper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 14:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-10-30 18:13 1217808 ----a-w- c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-04-10 03:57 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
2009-03-27 03:57 64048 ----a-w- c:\program files\VMware\VMware Player\hqtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [X]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS [2009-06-23 99352]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [2009-06-23 99352]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-09-19 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-09-19 79360]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS [2009-06-23 555032]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [2009-06-23 555032]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS [2009-06-23 100888]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [2009-06-23 100888]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS [2009-06-23 566296]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [2009-06-23 566296]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2007-12-04 33792]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2007-12-04 33792]
R3 V0500Dev;Dynex 1.3MP Webcam Driver;c:\windows\system32\DRIVERS\V0500Vid.sys [2008-03-19 251264]
R3 VirtualDK;VirtualDK;c:\users\Administrator\Desktop\usb_prep8\vdk.sys [2003-11-10 16283]
R4 BOHCI;BOHCI; [X]
R4 BUHCI;BUHCI; [X]
R4 BUSBD;BUSBD; [X]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-01-19 717296]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-10-15 36880]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-09-14 21520]
S2 ASTRA32;ASTRA32 Kernel Driver 5.2.1.0;c:\program files\ASTRA32\ASTRA32.sys [2007-02-22 30864]
S2 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [2009-02-15 266240]
S2 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Professional Home XII.SP2c\RpcAgentSrv.exe [2008-04-24 98488]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2009-03-27 54960]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2010-03-19 14416]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-10-03 19472]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm.sys [2006-09-28 9472]
S3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [2008-04-17 120472]
.
Contents of the 'Scheduled Tasks' folder
2010-04-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2956117359-1545118147-3684891927-500Core.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-24 01:29]
2010-04-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2956117359-1545118147-3684891927-500UA.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-24 01:29]
.
.
------- Supplementary Scan -------
.
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\VMware\VMware Player\vsocklib.dll
DPF: {7557F5AA-D486-401D-BE55-0163FA78B5B8} - hxxps://skyfex.com/download/SkyFexExpert.cab
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k8nxc5os.default\
FF - component: c:\program files\Mozilla *Blocked Russian URL*\components\KavLinkFilter.dll
FF - plugin: c:\progra~1\Palm\PACKAG~1\NPInstal.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npArtistScope42.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\users\Administrator\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\k8nxc5os.default\extensions\[email protected]\plugins\npLogitechDeviceDetection.dll
FF - plugin: c:\users\Administrator\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut. enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_ everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_a s_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugi n", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-28 23:05
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5 977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,5c,86,71,22,16,7a,47,80,54,0e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839 E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2d,5c,86,71,22,16,7a,47,80,54,0e,\
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M3U"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\vlc.exe"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\AcroRd32.exe"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.plist\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\pledit.exe"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (Administrator)
"Progid"="IE.AssocFile.URL"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_USERS\S-1-5-21-2956117359-1545118147-3684891927-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(3716)
c:\progra~1\Stardock\OBJECT~1\DESKSC~1\deskscapes.dll
c:\progra~1\Stardock\OBJECT~1\DESKSC~1\deskscape.dll
c:\windows\System32\Branding\folderbg\VistaFolderBackground.dll
c:\progra~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll
c:\program files\WinSCP\DragExt.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Creative\Shared Files\CTAudSvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Sprint\Mobile Broadband\SMBAUtilSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\VMware\VMware Player\vmware-authd.exe
c:\windows\system32\vmnetdhcp.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2010-04-28 23:16:01 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-29 04:15
ComboFix2.txt 2010-04-17 16:32
Pre-Run: 236,946,554,880 bytes free
Post-Run: 236,862,341,120 bytes free
Current=1 Default=1 Failed=0 LastKnownGood=3 Sets=1,2,3,19
- - End Of File - - 888B1EC3327876FD8EBA6F8AE0BF9AF1
-
Download and run this file: http://download.norman.no/public/Norman_TDSS_Cleaner.exe
If it opens a log, please post it.
-
The program won't run. When I click "start scan" it responds with the message:
Runtime Error!
Program: C:\Users\Administrator\Desktop\Norman_TDSS_Clearner.exe
This application has requested the Runtime to terminate it in an
unusual way.
Please Contact the application's support team for more information.
-
Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).
Then try the tool again.
-
I tried it in safe mode but now I get the error:
Unable to load nsak.sys Error (0x00000001)
-
Ok. Back to Normal Mode.
Please download and unzip Icesword (http://mail.ustc.edu.cn/~jfpan/download/IceSword122en.zip) to its own folder on your desktop
If you get a lot of "red entries" in an IceSword log, don't panic.
Step 1 : Close all windows and run IceSword. Click the Processes tab and watch for processes displayed in red color. A red colored process in this list indicates that it's hidden. Write down the PathName of any processes in red color. Then click on LOG at the top left. It will prompt you to save the log, call this Processes and save it to your desktop.
Step 2 : Click the Win32 Services tab and look out for red colored entries in the services list. Write down the Module name of any services in red color, you will need to expand out the Module tab to see the full name. Then click on LOG. It will prompt you to save the log, call this Services and save it to your desktop.
Step 3 : Click the Startup tab and look out for red colored entries in the startup list. Write down the Path of any startup entries in red color. Then click on LOG. It will prompt you to save the log, call this Startup and save it to your desktop.
Step 4 : Click the SSDT tab and check for red colored entries. If there are any, write down the KModule name.
Step 5 : Click the Message Hooks tab and check for any entries that are underneath Type and labelled WH_KEYBOARD. Write down the Process Path of these entries if present.
Now post all of the data collected under the headings for :
Processes
Win32 Services
Startup
SSDT
Message Hooks
-
I cannot get IceSword to run either. When I open the application it says Initialize failed[1]!
It does the same thing in safe mode.
-
- Please go to VirSCAN.org FREE on-line scan (http://virscan.org/)
service[/u][/color][/url]
- Browse for the following file path into the "Suspicious files to scan" box on the top of the page:
- c:\windows\System32\shsvcs.dll
- c:\windows\System32\drivers\atapi.sys
- Click on the Upload button
- If a pop-up appears saying the file has been scanned already, please select the ReScan button.
- Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
- Paste the contents of the Clipboard in your next reply.
-
I don't know if Virscan.org is down or if my pc just won't open it due to the infection. I used Jotti's malware scan instead.
link for shsvcs.dll (came back clean):
http://virusscan.jotti.org/en/scanresult/efc6c6788f1e59298a3203db998010a6ebd83edc
link for atapi.sys (also clean):
http://virusscan.jotti.org/en/scanresult/d6cb8e76fe0551ea46aaeca75dde99fdd1266eba
-
Seems to be tricking us. ::)
Run this tool, and post a log, please:
http://www.kernelmode.info/ARKs/RkU3.8.388.590.rar
(If you need a tool to help extract that RAR file, use 7-Zip at http://www.7-zip.org )
-
RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6001 (Service Pack 1)
Number of processors #4
==============================================
>SSDT State
==============================================
ntkrnlpa.exe-->NtAdjustPrivilegesToken, Type: Address change 0x85FE79BF-->96989BD0 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtAlpcConnectPort, Type: Address change 0x85FEE1BF-->9698B52C [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtAlpcCreatePort, Type: Address change 0x85FBE7E3-->9698B782 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtAlpcSendWaitReceivePort, Type: Address change 0x8602DB78-->9698B9FC [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtClose, Type: Address change 0x8601F975-->9698A450 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtConnectPort, Type: Address change 0x85FCE82D-->9698AB32 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtCreateEvent, Type: Address change 0x8602A754-->9698AF3C [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtCreateFile, Type: Address change 0x86029036-->9698A5F8 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtCreateMutant, Type: Address change 0x86038C47-->9698AE14 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtCreateNamedPipeFile, Type: Address change 0x85FD00E4-->969897D6 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtCreatePort, Type: Address change 0x85F99581-->9698ACD0 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtCreateSection, Type: Address change 0x8604B1D7-->96989992 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtCreateSemaphore, Type: Address change 0x85FE20CA-->9698B06E [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtCreateSymbolicLinkObject, Type: Address change 0x85FDB0C7-->9698CCB0 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtCreateThread, Type: Address change 0x860960A4-->9698A0EE [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtCreateWaitablePort, Type: Address change 0x85F8FC77-->9698AD72 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtDebugActiveProcess, Type: Address change 0x86069628-->9698C6A2 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtDuplicateObject, Type: Address change 0x85FFBEFD-->9698D672 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtFsControlFile, Type: Address change 0x8602B9ED-->9698A752 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtLoadDriver, Type: Address change 0x85F71AD2-->9698C734 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtMapViewOfSection, Type: Address change 0x860267CE-->9698CD64 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtOpenEvent, Type: Address change 0x85FE811D-->9698AFDE [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtOpenFile, Type: Address change 0x860126B5-->9698A4D2 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtOpenMutant, Type: Address change 0x8602F314-->9698AEAC [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtOpenProcess, Type: Address change 0x86013BBE-->96989DD6 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtOpenSection, Type: Address change 0x8602A872-->9698CCDA [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtOpenSemaphore, Type: Address change 0x85FAD82B-->9698B110 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtOpenThread, Type: Address change 0x86004246-->96989CFA [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtQueryDirectoryObject, Type: Address change 0x8602C548-->9698BC3E [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtQuerySection, Type: Address change 0x86038B16-->9698D07C [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtQueueApcThread, Type: Address change 0x85FB5F7C-->9698C9CA [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtReplyPort, Type: Address change 0x85FF8F44-->9698B49A [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtReplyWaitReceivePort, Type: Address change 0x8601E377-->9698B360 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtRequestWaitReplyPort, Type: Address change 0x8602F0E5-->9698C442 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtResumeThread, Type: Address change 0x860035F0-->9698D554 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtSecureConnectPort, Type: Address change 0x85FCE23F-->9698A86C [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtSetContextThread, Type: Address change 0x86096D7B-->9698A30C [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtSetInformationToken, Type: Address change 0x85FDD92C-->9698BCF2 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtSetSecurityObject, Type: Address change 0x85FDB43F-->9698C82E [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtSetSystemInformation, Type: Address change 0x85FF93EE-->9698D1BC [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtSuspendProcess, Type: Address change 0x8609796B-->9698D2A0 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtSuspendThread, Type: Address change 0x86054838-->9698D3C8 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtSystemDebugControl, Type: Address change 0x85FFFB2C-->9698C5CE [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtTerminateProcess, Type: Address change 0x85FE4FBC-->96989F4E [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtTerminateThread, Type: Address change 0x860117BF-->96989EA4 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtUnmapViewOfSection, Type: Address change 0x86026E25-->9698CF32 [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtWriteVirtualMemory, Type: Address change 0x8600FCFF-->9698A02E [C:\Windows\system32\DRIVERS\klif.sys]
ntkrnlpa.exe-->NtCreateThreadEx, Type: Address change 0x86003C4E-->9698A1EE [C:\Windows\system32\DRIVERS\klif.sys]
==============================================
>Shadow
==============================================
win32k.sys-->NtGdiBitBlt, Type: Address change 0xA32FF7BE-->9699AD1C [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtGdiMaskBlt, Type: Address change 0xA32D91E7-->9699ADE6 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtGdiPlgBlt, Type: Address change 0xA33302BE-->9699AE50 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtGdiStretchBlt, Type: Address change 0xA32D8F8B-->9699AD80 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserAttachThreadInput, Type: Address change 0xA33321AA-->9699A930 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserCallOneParam, Type: Address change 0xA32F1EF0-->9699ACE8 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserFindWindowEx, Type: Address change 0xA32EE716-->9699AB1E [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserGetAsyncKeyState, Type: Address change 0xA3262CB7-->9699A898 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserGetKeyboardState, Type: Address change 0xA326CB6D-->9699AC20 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserGetKeyState, Type: Address change 0xA32CB854-->9699A8E4 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserMessageCall, Type: Address change 0xA32CD80E-->9699AA70 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserPostMessage, Type: Address change 0xA32ECCBC-->9699A9C6 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserPostThreadMessage, Type: Address change 0xA32C5500-->9699AA1A [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserRegisterRawInputDevices, Type: Address change 0xA3244126-->9699ABB0 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserSendInput, Type: Address change 0xA326F92D-->9699AAD0 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserSetWindowsHookEx, Type: Address change 0xA3257348-->9699A7E8 [C:\Windows\system32\DRIVERS\klif.sys]
win32k.sys-->NtUserSetWinEventHook, Type: Address change 0xA326AC31-->9699A83E [C:\Windows\system32\DRIVERS\klif.sys]
==============================================
>Processes
==============================================
0x8F877488 [516] C:\Windows\System32\smss.exe (Microsoft Corporation, Windows Session Manager)
0x8F9AA020 [584] C:\Windows\System32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x8FB9F318 [644] C:\Windows\System32\wininit.exe (Microsoft Corporation, Windows Start-Up Application)
0x8F9CD020 [652] C:\Windows\System32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x8FC71020 [688] C:\Windows\System32\services.exe (Microsoft Corporation, Services and Controller app)
0x8F97ED90 [704] C:\Windows\System32\lsass.exe (Microsoft Corporation, Local Security Authority Process)
0x8FC3C020 [716] C:\Windows\System32\lsm.exe (Microsoft Corporation, Local Session Manager Service)
0x8FC65020 [784] C:\Windows\System32\winlogon.exe (Microsoft Corporation, Windows Logon Application)
0x8FCFC890 [904] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x8FD017D8 [952] C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation, NVIDIA Driver Helper Service, Version 191.07)
0x8FD027B8 [980] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x8FD34AA8 [1044] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x8FD68020 [1108] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x8FDD93A8 [1148] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x8FD65D90 [1168] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x90038D90 [1284] C:\Windows\System32\dwm.exe (Microsoft Corporation, Desktop Window Manager)
0x8FCB78A8 [1320] C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd, Creative Audio Service)
0x8FE17658 [1340] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x8FE1FAB0 [1380] C:\Windows\System32\SLsvc.exe (Microsoft Corporation, Microsoft Software Licensing Service)
0x8FE8F020 [1468] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x90041020 [1476] C:\Windows\System32\taskeng.exe (Microsoft Corporation, Task Scheduler Engine)
0x8FE7C8D8 [1592] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x8FE83BD0 [1608] C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation, NVIDIA Driver Helper Service, Version 191.07)
0x8FF3E368 [1836] C:\Windows\System32\spoolsv.exe (Microsoft Corporation, Spooler SubSystem App)
0x8FF48CC0 [1860] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x8BAF9D90 [1868] C:\Windows\System32\wuauclt.exe (Microsoft Corporation, Windows Update)
0x901152B8 [2120] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation, Windows Defender User Interface)
0x90126AA8 [2140] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation, Windows Sidebar)
0x901A0D90 [2308] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc., Apple Mobile Device Service)
0x901FA980 [2368] C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc., Bonjour Service)
0x90205D90 [2400] C:\Windows\System32\CSHelper.exe
0x90152608 [2456] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x90202D90 [2472] C:\Program Files\CyberLink\Shared files\RichVideo.exe (-, RichVideo Module)
0x9028E860 [2588] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation, Stereo Vision Control Panel API Server)
0x902B5D90 [2672] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x90295388 [2740] C:\Windows\System32\svchost.exe (Microsoft Corporation, Host Process for Windows Services)
0x903186B8 [2836] C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation, Microsoft Windows Search Indexer)
0x90343160 [2884] C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware, Inc., VMware Authorization Service)
0x8BB41988 [2960] C:\Windows\System32\SearchFilterHost.exe (Microsoft Corporation, Microsoft Windows Search Filter Host)
0x8FC4B910 [3256] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation, Windows Sidebar)
0x8C73A4C8 [3408] C:\Windows\explorer.exe (Microsoft Corporation, Windows Explorer)
0x8B851508 [3480] C:\Program Files\SiSoftware\SiSoftware Sandra Professional Home XII.SP2c\RpcAgentSrv.exe (SiSoftware, SiSoftware Deployment Agent Service (NT)(Unicode))
0x902BF020 [3484] C:\Windows\System32\taskeng.exe (Microsoft Corporation, Task Scheduler Engine)
0x9052A968 [3508] C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation, Sink to receive asynchronous callbacks for WMI client application)
0x905656A8 [3640] C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation, WMI Provider Host)
0x8BA36C70 [3936] C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation, Windows Modules Installer)
0x8B9E34E8 [3948] C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation, Firefox)
0x8CEC8D90 [4656] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe (Kaspersky Lab, WebToolBar component)
0x9008E3C8 [5016] C:\Users\Administrator\Desktop\MustBeRandomlyNamed\qG2m31PP0wRv.exe (UG North, RKULE, SR2 Normandy)
0x8B9B1060 [5900] C:\Windows\System32\SearchProtocolHost.exe (Microsoft Corporation, Microsoft Windows Search Protocol Host)
0x8B1313C0 [4] System
0x8FE1E310 [1292] C:\Windows\System32\audiodg.exe (Microsoft Corporation, Windows Audio Device Graph Isolation )
0x90124988 [2132] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab, Kaspersky Anti-Virus)
0x901A9398 [2348] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab, Kaspersky Anti-Virus)
==============================================
>Drivers
==============================================
0x95801000 C:\Windows\system32\DRIVERS\nvlddmkm.sys 9506816 bytes (NVIDIA Corporation, NVIDIA Windows Kernel Mode Driver, Version 191.07 )
0x96C03000 C:\Windows\system32\DRIVERS\kl1.sys 5373952 bytes (Kaspersky Lab, Kaspersky Unified Driver)
0x85E02000 C:\Windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x85E02000 PnpManager 3903488 bytes
0x85E02000 RAW 3903488 bytes
0x85E02000 WMIxWDM 3903488 bytes
0xA3220000 Win32k 2105344 bytes
0xA3220000 C:\Windows\System32\win32k.sys 2105344 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x86E0B000 C:\Windows\System32\Drivers\Ntfs.sys 1110016 bytes (Microsoft Corporation, NT File System Driver)
0x86A74000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x86C04000 C:\Windows\System32\drivers\tcpip.sys 954368 bytes (Microsoft Corporation, TCP/IP Driver)
0x806C5000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xAAE09000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x81AF7000 C:\Windows\system32\Drivers\vmx86.sys 851968 bytes (VMware, Inc., VMware kernel driver)
0x80E0E000 C:\Windows\system32\drivers\spsys.sys 716800 bytes (Microsoft Corporation, security processor)
0x96114000 C:\Windows\System32\drivers\dxgkrnl.sys 651264 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x96805000 C:\Windows\system32\DRIVERS\rdpdr.sys 561152 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0x86807000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x86A03000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x80EE9000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x8060B000 C:\Windows\system32\mcupdate_GenuineIntel.dll 393216 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x96B43000 C:\Windows\system32\drivers\csc.sys 368640 bytes (Microsoft Corporation, Windows Client Side Caching Driver)
0x9696A000 C:\Windows\system32\DRIVERS\klif.sys 331776 bytes (Kaspersky Lab, Klif Mini-Filter [fre_wlh_x86])
0x81A81000 C:\Windows\System32\DRIVERS\srv.sys 319488 bytes (Microsoft Corporation, Server driver)
0x8692C000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x9717A000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x86890000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x96269000 C:\Windows\system32\DRIVERS\Rtlh86.sys 270336 bytes (Realtek , Realtek 8136/8168/8169 NDIS6 32-bit Driver )
0x80684000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x9634A000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x9692B000 C:\Windows\system32\drivers\HdAudio.sys 258048 bytes (Microsoft Corporation, High Definition Audio Function Driver)
0x9620A000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x96AE8000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x86BAA000 C:\Windows\system32\drivers\NETIO.SYS 237568 bytes (Microsoft Corporation, Network I/O Subsystem)
0x81A09000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x86F1A000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x968DC000 C:\Windows\system32\DRIVERS\usbhub.sys 212992 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x861BB000 ACPI_HAL 208896 bytes
0x861BB000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x96AB5000 C:\Windows\System32\drivers\truecrypt.sys 208896 bytes (TrueCrypt Foundation, TrueCrypt Driver)
0x807B2000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x971CB000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x9631C000 C:\Windows\system32\DRIVERS\msiscsi.sys 188416 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x86D54000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x86B7F000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x86DA6000 C:\Windows\system32\drivers\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0xAAF2F000 C:\Windows\System32\Drivers\fastfat.SYS 163840 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x86D2C000 C:\Windows\system32\drivers\TotRec7.sys 163840 bytes (High Criteria inc., Total Recorder WDM audio driver)
0x86F6A000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x868E7000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x81A5A000 C:\Windows\System32\DRIVERS\srv2.sys 159744 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x869D9000 C:\Windows\system32\DRIVERS\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x86D81000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x86F91000 C:\Windows\System32\DRIVERS\fvevol.sys 147456 bytes (Microsoft Corporation, BitLocker Drive Encryption Driver)
0x963B8000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x86FC6000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x96A00000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x80FA1000 C:\Windows\system32\drivers\mrxdav.sys 131072 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x80FC1000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x869A3000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x80F56000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x86CED000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x86BE4000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x962B6000 C:\Windows\system32\DRIVERS\serial.sys 106496 bytes (Microsoft Corporation, Serial Device Driver)
0x80F73000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x962F2000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x869C1000 C:\Windows\system32\DRIVERS\jraid.sys 98304 bytes (JMicron Technology Corp., JMicron JMB36X RAID Driver)
0x81A42000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x962DA000 C:\Windows\system32\DRIVERS\parport.sys 98304 bytes (Microsoft Corporation, Parallel Port Driver)
0x96B9D000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x96396000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x9714F000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xAAF19000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x96A77000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x96A53000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0x96B2E000 C:\Program Files\UltraISO\drivers\ISODrive.sys 86016 bytes (EZB Systems, Inc., ISO DVD/CD-ROM Device Driver)
0x80F8C000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x961CB000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x963EA000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x97166000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x80ED6000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x96AA2000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x96257000 C:\Windows\system32\DRIVERS\HDAudBus.sys 73728 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x86FB5000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x96BD4000 C:\Windows\System32\Drivers\dump_dumpfve.sys 69632 bytes
0x9691A000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x8066B000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0xAAF06000 C:\Windows\SYSTEM32\DRIVERS\Wibukey.sys 69632 bytes (WIBU-SYSTEMS AG, WIBU-KEY Windows NT Kernel Driver)
0x807E4000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x9712C000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x80EC6000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x8698B000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x9688E000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x86DD9000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x96BEF000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x86F5B000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x8690E000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x963DB000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x96248000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x8691D000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0xA3460000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x96A94000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x96A3C000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x8697D000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x96BB4000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x807A5000 C:\Windows\system32\drivers\klbg.sys 53248 bytes (Kaspersky Lab, Kaspersky Lab Boot Guard Driver)
0x961EC000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x968CF000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x961B3000 C:\Windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x86883000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x961E0000 C:\Windows\System32\Drivers\pcouffin.sys 49152 bytes (VSO Software, low level access layer for CD/DVD/BD devices)
0xAAEF1000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x969EB000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x81AE9000 C:\Windows\system32\Drivers\vmci.sys 49152 bytes (VMware, Inc., VMware kernel driver)
0x96BC1000 C:\Windows\System32\Drivers\dump_dumpata.sys 45056 bytes
0x962AB000 C:\Windows\system32\DRIVERS\fdc.sys 45056 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0x9689E000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x968A9000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x96A31000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x963AD000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x9638B000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x86D21000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x961C0000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x968BA000 C:\Windows\system32\drivers\WmXlCore.sys 45056 bytes (Logitech Inc., Logitech WingMan Translation Driver)
0x96BE5000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x96910000 C:\Windows\system32\DRIVERS\flpydisk.sys 40960 bytes (Microsoft Corporation, Floppy Driver)
0x9630A000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 40960 bytes (GEAR Software Inc., CD DVD Filter)
0x81AD8000 C:\Windows\system32\drivers\hcmon.sys 40960 bytes (VMware, Inc., VMware USB monitor)
0x968C5000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x96B24000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0xAAEE7000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x962D0000 C:\Windows\system32\DRIVERS\serenum.sys 40960 bytes (Microsoft Corporation, Serial Port Enumerator)
0x81ACF000 C:\Windows\system32\DRIVERS\asyncmac.sys 36864 bytes (Microsoft Corporation, MS Remote Access serial network driver)
0x86FE7000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x969BB000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x97123000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0x971C2000 C:\Windows\system32\DRIVERS\kbdhid.sys 36864 bytes (Microsoft Corporation, HID Keyboard Filter Driver)
0x97146000 C:\Windows\system32\DRIVERS\klmouflt.sys 36864 bytes (Kaspersky Lab, KLMOUFLT Mouse Device Filter [fre_wlh_x86])
0x969D2000 C:\Windows\system32\drivers\MTiCtwl.sys 36864 bytes (Samsung Electronics, Inc. , MagicTunePremium Driver)
0xAAF90000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x807F4000 C:\Windows\system32\Drivers\PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0x96A4A000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xA3440000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x86DD0000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x868D6000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x96A6E000 C:\Windows\system32\drivers\ws2ifsl.sys 36864 bytes (Microsoft Corporation, Winsock2 IFS Layer)
0x8699B000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x8067C000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x96BCC000 C:\Windows\System32\Drivers\dump_atapi.sys 32768 bytes
0x80603000 C:\Windows\system32\kdcom.dll 32768 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x9713E000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0x868DF000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x96A21000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x96A29000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x96314000 C:\Windows\system32\DRIVERS\serscan.sys 32768 bytes (Microsoft Corporation, Serial Imaging Device Driver)
0x86F53000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x969CB000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x969E4000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x96A8D000 C:\Windows\system32\DRIVERS\klim6.sys 28672 bytes (Kaspersky Lab, Kaspersky Lab Intermediate Network Driver)
0x969C4000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x81AE2000 C:\Windows\system32\DRIVERS\parvdm.sys 28672 bytes (Microsoft Corporation, VDM Parallel Driver)
0x86976000 C:\Windows\system32\drivers\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x80EBD000 C:\Windows\system32\DRIVERS\vmnetbridge.sys 24576 bytes (VMware, Inc., VMware bridge driver (32-bit))
0x81BC7000 C:\Program Files\ASTRA32\ASTRA32.sys 20480 bytes (Licensed for Sysinfo Lab, Astra Generic Device Driver)
0x96A69000 C:\Windows\system32\drivers\VMkbd.sys 20480 bytes (VMware, Inc., VMware keyboard filter driver (32-bit))
0xAAEFD000 C:\Windows\system32\drivers\vmnetuserif.sys 20480 bytes (VMware, Inc., VMware network application interface driver (32-bit))
0xAAF02000 C:\Program Files\VMware\VMware Player\vstor2-ws60.sys 16384 bytes (VMware, Inc., VMware Virtual Storage Volume Driver)
0x968B6000 C:\Windows\system32\drivers\WmBEnum.sys 16384 bytes (Logitech Inc., Logitech WingMan Virtual Bus Enumerator Driver)
0x96200000 C:\Windows\system32\DRIVERS\pnetmdm.sys 12288 bytes (June Fabrics Technology, PdaNet Driver)
0x80EC3000 C:\Windows\system32\DRIVERS\VMNET.SYS 12288 bytes (VMware, Inc., VMware virtual network driver (32-bit))
0x96112000 C:\Windows\system32\DRIVERS\nvBridge.kmd 8192 bytes (NVIDIA Corporation, NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 191.07 )
0x968B4000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x9713C000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0x81AF5000 C:\Windows\system32\Drivers\VMparport.sys 8192 bytes (VMware, Inc., VMware parallel port driver)
0xAAF17000 C:\Users\Administrator\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys 8192 bytes (OpenLibSys.org, WinRing0)
==============================================
>Stealth
==============================================
0x65520000 Hidden Image-->imageres.dll [ EPROCESS 0x8C73A4C8 ] PID: 3408, 21086208 bytes
0x03F60000 Hidden Image-->IntelDTSReader.dll [ EPROCESS 0x8FC4B910 ] PID: 3256, 53248 bytes
==============================================
>Files
==============================================
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x000B4EEA, Type: Inline - RelativeJump 0x85EB6EEA-->85EB6EF1 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000B8BAC, Type: Inline - RelativeJump 0x85EBABAC-->85EBAB5F [ntkrnlpa.exe]
ntkrnlpa.exe+0x000B8BE4, Type: Inline - RelativeJump 0x85EBABE4-->85EBABC0 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000B8DA8, Type: Inline - RelativeJump 0x85EBADA8-->85EBAD7E [ntkrnlpa.exe]
[2672]svchost.exe-->advapi32.dll-->GetTokenInformation, Type: IAT modification 0x010010FC-->00000000 [unknown_code_page]
[2672]svchost.exe-->advapi32.dll-->InitializeSecurityDescriptor, Type: IAT modification 0x01001100-->00000000 [winmm.dll]
[2672]svchost.exe-->advapi32.dll-->OpenProcessToken, Type: IAT modification 0x0100113C-->00000000 [ws2_32.dll]
[2672]svchost.exe-->advapi32.dll-->RegCloseKey, Type: IAT modification 0x01001130-->00000000 [ws2_32.dll]
[2672]svchost.exe-->advapi32.dll-->RegDisablePredefinedCacheEx, Type: IAT modification 0x01001118-->00000000 [ws2_32.dll]
[2672]svchost.exe-->advapi32.dll-->RegisterServiceCtrlHandlerW, Type: IAT modification 0x01001134-->00000000 [ws2_32.dll]
[2672]svchost.exe-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x0100112C-->00000000 [ws2_32.dll]
[2672]svchost.exe-->advapi32.dll-->RegQueryValueExW, Type: IAT modification 0x01001128-->00000000 [ws2_32.dll]
[2672]svchost.exe-->advapi32.dll-->SetEntriesInAclW, Type: IAT modification 0x0100110C-->00000000 [ws2_32.dll]
[2672]svchost.exe-->advapi32.dll-->SetSecurityDescriptorDacl, Type: IAT modification 0x01001110-->00000000 [ws2_32.dll]
[2672]svchost.exe-->advapi32.dll-->SetSecurityDescriptorGroup, Type: IAT modification 0x01001108-->00000000 [unknown_code_page]
[2672]svchost.exe-->advapi32.dll-->SetSecurityDescriptorOwner, Type: IAT modification 0x01001104-->00000000 [winmm.dll]
[2672]svchost.exe-->advapi32.dll-->SetServiceStatus, Type: IAT modification 0x01001138-->00000000 [ws2_32.dll]
[2672]svchost.exe-->advapi32.dll-->StartServiceCtrlDispatcherW, Type: IAT modification 0x01001114-->00000000 [ws2_32.dll]
[2672]svchost.exe-->kernel32.dll-->ActivateActCtx, Type: IAT modification 0x0100109C-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->CloseHandle, Type: IAT modification 0x01001074-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->CreateActCtxW, Type: IAT modification 0x01001008-->00000000 [advapi32.dll]
[2672]svchost.exe-->kernel32.dll-->DeactivateActCtx, Type: IAT modification 0x01001090-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->DelayLoadFailureHook, Type: IAT modification 0x01001018-->00000000 [unknown_code_page]
[2672]svchost.exe-->kernel32.dll-->ExitProcess, Type: IAT modification 0x01001050-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->ExpandEnvironmentStringsW, Type: IAT modification 0x01001004-->00000000 [advapi32.dll]
[2672]svchost.exe-->kernel32.dll-->FreeLibrary, Type: IAT modification 0x01001084-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->GetCommandLineW, Type: IAT modification 0x0100104C-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->GetCurrentProcessId, Type: IAT modification 0x01001038-->00000000 [unknown_code_page]
[2672]svchost.exe-->kernel32.dll-->GetCurrentThreadId, Type: IAT modification 0x01001034-->00000000 [BrMuSNMP.dll]
[2672]svchost.exe-->kernel32.dll-->GetLastError, Type: IAT modification 0x01001098-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->GetModuleHandleA, Type: IAT modification 0x01001028-->00000000 [BrMuSNMP.dll]
[2672]svchost.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x0100108C-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->GetProcessHeap, Type: IAT modification 0x0100105C-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->GetSystemTimeAsFileTime, Type: IAT modification 0x0100103C-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->GetTickCount, Type: IAT modification 0x01001030-->00000000 [BrMuSNMP.dll]
[2672]svchost.exe-->kernel32.dll-->HeapFree, Type: IAT modification 0x01001068-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->HeapSetInformation, Type: IAT modification 0x01001000-->00000000 [advapi32.dll]
[2672]svchost.exe-->kernel32.dll-->InterlockedCompareExchange, Type: IAT modification 0x01001080-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->InterlockedExchange, Type: IAT modification 0x0100101C-->00000000 [BrMuSNMP.dll]
[2672]svchost.exe-->kernel32.dll-->LCMapStringW, Type: IAT modification 0x01001010-->00000000 [advapi32.dll]
[2672]svchost.exe-->kernel32.dll-->LoadLibraryA, Type: IAT modification 0x0100107C-->00000000 [ntdll.dll]
[2672]svchost.exe-->kernel32.dll-->LoadLibraryExW, Type: IAT modification 0x01001094-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->LocalAlloc, Type: IAT modification 0x01001078-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->LocalFree, Type: IAT modification 0x01001070-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->lstrcmpiW, Type: IAT modification 0x010010AC-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->lstrcmpW, Type: IAT modification 0x010010A4-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->lstrlenW, Type: IAT modification 0x01001014-->00000000 [advapi32.dll]
[2672]svchost.exe-->kernel32.dll-->QueryPerformanceCounter, Type: IAT modification 0x0100102C-->00000000 [BrMuSNMP.dll]
[2672]svchost.exe-->kernel32.dll-->RegisterWaitForSingleObject, Type: IAT modification 0x01001020-->00000000 [BrMuSNMP.dll]
[2672]svchost.exe-->kernel32.dll-->ReleaseActCtx, Type: IAT modification 0x0100100C-->00000000 [advapi32.dll]
[2672]svchost.exe-->kernel32.dll-->SetErrorMode, Type: IAT modification 0x01001060-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->SetProcessAffinityUpdateMode, Type: IAT modification 0x01001054-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->SetUnhandledExceptionFilter, Type: IAT modification 0x01001024-->00000000 [BrMuSNMP.dll]
[2672]svchost.exe-->kernel32.dll-->Sleep, Type: IAT modification 0x01001088-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->TerminateProcess, Type: IAT modification 0x01001040-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->UnhandledExceptionFilter, Type: IAT modification 0x01001048-->00000000 [kernel32.dll]
[2672]svchost.exe-->kernel32.dll-->WideCharToMultiByte, Type: IAT modification 0x0100106C-->00000000 [kernel32.dll]
[2672]svchost.exe-->ntdll.dll-->RtlAllocateHeap, Type: IAT modification 0x01001158-->00000000 [ws2_32.dll]
[2672]svchost.exe-->ntdll.dll-->RtlCopySid, Type: IAT modification 0x0100114C-->00000000 [ws2_32.dll]
[2672]svchost.exe-->ntdll.dll-->RtlFreeHeap, Type: IAT modification 0x01001148-->00000000 [ws2_32.dll]
[2672]svchost.exe-->ntdll.dll-->RtlImageNtHeader, Type: IAT modification 0x01001160-->00000000 [ws2_32.dll]
[2672]svchost.exe-->ntdll.dll-->RtlInitializeCriticalSection, Type: IAT modification 0x0100116C-->00000000 [unknown_code_page]
[2672]svchost.exe-->ntdll.dll-->RtlInitializeSid, Type: IAT modification 0x0100115C-->00000000 [ws2_32.dll]
[2672]svchost.exe-->ntdll.dll-->RtlLengthRequiredSid, Type: IAT modification 0x01001154-->00000000 [ws2_32.dll]
[2672]svchost.exe-->ntdll.dll-->RtlSetProcessIsCritical, Type: IAT modification 0x01001164-->00000000 [ws2_32.dll]
[2672]svchost.exe-->ntdll.dll-->RtlSubAuthorityCountSid, Type: IAT modification 0x01001150-->00000000 [ws2_32.dll]
[2672]svchost.exe-->ntdll.dll-->RtlSubAuthoritySid, Type: IAT modification 0x01001144-->00000000 [ws2_32.dll]
[2672]svchost.exe-->ntdll.dll-->RtlUnhandledExceptionFilter, Type: IAT modification 0x01001168-->00000000 [ws2_32.dll]
[3948]firefox.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x770E7933-->00000000 [firefox.exe]
!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)
-
I was able to get to virscan.org now...strange. Here are the logs you originally wanted:
VirSCAN.org Scanned Report :
Scanned time : 2010/04/30 23:58:27 (CDT)
Scanner results: Scanners did not find malware!
File Name : shsvcs.dll
File Size : 247296 byte
File Type : PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bi
MD5 : 2406e3a5fae743dce81168a8cdb8573f
SHA1 : b625d3970a39cc25553c2156c3d7f68323c91c3 3
Online report : http://virscan.org/report/d5b9d27baef114b8d2b3433aec24d6d9.html
Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20100501070118 2010-05-01 0.08 -
AhnLab V3 2010.04.30.02 2010.04.30 2010-04-30 0.08 -
AntiVir 8.2.1.224 7.10.7.16 2010-04-30 0.25 -
Antiy 2.0.18 20100429.4301541 2010-04-29 0.12 -
Arcavir 2009 201004291451 2010-04-29 0.05 -
Authentium 5.1.1 201004302217 2010-04-30 1.65 -
AVAST! 4.7.4 100430-1 2010-04-30 0.02 -
AVG 8.5.793 271.1.1/2846 2010-05-01 0.25 -
BitDefender 7.81008.5692644 7.31454 2010-05-01 3.65 -
ClamAV 0.95.3 10885 2010-05-01 0.06 -
Comodo 3.13.579 4723 2010-04-30 0.08 -
CP Secure 1.3.0.5 2010.04.30 2010-04-30 0.08 -
Dr.Web 5.0.2.3300 2010.05.01 2010-05-01 6.86 -
F-Prot 4.4.4.56 20100430 2010-04-30 1.65 -
F-Secure 7.02.73807 2010.04.30.12 2010-04-30 0.13 -
Fortinet 4.0.14 11.761 2010-04-30 0.08 -
GData 21.61/21.22 20100501 2010-05-01 0.08 -
ViRobot 20100430 2010.04.30 2010-04-30 0.08 -
Ikarus T3.1.01.80 2010.04.30.75753 2010-04-30 5.91 -
JiangMin 13.0.900 2010.04.29 2010-04-29 0.08 -
Kaspersky 5.5.10 2010.04.30 2010-04-30 0.08 -
KingSoft 2009.2.5.15 2010.4.30.22 2010-04-30 0.08 -
McAfee 5400.1158 5968 2010-04-30 0.02 -
Microsoft 1.5703 2010.05.01 2010-05-01 0.08 -
Norman 6.04.12 6.04.00 2010-04-30 4.00 -
Panda 9.05.01 2010.04.30 2010-04-30 0.08 -
Trend Micro 9.120-1004 7.138.15 2010-04-30 0.03 -
Quick Heal 10.00 2010.04.29 2010-04-29 0.08 -
Rising 20.0 22.45.04.03 2010-04-30 0.08 -
Sophos 3.06.0 4.52 2010-05-01 3.62 -
Sunbelt 3.9.2418.2 6242 2010-04-30 0.08 -
Symantec 1.3.0.24 20100430.003 2010-04-30 0.05 -
nProtect 20100429.01 8053525 2010-04-29 0.08 -
The Hacker 6.5.2.0 v00274 2010-04-29 0.08 -
VBA32 3.12.12.4 20100429.2024 2010-04-29 2.54 -
VirusBuster 4.5.11.10 10.126.9/2000197 2010-04-30 2.47 -
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
VirSCAN.org Scanned Report :
Scanned time : 2010/05/01 00:01:10 (CDT)
Scanner results: Scanners did not find malware!
File Name : atapi.sys
File Size : 21560 byte
File Type : PE32 executable for MS Windows (native) Intel 80386 32-bit
MD5 : 2d9c903dc76a66813d350a562de40ed9
SHA1 : 61cfdf31b678356ff5362d5409ddc7bd9df0683 b
Online report : http://virscan.org/report/263dca731f87fca55c5c7d69c7255b33.html
Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.5.0.8 20100501070118 2010-05-01 0.08 -
AhnLab V3 2010.04.30.02 2010.04.30 2010-04-30 0.09 -
AntiVir 8.2.1.224 7.10.7.16 2010-04-30 0.29 -
Antiy 2.0.18 20100429.4301541 2010-04-29 0.13 -
Arcavir 2009 201004291451 2010-04-29 0.04 -
Authentium 5.1.1 201004302217 2010-04-30 1.32 -
AVAST! 4.7.4 100430-1 2010-04-30 0.00 -
AVG 8.5.793 271.1.1/2846 2010-05-01 0.23 -
BitDefender 7.81008.5692644 7.31454 2010-05-01 3.62 -
ClamAV 0.95.3 10885 2010-05-01 0.01 -
Comodo 3.13.579 4723 2010-04-30 0.08 -
CP Secure 1.3.0.5 2010.04.30 2010-04-30 0.04 -
Dr.Web 5.0.2.3300 2010.05.01 2010-05-01 7.05 -
F-Prot 4.4.4.56 20100430 2010-04-30 1.37 -
F-Secure 7.02.73807 2010.04.30.12 2010-04-30 0.12 -
Fortinet 4.0.14 11.761 2010-04-30 0.08 -
GData 21.61/21.22 20100501 2010-05-01 0.08 -
ViRobot 20100430 2010.04.30 2010-04-30 0.08 -
Ikarus T3.1.01.80 2010.04.30.75753 2010-04-30 5.89 -
JiangMin 13.0.900 2010.04.29 2010-04-29 0.08 -
Kaspersky 5.5.10 2010.04.30 2010-04-30 0.08 -
KingSoft 2009.2.5.15 2010.4.30.22 2010-04-30 0.08 -
McAfee 5400.1158 5968 2010-04-30 0.02 -
Microsoft 1.5703 2010.05.01 2010-05-01 0.08 -
Norman 6.04.12 6.04.00 2010-04-30 4.01 -
Panda 9.05.01 2010.04.30 2010-04-30 0.08 -
Trend Micro 9.120-1004 7.140.01 2010-04-30 0.03 -
Quick Heal 10.00 2010.04.29 2010-04-29 0.08 -
Rising 20.0 22.45.04.03 2010-04-30 0.08 -
Sophos 3.06.0 4.52 2010-05-01 3.69 -
Sunbelt 3.9.2418.2 6242 2010-04-30 0.08 -
Symantec 1.3.0.24 20100430.003 2010-04-30 0.20 -
nProtect 20100429.01 8053525 2010-04-29 0.08 -
The Hacker 6.5.2.0 v00274 2010-04-29 0.08 -
VBA32 3.12.12.4 20100429.2024 2010-04-29 2.42 -
VirusBuster 4.5.11.10 10.126.9/2000197 2010-04-30 2.33 -
-
Sorry. Forgot to ask...has KIS been disabled all this time?
-
I disabled it when I tried to run IceSword and Norman TDSS cleaner.
It was active all other times.
-
Disable it for this round.
Please download DeFogger (http://www.jpshortstuff.247fixes.com/Defogger.exe) to your desktop.
Double click DeFogger to run the tool.
- The application window will appear
- Click the Disable button to disable your CD Emulation drivers
- Click Yes to continue
- A 'Finished!' message will appear
- Click OK
- If DeFogger ask to reboot the machine - click OK
IMPORTANT!
If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.
Do not re-enable these drivers until otherwise instructed.
===================
Re-run GMER, and post a log.
-
Disabled KIS
Ran DeFogger:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:34 on 01/05/2010 (Administrator)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Already disabled
-=E.O.F=-
After close to 20 tries >:( finally got GMER to complete and able to save a log before my computer crashed.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-02 16:23:34
Windows 6.0.6001 Service Pack 1
Running: gmer.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\pggdikod.sys
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!RtlPrefetchMemoryNonTemporal 85E68068 1 Byte [90]
.text ntkrnlpa.exe!ZwQueryLicenseValue + D21 85E6BBD9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 4FA 85EC8EEA 18 Bytes [E0, 25, 7F, FF, FF, FF, 0F, ...]
.text ntkrnlpa.exe!KiDispatchInterrupt + 512 85EC8F02 1 Byte [00]
.text ntkrnlpa.exe!KeSetTimerEx + 34C 85ECCA10 4 Bytes [D0, 1B, 19, 96]
.text ntkrnlpa.exe!KeSetTimerEx + 370 85ECCA34 8 Bytes [2C, 35, 19, 96, 82, 37, 19, ...] {SUB AL, 0x35; SBB [ESI-0x69e6c87e], EDX}
.text ntkrnlpa.exe!KeSetTimerEx + 3B4 85ECCA78 4 Bytes [FC, 39, 19, 96] {CLD ; CMP [ECX], EBX; XCHG ESI, EAX}
.text ntkrnlpa.exe!KeSetTimerEx + 3DC 85ECCAA0 4 Bytes [50, 24, 19, 96] {PUSH EAX; AND AL, 0x19; XCHG ESI, EAX}
.text ntkrnlpa.exe!KeSetTimerEx + 3F4 85ECCAB8 4 Bytes [32, 2B, 19, 96]
.text ...
PAGE spsys.sys!?SPVersion@@3PADA + 1A67 8144A03F 240 Bytes [8B, FF, 55, 8B, EC, 8B, 45, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 1B58 8144A130 6 Bytes [0E, 83, 78, 14, 01, 75]
PAGE spsys.sys!?SPVersion@@3PADA + 1B5F 8144A137 2214 Bytes [83, 78, 18, 37, 75, 02, B3, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 2406 8144A9DE 47 Bytes [04, BB, A8, 01, 00, 00, 8D, ...]
PAGE spsys.sys!?SPVersion@@3PADA + 2436 8144AA0E 44 Bytes [05, 00, 00, 39, 54, 8D, D0, ...]
PAGE ...
---- User code sections - GMER 1.0.15 ----
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\Windows\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: 32.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] USER32.dll!GetAppCompatFlags2 + 880 759B6390 4 Bytes [70, 11, 33, 6D]
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\klavemu.kdl section is writeable [0x38401000, 0x17C000, 0xE0000020]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\klavemu.kdl entry point in ".pklav" section [0x3870B1A8]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\klavemu.kdl unknown last code section [0x3870B000, 0x2000, 0xE00000E0]
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kjim.kdl section is writeable [0x38801000, 0x6F000, 0xE0000020]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kjim.kdl entry point in ".pklav" section [0x3897C118]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kjim.kdl unknown last code section [0x3897C000, 0x2000, 0xE00000E0]
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\mark.kdl section is writeable [0x38301000, 0x1F000, 0xE0000020]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\mark.kdl entry point in ".pklav" section [0x3832B1E0]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\mark.kdl unknown last code section [0x3832B000, 0x2000, 0xE00000E0]
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\qscan.kdl section is writeable [0x38C01000, 0x9E000, 0xE0000020]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\qscan.kdl entry point in ".pklav" section [0x38CC1178]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\qscan.kdl unknown last code section [0x38CC1000, 0x2000, 0xE00000E0]
CODE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avzkrnl.dll entry point in "CODE" section [0x09376CB4]
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kavsys.kdl section is writeable [0x38D01000, 0x29000, 0xE0000020]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kavsys.kdl entry point in ".pklav" section [0x38D382A4]
.pklav C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] C:\ProgramData\Kaspersky Lab\AVP9\Bases\kavsys.kdl unknown last code section [0x38D38000, 0x2000, 0xE00000E0]
.text C:\Windows\System32\spoolsv.exe[1752] msonpmon.dll!InitializePrintMonitor2 + FFFFF09C 71D81418 4 Bytes [FC, D7, 02, BA]
.text C:\Windows\System32\spoolsv.exe[1752] msonpppr.dll!EnumPrintProcessorDatatypesW + FFFFCA40 718812FC 4 Bytes [3A, 06, 0E, BA]
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] C:\Windows\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: 32.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] USER32.dll!GetAppCompatFlags2 + 880 759B6390 4 Bytes [70, 11, 33, 6D]
UPX1 C:\Users\Administrator\Desktop\gmer.exe[2916] C:\Users\Administrator\Desktop\gmer.exe entry point in "UPX1" section [0x004B3F40]
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!SetUnhandledExceptionFilter] 01220010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateProcessA] 01220080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetModuleFileNameA] 012200F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateThread] 00170010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetModuleFileNameW] 01220160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateProcessW] 012201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!SetErrorMode] 01220240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!LoadLibraryW] 012202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!VirtualAlloc] 00170080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!VirtualFree] 001700F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!LoadLibraryA] 01220320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetProcAddress] 01220390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!FreeLibrary] 01220400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!HeapFree] 00170160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00170240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 001702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 00170320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00170390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\memmng.dll [KERNEL32.dll!VirtualAlloc] 00170470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\memmng.dll [KERNEL32.dll!GetProcAddress] 01220470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetModuleFileNameW] 012204E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetProcAddress] 01220550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!LoadLibraryA] 012205C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!FreeLibrary] 01220630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetModuleFileNameA] 012206A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!LoadLibraryExA] 01220710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!CreateThread] 001704E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01220780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!CreateProcessA] 012207F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 00170550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 001705C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01220860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 012208D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 01220940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 012209B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 01220A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 01220A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 001706A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 00170710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!HeapFree] 001707F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 00170860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 001708D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 00170940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 01220B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 01220B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 001709B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 01220BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 01220C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 01220CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 01220D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 00170B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 00170BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01220DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 01220E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 00170C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 00170CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00170D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00170DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 01220E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 00170E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 01220EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 01220F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 76FC0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 76FC0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 76FC06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 76FC0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432]
-
[ntdll.dll!RtlFreeHeap] 77420EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 01230940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 012309B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 77420F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00180080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 01230A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01230A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 01230B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 01230B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 01230BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 01230C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 01230CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree] 00180160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] 001802B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 01230D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy] 00180320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 01230DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 00180390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01230E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 01230E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 01230EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 01230F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 01240010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 01240080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 012400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00180400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 00180470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 001804E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\FLTLIB.DLL [ntdll.dll!RtlAllocateHeap] 00180550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\FLTLIB.DLL [ntdll.dll!RtlFreeHeap] 001805C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\FLTLIB.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01240160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!FreeLibrary] 012401D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!GetProcAddress] 01240240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!LoadLibraryW] 012402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!LoadLibraryExW] 01240320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!SetErrorMode] 01240390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01240400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\VERSION.dll [ntdll.dll!RtlAllocateHeap] 00180630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01240470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!FreeLibrary] 012404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!LoadLibraryW] 01240550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!GetProcAddress] 012405C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01240630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!FreeLibrary] 012406A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!CreateProcessW] 01240710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!LoadLibraryExW] 01240780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!LoadLibraryW] 012407F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!GetProcAddress] 01240860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!GetModuleFileNameW] 012408D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\LPK.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01240940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!GetProcAddress] 012409B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!LoadLibraryA] 01240A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01240A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!GetModuleFileNameA] 01240B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!GetProcAddress] 01240B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!FreeLibrary] 01240BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!LoadLibraryA] 01240C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!LoadLibraryExW] 01240CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!LoadLibraryW] 01240D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!GetModuleFileNameW] 01240DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01240E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01240E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 01240EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 01240F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 01250010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 01250080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 012500F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01250160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!GetProcAddress] 012501D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!LoadLibraryA] 01250240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!GetModuleFileNameA] 012502B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CLLDR.DLL [KERNEL32.dll!GetProcAddress] 01250320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CLLDR.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01250390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01250400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!LoadLibraryW] 01250470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!SetErrorMode] 012504E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!FreeLibrary] 01250550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 012505C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!GetModuleFileNameW] 01250630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!GetModuleFileNameA] 012506A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!LoadLibraryA] 01250710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!GetProcAddress] 01250780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 012507F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 01250860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 012508D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 01250940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 012509B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 01250A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pxstub.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\params.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\winreg.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\winreg.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mkavio.ppl [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mkavio.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!SetErrorMode] 76FC0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!CreateProcessA] 76FC0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!CreateProcessW] 76FC0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nfio.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MPR.dll [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fsdrvplg.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fsdrvplg.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:
-
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINNSI.DLL [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wmihlpr.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wmihlpr.ppl [KERNEL32.dll!CreateProcessW] 76FC0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wmihlpr.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wmihlpr.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wmihlpr.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!SetErrorMode] 76FC0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\regmap.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ndetect.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ndetect.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ndetect.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ndetect.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\crpthlpr.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\crpthlpr.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\crpthlpr.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\crpthlpr.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\MSASN1.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\dtreg.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sfdb.ppl [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sfdb.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\schedule.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\timer.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\timer.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\report.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\reportdb.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\reportdb.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\lic.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\lic.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\lic.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!LoadLibraryExA] 76FC0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rsaenh.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rsaenh.dll [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\icheck3.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\icheck3.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avs.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avs.ppl [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avs.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avlib.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avspm.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avspm.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avspm.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avspm.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avspm.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\qb.ppl [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\qb.ppl [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\qb.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!CreateProcessW] 76FC0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\procmon.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\procmon.ppl [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\procmon.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\procmon.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\procmon.ppl [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WSOCK32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sandbox.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sandbox.ppl [KERNEL32.dll!CreateProcessW] 76FC0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sandbox.ppl [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sandbox.ppl [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sandbox.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sandbox.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klsrlsvc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klsrlsvc.ppl [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klsrlsvc.ppl [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\propmap.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\filemap.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NLAapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NLAapi.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NLAapi.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NLAapi.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NLAapi.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\napinsp.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\pnrpnsp.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\pnrpnsp.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\pnrpnsp.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\System32\mswsock.dll [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\System32\mswsock.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\System32\mswsock.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\System32\mswsock.dll [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\System32\mswsock.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\System32\mswsock.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\System32\mswsock.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\System32\mswsock.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\System32\mswsock.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky
-
[ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\TAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\rtutils.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!SetErrorMode] 76FC0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINMM.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OLEACC.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wlanapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wlanapi.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wlanapi.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wlanapi.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipFree] [73E9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipAlloc] [73E969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateImageAttributes] [73ECB716] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImageAttributes] [73ECB797] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDeleteGraphics] [73E9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImage] [73E971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageWidth] [73EA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusStartup] [73EA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusShutdown] [73EA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCloneImage] [73EE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDrawImageRectRectI] [73EA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetInterpolationMode] [73E9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageGraphicsContext] [73EA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetImageAttributesWrapMode] [73EC4D93] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [73EAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromScan0] [73E9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73EDB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStream] [73EABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageHeight] [73EA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\eappprxy.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\eappprxy.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\eappprxy.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\eappprxy.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\eappcfg.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\eappcfg.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\eappcfg.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\eappcfg.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\eappcfg.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\eappcfg.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\eappcfg.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\DUser.dll [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\DUser.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\DUser.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\DUser.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\DUser.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\DUser.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\DUser.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\DUser.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\bc
-
Security 2010\oas.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\volenum.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!LoadLibraryExA] 76FC0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pdm2rt.ppl [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgs.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgs.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgs.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avpgs.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\sc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\httpscan.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\smtpprtc.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\smtpprtc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pop3prtc.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\pop3prtc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\trafmon2.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\trafmon2.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\trafmon2.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\trafmon2.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\maildisp.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\maildisp.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\maildisp.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\maildisp.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!CreateProcessW] 76FC0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!SetErrorMode] 76FC0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\imapprtc.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\imapprtc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nntpprtc.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\nntpprtc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\urlflt.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\urlflt.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\urlflt.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\urlflt.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\webnetstat.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wintrust.dll [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wintrust.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\imagehlp.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\System32\wship6.dll [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ncrypt.dll [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ncrypt.dll [ntdll.dll!RtlSizeHeap] 77420160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ncrypt.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NTMARTA.DLL [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\NTMARTA.DLL [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SAMLIB.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\GPAPI.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\slc.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\slc.dll [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\slc.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\slc.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\slc.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\slc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!LoadLibraryExA] 76FC0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SensApi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\SensApi.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\Cabinet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\ProgramData\Kaspersky Lab\AVP9\Bases\vlns.kdl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\ProgramData\Kaspersky Lab\AVP9\Bases\vlns.kdl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\ProgramData\Kaspersky Lab\AVP9\Bases\vlns.kdl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\ProgramData\Kaspersky Lab\AVP9\Bases\vlns.kdl [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\ProgramData\Kaspersky Lab\AVP9\Bases\vlns.kdl [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\ProgramData\Kaspersky Lab\AVP9\Bases\vlns.kdl [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\ProgramData\Kaspersky Lab\AVP9\Bases\vlns.kdl [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\ProgramData\Kaspersky Lab\AVP9\Bases\vlns.kdl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!CreateProcessW] 76FC0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!GetModuleFileNameW]
-
[COMCTL32.dll!PropertySheetW] [74DF806C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!CreatePropertySheetPageW] [74DF2A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!CreateToolbarEx] [74DF9C52] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!ImageList_Destroy] [74D52E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!ImageList_Draw] [74DB910F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!ImageList_GetIconSize] [74D40E7A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!SetErrorMode] 76FC0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!CreateProcessW] 76FC0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\msi.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wdiskio.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\wdiskio.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\EXTLprtc.ppl [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ICQprtc.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ICQprtc.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ICQprtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MSNprtc.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MSNprtc.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MSNprtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\JbrPrtc.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\JbrPrtc.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\JbrPrtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\IRCPrtc.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\IRCPrtc.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\IRCPrtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Yhoprtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Yhoprtc.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Yhoprtc.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\httpanlz.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\httpanlz.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MMPprtc.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MMPprtc.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\MMPprtc.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\uniarc.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\minizip.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\cab.ppl [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\arj.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\rar.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\lha.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mdb.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\mapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\msoe.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\msoe.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\msoe.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\msoe.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mailmsg.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mailmsg.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mailmsg.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mailmsg.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mailmsg.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\comstmio.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\btimages.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prutil.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[432] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73EA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73EE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73EAB9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73E9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73EA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73E9EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73EDB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73EABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73EA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73EA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73E971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73F2D848] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73EC7379] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73E9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73E9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73E969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73EA2465] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL [COMCTL32.dll!ImageList_Create] [74D42AF7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL [COMCTL32.dll!ImageList_AddMasked] [74D3860C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL [COMCTL32.dll!ImageList_GetIcon] [74D37CC7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL [COMCTL32.dll!_TrackMouseEvent] [74D6F7E6] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL [COMCTL32.dll!ImageList_Destroy] [74D52E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [COMCTL32.dll!InitCommonControlsEx] [74D41322] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipSetSmoothingMode] [73EA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDrawLineI] [73EE04E6] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporat
-
.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdiplusShutdown] [73EA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDisposeImage] [73E971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipGetRegionHRgn] [73EF79EF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDeleteRegion] [73ECC353] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDeleteGraphics] [73E9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDeletePath] [73ECF286] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCreatePath] [73ED2B99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDeletePen] [73EFE48D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipCreatePen1] [73EFDF99] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipDeleteBrush] [73ECF3C3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipAlloc] [73E969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\timedate.cpl [gdiplus.dll!GdipFree] [73E9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\authui.dll [COMCTL32.dll!ImageList_Destroy] [74D52E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\authui.dll [COMCTL32.dll!ImageList_GetImageCount] [74D27392] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\authui.dll [COMCTL32.dll!ImageList_LoadImageW] [74D3885D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\authui.dll [COMCTL32.dll!ImageList_DrawEx] [74D2D25A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\authui.dll [COMCTL32.dll!InitCommonControlsEx] [74D41322] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\SndVolSSO.dll [gdiplus.dll!GdiplusStartup] [73EA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\SndVolSSO.dll [gdiplus.dll!GdiplusShutdown] [73EA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdiplusStartup] [73EA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdiplusShutdown] [73EA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipGetImageThumbnail] [73F2E1DA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipFree] [73E9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipAlloc] [73E969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipDeleteGraphics] [73E9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipDisposeImage] [73E971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipCreateBitmapFromFile] [73EE0405] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipCreateBitmapFromFileICM] [73F2E2A6] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipCreateHICONFromBitmap] [73ECA2F2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipDrawImageRectI] [73EAB9D4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipCreateFromHDC] [73E9EA65] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipSetSmoothingMode] [73EA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\pnidui.dll [gdiplus.dll!GdipCloneImage] [73EE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipFree] [73E9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipAlloc] [73E969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateImageAttributes] [73ECB716] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImageAttributes] [73ECB797] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDeleteGraphics] [73E9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDisposeImage] [73E971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageWidth] [73EA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusStartup] [73EA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdiplusShutdown] [73EA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCloneImage] [73EE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipDrawImageRectRectI] [73EA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetInterpolationMode] [73E9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageGraphicsContext] [73EA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipSetImageAttributesWrapMode] [73EC4D93] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [73EAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromScan0] [73E9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73EDB17D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipCreateBitmapFromStream] [73EABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\OneX.DLL [gdiplus.dll!GdipGetImageHeight] [73EA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [COMCTL32.dll!ImageList_Create] [74D42AF7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [COMCTL32.dll!ImageList_ReplaceIcon] [74D597AE] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [COMCTL32.dll!ImageList_Destroy] [74D52E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipCreateBitmapFromScan0] [73E9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipCreateBitmapFromFileICM] [73F2E2A6] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipGetImageHeight] [73EA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipBitmapLockBits] [73EA345D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipSaveImageToFile] [73ECD983] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipDisposeImage] [73E971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipDeleteGraphics] [73E9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipAlloc] [73E969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipFree] [73E9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipBitmapUnlockBits] [73EA34E8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipGetImageEncoders] [73ECD552] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipGetImageEncodersSize] [73ECD6DC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipGraphicsClear] [73EE95B2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipGetImageGraphicsContext] [73EA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipDrawImageRect] [73EABA20] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipCloneImage] [73EE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipSetClipRectI] [73EF786B] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdiplusStartup] [73EA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipGetImageWidth] [73EA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdiplusShutdown] [73EA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\DreamScene.dll [gdiplus.dll!GdipCreateBitmapFromFile] [73EE0405] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!_TrackMouseEvent] [74D6F7E6] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!CreatePropertySheetPageW] [74DF2A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDrawImageRectRectI] [73EA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetSmoothingMode] [73EA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\System32\Branding\folde
-
\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Destroy] [74D52E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Draw] [74DB910F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_GetIconSize] [74D40E7A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipAlloc] [73E969A9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [73EAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipCreateBitmapFromStream] [73EABC9A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipCloneImage] [73EE98A5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipFree] [73E9697E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdiplusStartup] [73EA7A79] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdipDisposeImage] [73E971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamControl.dll [gdiplus.dll!GdiplusShutdown] [73EA88B4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\fxsst.dll [COMCTL32.dll!ImageList_Destroy] [74D52E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\fxsst.dll [COMCTL32.dll!ImageList_Create] [74D42AF7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\fxsst.dll [COMCTL32.dll!ImageList_Add] [74D72208] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!__CppXcptFilter] [05EDC45B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!_adjust_fdiv] [05F1C940] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!_initterm] [05ED1CBE] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!_onexit] [05ED1D5F] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!__dllonexit] [05EDC095] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!?terminate@@YAXXZ] [05EE9A41] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!??1type_info@@UAE@XZ] [05EE8CA6] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!__security_error_handler] [05EDD5A5] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!realloc] [05EE24FF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!memcpy] [05ED2EBB] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!_except_handler3] [05ED240D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!free] [05ED2151] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!malloc] [05ED16E9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!memcmp]
[05ED3234] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!_wcsicmp] [05EE0452] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!memmove] [05ED298E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!??0bad_cast@@QAE@PBD@Z] [05EE8AC1] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!??1bad_cast@@UAE@XZ] [05EE8AF2] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!??0bad_cast@@QAE@ABV0@@Z] [05EE8ADA] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!memset] [05ED1222] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!wcslen] [05EE043C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!_purecall] [05EF5BE2] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!wcsncpy] [05EE04FF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!_CxxThrowException] [05EE9AB9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!??0exception@@QAE@ABV0@@Z] [05EE8A54] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!__CxxFrameHandler] [05EE9B77] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!??0exception@@QAE@XZ] [05EE8A06] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [MSVCR71.dll!??1exception@@UAE@XZ] [05EE8A9E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!__CppXcptFilter] [05EDC45B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_adjust_fdiv] [05F1C940] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_initterm] [05ED1CBE] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_onexit] [05ED1D5F] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!__dllonexit] [05EDC095] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!?terminate@@YAXXZ] [05EE9A41] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!__security_error_handler] [05EDD5A5] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!??1type_info@@UAE@XZ] [05EE8CA6] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_itow] [05EE44B3] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcsncpy] [05EE04FF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcscpy] [05EE0420] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_ltow] [05EE44EE] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_ultow] [05EE4529] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!iswdigit] [05EE4EB7] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!ceil] [05ED5284] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcsncmp] [05F001A3] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_wcsnicmp] [05EFFCBB] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_wsplitpath] [05EF6642] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_wfullpath] [05EE7C53] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_wtol] [05EE4D4E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!__p___argc] [05ED8FD3] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!__p___wargv] [05ED8FDF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_beginthreadex] [05ED958A] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_endthreadex] [05ED94C5] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_wcsdup] [05EE053C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_expand] [05EF0B61] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_wtoi] [05EE4DAD] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcstod] [05EE54F8] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcstol] [05EE5852] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcstoul] [05EE5869] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!swscanf] [05EFC258] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!abs] [05EF6843] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!labs] [05EF6843] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_snwprintf] [05EFA5DC] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!calloc] [05ED2357] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!__CxxFrameHandler] [05EE9B77] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_msize] [05ED20A2] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_purecall] [05EF5BE2] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_localtime64] [05F00C10] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mktime64] [05F0106E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!realloc] [05EE24FF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!fflush] [05EDF6F4] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!fseek] [05EFBB92] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!ftell] [05EFBD55] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!fgetws] [05EFB647] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!fputws] [05EFB8B0] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dl
-
BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!swprintf] [05EFA4B4] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_CxxThrowException] [05EE9AB9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!vsprintf] [05EFA896] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_vscprintf] [05EFA8ED] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbsrev] [05EF55BA] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbslwr] [05EF4B13] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbsupr] [05EF5929] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbscspn] [05EF4A4D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbsspn] [05EF56F9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbspbrk] [05EDBC95] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbsrchr] [05EF554F] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbschr] [05EE3F07] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbsstr] [05EF57CC] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbsicoll] [05EF4A74] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbscoll] [05EF4997] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbsicmp] [05EDB958] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbscmp] [05EDBB36] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_ismbcspace] [05EF437B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_mbsinc] [05EF4AB3] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!free] [05ED2151] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!strlen] [05ED17D5] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!memmove] [05ED298E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcslen] [05EE043C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!memcpy] [05ED2EBB] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!vswprintf] [05EFA91D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_vscwprintf] [05EFA98B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_wcsrev] [05EFFDA4] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_wcslwr] [05EFFB23] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_wcsupr] [05EFFDEF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcscspn] [05F00123] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcsspn] [05F00208] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcspbrk] [05EE059C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcsrchr] [05F001D8] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcschr] [05EE0702] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcsstr] [05F0024E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_wcsicoll] [05EFFA86] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcscoll] [05F000CD] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_wcsicmp] [05EE0452] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!wcscmp] [05EE056A] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!iswspace] [05EE4ED6] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!_except_handler3] [05ED240D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!memset] [05ED1222] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!strcpy] [05ED174A] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL [MSVCR71.dll!strcmp] [05ED2CC0] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!setvbuf] [05EDF7A2] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!fflush] [05EDF6F4] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!ungetc] [05EFC576] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!fgetc] [05EFB417] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!fwrite] [05EFBEFB] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!fputc] [05EFB6C7] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!_Getdays] [05EE07A3] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!_Getmonths] [05EE0822] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!fgetpos] [05EFB467] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!fseek] [05EFBB92] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!fsetpos] [05EFBBDB] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!fclose] [05EE0223] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!__iob_func] [05ED901B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!fopen] [05EF9CBD] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!atan2] [05ED3BDA] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!cos] [05ED3C02] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!exp] [05ED3CD8] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!ldexp] [05F04F20] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!log] [05ED3D94] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!pow] [05ED4030] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!sin] [05ED42CC] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!sqrt] [05ED437A] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!tan] [05ED4434] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!fgetwc] [05EFB603] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!fputwc] [05EFB866] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!ungetwc] [05EFC6CA] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!strtol] [05EE5426] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!_errno] [05ED9ED0] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!_Strftime] [05EE1338] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!strcspn] [05ED31F0] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!strtoul] [05EE543D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!_strtoi64] [05EE48AA] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!_strtoui64] [05EE48C1] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!sprintf] [05EFA42B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!abort] [05EDCF7C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!realloc] [05EE24FF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!setlocale] [05EDCE22] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!_CxxThrowException] [05EE9AB9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!??0exception@@QAE@XZ] [05EE8A06] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!malloc] [05ED16E9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!?what@exception@@UBEPBDXZ] [05EE8AB4] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!??0exception@@QAE@ABQBD@Z] [05EE8A17] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z] [05ED87B5] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!__uncaught_exception] [05EE8F30] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!towlower]&nb
-
[05ED1CBE] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!_adjust_fdiv] [05F1C940] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!__CppXcptFilter] [05EDC45B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!??0bad_cast@@QAE@PBD@Z] [05EE8AC1] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!??1bad_cast@@UAE@XZ] [05EE8AF2] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!??0bad_cast@@QAE@ABV0@@Z] [05EE8ADA] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!??0exception@@QAE@ABV0@@Z] [05EE8A54] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!__CxxFrameHandler] [05EE9B77] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!___mb_cur_max_func] [05EDE710] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!??_V@YAXPAX@Z] [05EF0951] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!??3@YAXPAX@Z] [05EF094A] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!_Gettnames] [05EE08B7] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!localeconv] [05EDDA86] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!free] [05ED2151] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!memset] [05ED1222] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!memchr] [05ED37BD] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!strlen] [05ED17D5] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!memcmp] [05ED3234] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!wcslen] [05EE043C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!memmove] [05ED298E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!??1exception@@UAE@XZ] [05EE8A9E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll [MSVCR71.dll!memcpy] [05ED2EBB] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\WinRar\rarext.dll [COMCTL32.DLL!CreatePropertySheetPageA] [74DF2A55] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\WinRar\rarext.dll [COMCTL32.DLL!DestroyPropertySheetPage] [74DF2728] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!malloc] [05ED16E9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!free] [05ED2151] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_resetstkoflw] [05EE2808] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_except_handler3] [05ED240D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!__CxxFrameHandler] [05EE9B77] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!wcsncpy] [05EE04FF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!realloc] [05EE24FF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!??0exception@@QAE@ABV0@@Z] [05EE8A54] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!??0bad_cast@@QAE@ABV0@@Z] [05EE8ADA] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!??1bad_cast@@UAE@XZ] [05EE8AF2] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!??0bad_cast@@QAE@PBD@Z] [05EE8AC1] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_CxxThrowException] [05EE9AB9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!tolower] [05EE2396] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!toupper] [05EE49D4] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_purecall] [05EF5BE2] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!memmove] [05ED298E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!??1exception@@UAE@XZ] [05EE8A9E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!??0exception@@QAE@XZ] [05EE8A06] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!__RTDynamicCast] [05EEA28F] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!towlower] [05EE227C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!towupper] [05EE54B5] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_mbsrchr] [05EF554F] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!fopen] [05EF9CBD] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!fwrite] [05EFBEFB] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!fclose] [05EE0223] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!wcscmp] [05EE056A] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!wcslen] [05EE043C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!strstr] [05ED28CF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!?name@type_info@@QBEPBDXZ] [05EE999F] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!__RTtypeid] [05EE9EE0] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!floor] [05ED539F] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!ftell] [05EFBD55] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!fseek] [05EFBB92] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!time] [05F019E4] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!__doserrno] [05ED9ED9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!fread] [05EFBA07] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!strncmp] [05ED2955] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!??8type_info@@QBEHABV0@@Z] [05EE8CEC] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_stricmp] [05EE05DC] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!atoi] [05EE1E08] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!strncpy] [05ED26C3] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_atoi64] [05EE1E0D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_ismbcalpha] [05EF3E77] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z] [05EE9986] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!rand] [05EF6BE9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_getcwd] [05EE6E19] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_mbschr] [05EE3F07] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!strtod] [05EE51D9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!??9type_info@@QBEHABV0@@Z] [05EE8D07] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_mbsnbcpy] [05EDBAA3] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_time64] [05F01152] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_mbsicmp] [05EDB958] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_ismbcdigit] [05EF3F0C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!sprintf] [05EFA42B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_ismbcspace] [05EF437B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!wcsncmp] [05F001A3] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!atof] [05EE4E3D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_localtime64] [05F00C10] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!wcschr] [05EE0702] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!iswspace] [05EE4ED6] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!calloc] [05ED2357] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!memset] [05ED1222] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!??1type_info@@UAE@XZ] [05EE8CA6] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!__security_error_handler] [05EDD5A5] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!__dllonexit] [05EDC095] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_onexit] [05ED1D5F] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!?terminate@@YAXXZ] [05EE9A41] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_initterm] [05ED1CBE] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!_adjust_fdiv] [05F1C940] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [MSVCR71.dll!__CppXcptFilter] &nb
-
[05EF4DEA] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_splitpath] [05EF5E21] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_fullpath] [05EE6C4D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!atol] [05EE1D80] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!__p___argc] [05ED8FD3] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!__p___argv] [05ED8FD9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_beginthreadex] [05ED958A] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_endthreadex] [05ED94C5] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_strdup] [05EE03CB] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbsdec] [05EDBBCA] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!atoi] [05EE1E08] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_expand] [05EF0B61] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!strtod] [05EE51D9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!strtol] [05EE5426] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!strtoul] [05EE543D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!sscanf] [05EFC224] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!abs] [05EF6843] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!labs] [05EF6843] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbctype] [05F1CA60] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_snprintf] [05EFA554] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!__CxxFrameHandler] [05EE9B77] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!calloc] [05ED2357] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_msize] [05ED20A2] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_purecall] [05EF5BE2] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_localtime64] [05F00C10] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mktime64] [05F0106E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!realloc] [05EE24FF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!fflush] [05EDF6F4] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!fseek] [05EFBB92] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!ftell] [05EFBD55] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!fgets] [05EFB489] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!fputs] [05EFB71F] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!fwrite] [05EFBEFB] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!fread] [05EFBA07] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!clearerr] [05EFB39C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!fclose] [05EE0223] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_open_osfhandle] [05EE3342] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_fdopen] [05EF9A37] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!__doserrno] [05ED9ED9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_get_osfhandle] [05EE30C3] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!abort] [05EDCF7C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!memcmp] [05ED3234] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!sprintf] [05EFA42B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_CxxThrowException] [05EE9AB9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!vsprintf] [05EFA896] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_vscprintf] [05EFA8ED] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbsrev] [05EF55BA] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbslwr] [05EF4B13] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbsupr] [05EF5929] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbscspn] [05EF4A4D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbsspn] [05EF56F9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbspbrk] [05EDBC95] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbsrchr] [05EF554F] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbschr] [05EE3F07] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbsstr] [05EF57CC] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbsicoll] [05EF4A74] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbscoll] [05EF4997] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbsicmp] [05EDB958] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbscmp] [05EDBB36] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_ismbcspace] [05EF437B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_mbsinc] [05EF4AB3] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!strlen] [05ED17D5] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!memmove] [05ED298E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!wcslen] [05EE043C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!memcpy] [05ED2EBB] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!vswprintf] [05EFA91D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_vscwprintf] [05EFA98B] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_wcsrev] [05EFFDA4] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_wcslwr] [05EFFB23] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_wcsupr] [05EFFDEF] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!wcscspn] [05F00123] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!wcsspn] [05F00208] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!wcspbrk] [05EE059C] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!wcsrchr] [05F001D8] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!wcschr] [05EE0702] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!wcsstr] [05F0024E] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_wcsicoll] [05EFFA86] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!wcscoll] [05F000CD] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_wcsicmp] [05EE0452] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!wcscmp] [05EE056A] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!iswspace] [05EE4ED6] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!wcscpy] [05EE0420] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!memset] [05ED1222] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_except_handler3] [05ED240D] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!_resetstkoflw] [05EE2808] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!free] [05ED2151] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!malloc] [05ED16E9] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!strcmp] [05ED2CC0] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL [MSVCR71.dll!strcpy] [05ED174A] C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[508] @ C:\Windows\system32\MSVFW32.dll [COMCTL32.dll!CreateToolbarEx] [74DF9C52] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\co
-
[73CF26BB] c:\windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineDrop] [73CDCB42] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineGetTranslateCapsA] [73CF3A93] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineAccept] [73CDBD0B] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineAnswer] [73CDBECC] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineMakeCallA] [73CDF6CA] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineGetDevConfigA] [73CDE83E] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineSetDevConfigA] [73CE0BD3] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineInitializeExA] [73CD59A6] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineDevSpecific] [73CDC7BE] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineSetStatusMessages] [73CE0EFD] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineGetCallInfoA] [73CDE10D] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineNegotiateAPIVersion] [73CD5D8E] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineNegotiateExtVersion] [73CD5E36] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineOpenA] [73CD5EC6] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineClose] [73CD5BF1] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineGetCallStatus] [73CDE1F7] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineDeallocateCall] [73CDC6F5] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineGetAddressCapsA] [73CD624B] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineGetDevCapsA] [73CD648E] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineGetDevCapsW] [73CD5CFD] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineShutdown] [73CE4187] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\rastapi.dll [TAPI32.dll!lineGetIDA] [73CD661A] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\RASAPI32.dll [TAPI32.dll!lineTranslateAddressW] [73CF3F8E] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\RASAPI32.dll [TAPI32.dll!lineGetCountryW] [73CDE2C1] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\system32\RASAPI32.dll [TAPI32.dll!lineGetTranslateCapsW] [73CF3B50] C:\Windows\system32\TAPI32.dll (Microsoft® Windows(TM) Telephony API Client DLL/Microsoft Corporation)
IAT C:\Windows\system32\svchost.exe[1164] @ C:\Windows\System32\rastls.dll [COMCTL32.dll!InitCommonControlsEx] [74847010] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll (Common Controls Library/Microsoft Corporation)
IAT C:\Windows\system32\SearchIndexer.exe[2364] @ C:\Windows\system32\TQUERY.DLL [query.dll!CITextToSelectTreeEx] [7043523A] C:\Windows\system32\query.dll (Content Index Utility DLL/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!SetUnhandledExceptionFilter] 00470010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateProcessA] 00470080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetModuleFileNameA] 004700F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateThread] 00170010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetModuleFileNameW] 00470160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!CreateProcessW] 004701D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!SetErrorMode] 00470240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!LoadLibraryW] 004702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!VirtualAlloc] 00170080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!VirtualFree] 001700F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!LoadLibraryA] 00470320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!GetProcAddress] 00470390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!FreeLibrary] 00470400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [KERNEL32.dll!HeapFree] 00170160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00170240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 001702B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 00170320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00170390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\memmng.dll [KERNEL32.dll!VirtualAlloc] 00170470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\memmng.dll [KERNEL32.dll!GetProcAddress] 00470470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetModuleFileNameW] 004704E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetProcAddress] 00470550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!LoadLibraryA] 004705C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!FreeLibrary] 00470630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!GetModuleFileNameA] 004706A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!LoadLibraryExA] 00470710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!CreateThread] 001704E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00470780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prremote.dll [KERNEL32.dll!CreateProcessA] 004707F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 00170550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 001705C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00470860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 004708D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00470940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 004709B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00470A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00470A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 001706A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 00170710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!HeapFree] 001707F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 00170860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 001708D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 00170940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00470B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00470B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 001709B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00470BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00470C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00470CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00470D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 00170B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 00170BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00470DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00470E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 00170C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 00170CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00170D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00170DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00470E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 00170E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00470EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00470F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 76FC0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 76FC0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 76FC06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 76FC0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 76FC0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 00170E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 00170EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 76FC0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 76FC08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 76FC0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 76FC09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 76FC0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCP80.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!GetModuleFileNameW] 76FC0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!GetProcAddress] 76FC0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!HeapFree] 00170F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!CreateThread] 77420470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!HeapDestroy] 774204E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!VirtualFree] 77420550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!VirtualAlloc] 77420630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!FreeLibrary] 76FC0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!LoadLibraryA] 76FC0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!LoadLibraryW] 76FC0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!SetErrorMode] 76FC0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!CreateProcessA] 76FC0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll [KERNEL32.dll!CreateProcessW] 76FC0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\W
-
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00480240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 004802B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00480320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] 00480390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 77420A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!HeapFree] 77420B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!GetModuleFileNameW] 00480400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!CreateThread] 77420B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\fssync.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00480470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 77420BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 77420C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 004804E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00480550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 77420CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 77420D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 004805C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameA] 00480630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 004806A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00480710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00480780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 004807F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00480860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapFree] 77420DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 004808D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 77420EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00480940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 004809B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 77420F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00180080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00480A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00480A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00480B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00480B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00480BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00480C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00480CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree] 00180160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] 001802B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00480D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy] 00180320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00480DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 00180390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00480E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00480E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00480EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00480F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00490010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00490080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameA] 004900F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00180400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 00180470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 001804E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\FLTLIB.DLL [ntdll.dll!RtlAllocateHeap] 00180550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\FLTLIB.DLL [ntdll.dll!RtlFreeHeap] 001805C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\FLTLIB.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00490160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!FreeLibrary] 004901D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!GetProcAddress] 00490240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!LoadLibraryW] 004902B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!LoadLibraryExW] 00490320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!SetErrorMode] 00490390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\VERSION.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00490400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\VERSION.dll [ntdll.dll!RtlAllocateHeap] 00180630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00490470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!FreeLibrary] 004904E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!LoadLibraryW] 00490550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!GetProcAddress] 004905C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00490630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!FreeLibrary] 004906A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!CreateProcessW] 00490710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!LoadLibraryExW] 00490780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!LoadLibraryW] 004907F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!GetProcAddress] 00490860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!GetModuleFileNameW] 004908D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\LPK.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00490940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!GetProcAddress] 004909B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!LoadLibraryA] 00490A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00490A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!GetModuleFileNameA] 00490B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!GetProcAddress] 00490B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!FreeLibrary] 00490BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!LoadLibraryA] 00490C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!LoadLibraryExW] 00490CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!LoadLibraryW] 00490D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!GetModuleFileNameW] 00490DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00490E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00490E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00490EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00490F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 004A0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 004A0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 004A00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 004A0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!LoadLibraryA] 004A01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!GetModuleFileNameW] 004A0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!GetProcAddress] 004A02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!LoadLibraryW] 004A0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!FreeLibrary] 004A0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\uxtheme.dll [KERNEL32.dll!LoadLibraryExW] 004A0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 004A0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!GetProcAddress] 004A04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!LoadLibraryA] 004A0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\Ushata.dll [KERNEL32.dll!GetModuleFileNameA] 004A05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CLLDR.DLL [KERNEL32.dll!GetProcAddress] 004A0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\CLLDR.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 004A06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 004A0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!LoadLibraryW] 004A0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!SetErrorMode] 004A07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!FreeLibrary] 004A0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Pr
-
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!LoadLibraryExA] 76FC0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!CreateProcessA] 76FC0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\basegui.ppl [KERNEL32.dll!CreateProcessW] 76FC0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\MSIMG32.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\OLEAUT32.dll [KERNEL32.dll!SetErrorMode] 76FC0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 77420240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\NSI.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!CreateProcessW] 76FC0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!VirtualFree] 77420390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!LoadLibraryExW] 76FC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\CLBCatQ.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!LoadLibraryExA] 76FC0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!VirtualAlloc] 77420320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\rsaenh.dll [ntdll.dll!RtlFreeHeap] 77420080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\rsaenh.dll [ntdll.dll!RtlAllocateHeap] 77420010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!HeapFree] 774202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\thpimpl.ppl [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\wtsapi32.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!CreateThread] 774201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\WINSTA.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RICHED20.DLL [KERNEL32.dll!LoadLibraryA] 76FC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RICHED20.DLL [KERNEL32.dll!LoadLibraryW] 76FC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RICHED20.DLL [KERNEL32.dll!GetModuleFileNameA] 76FC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RICHED20.DLL [KERNEL32.dll!GetModuleFileNameW] 76FC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RICHED20.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 76FC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RICHED20.DLL [KERNEL32.dll!FreeLibrary] 76FC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe[2872] @ C:\Windows\system32\RICHED20.DLL [KERNEL32.dll!GetProcAddress] 76FC0240
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!_TrackMouseEvent] [74D6F7E6] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [COMCTL32.dll!CreatePropertySheetPageW] [74DF2A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDrawImageRectRectI] [73EA0A08] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetSmoothingMode] [73EA7624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipSetInterpolationMode] [73E9FB47] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageGraphicsContext] [73EA2A73] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromScan0] [73E9721D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateBitmapFromFile] [73EE0405] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageHeight] [73EA074E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipGetImageWidth] [73EA06B5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDisposeImage] [73E971B3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipDeleteGraphics] [73E9E109] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\System32\Branding\folderbg\VistaFolderBackground.dll [gdiplus.dll!GdipCreateHBITMAPFromBitmap] [73EAD748] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!InitCommonControlsEx] [74D41322] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!PropertySheetW] [74DF806C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!CreatePropertySheetPageW] [74DF2A3D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!CreateToolbarEx] [74DF9C52] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Destroy] [74D52E74] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_Draw] [74DB910F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
IAT C:\Users\Administrator\Desktop\gmer.exe[2916] @ C:\Windows\system32\COMDLG32.dll [COMCTL32.dll!ImageList_GetIconSize] [74D40E7A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation)
---- Services - GMER 1.0.15 ----
Service .NET CLR Data
Service .NET CLR Networking
Service .NET Data Provider for Oracle
Service .NET Data Provider for SqlServer
Service .NETFramework
Service C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe (CMSPCSUtilSvc/SprintNextel) &nb
-
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Appinfo
Service C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Mobile Device Service/Apple Inc.) [DISABLED] Apple Mobile Device
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] AppMgmt
Service C:\Windows\system32\drivers\arc.sys (Adaptec RAID Storport Driver/Adaptec, Inc.) [DISABLED] arc
Service C:\Windows\system32\drivers\arcsas.sys (Adaptec SAS RAID WS03 Driver/Adaptec, Inc.) [DISABLED] arcsas
Service C:\??\C:\Program Files\ASTRA32\ASTRA32.sys [AUTO] ASTRA32
Service C:\Windows\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\Windows\system32\drivers\atapi.sys (ATAPI IDE Miniport Driver/Microsoft Corporation) [BOOT] atapi
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] AudioEndpointBuilder
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Audiosrv
Service C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Anti-Virus/Kaspersky Lab) [AUTO] AVP
Service (Battery Class Driver/Microsoft Corporation) BattC
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] BFE
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] BITS
Service C:\Windows\system32\drivers\blbdrive.sys (BLB Drive Driver/Microsoft Corporation) [DISABLED] blbdrive
Service [DISABLED] BOHCI
Service C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc.) [DISABLED] Bonjour Service
Service C:\Windows\system32\DRIVERS\bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation) [MANUAL] bowser
Service C:\Windows\system32\drivers\brfiltlo.sys (Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltLo
Service C:\Windows\system32\drivers\brfiltup.sys (Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltUp
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Browser
Service C:\Windows\system32\drivers\brserid.sys (Brotehr Serial I/F Driver (WDM)/Brother Industries Ltd.) [DISABLED] Brserid
Service C:\Windows\System32\Drivers\BrSerIf.sys (Brotehr Serial I/F Driver (WDM)/Brother Industries Ltd.) [MANUAL] BrSerIf
Service C:\Windows\system32\drivers\brserwdm.sys (Brother Serial driver (WDM version)/Brother Industries Ltd.) [DISABLED] BrSerWdm
Service C:\Windows\system32\drivers\brusbmdm.sys (Brother USB MDM Driver /Brother Industries Ltd.) [DISABLED] BrUsbMdm
Service C:\Windows\System32\Drivers\BrUsbSer.sys (Brother USB Serial Driver/Brother Industries Ltd.) [MANUAL] BrUsbSer
Service C:\Windows\system32\drivers\bthmodem.sys (Bluetooth Communications Driver/Microsoft Corporation) [DISABLED] BTHMODEM
Service [DISABLED] BUHCI
Service [DISABLED] BUSBD
Service C:\ComboFix\catchme.sys [MANUAL] catchme
Service C:\Windows\system32\DRIVERS\cdfs.sys (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] cdfs
Service C:\Windows\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] cdrom
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] CertPropSvc
Service C:\Windows\system32\drivers\circlass.sys (Consumer IR Class Driver for eHome/Microsoft Corporation) [DISABLED] circlass
Service C:\Windows\System32\CLFS.sys (Common Log File System Driver/Microsoft Corporation) [BOOT] CLFS
Service C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [MANUAL] clr_optimization_v2.0.50727_32
Service C:\Windows\system32\drivers\cmdide.sys (CMD PCI IDE Bus Driver/CMD Technology, Inc.) [DISABLED] cmdide
Service C:\Windows\system32\drivers\COMMONFX.SYS (Creative Common FX Plug-in/Creative Technology Ltd) [MANUAL] COMMONFX
Service C:\Windows\System32\drivers\COMMONFX.SYS (Creative Common FX Plug-in/Creative Technology Ltd) [MANUAL] COMMONFX.SYS
Service C:\Windows\system32\drivers\compbatt.sys (Composite Battery Driver/Microsoft Corporation) [DISABLED] Compbatt
Service C:\Windows\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service C:\Windows\system32\drivers\crcdisk.sys (Disk Block Verification Filter Driver/Microsoft Corporation) [BOOT] crcdisk
Service C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (System Level Service Utility/Creative Labs) [DISABLED] Creative ALchemy AL6 Licensing Service
Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (System Level Service Utility/Creative Labs) [DISABLED] Creative Audio Engine Licensing Service
Service C:\Windows\system32\drivers\crusoe.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] Crusoe
Service crypt32
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] CryptSvc
Service C:\Windows\system32\drivers\csc.sys (Windows Client Side Caching Driver/Microsoft Corporation) [SYSTEM] CSC
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] CscService
Service C:\Windows\system32\CSHelper.exe [DISABLED] CSHelper
Service C:\Windows\system32\drivers\ctac32k.sys (Creative AC3 SW Decoder Device Driver (WDM)/Creative Technology Ltd) [MANUAL] ctac32k
Service C:\Windows\system32\drivers\ctaud2k.sys (Creative WDM Audio Device Driver/Creative Technology Ltd) [MANUAL] ctaud2k
Service C:\Windows\system32\drivers\CTAUDFX.SYS (Creative SB FX Plug-in/Creative Technology Ltd) [MANUAL] CTAUDFX
Service C:\Windows\System32\drivers\CTAUDFX.SYS (Creative SB FX Plug-in/Creative Technology Ltd) [MANUAL] CTAUDFX.SYS
Service C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Audio Service/Creative Technology Ltd) [DISABLED] CTAudSvcService
Service C:\Windows\system32\drivers\ctdvda2k.sys (Creative DVD-Audio Device Driver (WDM)/Creative Technology Ltd) [MANUAL] ctdvda2k
Service C:\Windows\system32\drivers\CTERFXFX.SYS (E-MU E-DSP Effects Plugin Module/Creative Technology Ltd) [MANUAL] CTERFXFX
Service C:\Windows\System32\drivers\CTERFXFX.SYS (E-MU E-DSP Effects Plugin Module/Creative Technology Ltd) [MANUAL] CTERFXFX.SYS
Service C:\Windows\system32\drivers\ctprxy2k.sys (Creative Proxy Device Driver (WDM)/Creative Technology Ltd) [MANUAL] ctprxy2k
Service C:\Windows\system32\drivers\CTSBLFX.SYS (Creative SB FX Plug-in/Creative Technology Ltd) [MANUAL] CTSBLFX
Service C:\Windows\System32\drivers\CTSBLFX.SYS (Creative SB FX Plug-in/Creative Technology Ltd) [MANUAL] CTSBLFX.SYS
Service C:\Windows\system32\drivers\ctsfm2k.sys (SoundFont(R) Manager (WDM)/Creative Technology Ltd) [MANUAL] ctsfm2k
Service C:\Windows\system32\DRIVERS\CVirtA.sys (Cisco Systems VPN Adapter/Cisco Systems, Inc.) [MANUAL] CVirtA
Service DCLocator
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\Windows\System32\Drivers\dfsc.sys (DFS Namespace Client Driver/Microsoft Corporation) [SYSTEM] DfsC
Service C:\Windows\system32\DFSR.exe (Distributed File System Replication/Microsoft Corporation) [MANUAL] DFSR
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Dhcp
Service C:\Windows\system32\drivers\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] disk
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Dnscache
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] dot3svc
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] DPS
Service C:\Windows\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud
Service C:\Windows\System32\drivers\dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) [MANUAL] DXGKrnl
Service C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver/Intel Corporation) [MANUAL] E1G60
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] EapHost
Service C:\Windows\System32\drivers\ecache.sys (Special Memory Device Cache/Microsoft Corporation) [BOOT] Ecache
Service C:\Windows\ehome\ehRecvr.exe (Windows Media Center Receiver Service/Microsoft Corporation) [MANUAL] ehRecvr
Service C:\Windows\ehome\ehsched.exe (Windows Media Center Scheduler Service/Microsoft Corporation) [MANUAL] ehSched
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ehstart
Service C:\Windows\system32\drivers\elxstor.sys (Storport Miniport Driver for LightPulse HBAs/Emulex) [DISABLED] elxstor
Service EmdCache
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] EMDMgmt
Service C:\Windows\system32\drivers\emupia2k.sys (E-mu Plug-in Architecture Driver (WDM)/Creative Technology Ltd) [MANUAL] emupia
Service C:\??\C:\Windows\system32\DRIVERS\ENTECH.sys [MANUAL] ENTECH
Service C:\Windows\system32\drivers\errdev.sys (Error Device Driver/Microsoft Corporation) [DISABLED] ErrDev
Service ESENT
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Eventlog
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] EventSystem
Service (Microsoft Extended FAT File System/Microsoft Corporation) [MANUAL] exfat
Service (Fast FAT File System Driver/Microsoft Corporation) [MANUAL] fastfat
Service C:\Windows\system32\fxssvc.exe (Fax Service/Microsoft Corporation) [MANUAL] Fax
Service C:\Windows\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) [MANUAL] fdc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) &nbs
-
Service C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic Fusion-MPT SCSI Driver (StorPort)/LSI Logic) [DISABLED] LSI_SCSI
Service C:\Windows\system32\drivers\luafv.sys (LUA File Virtualization Filter Driver/Microsoft Corporation) [AUTO] luafv
Service C:\Windows\system32\drivers\MTiCtwl.sys (MagicTunePremium Driver/Samsung Electronics, Inc. ) [SYSTEM] MagicTune
Service C:\Windows\system32\DRIVERS\MarvinBus.sys (Pinnacle Marvin Discrete Bus Enumerator/Pinnacle Systems GmbH) [MANUAL] MarvinBus
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] Mcx2Svc
Service C:\Windows\system32\drivers\megasas.sys (MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x86/LSI Corporation) [DISABLED] megasas
Service C:\Windows\system32\drivers\megasr.sys (LSI MegaRAID Software RAID Driver/LSI Corporation, Inc.) [DISABLED] MegaSR
Service Messenger
Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe (Groove Audit Service/Microsoft Corporation) [MANUAL] Microsoft Office Groove Audit Service
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MMCSS
Service C:\Windows\system32\drivers\modem.sys (Modem Device Driver/Microsoft Corporation) [MANUAL] Modem
Service C:\Windows\system32\DRIVERS\monitor.sys (Monitor Driver/Microsoft Corporation) [MANUAL] monitor
Service C:\Windows\system32\DRIVERS\motmodem.sys (Motorola USB Modem and Ports Driver/Motorola) [MANUAL] motmodem
Service C:\Windows\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) [SYSTEM] mouclass
Service C:\Windows\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) [MANUAL] mouhid
Service C:\Windows\System32\drivers\mountmgr.sys (Mount Point Manager/Microsoft Corporation) [BOOT] MountMgr
Service C:\Windows\system32\drivers\mpio.sys (MultiPath Support Bus-Driver/Microsoft Corporation) [DISABLED] mpio
Service C:\Windows\System32\drivers\mpsdrv.sys (Microsoft Protection Service Driver/Microsoft Corporation) [MANUAL] mpsdrv
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MpsSvc
Service C:\Windows\system32\drivers\mraid35x.sys (MegaRAID RAID Controller Driver for Windows Vista/Longhorn for x86/LSI Logic Corporation) [DISABLED] Mraid35x
Service C:\Windows\system32\drivers\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\Windows\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [MANUAL] mrxsmb
Service C:\Windows\system32\DRIVERS\mrxsmb10.sys (Longhorn SMB Downlevel SubRdr/Microsoft Corporation) [MANUAL] mrxsmb10
Service C:\Windows\system32\DRIVERS\mrxsmb20.sys (Longhorn SMB 2.0 Redirector/Microsoft Corporation) [MANUAL] mrxsmb20
Service C:\Windows\system32\drivers\msahci.sys (MS AHCI 1.0 Standard Driver/Microsoft Corporation) [DISABLED] msahci
Service C:\Windows\system32\drivers\msdsm.sys (Microsoft Device Specific Module/Microsoft Corporation) [DISABLED] msdsm
Service C:\Windows\System32\msdtc.exe (MS DTCconsole program/Microsoft Corporation) [MANUAL] MSDTC
Service MSDTC Bridge 3.0.0.0
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\Windows\system32\drivers\msisadrv.sys (ISA Driver/Microsoft Corporation) [BOOT] msisadrv
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] MSiSCSI
Service C:\Windows\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] msiserver
Service C:\Windows\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\Windows\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\Windows\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service (Kernel Remote Procedure Call Provider/Microsoft Corporation) [MANUAL] MsRPC
Service MSSCNTRS
Service C:\Windows\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service C:\Windows\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE
Service C:\Windows\System32\Drivers\mup.sys (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] napagent
Service C:\Windows\system32\DRIVERS\nwifi.sys (NativeWiFi Miniport Driver/Microsoft Corporation) [MANUAL] NativeWifiP
Service C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (Nero BackItUp/Nero AG) [DISABLED] NBService
Service C:\Windows\system32\drivers\ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\??\C:\Users\ADMINI~1\AppData\Local\Temp\000006f9.nmc\nse\bin\ndiskio.sys [MANUAL] NDISKIO
Service C:\Windows\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\Windows\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\Windows\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\Windows\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\Windows\System32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] netbt
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] Netlogon
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Netman
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] netprofm
Service C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetTcpPortSharing
Service C:\Windows\system32\drivers\nfrd960.sys (IBM ServeRAID Controller Driver/IBM Corporation) [DISABLED] nfrd960
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] NlaSvc
Service C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero Home/Nero AG) [DISABLED] NMIndexingService
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] nsi
Service C:\Windows\system32\drivers\nsiproxy.sys (NSI Proxy/Microsoft Corporation) [SYSTEM] nsiproxy
Service NTDS
Service (NT File System Driver/Microsoft Corporation) [MANUAL] Ntfs
Service C:\Windows\system32\drivers\ntrigdigi.sys (N-trig tablet digitizer in-box driver/N-trig Innovative Technologies) [DISABLED] ntrigdigi
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service C:\Windows\system32\DRIVERS\nvlddmkm.sys (NVIDIA Windows Kernel Mode Driver, Version 197.45 /NVIDIA Corporation) [MANUAL] nvlddmkm
Service C:\Windows\system32\drivers\nvraid.sys (NVIDIA® nForce(TM) RAID Driver/NVIDIA Corporation) [DISABLED] nvraid
Service C:\Windows\system32\drivers\nvstor.sys (NVIDIA® nForce(TM) Sata Performance Driver/NVIDIA Corporation) [DISABLED] nvstor
Service C:\Windows\system32\nvvsvc.exe (NVIDIA Driver Helper Service, Version 197.45/NVIDIA Corporation) [DISABLED] nvsvc
Service C:\Windows\system32\drivers\nv_agp.sys (NForce NT AGP Filter/Microsoft Corporation) [MANUAL] nv_agp
Service system32\DRIVERS\nwlnkflt.sys [MANUAL] NwlnkFlt
Service system32\DRIVERS\nwlnkfwd.sys [MANUAL] NwlnkFwd
Service C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Office Diagnostics/Microsoft Corporation) [MANUAL] odserv
Service C:\Windows\system32\DRIVERS\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) [MANUAL] ohci1394
Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose
Service C:\Windows\system32\drivers\ctoss2k.sys (Creative OS Services Driver (WDM)/Creative Technology Ltd.) [MANUAL] ossrv
Service Outlook
Service [AUTO] P2k
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] p2pimsvc
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] p2psvc
Service C:\Windows\system32\drivers\PalmUSBD.sys (USB Driver for Palm OS Handheld Devices/PalmSource, Inc.) [MANUAL] PalmUSBD
Service C:\Windows\system32\DRIVERS\parport.sys (Parallel Port Driver/Microsoft Corporation) [MANUAL] Parport
Service C:\Windows\System32\drivers\partmgr.sys (Partition Management Driver/Microsoft Corporation) [BOOT] partmgr
Service C:\Windows\system32\DRIVERS\parvdm.sys (VDM Parallel Driver/Microsoft Corporation) [AUTO] Parvdm
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PcaSvc
Service C:\Windows\system32\drivers\pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) [BOOT] pci
Service C:\Windows\system32\drivers\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [BOOT] pciide
Service C:\Windows\system32\drivers\pcmcia.sys (PCMCIA Bus Driver/Microsoft Corporation) [DISABLED] pcmcia
Service C:\Windows\System32\Drivers\pcouffin.sys (low level access layer for CD/DVD/BD devices/VSO Software) [MANUAL] pcouffin
Service C:\Windows\system32\drivers\peauth.sys (Protected Environment Authentication and Authorization Export Driver/Microsoft Corporation) [AUTO] PEAUTH
Service PerfDisk
Service PerfNet
Service PerfOS
Service
-
Service SMSvcHost 3.0.0.0
Service C:\Windows\System32\snmptrap.exe (SNMP Trap/Microsoft Corporation) [MANUAL] SNMPTRAP
Service (loader for security processor/Microsoft Corporation) [BOOT] spldr
Service C:\Windows\System32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\Windows\System32\Drivers\sptd.sys (SCSI Pass Through Direct Host/Duplex Secure Ltd.) [DISABLED] sptd
Service C:\Windows\System32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] srv
Service C:\Windows\System32\DRIVERS\srv2.sys (Smb 2.0 Server driver/Microsoft Corporation) [MANUAL] srv2
Service C:\Windows\System32\DRIVERS\srvnet.sys (Server Network driver/Microsoft Corporation) [MANUAL] srvnet
Service C:\Windows\system32\DRIVERS\sscdbus.sys (SAMSUNG USB Composite Device Driver/MCCI) [MANUAL] sscdbus
Service C:\Windows\system32\DRIVERS\sscdmdfl.sys (SAMSUNG CDMA Modem Filter Driver/MCCI) [MANUAL] sscdmdfl
Service C:\Windows\system32\DRIVERS\sscdmdm.sys (SAMSUNG CDMA Modem WDM/MCCI) [MANUAL] sscdmdm
Service C:\Windows\system32\DRIVERS\sscdserd.sys (SAMSUNG CDMA Modem Diagnostic Serial Port Device Driver/MCCI) [MANUAL] sscdserd
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SSDPSRV
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SstpSvc
Service C:\Program [DISABLED] Steam Client Service
Service C:\Windows\system32\DRIVERS\serscan.sys (Serial Imaging Device Driver/Microsoft Corporation) [MANUAL] StillCam
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] stisvc
Service C:\Windows\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] swprv
Service C:\Windows\system32\drivers\symc8xx.sys (LSI Logic 8XX SCSI Miniport Driver/LSI Logic) [DISABLED] Symc8xx
Service C:\Windows\system32\drivers\sym_hi.sys (LSI Logic Hi-Perf SCSI Miniport Driver/LSI Logic) [DISABLED] Sym_hi
Service C:\Windows\system32\drivers\sym_u3.sys (LSI Logic Ultra160 SCSI Miniport Driver/LSI Logic) [DISABLED] Sym_u3
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SysMain
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TabletInputService
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TBS
Service C:\Windows\System32\drivers\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [BOOT] Tcpip
Service C:\Windows\system32\DRIVERS\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [MANUAL] Tcpip6
Service C:\Windows\System32\drivers\tcpipreg.sys (TCP/IP Registry Compatibility Driver/Microsoft Corporation) [AUTO] tcpipreg
Service C:\Windows\system32\drivers\tdpipe.sys (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service C:\Windows\system32\drivers\tdtcp.sys (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\Windows\system32\DRIVERS\tdx.sys (TDI Translation Driver/Microsoft Corporation) [SYSTEM] tdx
Service C:\Windows\system32\DRIVERS\RtTeam60.sys (Realtek NDIS 6.0 Intermediate Miniport Driver for Teaming/Realtek Corporation) [MANUAL] TEAM
Service C:\Windows\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TermService
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Themes
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] THREADORDER
Service C:\Windows\system32\drivers\TotRec7.sys (Total Recorder WDM audio driver/High Criteria inc.) [MANUAL] TotRec7
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TrkWks
Service C:\Windows\System32\drivers\truecrypt.sys (TrueCrypt Driver/TrueCrypt Foundation) [SYSTEM] truecrypt
Service C:\Windows\servicing\TrustedInstaller.exe (Windows Modules Installer/Microsoft Corporation) [MANUAL] TrustedInstaller
Service TSDDD
Service C:\Windows\System32\DRIVERS\tssecsrv.sys (TS Security Filter Driver/Microsoft Corporation) [MANUAL] tssecsrv
Service C:\Windows\system32\DRIVERS\tunmp.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) [MANUAL] tunmp
Service C:\Windows\system32\DRIVERS\tunnel.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) [MANUAL] tunnel
Service C:\Windows\system32\drivers\uagp35.sys (MS AGPv3.5 Filter/Microsoft Corporation) [MANUAL] uagp35
Service C:\Windows\system32\DRIVERS\udfs.sys (UDF File System Driver/Microsoft Corporation) [DISABLED] udfs
Service C:\Program Files\VMware\VMware Player\vmware-ufad.exe (VMware Host Process for Ufa Services/VMware, Inc.) [DISABLED] ufad-ws60
Service UGatherer
Service UGTHRSVC
Service C:\Windows\system32\UI0Detect.exe (Interactive services detection/Microsoft Corporation) [MANUAL] UI0Detect
Service C:\Windows\system32\drivers\uliagpkx.sys (ULi AGPv3.0 Filter for K8/9 Processor Platforms/Microsoft Corporation) [MANUAL] uliagpkx
Service C:\Windows\system32\drivers\uliahci.sys (ULi SATA Controller Driver/ULi Electronics Inc.) [DISABLED] uliahci
Service C:\Windows\system32\drivers\ulsata.sys (Promise Ultra/Sata Series Driver for Win2003/Promise Technology, Inc.) [DISABLED] UlSata
Service C:\Windows\system32\drivers\ulsata2.sys (Promise SATAII150 Series Windows Drivers/Promise Technology, Inc.) [DISABLED] ulsata2
Service C:\Windows\system32\DRIVERS\umbus.sys (User-Mode Bus Enumerator/Microsoft Corporation) [MANUAL] umbus
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] UmRdpService
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] upnphost
Service usb
Service C:\Windows\System32\Drivers\usbaapl.sys (Apple Mobile Device USB Driver/Apple, Inc.) [MANUAL] USBAAPL
Service C:\Windows\system32\drivers\usbaudio.sys (USB Audio Class Driver/Microsoft Corporation) [MANUAL] usbaudio
Service C:\Windows\system32\DRIVERS\lgusbbus.sys (LG CDMA USB Multi function Driver/LG Electronics Inc.) [MANUAL] usbbus
Service C:\Windows\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp
Service C:\Windows\system32\drivers\usbcir.sys (USB Consumer IR Driver for eHome/Microsoft Corporation) [DISABLED] usbcir
Service C:\Windows\system32\DRIVERS\lgusbdiag.sys (LG CDMA USB Diagnostics Driver/LG Electronics Inc.) [MANUAL] UsbDiag
Service C:\Windows\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci
Service C:\Windows\System32\Drivers\UsbFltr.sys (Ortek USB Keypad Driver/Waytech Development, Inc.) [MANUAL] UsbFltr
Service C:\Windows\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub
Service C:\Windows\system32\DRIVERS\lgusbmodem.sys (LG CDMA USB Modem Driver/LG Electronics Inc.) [MANUAL] USBModem
Service C:\Windows\system32\drivers\usbohci.sys (OHCI USB Miniport Driver/Microsoft Corporation) [DISABLED] usbohci
Service C:\Windows\system32\DRIVERS\usbprint.sys (USB Printer driver/Microsoft Corporation) [MANUAL] usbprint
Service C:\Windows\system32\DRIVERS\usbscan.sys (USB Scanner Driver/Microsoft Corporation) [MANUAL] usbscan
Service C:\Windows\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR
Service C:\Windows\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci
Service C:\Windows\System32\Drivers\usbvideo.sys (USB Video Class Driver/Microsoft Corporation) [MANUAL] usbvideo
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] UxSms
Service C:\Windows\system32\DRIVERS\V0500Vid.sys (Video Capture Device Driver/Creative Technology Ltd.) [MANUAL] V0500Dev
Service C:\Windows\System32\vds.exe (Virtual Disk Service/Microsoft Corporation) [MANUAL] vds
Service C:\Windows\system32\DRIVERS\vgapnp.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [MANUAL] vga
Service C:\Windows\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave
Service C:\Windows\system32\drivers\viaagp.sys (VIA NT AGP Filter/Microsoft Corporation) [MANUAL] viaagp
Service C:\Windows\system32\drivers\viac7.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] ViaC7
Service C:\Windows\system32\drivers\viaide.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.) [DISABLED] viaide
Service C:\??\C:\Users\Administrator\Desktop\usb_prep8\vdk.sys [MANUAL] VirtualDK
Service C:\Program Files\VMware\VMware Player\vmware-authd.exe (VMware Authorization Service/VMware, Inc.) [DISABLED] VMAuthdService
Service C:\??\C:\Windows\system32\Drivers\vmci.sys [AUTO] vmci
Service C:\??\C:\Windows\system32\drivers\VMkbd.sys [MANUAL] vmkbd
Service C:\Windows\system32\DRIVERS\vmnetadapter.sys (VMware virtual network adapter driver (32-bit)/VMware, Inc.) [MANUAL] VMnetAdapter
Service C:\Windows\system32\DRIVERS\vmnetbridge.sys (VMware bridge driver (32-bit)/VMware, Inc.) [AUTO] VMnetBridge
Service C:\Windows\system32\vmnetdhcp.exe (VMware VMnet DHCP service/VMware, Inc.) [DISABLED] VMnetDHCP
Service C:\??\C:\Windows\system32\drivers\vmnetuserif.sys [AUTO] VMnetuserif
Service C:\??\C:\Windows\system32\Drivers\VMparport.sys [AUTO] VMparport
Service C:\Windows\System32\Drivers\vmusb.sys (VMware USB driver/VMware, Inc.) [MANUAL] vmusb
Service
-
Please use Internet Explorer and run a BitDefender Online scan (http://www.bitdefender.com/scanner/online/free.html)
- Please check I agree with the Terms and Conditions and click Start Here
- You will need to allow an Active X install for the scan to run.
- Leave the scanning options at default and click Start Scan
Please post the results in your next reply.
-
BitDefender Online Scanner
Scan report generated at: Mon, May 03, 2010 - 03:05:31
Scan path: C:\;
Statistics
Time
02:39:21
Files
879405
Folders
29126
Boot Sectors
0
Archives
9507
Packed Files
65526
Results
Identified Viruses
4
Infected Files
3
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
3
Engines Info
Virus Definitions
5692934
Engine build
AVCORE v2.1 Windows/i386 11.0.0.33 (Feb 25 2010)
Scan plugins
17
Archive plugins
43
Unpack plugins
9
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\ProgramData\Kaspersky Lab\AVP9\QB\15bcbf549abcf7e2.klq=>(Quarantine-6)
Infected with: EICAR-Test-File (not a virus)
C:\ProgramData\Kaspersky Lab\AVP9\QB\15bcbf549abcf7e2.klq=>(Quarantine-6)
Disinfection failed
C:\ProgramData\Kaspersky Lab\AVP9\QB\15bcbf549abcf7e2.klq=>(Quarantine-6)
Deleted
-
This is a little experimental.
Download this file: http://ad13.geekstogo.com/DirQuery.exe
Double-click on it to run it.
Copy and paste this in, or type it in exactly:
\Device\Ide\IdePort1
================
It will make a text file called DirQuery.txt.
Post the contents of that, please.
-
Ran DirQuery
Running from: C:\Users\Administrator\Desktop\DirQuery.exe
Log file at : C:\Users\Administrator\Desktop\DirQuery.txt
The driver that owns the link:
\Device\Ide\IdePort1
is located at:
\SystemRoot\system32\drivers\atapi.sys
and the device link is:
\Driver\atapi
The path to the driver from the registry is:
system32\drivers\atapi.sys
-
Good.
Now, do the same thing, please, but type in this, instead:
\Device\Ide\IdePort0
-
Running from: C:\Users\Administrator\Desktop\DirQuery.exe
Log file at : C:\Users\Administrator\Desktop\DirQuery.txt
The driver that owns the link:
\Device\Ide\IdePort0
is located at:
\SystemRoot\system32\drivers\atapi.sys
and the device link is:
\Driver\atapi
The path to the driver from the registry is:
system32\drivers\atapi.sys
-
Delete your copy of TDSSKiller, if it exists, and download a new one.
Now, run TDSSKiller once more and post a log.
I think it might be gone now. :)
-
Downloaded new TDSS killer
TDSS rootkit removing tool, Kaspersky Lab, 2010
version 2.2.8.1 Mar 22 2010 10:43:04
Scanning Services ...
Scanning Kernel memory ...
Completed
Results:
Memory objects infected / cured / cured on reboot: 0 / 0 / 0
Registry objects infected / cured / cured on reboot: 0 / 0 / 0
File objects infected / cured / cured on reboot: 0 / 0 / 0
Press any key to continue . . .
I think it might be gone now. :)
I think it may be gone too. ;D ;D ;D Ever since running Combofix I haven't had any google redirect problems and everything seems to be running ok. :D :D
-
Yay.
You may re-enable DeFogger.
Cleanup
To manually create a new Restore Point- Go to Control Panel and select System and Maintenance
- Select System
- On the left select Advance System Settings and accept the warning if you get one
- Select System Protection Tab
- Select Create at the bottom
- Type in a name i.e. Clean
- Select Create
Now we can purge the infected ones
- Go back to the System and Maintenance page
- Select Performance Information and Tools
- On the left select Open Disk Cleanup
- Select Files from all users and accept the warning if you get one
- In the drop down box select your main drive i.e. C
- For a few moments the system will make some calculations
- Select the More Options tab
- In the System Restore and Shadow Backups select Clean up
- Select Delete on the pop up
- Select OK
- Select Delete
You are now done
To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe (http://oldtimer.geekstogo.com/OTC.exe) by OldTimer:
- Save it to your Desktop.
- Double click OTC.exe.
- Click the CleanUp! button.
- If you are prompted to Reboot during the cleanup, select Yes.
- The tool will delete itself once it finishes.
Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
==
Please download TFC by OldTimer (http://oldtimer.geekstogo.com/TFC.exe) to your desktop
- Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
- It will close all programs when run, so make sure you have saved all your work before you begin.
- Click the Start
button to begin the process. Depending on how often you clean temp
files, execution time should be anywhere from a few seconds to a minute
or two. Let it run uninterrupted to completion.
- Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
==
Download Security Check by screen317 from SpywareInfoforum.org (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or Changelog.fr (http://screen317.changelog.fr/SecurityCheck.exe).- Save it to your Desktop.
- Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
-
Results of screen317's Security Check version 0.99.4
Windows Vista Service Pack 1 (UAC is disabled!)
Out of date service pack!! (http://support.microsoft.com/kb/935791)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
Kaspersky Internet Security 2010
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
DH Driver Cleaner Professional Edition
Java(TM) 6 Update 20
Adobe Flash Player 10.0.45.2
Adobe Reader 9.3.2
````````````````````````````````
Process Check:
objlist.exe by Laurent
Kaspersky Lab Kaspersky Internet Security 2010 avp.exe
Kaspersky Lab Kaspersky Internet Security 2010 klwtblfs.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)
``````````End of Log````````````
-
Please consider updating to Windows Vista Service Pack 2 (SP2).
Windows Vista Service Pack 2 (SP2) contains all the updates released since SP1 plus support for new types of hardware and emerging hardware standards.
It is now available via Windows Update (http://support.microsoft.com/kb/935791#Method2) or as a standalone installation here (http://support.microsoft.com/kb/935791#Method3).
See this page (http://www.helpmyos.com/learn-security-f40/preventing-malware-and-being-resistant-to-the-dangers-of-the-internet-t1516.htm) for more info about malware and prevention.
Do you have any more questions?
-
Please consider updating to Windows Vista Service Pack 2 (SP2).
I would love to, unfortunately I am unable to do so. That leads me to my next question. When I try to install Vista SP2 it says
"Service Pack installation cannot continue
One or more system components that the service pack requires are missing. "
According to Microsoft knowledge base:
This problem occurs because system components that are required to install Windows Vista SP2 are not present on your computer.
However, a common reason for this problem is that vLite was used to customize the Windows Vista installation and some required system components were removed.
To resolve this problem, use genuine Microsoft software media to reinstall Windows Vista with Service Pack 1 and then install Windows Vista SP2.
This is strange because I was able to install SP1 when it came out no problem, but now it gives me this error message. I would really like to avoid reinstalling vista especially after all the work we went through cleaning up my infection. Please let me know if you know any ways around this problem although its not directly related to removing malware.
Thanks
-
Not really any ways around it, since you used Windows Vista Extreme Edition as customization.
It probably modified uxtheme.dll, and several other important DLLs.
Your customization might be messed up, but you can try the System File Checker.
Command Prompt command: sfc /scannow
-
SFC didn't work >:(
BUT...
After a little searching on the web I came across:
all you have to do is is start regedit, navigate to this registry value below.
HKEY_LOCAL_MACHINE\SOFTWARE\vLite
Then delete the entire vLite key from the registry. When you do this it should allow for the service pack to continue to install.
Simply deleting this registry key solved my problem of installing SP2 ;D ;D ;D
Thanks for all your help.