Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Infected With Spyware Malware And Viruses


  • Please log in to reply
29 replies to this topic

#1 casper1985

casper1985

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:florida
  • Local time:06:27 PM

Posted 05 November 2007 - 07:16 PM

Hello. For the past few days I have been having some problems I see many others have on this forum. My anti virus expired a few days ago and then all hell broke loose. My wallpaper turned black saying I am infected with spyware and gave an IP address.. I have had pop ups... websites have been blocked am unable to access any email account.. no hotmail yahoo mail aol nothing..I am unable to download windows live messenger.. at one point I couldnt even ctrl +alt+ del...it was saying acccess denied by administrator my adobe flash player doesnt work and am unable to install anything. am unable to create a new user for the computer... am unable to run some programs... certain buttons on websites for example facebook have been disabled.. When I try to get to hotmail... status bar reads runone... and the page never loads.. there is a strange clicking sound whenever I press a button.. e.g start button... programs...etc.. I have followed steps given to others and have cleaned out some of the problems for the most part..I used hijacker, combofix, SDscanner, Killbox, suspicious file packer.
I no longer have popups, I have downloaded AVG anti-spyware, Kapersky anti virus.. and I basically still have problems with that strange clicking sound and being unable to go to emails. and certain buttons are still disabled on some websites. I am willing to run all afore mentioned programs at your request.
please respond
casper

BC AdBot (Login to Remove)

 


#2 casper1985

casper1985
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:florida
  • Local time:06:27 PM

Posted 05 November 2007 - 07:23 PM

her is log file

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:21, on 2007-11-06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\hphmon04.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
O2 - BHO: (no name) - {2367B81E-67EB-4C78-9317-DE0F2B52853D} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {595EBD84-A91F-4F85-A099-7ADFB41D286E} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: 0 - {67935594-B27B-4ACF-1FA9-A1FE76D671E6} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {AE95239D-3EE2-4565-870D-764BB497F807} - (no file)
O2 - BHO: (no name) - {B19E8EFF-90E8-4B3F-B0DF-5552CFE01EE7} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\System32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Media Card Companion Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O20 - Winlogon Notify: ljjhedc - ljjhedc.dll (file missing)
O20 - Winlogon Notify: wvurrro - wvurrro.dll (file missing)
O21 - SSODL: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} - (no file)
O22 - SharedTaskScheduler: {874443fe-aa33-4ebf-a6ac-73208787e62d} - bestreak - (no file)
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

--
End of file - 11242 bytes

#3 random/random

random/random

  • Malware Response Team
  • 2,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 AM

Posted 15 November 2007 - 12:53 PM

Run HijackThis
Click on do a system scan only
Place a checkmark next to these lines(if still present)

O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
O2 - BHO: (no name) - {2367B81E-67EB-4C78-9317-DE0F2B52853D} - (no file)
O2 - BHO: (no name) - {595EBD84-A91F-4F85-A099-7ADFB41D286E} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: 0 - {67935594-B27B-4ACF-1FA9-A1FE76D671E6} - (no file
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file)
O2 - BHO: (no name) - {AE95239D-3EE2-4565-870D-764BB497F807} - (no file)
O2 - BHO: (no name) - {B19E8EFF-90E8-4B3F-B0DF-5552CFE01EE7} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O20 - Winlogon Notify: ljjhedc - ljjhedc.dll (file missing)
O20 - Winlogon Notify: wvurrro - wvurrro.dll (file missing)
O21 - SSODL: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} - (no file)
O22 - SharedTaskScheduler: {874443fe-aa33-4ebf-a6ac-73208787e62d} - bestreak - (no file)

Then close all windows except HijackThis and click Fix Checked

Go here to run an online scannner from ESET.
  • Note: You will need to use Internet explorer for this scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked, and the option Scan unwanted applications is checked
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic, along with anew HiajckThis log & a description of any remaining problems


#4 casper1985

casper1985
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:florida
  • Local time:06:27 PM

Posted 15 November 2007 - 05:38 PM

# version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=2661 (20071115)
# vers_arch_module=1.059 (20071108)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=c6834f8d8a26bd4dab90af7419966e3f
# end=finished
# remove_checked=false
# unwanted_checked=true
# utc_time=2007-11-16 10:21:45
# local_time=2007-11-16 05:21:45 (-0500, Eastern Standard Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 2
# scanned=323320
# found=2
# scan_time=4916
C:\Program Files\AIM\Sysfiles\WxBug.EXE Win32/Adware.WBug.A application E0D92AC5FDD264E4ED40D45C75934F1B
C:\Program Files\AIM\Sysfiles\WxBug.EXE »WISE »MiniBugTransporter.dll Win32/Adware.WBug.A application 00000000000000000000000000000000



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:30, on 2007-11-16
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\hphmon04.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\System32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Media Card Companion Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

--
End of file - 10375 bytes


thanks very much for your time... I basically still have the same internet problems, I am unable to access any email website.. no hotmail no yahoo mail and no aol, I checked and made sure the appropriate internet settings were applied. my adobe flash player doesnt work and am unable to install anything. Windows media player does not work also. there is still a strange clicking sound whenever I press a button. start menu, right clicking gives a loud click.. I am unable to access bank accounts online, the sign in button is not there.. links gives no response on some websites... basically the same situation... thanks.
Casper

#5 random/random

random/random

  • Malware Response Team
  • 2,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 AM

Posted 15 November 2007 - 06:08 PM

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  • Close all applications and windows.
  • Double-click on dss.exe to run it, and follow the prompts.
  • When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
  • Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply


#6 casper1985

casper1985
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:florida
  • Local time:06:27 PM

Posted 15 November 2007 - 07:09 PM

Deckard's System Scanner v20071014.68
Run by SONJA DELCHAN on 2007-11-16 18:59:39
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
20: 2007-11-17 00:00:01 UTC - RP20 - Deckard's System Scanner Restore Point
19: 2007-11-15 23:12:04 UTC - RP19 - System Checkpoint
18: 2007-11-14 22:42:27 UTC - RP18 - System Checkpoint
17: 2007-11-12 18:39:09 UTC - RP17 - Installed Windows XP KB926239.
16: 2007-11-12 18:38:10 UTC - RP16 - Installed Windows XP MSCompPackV1.


-- First Restore Point --
1: 2007-11-02 23:56:18 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 511 MiB (512 MiB recommended).


-- HijackThis (run as SONJA DELCHAN.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:02, on 2007-11-16
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\hphmon04.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\SONJA DELCHAN.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\System32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Media Card Companion Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

--
End of file - 10396 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20071102-193939-146 O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file)
backup-20071102-193939-409 O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file)
backup-20071102-193939-494 O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file)
backup-20071102-193939-526 O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file)
backup-20071102-193939-655 O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file)
backup-20071102-193939-661 O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file)
backup-20071102-193939-704 O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file)
backup-20071102-193939-715 O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file)
backup-20071102-193939-793 O2 - BHO: aivskurq.msdn_hlp - {A6E432B4-D4C2-43B3-BF55-C364F8F7362A} - C:\WINDOWS\system32\aivskurq.dll (file missing)
backup-20071102-193939-797 O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file)
backup-20071102-193939-890 O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file)
backup-20071102-193939-992 O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file)
backup-20071116-155425-108 O2 - BHO: (no name) - {12F02779-6D88-4958-8AD3-83C12D86ADC7} - (no file)
backup-20071116-155425-116 O2 - BHO: (no name) - {AE95239D-3EE2-4565-870D-764BB497F807} - (no file)
backup-20071116-155425-408 O20 - Winlogon Notify: ljjhedc - ljjhedc.dll (file missing)
backup-20071116-155425-618 O2 - BHO: (no name) - {595EBD84-A91F-4F85-A099-7ADFB41D286E} - (no file)
backup-20071116-155425-650 O2 - BHO: 0 - {67935594-B27B-4ACF-1FA9-A1FE76D671E6} - (no file)
backup-20071116-155425-716 O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
backup-20071116-155425-723 O2 - BHO: (no name) - {B19E8EFF-90E8-4B3F-B0DF-5552CFE01EE7} - (no file)
backup-20071116-155425-828 O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
backup-20071116-155425-839 O2 - BHO: (no name) - {2367B81E-67EB-4C78-9317-DE0F2B52853D} - (no file)
backup-20071116-155425-917 O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file)
backup-20071116-155426-842 O20 - Winlogon Notify: wvurrro - wvurrro.dll (file missing)
backup-20071116-155427-742 O22 - SharedTaskScheduler: {874443fe-aa33-4ebf-a6ac-73208787e62d} - bestreak - (no file)
backup-20071116-155427-760 O21 - SSODL: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} - (no file)

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 agp440 (Intel AGP Bus Filter) - c:\windows\\systemroot\system32\drivers\agp440.sys (file missing)
R1 OMCI - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R2 AsfAlrt - c:\windows\system32\drivers\asfalrt.sys <Not Verified; Intel Corporation; Intel Alert on LAN® 2>
R2 MASPINT - c:\windows\system32\drivers\maspint.sys <Not Verified; MicroStaff Co.,Ltd.; Aspi32 Driver for WinNT>
R2 mdmxsdk - c:\windows\system32\drivers\mdmxsdk.sys <Not Verified; Conexant; Diagnostic Interface>
R3 aeaudio - c:\windows\system32\drivers\aeaudio.sys <Not Verified; Andrea Electronics Corporation; Andrea Audio Driver>
R3 Dot4 HPH11 - c:\windows\system32\drivers\hphid411.sys <Not Verified; HP; HP Dot4 Windows 2000>
R3 Dot4Print HPH11 (Print Class Driver for IEEE-1284.4 HPH11) - c:\windows\system32\drivers\hphipr11.sys <Not Verified; HP; HP Dot4Print>
R3 Dot4Usb HPH11 - c:\windows\system32\drivers\hphius11.sys <Not Verified; HP; HP Dot4Usb Windows 2000>
R3 E1000 (Intel® PRO/1000 Adapter Driver) - c:\windows\system32\drivers\e1000325.sys <Not Verified; Intel Corporation; Intel® PRO/1000 Adapter>
R3 HSF_DP - c:\windows\system32\drivers\hsf_dp.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 HSFHWBS2 - c:\windows\system32\drivers\hsfhwbs2.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 ROOTMODEM (Microsoft Legacy Modem Driver) - c:\windows\system32\drivers\rootmdm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 smwdm - c:\windows\system32\drivers\smwdm.sys <Not Verified; Analog Devices, Inc.; SoundMAX Digital Audio Driver>
R3 winachsf - c:\windows\system32\drivers\hsf_cnxt.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>

S3 catchme - c:\docume~1\sonjad~1.max\locals~1\temp\catchme.sys (file missing)
S3 EL90XBC (3Com EtherLink XL 90XB/C Adapter Driver) - c:\windows\system32\drivers\el90xbc5.sys <Not Verified; 3Com Corporation; 3Com EtherLink PCI>
S3 HidBatt (HID UPS Battery Driver) - c:\windows\system32\drivers\hidbatt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 i81x - c:\windows\system32\drivers\i81xnt5.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimFP0 - c:\windows\system32\drivers\wadv01nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimFP1 - c:\windows\system32\drivers\wadv02nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimFP2 - c:\windows\system32\drivers\wadv05nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimFP3 - c:\windows\system32\drivers\wsiintxx.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimFP4 - c:\windows\system32\drivers\wvchntxx.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimTV0 - c:\windows\system32\drivers\watv01nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimTV1 - c:\windows\system32\drivers\watv02nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimTV2 - c:\windows\system32\drivers\watv03nt.sys (file missing)
S3 iAimTV3 - c:\windows\system32\drivers\watv04nt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 iAimTV4 - c:\windows\system32\drivers\wch7xxnt.sys <Not Verified; Intel® Corporation; Intel® Graphics Accelerator Drivers for Windows NT®>
S3 mfeavfk (McAfee Inc.) - c:\windows\system32\drivers\mfeavfk.sys (file missing)
S3 mfebopk (McAfee Inc.) - c:\windows\system32\drivers\mfebopk.sys (file missing)
S3 mfehidk (McAfee Inc.) - c:\windows\system32\drivers\mfehidk.sys (file missing)
S3 mferkdk (McAfee Inc.) - c:\windows\system32\drivers\mferkdk.sys (file missing)
S3 mfesmfk (McAfee Inc.) - c:\windows\system32\drivers\mfesmfk.sys (file missing)
S3 motmodem (Motorola USB CDC ACM Driver) - c:\windows\system32\drivers\motmodem.sys (file missing)
S3 SymIM (Symantec Network Security Intermediate Filter Service) - c:\windows\system32\drivers\symim.sys (file missing)
S3 SymIMMP - c:\windows\system32\drivers\symim.sys (file missing)
S4 cbidf - c:\windows\system32\drivers\cbidf2k.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 dac2w2k - c:\windows\system32\drivers\dac2w2k.sys <Not Verified; Mylex Corporation; Mylex Disk Array Controller Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 ASFAgent (ASF Agent) - c:\program files\intel\asf agent\asfagent.exe <Not Verified; Intel Corporation; Intel® PRO Alerting Suite ASF 1.0 and ASF 2.0 Compatible>
R2 CCALib8 (Canon Camera Access Library 8) - c:\program files\canon\cal\calmain.exe <Not Verified; Canon Inc.; >

S3 Pml Driver HPH11 - c:\windows\system32\hphipm11.exe <Not Verified; HP; HP PML>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2007-10-16 and 2007-11-16 -----------------------------

2007-11-16 15:57:22 0 d-------- C:\Program Files\EsetOnlineScanner
2007-11-13 10:38:27 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data\Help
2007-11-12 13:34:43 0 d-------- C:\Program Files\Windows Media Connect 2
2007-11-12 13:27:25 0 d-------- C:\WINDOWS\system32\LogFiles
2007-11-12 13:27:25 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-11-12 13:02:09 176128 --a------ C:\WINDOWS\system32\RcdScan.dll <Not Verified; Dell Computer Corporation; RcdScan Module>
2007-11-12 13:02:09 446464 -ra------ C:\WINDOWS\system32\hhactivex.dll <Not Verified; Blue Sky Software Corporation.; RoboHELP HTML 2000>
2007-11-12 13:02:02 13632 -----n--- C:\WINDOWS\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
2007-11-07 08:32:41 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data\Aim
2007-11-06 17:11:49 81549 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-11-06 17:11:49 82061 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-11-06 17:10:37 0 d-------- C:\Program Files\Kaspersky Lab
2007-11-06 17:10:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-06 17:10:31 411168 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-11-06 17:10:31 20432416 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-11-06 17:09:28 0 d-------- C:\kav
2007-11-05 16:41:50 0 d-------- C:\WINDOWS\ERUNT
2007-11-05 14:36:48 0 d-------- C:\Program Files\SkanerOnline
2007-11-05 09:50:42 0 dr-h----- C:\Documents and Settings\SONJA DELCHAN.MAX\Recent
2007-11-05 09:40:18 0 d-------- C:\Program Files\CCleaner
2007-11-04 11:09:18 0 d-------- C:\Program Files\a-squared Anti-Malware
2007-11-02 19:10:41 0 d-------- C:\!KillBox
2007-11-02 18:24:51 0 d-------- C:\Program Files\Trend Micro
2007-11-02 14:14:55 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data\Grisoft
2007-11-02 14:14:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-02 11:22:05 0 d-------- C:\Program Files\Mcafee
2007-11-02 11:11:48 0 d-------- C:\Program Files\PowerISO
2007-11-01 18:25:09 0 d-------- C:\WINDOWS\pss
2007-11-01 17:56:18 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-01 12:08:00 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data\MSN6
2007-11-01 11:38:04 262144 --a------ C:\Documents and Settings\Tazia Hall\ntuser.dat
2007-11-01 11:27:33 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data\Google
2007-11-01 11:25:17 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data\Symantec
2007-11-01 11:25:14 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data\Share-to-Web Upload Folder
2007-11-01 11:24:43 4718592 --ah----- C:\Documents and Settings\SONJA DELCHAN.MAX\ntuser.dat
2007-11-01 11:24:42 0 d--h----- C:\Documents and Settings\SONJA DELCHAN.MAX\Templates
2007-11-01 11:24:42 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Start Menu
2007-11-01 11:24:42 0 d--h----- C:\Documents and Settings\SONJA DELCHAN.MAX\SendTo
2007-11-01 11:24:42 0 d--h----- C:\Documents and Settings\SONJA DELCHAN.MAX\PrintHood
2007-11-01 11:24:42 0 d--h----- C:\Documents and Settings\SONJA DELCHAN.MAX\NetHood
2007-11-01 11:24:42 0 dr------- C:\Documents and Settings\SONJA DELCHAN.MAX\My Documents
2007-11-01 11:24:42 0 d--h----- C:\Documents and Settings\SONJA DELCHAN.MAX\Local Settings
2007-11-01 11:24:42 0 dr------- C:\Documents and Settings\SONJA DELCHAN.MAX\Favorites
2007-11-01 11:24:42 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop
2007-11-01 11:24:42 0 d--hs---- C:\Documents and Settings\SONJA DELCHAN.MAX\Cookies
2007-11-01 11:24:42 0 d--h----- C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data
2007-11-01 11:24:42 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data\Sun
2007-11-01 11:24:42 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data\Identities
2007-11-01 11:24:42 0 d-------- C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data\Adobe
2007-11-01 11:18:23 262144 --ah----- C:\Documents and Settings\Administrator\ntuser.dat
2007-10-31 22:41:08 0 d-------- C:\Documents and Settings\Administrator\Application Data\Share-to-Web Upload Folder
2007-10-31 01:25:44 0 d-------- C:\Program Files\Common Files\McAfee
2007-10-31 00:50:39 2560 --a------ C:\WINDOWS\system32\bitcometres.dll <Not Verified; BitComet; BitComet BCTP Helper>
2007-10-30 12:16:26 6763 --ahs---- C:\WINDOWS\system32\jjkkj.ini2
2007-10-30 11:36:49 0 d-------- C:\WINDOWS\system32\acespy
2007-10-30 11:36:49 31744 --a------ C:\WINDOWS\system32\ace16win.dll
2007-10-30 11:29:24 6465 --ahs---- C:\WINDOWS\system32\jjkkj.bak1


-- Find3M Report ---------------------------------------------------------------

2007-11-12 13:02:06 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-07 18:55:43 0 d-------- C:\Program Files\Massive Assault Network 2
2007-11-06 19:25:40 0 d-------- C:\Program Files\Messenger
2007-11-05 14:19:29 0 d-------- C:\Program Files\AWS
2007-11-05 14:19:28 0 d-------- C:\Program Files\Viewpoint
2007-11-05 10:19:36 0 d-------- C:\Program Files\Java
2007-11-04 03:55:46 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-11-03 19:40:32 0 d-------- C:\Program Files\Common Files
2007-11-02 09:41:56 0 d-------- C:\Program Files\MSN Messenger
2007-11-01 07:36:26 0 d-------- C:\Program Files\DivX
2007-10-30 22:49:40 0 d-------- C:\Program Files\BitComet
2007-10-20 21:51:57 1080 --a------ C:\WINDOWS\AUTOLNCH.REG
2007-10-12 07:45:29 693481 --ahs---- C:\WINDOWS\system32\ntpnslmp.ini2
2007-10-04 16:42:59 0 d-------- C:\Program Files\Canon
2007-10-03 00:54:42 78984 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2007-10-02 17:14:57 0 d-------- C:\Program Files\Movie Maker
2007-10-02 17:09:35 0 d-------- C:\Program Files\Windows NT
2007-10-02 17:05:36 250032 -rahs---- C:\NTLDR
2007-09-27 02:02:00 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-09-25 00:00:06 0 d-------- C:\Program Files\Common Files\AOL
2007-09-24 07:37:36 1976595 --ahs---- C:\WINDOWS\system32\ilnmp.bak2
2007-09-23 13:48:37 6414 --ahs---- C:\WINDOWS\system32\ilnmp.bak1


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-02-28 19:13]
"nwiz"="nwiz.exe" [2003-02-28 19:13 C:\WINDOWS\SYSTEM32\nwiz.exe]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 12:28]
"HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-04-04 15:03]
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-11 04:19]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-02-23 15:45]
"HPHmon04"="C:\WINDOWS\System32\hphmon04.exe" [2002-04-04 15:01]
"HPHUPD04"="C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" [2002-04-04 15:04]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-08-06 19:05]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25]
"a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe" [2007-08-31 20:24]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 12:51]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56]
"AIM"="C:\Program Files\AIM\aim.exe" [2005-08-05 14:08]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background

C:\Documents and Settings\SONJA DELCHAN.MAX\Start Menu\Programs\Startup\
DESKTOP.INI [2002-09-03 13:36:04]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-07-14 23:15:56]
APC UPS Status.lnk - C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe [2007-08-18 18:38:54]
DESKTOP.INI [2002-09-03 13:36:04]
Image Transfer.lnk - C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe [2005-07-26 20:36:34]
Media Card Companion Monitor.lnk - C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe [2005-05-29 20:16:08]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 15:05:56]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"




-- End of Deckard's System Scanner: finished at 2007-11-16 19:05:41 ------------




Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 2.80GHz
Percentage of Memory in Use: 61%
Physical Memory (total/avail): 510.98 MiB / 198.36 MiB
Pagefile Memory (total/avail): 1247.35 MiB / 816.98 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1928.06 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 74.46 GiB total, 51.11 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is CDROM (Unformatted)

\\.\PHYSICALDRIVE0 - WDC WD800BB-75FJA1 - 74.5 GiB - 2 partitions
\PARTITION0 - Unknown - 39.19 MiB
\PARTITION1 (bootable) - Installable File System - 74.46 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AV: Kaspersky Anti-Virus v7.0.0.125 (Kaspersky Lab)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"="C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Disabled:BitComet - a BitTorrent Client"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\SONJA DELCHAN.MAX\Application Data
CLASSPATH=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MAX
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\SONJA DELCHAN.MAX
LOGONSERVER=\\MAX
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Microsoft Office\OFFICE11\Business Contact Manager\IM;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Microsoft Office\OFFICE11\Business Contact Manager\;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\j2re1.4.2_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\SONJAD~1.MAX\LOCALS~1\Temp
TMP=C:\DOCUME~1\SONJAD~1.MAX\LOCALS~1\Temp
USERDOMAIN=MAX
USERNAME=SONJA DELCHAN
USERPROFILE=C:\Documents and Settings\SONJA DELCHAN.MAX
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Tazia Hall (admin)
Somja Delchan (admin)
Sonja Delchan (admin)
SonjaDelchan (admin)
SONJA DELCHAN.MAX (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
a-squared Anti-Malware 3.0 --> "C:\Program Files\a-squared Anti-Malware\unins000.exe"
Adobe Acrobat 6.0 Standard --> MsiExec.exe /I{AC76BA86-1033-0000-BA7E-000000000001}
Adobe ActiveShare 1.3.1 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Adobe\ActiveShare\Uninst.isu"
Adobe Atmosphere Player for Acrobat and Adobe Reader --> C:\WINDOWS\atmoUn.exe
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Photoshop 7.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
APC PowerChute Personal Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A0C892E-FD1C-4203-941E-0956AED20A6A}\Setup.exe" -l0x9
ArcSoft Media Card Companion --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC0C7D59-DE76-4AC0-9A84-A3B4D315CE11}\Setup.exe" -l0x9
Audacity 1.2.3 --> "C:\Program Files\Audacity\unins000.exe"
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
BitComet 0.93 --> C:\Program Files\BitComet\uninst.exe
Britannica 2001 Standard Edition CD-ROM --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Britannica\2001\b2001se.isu"
Britannica.com Free Internet Access --> "C:\WINDOWS\uninstexe.exe" "C:\Program Files\Britannica\Internet Access\uninstdll.dll"
Business Contact Manager for Outlook 2003 --> MsiExec.exe /I{66563AD8-637B-407F-BCA7-0233A16891AB}
CA eTrust PestPatrol --> MsiExec.exe /X{39586F4F-758D-4A92-A5DF-33E9DB9C09D9}
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Conexant SmartHSFi V.9x 56K DF PCI Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2702\HXFSETUP.EXE -U -IDel8d8xk.INF
Dell ResourceCD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe"
Dell Solution Center --> MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
Easy CD Creator 5 Basic --> MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
ESET Online Scanner --> C:\WINDOWS\system32\OnlineScannerUninstaller.exe
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Photo and Imaging 1.0 - HP Photosmart Printer Series --> MsiExec.exe /I{0D396571-7BBD-44CE-ABB3-518BF86B72F7}
HP PrecisionScan LTX --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\Uninst.isu" -c"C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\HPUninstallIs.dll"
HP Scan-to-Web Wizard --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\Scan-To-Web.isu"
Image Transfer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{564A8DD3-70BC-4018-A5C3-7CEB10BBB6E9}\Setup.exe" -l0x9 UNINSTALL
ImageMixer for Sony --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B4AA674-F5CA-4BB5-831A-CD37B4021959}\Setup.exe" -l0x9
Intel ® Pro Alerting Agent --> MsiExec.exe /I{3C50A915-DD33-4802-B83B-9EA997D3337B}
Intel® PRO Network Adapters and Drivers --> Prounstl.exe
Intel® PROSet --> MsiExec.exe /I{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}
iTunes --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{59C4F14F-7590-45FC-BE9F-A67AB3590709} /l1033
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Macromedia Flash Player 8 --> MsiExec.exe /X{2927FFE6-25C2-4C86-B93C-EDEEA97B7CB7}
Massive Assault Network 2 --> "C:\Program Files\Massive Assault Network 2\uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Office Small Business Edition 2003 --> MsiExec.exe /I{91CA0409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MicroStaff WINASPI --> C:\MWASPI\uninst.exe
mks_vir - online scanner --> C:\WINDOWS\system32\SkanerOnlineUninstall.exe
Nero 6 Demo --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvdp.inf
PhotoFantasy 2000 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ArcSoft\PhotoFantasy 2000\Uninst.isu"
Photosmart Printer 130,230,7150,7350,7550 (Remove only) --> C:\Program Files\HP Photosmart 11\Printer\hphuni04.exe
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
QuickTime --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1033
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Skype 2.5 --> "C:\Program Files\Skype\Phone\unins000.exe"
Sonic & Knuckles Collection Documentation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Expert Software\Sonic & Knuckles Collection Documentation\Uninst.isu"
Sonic & Knuckles Killer ! --> C:\WINDOWS\SKUNINST.EXE C:\WINDOWS\Sonic3K.INI
Sony USB Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Trellix Web --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Trellix2\Uninst.isu"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinZip 11.1 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}


-- Application Event Log -------------------------------------------------------

Event Record #/Type26144 / Warning
Event Submitted/Written: 11/16/2007 02:11:45 AM
Event ID/Source: 19011 / MSSQL$MICROSOFTBCM
Event Description:
(SpnRegister) : Error 1355

Event Record #/Type26142 / Error
Event Submitted/Written: 11/15/2007 10:10:53 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application aim.exe, version 5.9.3861.0, faulting module unknown, version 0.0.0.0, fault address 0x1221254f.
Processing media-specific event for [aim.exe!ws!]

Event Record #/Type26140 / Warning
Event Submitted/Written: 11/15/2007 10:06:40 AM
Event ID/Source: 19011 / MSSQL$MICROSOFTBCM
Event Description:
(SpnRegister) : Error 1355

Event Record #/Type26136 / Warning
Event Submitted/Written: 11/14/2007 09:56:09 PM
Event ID/Source: 19011 / MSSQL$MICROSOFTBCM
Event Description:
(SpnRegister) : Error 1355

Event Record #/Type26132 / Warning
Event Submitted/Written: 11/14/2007 04:51:18 PM
Event ID/Source: 19011 / MSSQL$MICROSOFTBCM
Event Description:
(SpnRegister) : Error 1355



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type44145 / Warning
Event Submitted/Written: 11/16/2007 03:50:55 PM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Event Record #/Type44005 / Warning
Event Submitted/Written: 11/14/2007 02:42:10 AM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 000D56F95605. The following
error occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Event Record #/Type43999 / Warning
Event Submitted/Written: 11/13/2007 07:54:06 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type43997 / Error
Event Submitted/Written: 11/13/2007 07:49:46 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Application Layer Gateway Service service failed to start due to the following error:
%%1053

Event Record #/Type43996 / Error
Event Submitted/Written: 11/13/2007 07:49:46 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.



-- End of Deckard's System Scanner: finished at 2007-11-16 19:05:41 ------------

#7 random/random

random/random

  • Malware Response Team
  • 2,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 AM

Posted 17 November 2007 - 07:49 AM

Go to Start> Control Panel> Add or Remove Programs.

Remove the following programs, if they are present(They are outdated & vulnerable versions of Java)
  • Java 2 Runtime Environment, SE v1.4.2_03
  • Javaâ„¢ 6 Update 2
  • Go to Start > My Computer
  • Go to Tools > Folder Options
  • Click on the View tab
  • Untick the following:
    • Hide extensions for known file types
    • Hide protected operating system files (Recommended)
  • You will get a message warning you about showing protected operating system files, click Yes
  • Make sure this option is selected:
    • Show hidden files and folders
  • Click Apply and then click OK
Use windows explorer to find and delete these files:

C:\WINDOWS\system32\jjkkj.ini2
C:\WINDOWS\system32\jjkkj.bak1
C:\WINDOWS\system32\ntpnslmp.ini2
C:\WINDOWS\system32\ilnmp.bak2
C:\WINDOWS\system32\ilnmp.bak1

As an example:
To delete C:\WINDOWS\system32\filetogo.bye
Double click the My Computer icon on your Desktop.
Double click on Local Disc (C:\)
Double click on the Windows folder,
Double click on the System 32 folder,
Right click on filetogo.bye and from the menu that appears, click on 'Delete'


Then post a new HijackThis log &a description of any remaining problems

Also, Did you install acespy?

Edited by random/random, 17 November 2007 - 07:49 AM.


#8 casper1985

casper1985
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:florida
  • Local time:06:27 PM

Posted 17 November 2007 - 01:02 PM

Unfortunately sir, All of the afore problems still exist. An example of a problem is mail.yahoo.com... after entering my username and login, it says "If you are seeing this message, your browser setting is preventing you from automatically redirecting to a new URL" ....also www.hotmail.com..it says "http://runonce.msn.com/runonce2.aspx" never seen that before. I hope that info is helpful....No sir I did not install acespy. I did not receive that instruction. could you please provide the link along with furthur instructions?.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:53, on 2007-11-18
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\hphmon04.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\System32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Media Card Companion Monitor.lnk = C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe

--
End of file - 10633 bytes

#9 random/random

random/random

  • Malware Response Team
  • 2,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 AM

Posted 17 November 2007 - 05:34 PM

acespy is a commercial keylogger that seems to be present on your system. I asked if you installed it, since it is sometimes installed deliberately.

You have signs of a Keylogger on your computer.

You are strongly advised to do the following immediately:

1. Call all of your banks, credit card companies, and financial institutions. Inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.

2. From a clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.

Do NOT change passwords or do any transactions while using the infected computer, because the attacker will get the new passwords and transaction information.
  • Download AVG Anti-rootkit from here
  • Double click on avgarkt-setup-1.1.0.42.exe to start the install of AVG Anti-rootkit
  • Click Next>
  • Click Next>
  • Click I agree
  • Click Next>
  • Click Install
  • Click Finish, your computer will now be restarted
  • Once your machine has restarted, doubleclick on the AVG Anti-rootkit shortcut on your desktop to start AVG Anti-rootkit
  • Click Perform in-depth search
  • Click Scan
  • Wait for the scan to complete
  • Right click in the middle of the window, and click Save results
  • Save it to the desktop as avgrk.csv
  • Use notepad to open that file, and post the contents as a reply to this topic


#10 casper1985

casper1985
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:florida
  • Local time:06:27 PM

Posted 18 November 2007 - 10:22 AM

I went ahead and made the changes from a clean machine... I downloaded the AVG program you suggested, performed the scan but it turned up nothing. Thefore I was unable to save a file.

#11 random/random

random/random

  • Malware Response Team
  • 2,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 AM

Posted 18 November 2007 - 10:35 AM

  • Download GMER by GMER from here
  • Unzip it to a folder on your desktop
  • Double click on gmer.exe to launch GMER
  • If asked, allow the gmer.sys driver load
  • If it warns you about rootkit activity and asks if you want to run scan, click OK
  • If you don't get a warning then
    • Click the rootkit tab
    • Click Scan
  • Once the scan has finished, click copy
  • Paste the log into notepad using Ctrl+V
  • Save it to your desktop as gmerrk.txt
  • Click on the >>> tab
  • This will open up the rest of the tabs for you
  • Click on the Autostart tab
  • Click on Scan
  • Once the scan has finished, click copy
  • Paste the log into notepad using Ctrl+V
  • Save it to your desktop as gmerautos.txt
  • Copy and paste the contents of gmerautos.txt and gmerrk.txt as a reply to this topic


#12 casper1985

casper1985
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:florida
  • Local time:06:27 PM

Posted 18 November 2007 - 02:59 PM

one file is too long... will send in halves...

GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-11-19 14:23:16
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.13 ----

SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwClose
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcessEx
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSymbolicLinkObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDuplicateObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwFlushKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwInitializeRegistry
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadDriver
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey2
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwNotifyChangeKey
SSDT kl1.sys ZwOpenFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenKey
SSDT \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys ZwOpenProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryMultipleValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQuerySystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwReplaceKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwRestoreKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwResumeThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSaveKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetContextThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetSecurityObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSuspendThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSystemDebugControl
SSDT \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys ZwTerminateProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwUnloadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwWriteVirtualMemory
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys SSDT[284]
SSDT[296]

Code \??\C:\WINDOWS\system32\drivers\klif.sys FsRtlCheckLockForReadAccess
Code \??\C:\WINDOWS\system32\drivers\klif.sys IoIsOperationSynchronous

---- Kernel code sections - GMER 1.0.13 ----

? C:\WINDOWS\system32\Drivers\mchInjDrv.sys The system cannot find the file specified.

---- User code sections - GMER 1.0.13 ----

.text .text C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe[228] SHELL32.dll!Shell_NotifyIconW 7CA21B6A 6 Bytes JMP 5F130F5A
.text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] SHELL32.dll!ILFindChild + 17AB 7C9F32F0 4 Bytes [ B0, 02, 1E, 7D ]
.text C:\Program Files\internet explorer\iexplore.exe[548] ntdll.dll!NtSetValueKey 7C90E7BC 3 Bytes [ FF, 25, 1E ]
.text C:\Program Files\internet explorer\iexplore.exe[548] ntdll.dll!NtSetValueKey + 4 7C90E7C0 2 Bytes [ 1A, 5F ]
.text C:\Program Files\internet explorer\iexplore.exe[548] ntdll.dll!NtWriteFile 7C90E9F3 3 Bytes [ FF, 25, 1E ]
.text C:\Program Files\internet explorer\iexplore.exe[548] ntdll.dll!NtWriteFile + 4 7C90E9F7 2 Bytes [ 17, 5F ]
.text C:\Program Files\internet explorer\iexplore.exe[548] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F040F5A
.text C:\Program Files\internet explorer\iexplore.exe[548] kernel32.dll!WriteProcessMemory 7C80220F 6 Bytes JMP 5F070F5A
.text C:\Program Files\internet explorer\iexplore.exe[548] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, EF, F4 ]
.text C:\Program Files\internet explorer\iexplore.exe[548] kernel32.dll!OpenProcess 7C8309E1 6 Bytes JMP 5F0A0F5A
.text C:\Program Files\internet explorer\iexplore.exe[548] ADVAPI32.dll!CreateServiceA 77E37071 6 Bytes JMP 5F0D0F5A
.text C:\Program Files\internet explorer\iexplore.exe[548] ADVAPI32.dll!CreateServiceW 77E37209 3 Bytes [ FF, 25, 1E ]
.text C:\Program Files\internet explorer\iexplore.exe[548] ADVAPI32.dll!CreateServiceW + 4 77E3720D 2 Bytes [ 11, 5F ]
.text C:\Program Files\internet explorer\iexplore.exe[548] USER32.dll!DialogBoxParamW 7E42555F 5 Bytes JMP 42F0F2C1 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\internet explorer\iexplore.exe[548] USER32.dll!DialogBoxIndirectParamW 7E432032 5 Bytes JMP 430A030F C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\internet explorer\iexplore.exe[548] USER32.dll!MessageBoxIndirectA 7E43A04A 5 Bytes JMP 430A0290 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\internet explorer\iexplore.exe[548] USER32.dll!DialogBoxParamA 7E43B10C 5 Bytes JMP 430A02D4 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\internet explorer\iexplore.exe[548] USER32.dll!MessageBoxExW 7E4505D8 5 Bytes JMP 430A021C C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\internet explorer\iexplore.exe[548] USER32.dll!MessageBoxExA 7E4505FC 5 Bytes JMP 430A0256 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\internet explorer\iexplore.exe[548] USER32.dll!DialogBoxIndirectParamA 7E456B50 5 Bytes JMP 430A034A C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\internet explorer\iexplore.exe[548] USER32.dll!MessageBoxIndirectW 7E4662AB 5 Bytes JMP 42F31676 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\internet explorer\iexplore.exe[548] SHELL32.dll!StrStrW + FFE2A126 7C9C5008 4 Bytes [ 80, 00, 1E, 7D ]
.text C:\Program Files\internet explorer\iexplore.exe[548] SHELL32.dll!StrStrW + FFE2A132 7C9C5014 4 Bytes [ F0, 00, 1E, 7D ]
.text C:\Program Files\internet explorer\iexplore.exe[548] SHELL32.dll!ILFindChild + 1753 7C9F3298 4 Bytes [ 60, 01, 1E, 7D ]
.text C:\Program Files\internet explorer\iexplore.exe[548] SHELL32.dll!Shell_NotifyIconW 7CA21B6A 6 Bytes JMP 5F130F5A
.text C:\Program Files\internet explorer\iexplore.exe[548] ws2_32.dll!connect 71AB406A 6 Bytes JMP 5F1C0F5A
.text C:\Program Files\internet explorer\iexplore.exe[548] ws2_32.dll!listen 71AB88D3 6 Bytes JMP 5F1F0F5A
.text C:\WINDOWS\Explorer.EXE[2220] ntdll.dll!NtSetValueKey 7C90E7BC 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\Explorer.EXE[2220] ntdll.dll!NtSetValueKey + 4 7C90E7C0 2 Bytes [ 20, 5F ]
.text C:\WINDOWS\Explorer.EXE[2220] ntdll.dll!NtWriteFile 7C90E9F3 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\Explorer.EXE[2220] ntdll.dll!NtWriteFile + 4 7C90E9F7 2 Bytes [ 1D, 5F ]
.text C:\WINDOWS\Explorer.EXE[2220] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\Explorer.EXE[2220] kernel32.dll!WriteProcessMemory 7C80220F 6 Bytes JMP 5F0D0F5A
.text C:\WINDOWS\Explorer.EXE[2220] kernel32.dll!OpenProcess 7C8309E1 6 Bytes JMP 5F100F5A
.text C:\WINDOWS\Explorer.EXE[2220] ADVAPI32.dll!CreateServiceA 77E37071 6 Bytes JMP 5F130F5A
.text C:\WINDOWS\Explorer.EXE[2220] ADVAPI32.dll!CreateServiceW 77E37209 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\Explorer.EXE[2220] ADVAPI32.dll!CreateServiceW + 4 77E3720D 2 Bytes [ 17, 5F ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!StrStrW + FFE2A126 7C9C5008 4 Bytes [ 80, 00, 1E, 7D ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!StrStrW + FFE2A132 7C9C5014 4 Bytes [ F0, 00, 1E, 7D ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!StrStrW + FFE2BFBE 7C9C6EA0 4 Bytes [ 40, 09, 1E, 7D ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!StrStrW + FFE2C0A6 7C9C6F88 4 Bytes [ 70, 04, 80, 01 ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!StrStrW + FFE2C0BA 7C9C6F9C 4 Bytes [ 80, 00, 80, 01 ]
.text ...
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!SHFree + 102 7C9EABAC 4 Bytes [ 00, 04, 4A, 7E ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!ILFree + 8C 7C9EAD28 4 Bytes [ A0, 0D, 4A, 7E ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!ILFindChild + 807 7C9F234C 4 Bytes [ 80, 0E, 4A, 7E ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!ILFindChild + E6F 7C9F29B4 4 Bytes [ 20, 03, 80, 01 ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!ILFindChild + E87 7C9F29CC 4 Bytes [ 60, 01, 80, 01 ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!ILFindChild + 1753 7C9F3298 4 Bytes [ B0, 02, 1E, 7D ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!ILFindChild + 1773 7C9F32B8 4 Bytes [ 40, 02, 1E, 7D ]
.text ...
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!IsLFNDrive + 8DF 7C9FF318 4 Bytes [ 30, 0D, 4A, 7E ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!SHTestTokenMembership + E5 7CA04A7C 4 Bytes [ D0, 01, 4A, 7E ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!ILLoadFromStream + 54F 7CA06334 4 Bytes [ C0, 05, 1E, 7D ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!ILLoadFromStream + 65F 7CA06444 4 Bytes [ A0, 06, 1E, 7D ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!Shell_NotifyIconW 7CA21B6A 6 Bytes JMP 5F190F5A
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!SHExtractIconsW + 100E 7CA233C4 4 Bytes [ F0, 00, 80, 01 ]
.text C:\WINDOWS\Explorer.EXE[2220] SHELL32.dll!StrStrIW + 1F5 7CA31184 4 Bytes [ E0, 0B, 4A, 7E ]
.text C:\WINDOWS\Explorer.EXE[2220] WS2_32.dll!connect 71AB406A 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\Explorer.EXE[2220] WS2_32.dll!listen 71AB88D3 6 Bytes JMP 5F0A0F5A
.text .text C:\Program Files\BitComet\BitComet.exe[2448] WS2_32.dll!listen 71AB88D3 6 Bytes JMP 5F0A0F5A
.text .text C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] SHELL32.dll!Shell_NotifyIconW 7CA21B6A 6 Bytes JMP 5F130F5A
.text .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] SHELL32.dll!Shell_NotifyIconW 7CA21B6A 6 Bytes JMP 5F130F5A
.text .text C:\Program Files\iTunes\iTunesHelper.exe[2596] ADVAPI32.dll!CreateServiceW + 4 77E3720D 2 Bytes [ 11, 5F ]
.text C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] ntdll.dll!NtSetValueKey 7C90E7BC 3 Bytes [ FF, 25, 1E ]
.text C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] ntdll.dll!NtSetValueKey + 4 7C90E7C0 2 Bytes [ 17, 5F ]
.text C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] ntdll.dll!NtWriteFile 7C90E9F3 3 Bytes [ FF, 25, 1E ]
.text C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] ntdll.dll!NtWriteFile + 4 7C90E9F7 2 Bytes [ 14, 5F ]
.text C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F040F5A
.text C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] kernel32.dll!WriteProcessMemory 7C80220F 6 Bytes JMP 5F070F5A
.text C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] kernel32.dll!FreeLibrary + 15 7C80ABF3 4 Bytes [ 45, 54, EF, F4 ]
.text C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] kernel32.dll!OpenProcess 7C8309E1 6 Bytes JMP 5F0A0F5A
.text C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] ADVAPI32.dll!CreateServiceA 77E37071 6 Bytes JMP 5F0D0F5A
.text C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] ADVAPI32.dll!CreateServiceW 77E37209 3 Bytes [ FF, 25, 1E ]
.text C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] ADVAPI32.dll!CreateServiceW + 4 77E3720D 2 Bytes [ 11, 5F ]
.text .text C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] SHELL32.dll!Shell_NotifyIconW 7CA21B6A 6 Bytes JMP 5F130F5A
.text C:\WINDOWS\System32\hphmon04.exe[3372] ntdll.dll!NtSetValueKey 7C90E7BC 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\System32\hphmon04.exe[3372] ntdll.dll!NtSetValueKey + 4 7C90E7C0 2 Bytes [ 1A, 5F ]
.text C:\WINDOWS\System32\hphmon04.exe[3372] ntdll.dll!NtWriteFile 7C90E9F3 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\System32\hphmon04.exe[3372] ntdll.dll!NtWriteFile + 4 7C90E9F7 2 Bytes [ 17, 5F ]
.text C:\WINDOWS\System32\hphmon04.exe[3372] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F040F5A
.text C:\WINDOWS\System32\hphmon04.exe[3372] kernel32.dll!WriteProcessMemory 7C80220F 6 Bytes JMP 5F070F5A
.text C:\WINDOWS\System32\hphmon04.exe[3372] kernel32.dll!OpenProcess 7C8309E1 6 Bytes JMP 5F0A0F5A
.text C:\WINDOWS\System32\hphmon04.exe[3372] ADVAPI32.dll!CreateServiceA 77E37071 6 Bytes JMP 5F0D0F5A
.text C:\WINDOWS\System32\hphmon04.exe[3372] ADVAPI32.dll!CreateServiceW 77E37209 3 Bytes [ FF, 25, 1E ]
.text C:\WINDOWS\System32\hphmon04.exe[3372] ADVAPI32.dll!CreateServiceW + 4 77E3720D 2 Bytes [ 11, 5F ]
.text C:\WINDOWS\System32\hphmon04.exe[3372] SHELL32.dll!Shell_NotifyIconW 7CA21B6A 6 Bytes JMP 5F130F5A
.text
.text .text C:\Program Files\a-squared Anti-Malware\a2guard.exe[3572] kernel32.dll!CreateThread + 1A 7C810651 4 Bytes [ CF, F1, C3, 83 ]
.text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3604] USER32.dll!VRipOutput + FFFA4DE7 7E412A78 4 Bytes [ 70, 11, 3F, 00 ]
.text C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] ntdll.dll!NtSetValueKey 7C90E7BC 3 Bytes [ FF, 25, 1E ]
.text C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] ntdll.dll!NtSetValueKey + 4 7C90E7C0 2 Bytes [ 1A, 5F ]
.text C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] ntdll.dll!NtWriteFile 7C90E9F3 3 Bytes [ FF, 25, 1E ]
.text C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] ntdll.dll!NtWriteFile + 4 7C90E9F7 2 Bytes [ 17, 5F ]
.text C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] kernel32.dll!LoadLibraryExW 7C801AF1 6 Bytes JMP 5F040F5A
.text C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] kernel32.dll!WriteProcessMemory 7C80220F 6 Bytes JMP 5F070F5A
.text C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] kernel32.dll!OpenProcess 7C8309E1 6 Bytes JMP 5F0A0F5A
.text C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] ADVAPI32.dll!CreateServiceA 77E37071 6 Bytes JMP 5F0D0F5A
.text C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] ADVAPI32.dll!CreateServiceW 77E37209 3 Bytes [ FF, 25, 1E ]
.text C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] ADVAPI32.dll!CreateServiceW + 4 77E3720D 2 Bytes [ 11, 5F ]
.text C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] SHELL32.dll!Shell_NotifyIconW 7CA21B6A 6 Bytes JMP 5F130F5A

---- Kernel IAT/EAT - GMER 1.0.13 ----

IAT \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\ks.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\Drivers\Modem.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\mouclass.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\serial.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\serenum.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\parport.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\redbook.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\imapi.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\system32\drivers\portcls.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\audstub.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\Drivers\RootMdm.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\ndistapi.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\msgpc.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\rdpdr.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\termdd.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\kbdclass.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\swenum.sys[NTOSKRNL.EXE!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\update.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\mssmbios.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\usbhub.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\flpydisk.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\Drivers\i2omgmt.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\Drivers\Fs_Rec.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\Drivers\Beep.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\HIDCLASS.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\usbccgp.sys[NTOSKRNL.EXE!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\kbdhid.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\Drivers\Msfs.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\Drivers\Npfs.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\rasacd.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\ipsec.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] 83139870
IAT \SystemRoot\System32\DRIVERS\ipnat.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\ipfltdrv.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\netbt.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] 83139870
IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\netbios.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\rdbss.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\mrxsmb.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\Drivers\Fips.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\Drivers\Cdfs.SYS[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\mrxdav.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\Drivers\HTTP.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\System32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\system32\drivers\wdmaud.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\system32\drivers\sysaudio.sys[ntoskrnl.exe!IoCreateDevice] 831397F0
IAT \SystemRoot\system32\drivers\kmixer.sys[ntoskrnl.exe!IoCreateDevice] 831397F0

---- User IAT/EAT - GMER 1.0.13 ----

IAT C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe[228] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\a-squared Anti-Malware\a2service.exe[292] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe[316] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Intel\ASF Agent\ASFAgent.exe[340] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe[356] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00AA04A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00AA04D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00AA04FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00AA0526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00AA0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00AA05A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00AA05CE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00AA05F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA0622
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00AA064C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00AA0676
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00AA06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00AA06CA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00AA06F4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00AA071E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00AA0748
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 00AA0772
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA079C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 00AA07C6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 00AA07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 00AA081A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 00AA0844
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA086E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00AA0898
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 00AA08C2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 00AA08EC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 00AA0916
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 00AA0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA0D84
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00AA0DAE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00AA0DD8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00AA0E02
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00AA0E2C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00AA0E56
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00AA0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00AA0EAA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00AA0ED4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 00AA0EFE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA0F28
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00AA0F52
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00AA0F7C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 00AA0FA6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00AA0FD0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00B10010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 00B1003A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 00B10064
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00B1008E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00B100B8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00B100E2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00B1010C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00B10136
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00B10160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00B1018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00B101B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00B101DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00B10208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 00B10232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00B1025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B10286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B104FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00B10526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00B10550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00B1057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00B105A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] 00B107F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 00B1081A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 00B10844
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00B1086E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00B10A3C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 00B10A66
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 00B10A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 00B10ABA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00B10AE4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00B10B0E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00B10B38
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00B10B62
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00B10B8C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA0358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 00AA01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 00AA025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 00AA0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 00AA025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 00AA0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 00AA0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 00AA01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA0358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 00AA01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA0358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 00AA0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 00AA0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 00AA025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetErrorMode] 00AA032E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameA] 00AA0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] 00AA0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleFileNameW] 00AA0232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] 00AA02DA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA0358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] 00AA025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] 00AA0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!FreeLibrary] 00AA01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 00AA01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 00AA025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 00AA0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA0358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 00AA02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 00AA02DA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 00AA0232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA] 00AA0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 00AA0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA0358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 00AA0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 00AA01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 00AA025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 00AA0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[396] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00AA0358
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe[524] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\internet explorer\iexplore.exe[548] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[632] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\ADVAPI32.DLL [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\ADVAPI32.DLL [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\ADVAPI32.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\ADVAPI32.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\USER32.DLL [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\USER32.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\USER32.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\USER32.DLL [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\NETAPI32.DLL [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\NETAPI32.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\NETAPI32.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe[656] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\nvsvc32.exe[724] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\winsrv.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\csrss.exe[1036] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\KERNEL32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\IPHLPAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1040] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\services.exe[1104] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1288] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\svchost.exe[1384] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ c:\windows\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1512] @ c:\windows\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1576] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\System32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\System32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\svchost.exe[1836] @ C:\WINDOWS\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[1992] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT

C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\System32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\System32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\System32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[2220] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Canon\CAL\CALMAIN.exe[2380] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\BitComet\BitComet.exe[2448] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe[2520] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe[2568] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iTunes\iTunesHelper.exe[2596] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\SONJA DELCHAN.MAX\Desktop\New Folder\gmer.exe[2640] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\iPod\bin\iPodService.exe[2788] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe[2972] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\alg.exe[3060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\System32\hphmon04.exe[3372] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe[3556] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll! [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3604] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[3604] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll! Anti-Virus 7.0\

avp.exe[3604] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA] 00C90208
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[3620] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll

---- Devices - GMER 1.0.13 ----

AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F29A8DB0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [F86291DE] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [F86291DE] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [F8629454] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [F86291DE] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [F861CF4C] fltmgr.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_NAMED_PIPE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_READ [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_WRITE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_EA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_EA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FLUSH_BUFFERS [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_VOLUME_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_VOLUME_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DIRECTORY_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_FILE_SYSTEM_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SHUTDOWN [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_LOCK_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_CREATE_MAILSLOT [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_SECURITY [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_SECURITY [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_POWER [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SYSTEM_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CHANGE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_QUERY_QUOTA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Ip IRP_MJ_SET_QUOTA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_NAMED_PIPE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_READ [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_WRITE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_EA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_EA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FLUSH_BUFFERS [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_VOLUME_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_VOLUME_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DIRECTORY_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_FILE_SYSTEM_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SHUTDOWN [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_LOCK_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE_MAILSLOT [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_SECURITY [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_SECURITY [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_POWER [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SYSTEM_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CHANGE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_QUERY_QUOTA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Tcp IRP_MJ_SET_QUOTA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_NAMED_PIPE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_READ [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_WRITE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_EA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_EA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FLUSH_BUFFERS [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_VOLUME_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_VOLUME_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DIRECTORY_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_FILE_SYSTEM_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SHUTDOWN [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_LOCK_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_CREATE_MAILSLOT [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_SECURITY [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_SECURITY [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_POWER [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SYSTEM_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CHANGE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_QUERY_QUOTA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\Udp IRP_MJ_SET_QUOTA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [F2BA010E] Mpfp.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_NAMED_PIPE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_READ [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_WRITE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_EA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_EA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FLUSH_BUFFERS [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_VOLUME_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_VOLUME_INFORMATION [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DIRECTORY_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_FILE_SYSTEM_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SHUTDOWN [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_LOCK_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE_MAILSLOT [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_SECURITY [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_SECURITY [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_POWER [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SYSTEM_CONTROL [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CHANGE [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_QUERY_QUOTA [F85010F0] kl1.sys
AttachedDevice \Driver\Tcpip \Device\RawIp IRP_MJ_SET_QUOTA [F85010F0] kl1.sys

Device \FileSystem\Fastfat \Fat IRP_MJ_CREATE BA659C8A
Device \FileSystem\Fastfat \Fat IRP_MJ_CLOSE BA6567C8
Device \FileSystem\Fastfat \Fat IRP_MJ_READ BA65260A
Device \FileSystem\Fastfat \Fat IRP_MJ_WRITE BA652AED
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION BA65D958
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION BA660821
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA BA66938A
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_EA BA668D49
Device \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS BA662BBE
Device \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION BA663331
Device \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION BA6714F4
Device \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL BA659B37
Device \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL BA655948
Device \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL BA65F46B
Device \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN BA67079D
Device \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL BA66FC4A
Device \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP BA6562FD
Device \FileSystem\Fastfat \Fat IRP_MJ_PNP BA6701DB
Device \FileSystem\Fastfat \Fat FastIoCheckIfPossible BA66B1F9

AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [F29A8DB0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [F29A8FA0] klif.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [F86291DE] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [F86291DE] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [F8629454] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [F86291DE] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [F861CF4C] fltmgr.sys
AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [F861CF4C] fltmgr.sys

---- Threads - GMER 1.0.13 ----

Thread 4:120 831CDB40
Thread 4:128 831CDB40
Thread 4:132 831440A0
Thread 4:136 831440A0
Thread 4:140 831440A0

---- EOF - GMER 1.0.13 ----

#13 casper1985

casper1985
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:florida
  • Local time:06:27 PM

Posted 18 November 2007 - 03:01 PM

GMER 1.0.13.12551 - http://www.gmer.net
Autostart scan 2007-11-19 14:25:55
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon@DLLName = C:\WINDOWS\system32\klogon.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
a2AntiMalware /*a-squared Anti-Malware Service*/@ = "C:\Program Files\a-squared Anti-Malware\a2service.exe"
APC UPS Service /*APC UPS Service*/@ = C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
ASFAgent /*ASF Agent*/@ = C:\Program Files\Intel\ASF Agent\ASFAgent.exe
AVG Anti-Spyware Guard /*AVG Anti-Spyware Guard*/@ = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
AVP /*Kaspersky Anti-Virus 7.0*/@ = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r
CCALib8 /*Canon Camera Access Library 8*/@ = C:\Program Files\Canon\CAL\CALMAIN.exe
McAfee HackerWatch Service /*McAfee HackerWatch Service*/@ = "C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe"
McRedirector /*McAfee Redirector Service*/@ = c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
MDM /*Machine Debug Manager*/@ = "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
MSSQL$MICROSOFTBCM /*MSSQL$MICROSOFTBCM*/@ = C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe -sMICROSOFTBCM /*file not found*/
NVSvc /*NVIDIA Driver Helper Service*/@ = %SystemRoot%\System32\nvsvc32.exe
ScsiPort@ = %SystemRoot%\system32\drivers\scsiport.sys
Spooler /*Print Spooler*/@ = %SystemRoot%\system32\spoolsv.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@NvCplDaemonRUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
@nwiznwiz.exe /installquiet = nwiz.exe /installquiet
@AdaptecDirectCD"C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" = "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
@HPDJ Taskbar UtilityC:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe = C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
@Share-to-Web Namespace DaemonC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe = C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
@NeroFilterCheckC:\WINDOWS\system32\NeroCheck.exe = C:\WINDOWS\system32\NeroCheck.exe
@iTunesHelper"C:\Program Files\iTunes\iTunesHelper.exe" = "C:\Program Files\iTunes\iTunesHelper.exe"
@HPHmon04C:\WINDOWS\System32\hphmon04.exe = C:\WINDOWS\System32\hphmon04.exe
@HPHUPD04"C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" = "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
@PWRISOVM.EXEC:\Program Files\PowerISO\PWRISOVM.EXE = C:\Program Files\PowerISO\PWRISOVM.EXE
@!AVG Anti-Spyware"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
@a-squared"C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60 = "C:\Program Files\a-squared Anti-Malware\a2guard.exe" /d=60
@AVP"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
@SunJavaUpdateSched"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" = "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@ctfmon.exeC:\WINDOWS\system32\ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
@AIMC:\Program Files\AIM\aim.exe -cnetwait.odl /*file not found*/ = C:\Program Files\AIM\aim.exe -cnetwait.odl /*file not found*/

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{57B86673-276A-48B2-BAE7-C6DBB3020EB8} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{32683183-48a0-441b-a342-7c2a440a9478} /*Media Band*/(null) =
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1CDB2949-8F65-4355-8456-263E7C208A5D} /*Desktop Explorer*/C:\WINDOWS\System32\nvshell.dll = C:\WINDOWS\System32\nvshell.dll
@{1E9B04FB-F9E5-4718-997B-B8DA88302A47} /*Desktop Explorer Menu*/C:\WINDOWS\System32\nvshell.dll = C:\WINDOWS\System32\nvshell.dll
@{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} /*Adobe.Acrobat.ContextMenu*/c:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll = c:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web Folders*/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\OFFICE11\msohev.dll = C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
@{5E44E225-A408-11CF-B581-008029601108} /*Adaptec DirectCD Shell Extension*/C:\PROGRA~1\Roxio\EASYCD~1\DirectCD\Shellex.dll = C:\PROGRA~1\Roxio\EASYCD~1\DirectCD\Shellex.dll
@{A4DF5659-0801-4A60-9607-1C48695EFDA9} /*Share-to-Web Upload Folder*/C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL = C:\Program Files\Hewlett-Packard\HP Share-to-Web\HPGS2WNS.DLL
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Program Files\iTunes\iTunesMiniPlayer.dll = C:\Program Files\iTunes\iTunesMiniPlayer.dll
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/C:\WINDOWS\System32\twext.dll = C:\WINDOWS\System32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/C:\WINDOWS\System32\twext.dll = C:\WINDOWS\System32\twext.dll
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\system32\extmgr.dll = C:\WINDOWS\system32\extmgr.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser Architecture*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} /*PowerISO*/C:\Program Files\PowerISO\PWRISOSH.DLL = C:\Program Files\PowerISO\PWRISOSH.DLL
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{85E0B171-04FA-11D1-B7DA-00A0C90348D6} /*Web Anti-Virus statistics*/C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Adobe.Acrobat.ContextMenu@{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} = c:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\ContextMenu.dll
AVG Anti-Spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll
Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll
PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = C:\Program Files\PowerISO\PWRISOSH.DLL

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
AVG Anti-Spyware@{8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll
PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = C:\Program Files\PowerISO\PWRISOSH.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll
PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = C:\Program Files\PowerISO\PWRISOSH.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}c:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll = c:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
@{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll = C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
@{AA58ED58-01DD-4d91-8333-CF10577473F7}c:\program files\google\googletoolbar3.dll = c:\program files\google\googletoolbar3.dll
@{AE7CD045-E861-484f-8273-0445EE161910}c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll = c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.hotmail.com/ = http://www.hotmail.com/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
its@CLSID = C:\WINDOWS\System32\itss.dll
mhtml@CLSID = %SystemRoot%\System32\inetcomm.dll
ms-its@CLSID = C:\WINDOWS\System32\itss.dll
ms-itss@CLSID = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll

HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\System32\wiascr.dll

C:\Documents and Settings\SONJA DELCHAN.MAX\Start Menu\Programs\Startup = DESKTOP.INI

C:\Documents and Settings\All Users\Start Menu\Programs\Startup >>>
Adobe Gamma Loader.lnk = Adobe Gamma Loader.lnk
APC UPS Status.lnk = APC UPS Status.lnk
DESKTOP.INI = DESKTOP.INI
Image Transfer.lnk = Image Transfer.lnk
Media Card Companion Monitor.lnk = Media Card Companion Monitor.lnk
Microsoft Office.lnk = Microsoft Office.lnk

---- EOF - GMER 1.0.13 ----

#14 random/random

random/random

  • Malware Response Team
  • 2,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 AM

Posted 18 November 2007 - 04:24 PM

  • Download Autoruns from here
  • Unzip/extract it to a folder on your desktop
  • Double click on autoruns.exe to start Autoruns
  • Wait for it to finish scanning
  • Under Options make sure the following options are slected
    • Verify Code Signatures
    • Hide Signed Microsoft Entries
  • Click File > Refresh
  • Click File > Save As
  • Save it to the desktop as autoruns.txt
  • Post the contents of autoruns.txt as a reply to this topic


#15 casper1985

casper1985
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:florida
  • Local time:06:27 PM

Posted 18 November 2007 - 07:07 PM

HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
+ rdpclip RDP Clip Monitor (Not verified) Microsoft Corporation c:\windows\system32\rdpclip.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
+ C:\WINDOWS\system32\userinit.exe Userinit Logon Application (Not verified) Microsoft Corporation c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ !AVG Anti-Spyware AVG Anti-Spyware (Verified) GRISOFT LTD c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe
+ a-squared a-squared Guard (Verified) Emsi Software GmbH c:\program files\a-squared anti-malware\a2guard.exe
+ AdaptecDirectCD DirectCD Application (Not verified) Roxio c:\program files\roxio\easy cd creator 5\directcd\directcd.exe
+ AVP Kaspersky Anti-Virus (Verified) Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\avp.exe
+ HPDJ Taskbar Utility (Not verified) HP c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe
+ HPHmon04 HPHmon04 (Not verified) Hewlett-Packard c:\windows\system32\hphmon04.exe
+ HPHUPD04 HPHupd04 (Not verified) Hewlett-Packard c:\program files\hp photosmart 11\hphinstall\unipatch\hphupd04.exe
+ iTunesHelper iTunesHelper Module (Not verified) Apple Computer, Inc. c:\program files\itunes\ituneshelper.exe
+ NeroFilterCheck NeroCheck (Not verified) Ahead Software Gmbh c:\windows\system32\nerocheck.exe
+ NvCplDaemon NVIDIA Display Properties Extension (Not verified) NVIDIA Corporation c:\windows\system32\nvcpl.dll
+ nwiz NVIDIA nView Wizard, Version 42.37 (Not verified) NVIDIA Corporation c:\windows\system32\nwiz.exe
+ PWRISOVM.EXE PowerISO Virtual Drive Manager (Not verified) PowerISO Computing, Inc. c:\program files\poweriso\pwrisovm.exe
+ Share-to-Web Namespace Daemon hpgs2wnd (Not verified) Hewlett-Packard c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe
+ SunJavaUpdateSched Java™ Platform SE binary (Verified) Sun Microsystems, Inc. c:\program files\java\jre1.6.0_03\bin\jusched.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
+ Adobe Gamma Loader.lnk Adobe Gamma Loader (Not verified) Adobe Systems, Inc. c:\program files\common files\adobe\calibration\adobe gamma loader.exe
+ APC UPS Status.lnk Startup notification module (Not verified) American Power Conversion Corporation c:\program files\apc\apc powerchute personal edition\display.exe
+ Image Transfer.lnk c:\program files\sony corporation\image transfer\sonytray.exe
+ Media Card Companion Monitor.lnk MCC Monitor (Not verified) Arcsoft, Inc. c:\program files\arcsoft\media card companion\mcc monitor.exe
+ Microsoft Office.lnk Microsoft Office 2000 component (Not verified) Microsoft Corporation c:\program files\microsoft office\office\osa9.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ AIM AOL Instant Messenger (Verified) America Online, Inc. c:\program files\aim\aim.exe
+ ctfmon.exe CTF Loader (Not verified) Microsoft Corporation c:\windows\system32\ctfmon.exe
HKLM\SOFTWARE\Classes\Protocols\Filter
+ application/octet-stream Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-complus Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-msdownload Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ text/xml Microsoft Office XML MIME Filter (Not verified) Microsoft Corporation c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
HKLM\SOFTWARE\Classes\Protocols\Handler
+ dvd ActiveX control for streaming video (Not verified) Microsoft Corporation c:\windows\system32\msvidctl.dll
+ its Microsoft® InfoTech Storage System Library (Not verified) Microsoft Corporation c:\windows\system32\itss.dll
+ ms-its Microsoft® InfoTech Storage System Library (Not verified) Microsoft Corporation c:\windows\system32\itss.dll
+ ms-itss Microsoft® InfoTech Storage System Library (Not verified) Microsoft Corporation c:\program files\common files\microsoft shared\information retrieval\msitss.dll
+ tv ActiveX control for streaming video (Not verified) Microsoft Corporation c:\windows\system32\msvidctl.dll
+ wia WIA Scripting Layer (Not verified) Microsoft Corporation c:\windows\system32\wiascr.dll
HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components
+ 0 File not found: About:Home
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
+ Address Book 6 Outlook Express Setup Library (Not verified) Microsoft Corporation c:\program files\outlook express\setup50.exe
+ Microsoft Outlook Express 6 Outlook Express Setup Library (Not verified) Microsoft Corporation c:\program files\outlook express\setup50.exe
+ n/a Microsoft .NET IE SECURITY REGISTRATION (Not verified) Microsoft Corporation c:\windows\system32\mscories.dll
+ Outlook Express Windows NT User Data Migration Tool (Not verified) Microsoft Corporation c:\windows\system32\shmgrate.exe
+ Themes Setup Microsoft© Register Server (Not verified) Microsoft Corporation c:\windows\system32\regsvr32.exe
+ Windows Desktop Update Microsoft© Register Server (Not verified) Microsoft Corporation c:\windows\system32\regsvr32.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
+ SysTray Systray shell service object (Not verified) Microsoft Corporation c:\windows\system32\stobject.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ AVG Anti-Spyware 7.5 AVG Anti-Spyware shellexecutehook (Verified) GRISOFT LTD c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ %DESC_PublishDropTarget% Photo Printing Wizard (Not verified) Microsoft Corporation c:\windows\system32\photowiz.dll
+ .CAB file viewer Cabinet File Viewer Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\cabview.dll
+ Adaptec DirectCD Shell Extension DirectCD Shell Extention DLL (Not verified) Roxio c:\program files\roxio\easy cd creator 5\directcd\shellex.dll
+ Adobe.Acrobat.ContextMenu Adobe Acrobat Elements (Not verified) Adobe Systems Inc. c:\program files\adobe\acrobat 6.0\acrobat elements\contextmenu.dll
+ Audio Media Properties Handler Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll
+ Avi Properties Handler Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll
+ Briefcase Windows Briefcase (Not verified) Microsoft Corporation c:\windows\system32\syncui.dll
+ Compatibility Page Compatibility Tab Shell Extension DLL (Not verified) Microsoft Corporation c:\windows\system32\slayerxp.dll
+ Compressed (zipped) Folder Compressed (zipped) Folders (Not verified) Microsoft Corporation c:\windows\system32\zipfldr.dll
+ Compressed (zipped) Folder Right Drag Handler Compressed (zipped) Folders (Not verified) Microsoft Corporation c:\windows\system32\zipfldr.dll
+ Compressed (zipped) Folder SendTo Target Compressed (zipped) Folders (Not verified) Microsoft Corporation c:\windows\system32\zipfldr.dll
+ Crypto PKO Extension Crypto Shell Extensions (Not verified) Microsoft Corporation c:\windows\system32\cryptext.dll
+ Crypto Sign Extension Crypto Shell Extensions (Not verified) Microsoft Corporation c:\windows\system32\cryptext.dll
+ Darwin App Publisher Shell Application Manager (Not verified) Microsoft Corporation c:\windows\system32\appwiz.cpl
+ Desktop Explorer NVIDIA Desktop Explorer, Version 42.37 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll
+ Desktop Explorer Menu NVIDIA Desktop Explorer, Version 42.37 (Not verified) NVIDIA Corporation c:\windows\system32\nvshell.dll
+ DfsShell Distributed File System shell extension (Not verified) Microsoft Corporation c:\windows\system32\dfsshlex.dll
+ Directory Context Menu Verbs Directory Service Common UI (Not verified) Microsoft Corporation c:\windows\system32\dsuiext.dll
+ Directory Object Find Directory Service Find (Not verified) Microsoft Corporation c:\windows\system32\dsquery.dll
+ Directory Property UI Directory Service Common UI (Not verified) Microsoft Corporation c:\windows\system32\dsuiext.dll
+ Directory Query UI Directory Service Find (Not verified) Microsoft Corporation c:\windows\system32\dsquery.dll
+ Directory Start/Search Find Directory Service Find (Not verified) Microsoft Corporation c:\windows\system32\dsquery.dll
+ Disk Copy Extension Windows DiskCopy (Not verified) Microsoft Corporation c:\windows\system32\diskcopy.dll
+ Disk Quota UI Windows Shell Disk Quota UI DLL (Not verified) Microsoft Corporation c:\windows\system32\dskquoui.dll
+ Display Adapter CPL Extension Advanced display adapter properties (Not verified) Microsoft Corporation c:\windows\system32\deskadp.dll
+ Display Monitor CPL Extension Advanced display monitor properties (Not verified) Microsoft Corporation c:\windows\system32\deskmon.dll
+ Display Panning CPL Extension File not found: deskpan.dll
+ Display TroubleShoot CPL Extension Advanced display performance properties (Not verified) Microsoft Corporation c:\windows\system32\deskperf.dll
+ DS Security Page Directory Service Security UI (Not verified) Microsoft Corporation c:\windows\system32\dssec.dll
+ Fonts Windows Font Folder (Not verified) Microsoft Corporation c:\windows\system32\fontext.dll
+ For &People... Find People (Not verified) Microsoft Corporation c:\program files\outlook express\wabfind.dll
+ FTP Folders Webview Microsoft Internet Explorer FTP Folder Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\msieftp.dll
+ Fusion Cache Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ GDI+ file thumbnail extractor Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll
+ Get a Passport Wizard Map Network Drives/Network Places Wizard (Not verified) Microsoft Corporation c:\windows\system32\netplwiz.dll
+ HTML Thumbnail Extractor Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll
+ HyperTerminal Icon Ext HyperTerminal Applet Library (Not verified) Hilgraeve, Inc. c:\windows\system32\hticons.dll
+ ICC Profile Microsoft Color Matching System User Interface DLL (Not verified) Microsoft Corporation c:\windows\system32\icmui.dll
+ ICM Monitor Management Microsoft Color Matching System User Interface DLL (Not verified) Microsoft Corporation c:\windows\system32\icmui.dll
+ ICM Printer Management Microsoft Color Matching System User Interface DLL (Not verified) Microsoft Corporation c:\windows\system32\icmui.dll
+ ICM Scanner Management Microsoft Color Matching System User Interface DLL (Not verified) Microsoft Corporation c:\windows\system32\icmui.dll
+ Installed Apps Enumerator Shell Application Manager (Not verified) Microsoft Corporation c:\windows\system32\appwiz.cpl
+ iTunes iTunes Mini Player DLL (Not verified) Apple Computer, Inc. c:\program files\itunes\itunesminiplayer.dll
+ Microsoft Agent Character Property Sheet Handler Microsoft Agent Property Sheet Handler (Not verified) Microsoft Corporation c:\windows\msagent\agentpsh.dll
+ Microsoft Data Link Microsoft Data Access - OLE DB Core Services (Not verified) Microsoft Corporation c:\program files\common files\system\ole db\oledb32.dll
+ Microsoft DocProp Inplace Calendar Control Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll
+ Microsoft DocProp Inplace Droplist Combo Control Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll
+ Microsoft DocProp Inplace Edit Box Control Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll
+ Microsoft DocProp Inplace ML Edit Box Control Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll
+ Microsoft DocProp Inplace Time Control Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll
+ Microsoft DocProp Shell Ext Microsoft DocProp Shell Ext (Not verified) Microsoft Corporation c:\windows\system32\docprop2.dll
+ Microsoft Office HTML Icon Handler Microsoft Office 2003 component (Not verified) Microsoft Corporation c:\program files\microsoft office\office11\msohev.dll
+ Microsoft Office Outlook Custom Icon Handler Outlook Shell Hook for Start/Find (Not verified) Microsoft Corporation c:\program files\microsoft office\office11\olkfstub.dll
+ Midi Properties Handler Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll
+ MMC Icon Handler MMC Shell Extension DLL (Not verified) Microsoft Corporation c:\windows\system32\mmcshext.dll
+ Multimedia File Property Sheet Control Panel Drivers Applet (Not verified) Microsoft Corporation c:\windows\system32\mmsys.cpl
+ MyDocs Copy Hook My Documents Folder UI (Not verified) Microsoft Corporation c:\windows\system32\mydocs.dll
+ MyDocs Drop Target My Documents Folder UI (Not verified) Microsoft Corporation c:\windows\system32\mydocs.dll
+ MyDocs Properties My Documents Folder UI (Not verified) Microsoft Corporation c:\windows\system32\mydocs.dll
+ Network Connections Network Connections Shell (Not verified) Microsoft Corporation c:\windows\system32\netshell.dll
+ Network Connections Network Connections Shell (Not verified) Microsoft Corporation c:\windows\system32\netshell.dll
+ NTFS Security Page Security Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\rshx32.dll
+ Offline Files Folder Client Side Caching UI (Not verified) Microsoft Corporation c:\windows\system32\cscui.dll
+ Offline Files Folder Options Client Side Caching UI (Not verified) Microsoft Corporation c:\windows\system32\cscui.dll
+ Offline Files Menu Client Side Caching UI (Not verified) Microsoft Corporation c:\windows\system32\cscui.dll
+ OLE Docfile Property Page OLE DocFile Property Page (Not verified) Microsoft Corporation c:\windows\system32\docprop.dll
+ PlusPack CPL Extension Windows Theme API (Not verified) Microsoft Corporation c:\windows\system32\themeui.dll
+ Portable Media Devices Portable Media Devices Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\audiodev.dll
+ Portable Media Devices Menu Portable Media Devices Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\audiodev.dll
+ PowerISO PowerISOShell DLL (Not verified) PowerISO Computing, Inc. c:\program files\poweriso\pwrisosh.dll
+ Previous Versions Previous Versions property page (Not verified) Microsoft Corporation c:\windows\system32\twext.dll
+ Previous Versions Property Page Previous Versions property page (Not verified) Microsoft Corporation c:\windows\system32\twext.dll
+ Print Ordering via the Web Map Network Drives/Network Places Wizard (Not verified) Microsoft Corporation c:\windows\system32\netplwiz.dll
+ Printers Security Page Security Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\rshx32.dll
+ Remote Sessions CPL Extension Remote Sessions CPL Extension (Not verified) Microsoft Corporation c:\windows\system32\remotepg.dll
+ Scanners & Cameras Imaging Devices Shell Folder UI (Not verified) Microsoft Corporation c:\windows\system32\wiashext.dll
+ Scanners & Cameras Imaging Devices Shell Folder UI (Not verified) Microsoft Corporation c:\windows\system32\wiashext.dll
+ Scanners & Cameras Imaging Devices Shell Folder UI (Not verified) Microsoft Corporation c:\windows\system32\wiashext.dll
+ Scanners & Cameras Imaging Devices Shell Folder UI (Not verified) Microsoft Corporation c:\windows\system32\wiashext.dll
+ Scanners & Cameras Imaging Devices Shell Folder UI (Not verified) Microsoft Corporation c:\windows\system32\wiashext.dll
+ Scheduled Tasks Task Scheduler interface DLL (Not verified) Microsoft Corporation c:\windows\system32\mstask.dll
+ Sendmail service Send Mail (Not verified) Microsoft Corporation c:\windows\system32\sendmail.dll
+ Sendmail service Send Mail (Not verified) Microsoft Corporation c:\windows\system32\sendmail.dll
+ Share-to-Web Upload Folder S2WNSRES (Not verified) Hewlett-Packard c:\program files\hewlett-packard\hp share-to-web\hpgs2wns.dll
+ Shell Application Manager Shell Application Manager (Not verified) Microsoft Corporation c:\windows\system32\appwiz.cpl
+ Shell extensions for Microsoft Windows Network objects Network object shell UI (Not verified) Microsoft Corporation c:\windows\system32\ntlanui2.dll
+ Shell extensions for sharing Shell extensions for sharing (Not verified) Microsoft Corporation c:\windows\system32\ntshrui.dll
+ Shell extensions for sharing Shell extensions for sharing (Not verified) Microsoft Corporation c:\windows\system32\ntshrui.dll
+ Shell extensions for Windows Script Host Microsoft ® Shell Extension for Windows Script Host (Not verified) Microsoft Corporation c:\windows\system32\wshext.dll
+ Shell Image Data Factory Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll
+ Shell Image Property Handler Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll
+ Shell Image Verbs Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll
+ Shell properties for a DS object Directory Service Find (Not verified) Microsoft Corporation c:\windows\system32\dsquery.dll
+ Shell Publishing Wizard Object Map Network Drives/Network Places Wizard (Not verified) Microsoft Corporation c:\windows\system32\netplwiz.dll
+ Shell Scrap DataHandler Shell scrap object handler (Not verified) Microsoft Corporation c:\windows\system32\shscrap.dll
+ Summary Info Thumbnail handler (DOCFILES) Windows Picture and Fax Viewer (Not verified) Microsoft Corporation c:\windows\system32\shimgvw.dll
+ Tasks Folder Icon Handler Task Scheduler interface DLL (Not verified) Microsoft Corporation c:\windows\system32\mstask.dll
+ Tasks Folder Shell Extension Task Scheduler interface DLL (Not verified) Microsoft Corporation c:\windows\system32\mstask.dll
+ User Accounts Map Network Drives/Network Places Wizard (Not verified) Microsoft Corporation c:\windows\system32\netplwiz.dll
+ Video Media Properties Handler Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll
+ Video Thumbnail Extractor Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll
+ Wav Properties Handler Media File Property Extractor Shell Extension (Not verified) Microsoft Corporation c:\windows\system32\shmedia.dll
+ Web Anti-Virus statistics Script Monitor Internet Explorer plugin (Verified) Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\scieplgn.dll
+ Web Folders Microsoft Web Folders (Not verified) Microsoft Corporation c:\program files\common files\microsoft shared\web folders\msonsext.dll
+ Web Printer Shell Extension Print UI DLL (Not verified) Microsoft Corporation c:\windows\system32\printui.dll
+ Web Publishing Wizard Map Network Drives/Network Places Wizard (Not verified) Microsoft Corporation c:\windows\system32\netplwiz.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ AcroIEHlprObj Class Adobe Acrobat IE Helper Version 6.0 for ActivieX (Not verified) Adobe Systems Incorporated c:\program files\adobe\acrobat 6.0\acrobat\activex\acroiehelper.dll
+ AcroIEToolbarHelper Class c:\program files\adobe\acrobat 6.0\acrobat\acroiefavclient.dll
+ BitComet Helper BitCometBHO (Verified) Comet Network Technology Co Ltd. c:\program files\bitcomet\tools\bitcometbho_1.1.8.30.dll
+ Google Toolbar Helper Google IE Client Toolbar (Verified) Google Inc c:\program files\google\googletoolbar3.dll
+ Spybot-S&D IE Protection SBSD IE Protection (Verified) Safer Networking Ltd. c:\program files\spybot - search & destroy\sdhelper.dll
+ SSVHelper Class Java™ Platform SE binary (Verified) Sun Microsystems, Inc. c:\program files\java\jre1.6.0_03\bin\ssv.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ acroiefavclient.dll c:\program files\adobe\acrobat 6.0\acrobat\acroiefavclient.dll
+ googletoolbar3.dll Google IE Client Toolbar (Verified) Google Inc c:\program files\google\googletoolbar3.dll
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ AIM AOL Instant Messenger (Verified) America Online, Inc. c:\program files\aim\aim.exe
+ Windows Messenger Windows Messenger (Not verified) Microsoft Corporation c:\program files\messenger\msmsgs.exe
HKLM\System\CurrentControlSet\Services
+ a2AntiMalware Scans the PC for unwanted software and provides protection from malicious code (Verified) Emsi Software GmbH c:\program files\a-squared anti-malware\a2service.exe
+ APC UPS Service Battery backup management service (Not verified) American Power Conversion Corporation c:\program files\apc\apc powerchute personal edition\mainserv.exe
+ ASFAgent ASF Agent COM Service (Not verified) Intel Corporation c:\program files\intel\asf agent\asfagent.exe
+ AudioSrv Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\audiosrv.dll
+ AVG Anti-Spyware Guard AVG Anti-Spyware guard (Verified) GRISOFT LTD c:\program files\grisoft\avg anti-spyware 7.5\guard.exe
+ AVP Provides protection against computer viruses and another dangerous software. (Verified) Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\avp.exe
+ BITS Transfers files in the background using idle network bandwidth. If the service is stopped, features such as Windows Update, and MSN Explorer will be unable to automatically download programs and other information. If this service is disabled, any services that explicitly depend on it may fail to transfer files if they do not have a fail safe mechanism to transfer files directly through IE in case BITS has been disabled. (Not verified) Microsoft Corporation c:\windows\system32\qmgr.dll
+ Browser Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\browser.dll
+ CCALib8 Canon Camera Access Library 8 (Not verified) Canon Inc. c:\program files\canon\cal\calmain.exe
+ CryptSvc Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\cryptsvc.dll
+ DcomLaunch Provides launch functionality for DCOM services. (Not verified) Microsoft Corporation c:\windows\system32\rpcss.dll
+ dmserver Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corp. c:\windows\system32\dmserver.dll
+ Dnscache Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\dnsrslvr.dll
+ ERSvc Allows error reporting for services and applictions running in non-standard environments. (Not verified) Microsoft Corporation c:\windows\system32\ersvc.dll
+ Eventlog Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped. (Not verified) Microsoft Corporation c:\windows\system32\services.exe
+ helpsvc Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\pchealth\helpctr\binaries\pchsvc.dll
+ HidServ Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\hidserv.dll
+ lanmanserver Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\srvsvc.dll
+ LmHosts Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. (Not verified) Microsoft Corporation c:\windows\system32\lmhsvc.dll
+ McAfee HackerWatch Service McAfee HackerWatch Service (Verified) McAfee, Inc. c:\program files\common files\mcafee\hackerwatch\hwapi.exe
+ McRedirector McAfee Redirector Service (Verified) McAfee, Inc. c:\program files\common files\mcafee\redirsvc\redirsvc.exe
+ MDM Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly. (Not verified) Microsoft Corporation c:\program files\common files\microsoft shared\vs7debug\mdm.exe
+ MSSQL$MICROSOFTBCM SQL Server Windows NT (Not verified) Microsoft Corporation c:\program files\microsoft sql server\mssql$microsoftbcm\binn\sqlservr.exe
+ NVSvc NVIDIA Driver Helper Service, Version 42.37 (Not verified) NVIDIA Corporation c:\windows\system32\nvsvc32.exe
+ PlugPlay Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. (Not verified) Microsoft Corporation c:\windows\system32\services.exe
+ PolicyAgent Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. (Not verified) Microsoft Corporation c:\windows\system32\lsass.exe
+ ProtectedStorage Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users. (Not verified) Microsoft Corporation c:\windows\system32\lsass.exe
+ RemoteRegistry Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\regsvc.dll
+ RpcSs Provides the endpoint mapper and other miscellaneous RPC services. (Not verified) Microsoft Corporation c:\windows\system32\rpcss.dll
+ SamSs Stores security information for local user accounts. (Not verified) Microsoft Corporation c:\windows\system32\lsass.exe
+ Schedule Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\schedsvc.dll
+ seclogon Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\seclogon.dll
+ SENS Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events. (Not verified) Microsoft Corporation c:\windows\system32\sens.dll
+ SharedAccess Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. (Not verified) Microsoft Corporation c:\windows\system32\ipnathlp.dll
+ Spooler Loads files to memory for later printing. (Not verified) Microsoft Corporation c:\windows\system32\spoolsv.exe
+ srservice Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties (Not verified) Microsoft Corporation c:\windows\system32\srsvc.dll
+ TrkWks Maintains links between NTFS files within a computer or across computers in a network domain. (Not verified) Microsoft Corporation c:\windows\system32\trkwks.dll
+ w32time Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\w32time.dll
+ winmgmt Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. (Not verified) Microsoft Corporation c:\windows\system32\wbem\wmisvc.dll
+ wscsvc Monitors system security settings and configurations. (Not verified) Microsoft Corporation c:\windows\system32\wscsvc.dll
+ wuauserv Enables the download and installation of critical Windows updates. If the service is disabled, the operating system can be manually updated at the Windows Update Web site. (Not verified) Microsoft Corporation c:\windows\system32\wuauserv.dll
+ WZCSVC Provides automatic configuration for the 802.11 adapters (Not verified) Microsoft Corporation c:\windows\system32\wzcsvc.dll
HKLM\System\CurrentControlSet\Services
+ ACPI ACPI Driver for NT (Not verified) Microsoft Corporation c:\windows\system32\drivers\acpi.sys
+ aeaudio Andrea Audio Stub Driver (Not verified) Andrea Electronics Corporation c:\windows\system32\drivers\aeaudio.sys
+ AFD AFD Networking Support Environment (Not verified) Microsoft Corporation c:\windows\system32\drivers\afd.sys
+ agp440 440 NT AGP Filter (Not verified) Microsoft Corporation c:\windows\system32\drivers\agp440.sys
+ AsfAlrt Asfalrt Driver (Not verified) Intel Corporation c:\windows\system32\drivers\asfalrt.sys
+ AsyncMac RAS Asynchronous Media Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\asyncmac.sys
+ atapi IDE/ATAPI Port Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\atapi.sys
+ ati2mtag ATI Radeon WindowsNT Miniport Driver (Not verified) ATI Technologies Inc. c:\windows\system32\drivers\ati2mtag.sys
+ Atmarpc ATM ARP Client Protocol (Not verified) Microsoft Corporation c:\windows\system32\drivers\atmarpc.sys
+ audstub AudStub Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\audstub.sys
+ AVG Anti-Rootkit AVG Anti-Rootkit Driver (Not verified) GRISOFT, s.r.o. c:\windows\system32\drivers\avgarkt.sys
+ AVG Anti-Spyware Driver (Verified) GRISOFT LTD c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
+ AvgArCln AVG7 Clean Driver (Not verified) GRISOFT, s.r.o. c:\windows\system32\drivers\avgarcln.sys
+ AvgAsCln AVG7 Clean Driver (Verified) GRISOFT LTD c:\windows\system32\drivers\avgascln.sys
+ Beep BEEP Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\beep.sys
+ catchme File not found: C:\DOCUME~1\SONJAD~1.MAX\LOCALS~1\Temp\catchme.sys
+ Cdaudio CD-ROM Audio Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\cdaudio.sys
+ Cdr4_xp CDR4 CD and DVD Burning Helper Driver (Not verified) Roxio c:\windows\system32\drivers\cdr4_xp.sys
+ Cdralw2k CDRAL for Windows 2000 Kernel Driver (Not verified) Roxio c:\windows\system32\drivers\cdralw2k.sys
+ Cdrom SCSI CD-ROM Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\cdrom.sys
+ cdudf_xp CD-UDF NT Filesystem Driver (Not verified) Roxio c:\windows\system32\drivers\cdudf_xp.sys
+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys
+ Compbatt Composite Battery Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\compbatt.sys
+ Disk PnP Disk Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\disk.sys
+ dmio NT Disk Manager I/O Driver (Not verified) Microsoft Corp., Veritas Software c:\windows\system32\drivers\dmio.sys
+ dmload NT Disk Manager Startup Driver (Not verified) Microsoft Corp., Veritas Software. c:\windows\system32\drivers\dmload.sys
+ DMusic Microsoft Kernel DLS Synthesizer (Not verified) Microsoft Corporation c:\windows\system32\drivers\dmusic.sys
+ Dot4 HPH11 IEEE-1284.4-1999 Driver (Windows 2000) (Not verified) HP c:\windows\system32\drivers\hphid411.sys
+ Dot4Print HPH11 IEEE-1284.4-1999 Print Class Driver (Not verified) HP c:\windows\system32\drivers\hphipr11.sys
+ Dot4Usb HPH11 1284.4<->Usb Datalink Driver (Windows 2000) (Not verified) HP c:\windows\system32\drivers\hphius11.sys
+ drmkaud Microsoft Kernel DRM Audio Descrambler Filter (Not verified) Microsoft Corporation c:\windows\system32\drivers\drmkaud.sys
+ dvd_2K DVD-RAM AddOn Driver (Not verified) Roxio c:\windows\system32\drivers\dvd_2k.sys
+ E1000 Intel® PRO/1000 Adapter NDIS 5.1 deserialized driver (Not verified) Intel Corporation c:\windows\system32\drivers\e1000325.sys
+ eeCtrl Symantec Eraser Control Driver (Verified) Symantec Corporation c:\program files\common files\symantec shared\eengine\eectrl.sys
+ EL90XBC 3Com EtherLink PCI Driver (Not verified) 3Com Corporation c:\windows\system32\drivers\el90xbc5.sys
+ Fdc Floppy Disk Controller Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\fdc.sys
+ Fips FIPS Crypto Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\fips.sys
+ Flpydisk Floppy Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\flpydisk.sys
+ Ftdisk FT Disk Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ftdisk.sys
+ GEARAspiWDM CD/DVD Class Filter Driver (Verified) GEAR Software Inc. c:\windows\system32\drivers\gearaspiwdm.sys
+ gmer GMER Driver http://www.gmer.net (Not verified) GMER c:\windows\system32\drivers\gmer.sys
+ Gpc Generic Packet Classifier (Not verified) Microsoft Corporation c:\windows\system32\drivers\msgpc.sys
+ HidBatt Hid Battery Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\hidbatt.sys
+ HidUsb USB Miniport Driver for Input Devices (Not verified) Microsoft Corporation c:\windows\system32\drivers\hidusb.sys
+ HSF_DP HSF_DP driver (Not verified) Conexant Systems, Inc. c:\windows\system32\drivers\hsf_dp.sys
+ HSFHWBS2 HSF_HWB2 WDM driver (Not verified) Conexant Systems, Inc. c:\windows\system32\drivers\hsfhwbs2.sys
+ i2omgmt I2O Utility Filter (Not verified) Microsoft Corporation c:\windows\system32\drivers\i2omgmt.sys
+ i8042prt i8042 Port Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\i8042prt.sys
+ i81x Miniport Driver for Intel Graphics Driver (Not verified) Intel® Corporation c:\windows\system32\drivers\i81xnt5.sys
+ iAimFP0 Digital Display Minidriver for Intel® Graphics Driver (Not verified) Intel® Corporation c:\windows\system32\drivers\wadv01nt.sys
+ iAimFP1 Digital Display Minidriver for Intel® Graphics Driver (Not verified) Intel® Corporation c:\windows\system32\drivers\wadv02nt.sys
+ iAimFP2 Digital Display Minidriver for Intel® Graphics Driver (Not verified) Intel® Corporation c:\windows\system32\drivers\wadv05nt.sys
+ iAimFP3 Digital Display Minidriver for Intel® Graphics Driver (Not verified) Intel® Corporation c:\windows\system32\drivers\wsiintxx.sys
+ iAimFP4 Local Flat Panel Display Minidriver for Intel® Graphics Driver (Not verified) Intel® Corporation c:\windows\system32\drivers\wvchntxx.sys
+ iAimTV0 Digital Display Minidriver for Intel® Graphics Driver (Not verified) Intel® Corporation c:\windows\system32\drivers\watv01nt.sys
+ iAimTV1 Digital Display Minidriver for Intel® Graphics Driver (Not verified) Intel® Corporation c:\windows\system32\drivers\watv02nt.sys
+ iAimTV2 File not found: System32\DRIVERS\wATV03nt.sys
+ iAimTV3 Digital Display Minidriver for Intel® Graphics Driver (Not verified) Intel® Corporation c:\windows\system32\drivers\watv04nt.sys
+ iAimTV4 Digital Display Minidriver for Intel® Graphics Driver (Not verified) Intel® Corporation c:\windows\system32\drivers\wch7xxnt.sys
+ Imapi IMAPI Kernel Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\imapi.sys
+ intelppm Processor Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\intelppm.sys
+ ip6fw Provides intrusion prevention service for a home or small office network. (Not verified) Microsoft Corporation c:\windows\system32\drivers\ip6fw.sys
+ IpFilterDriver IP Traffic Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ipfltdrv.sys
+ IpInIp IP in IP Tunnel Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ipinip.sys
+ IpNat IP Network Address Translator (Not verified) Microsoft Corporation c:\windows\system32\drivers\ipnat.sys
+ IPSec IPSEC driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ipsec.sys
+ IRENUM Infra-Red Bus Enumerator (Not verified) Microsoft Corporation c:\windows\system32\drivers\irenum.sys
+ isapnp PNP ISA Bus Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\isapnp.sys
+ Kbdclass Keyboard Class Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\kbdclass.sys
+ kbdhid HID Mouse Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\kbdhid.sys
+ kl1 Kl1 (Verified) Kaspersky Lab c:\windows\system32\drivers\kl1.sys
+ klif Klif (Not verified) Kaspersky Lab c:\windows\system32\drivers\klif.sys
+ KSecDD Kernel Security Support Provider Interface (Not verified) Microsoft Corporation c:\windows\system32\drivers\ksecdd.sys
+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys
+ MASPINT Aspi32 Driver (Not verified) MicroStaff Co.,Ltd. c:\windows\system32\drivers\maspint.sys
+ mdmxsdk Diagnostic Interface DRIVER (Not verified) Conexant c:\windows\system32\drivers\mdmxsdk.sys
+ mfeavfk File not found: system32\drivers\mfeavfk.sys
+ mfebopk File not found: system32\drivers\mfebopk.sys
+ mfehidk File not found: system32\drivers\mfehidk.sys
+ mferkdk File not found: system32\drivers\mferkdk.sys
+ mfesmfk File not found: system32\drivers\mfesmfk.sys
+ mmc_2K CD-R/RW AddOn MMC Driver (W2K) (Not verified) Roxio c:\windows\system32\drivers\mmc_2k.sys
+ mnmdd Frame buffer simulator (Not verified) Microsoft Corporation c:\windows\system32\drivers\mnmdd.sys
+ Modem Modem Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\modem.sys
+ motmodem File not found: System32\DRIVERS\motmodem.sys
+ Mouclass Mouse Class Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\mouclass.sys
+ MountMgr Mount Manager (Not verified) Microsoft Corporation c:\windows\system32\drivers\mountmgr.sys
+ MPFP McAfee Personal Firewall Plus Driver (Verified) McAfee, Inc. c:\windows\system32\drivers\mpfp.sys
+ MRxDAV WebDav Client Redirector (Not verified) Microsoft Corporation c:\windows\system32\drivers\mrxdav.sys
+ Msfs Mailslot driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\msfs.sys
+ MSKSSRV MS KS Server (Not verified) Microsoft Corporation c:\windows\system32\drivers\mskssrv.sys
+ MSPCLOCK MS Proxy Clock (Not verified) Microsoft Corporation c:\windows\system32\drivers\mspclock.sys
+ MSPQM MS Proxy Quality Manager (Not verified) Microsoft Corporation c:\windows\system32\drivers\mspqm.sys
+ mssmbios System Management BIOS Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\mssmbios.sys
+ Mup Multiple UNC Provider driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\mup.sys
+ NDIS NDIS 5.1 wrapper driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ndis.sys
+ NdisTapi Remote Access NDIS TAPI Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ndistapi.sys
+ Ndisuio NDIS Usermode I/O Protocol (Not verified) Microsoft Corporation c:\windows\system32\drivers\ndisuio.sys
+ NdisWan Remote Access NDIS WAN Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\ndiswan.sys
+ NDProxy NDIS Proxy (Not verified) Microsoft Corporation c:\windows\system32\drivers\ndproxy.sys
+ NetBIOS NetBIOS Interface (Not verified) Microsoft Corporation c:\windows\system32\drivers\netbios.sys
+ NetBT NetBios over Tcpip (Not verified) Microsoft Corporation c:\windows\system32\drivers\netbt.sys
+ Npfs NPFS Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\npfs.sys
+ Null NULL Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\null.sys
+ nv NVIDIA Compatible Windows 2000 Miniport Driver, Version 42.37 (Not verified) NVIDIA Corporation c:\windows\system32\drivers\nv4_mini.sys
+ NwlnkFlt IPX Traffic Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\nwlnkflt.sys
+ NwlnkFwd IPX Traffic Forwarder Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\nwlnkfwd.sys
+ OMCI OMCI Device Driver (Not verified) Dell Computer Corporation c:\windows\system32\drivers\omci.sys
+ P3 Processor Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\p3.sys
+ Parport Parallel Port Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\parport.sys
+ PartMgr Partition Manager (Not verified) Microsoft Corporation c:\windows\system32\drivers\partmgr.sys
+ ParVdm VDM Parallel Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\parvdm.sys
+ PCI NT Plug and Play PCI Enumerator (Not verified) Microsoft Corporation c:\windows\system32\drivers\pci.sys
+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys
+ PCIIde Generic PCI IDE Bus Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\pciide.sys
+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys
+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys
+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys
+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys
+ PptpMiniport WAN Miniport (PPTP) (Not verified) Microsoft Corporation c:\windows\system32\drivers\raspptp.sys
+ Processor Processor Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\processr.sys
+ PSched QoS Packet Scheduler (Not verified) Microsoft Corporation c:\windows\system32\drivers\psched.sys
+ Ptilink Direct Parallel Link Driver (Not verified) Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys
+ pwd_2k Win2000 Framework for Packet Write Driver (Not verified) Roxio c:\windows\system32\drivers\pwd_2k.sys
+ RasAcd Remote Access Auto Connection Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\rasacd.sys
+ Rasl2tp WAN Miniport (L2TP) (Not verified) Microsoft Corporation c:\windows\system32\drivers\rasl2tp.sys
+ RasPppoe Remote Access PPPOE Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\raspppoe.sys
+ Raspti Direct Parallel (Not verified) Microsoft Corporation c:\windows\system32\drivers\raspti.sys
+ RDPCDD RDP Miniport (Not verified) Microsoft Corporation c:\windows\system32\drivers\rdpcdd.sys
+ rdpdr Microsoft RDP Device redirector (Not verified) Microsoft Corporation c:\windows\system32\drivers\rdpdr.sys
+ RDPWD RDP Terminal Stack Driver (US/Canada Only, Not for Export) (Not verified) Microsoft Corporation c:\windows\system32\drivers\rdpwd.sys
+ redbook Redbook Audio Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\redbook.sys
+ ROOTMODEM Legacy Non-Pnp Modem Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\rootmdm.sys
+ SCDEmu PowerISO Virtual Drive (Not verified) PowerISO Computing, Inc. c:\windows\system32\drivers\scdemu.sys
+ Secdrv SafeDisc driver c:\windows\system32\drivers\secdrv.sys
+ serenum Serial Port Enumerator (Not verified) Microsoft Corporation c:\windows\system32\drivers\serenum.sys
+ Serial Serial Device Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\serial.sys
+ Sfloppy SCSI Floppy Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\sfloppy.sys
+ smwdm SoundMAX Integrated Digital Audio (Not verified) Analog Devices, Inc. c:\windows\system32\drivers\smwdm.sys
+ SONYPVU1 Sony USB Lower Filter driver (Not verified) Sony Corporation c:\windows\system32\drivers\sonypvu1.sys
+ sr System Restore Filesystem Filter Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\sr.sys
+ swenum Plug and Play Software Device Enumerator (Not verified) Microsoft Corporation c:\windows\system32\drivers\swenum.sys
+ swmidi Microsoft GS Wavetable Synthesizer (Not verified) Microsoft Corporation c:\windows\system32\drivers\swmidi.sys
+ SymIM File not found: system32\DRIVERS\SymIM.sys
+ SymIMMP File not found: system32\DRIVERS\SymIM.sys
+ sysaudio System Audio WDM Filter (Not verified) Microsoft Corporation c:\windows\system32\drivers\sysaudio.sys
+ TDPIPE Named Pipe Transport Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\tdpipe.sys
+ TDTCP TCP Transport Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\tdtcp.sys
+ TermDD Terminal Server Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\termdd.sys
+ UdfReadr_xp CD-UDF NT Filesystem Reader Driver (Not verified) Roxio c:\windows\system32\drivers\udfreadr_xp.sys
+ usbccgp USB Common Class Generic Parent Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbccgp.sys
+ usbehci EHCI eUSB Miniport Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbehci.sys
+ usbhub Default Hub Driver for USB (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbhub.sys
+ usbprint USB Printer driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbprint.sys
+ usbscan USB Scanner Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbscan.sys
+ USBSTOR USB Mass Storage Class Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbstor.sys
+ usbuhci UHCI USB Miniport Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\usbuhci.sys
+ VgaSave Controls the VGA display adapter to provide basic display capabilities. (Not verified) Microsoft Corporation c:\windows\system32\drivers\vga.sys
+ VolSnap Volume Shadow Copy Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\volsnap.sys
+ Wanarp Remote Access IP ARP Driver (Not verified) Microsoft Corporation c:\windows\system32\drivers\wanarp.sys
+ WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys
+ winachsf HSF_CNXT driver (Not verified) Conexant Systems, Inc. c:\windows\system32\drivers\hsf_cnxt.sys
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
+ autocheck autochk * Auto Check Utility (Not verified) Microsoft Corporation c:\windows\system32\autochk.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
+ Your Image File Name Here without a path Symbolic Debugger for Windows 2000 (Not verified) Microsoft Corporation c:\windows\system32\ntsd.exe
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
+ advapi32 Advanced Windows 32 Base API (Not verified) Microsoft Corporation c:\windows\system32\advapi32.dll
+ comdlg32 Common Dialogs DLL (Not verified) Microsoft Corporation c:\windows\system32\comdlg32.dll
+ imagehlp Windows NT Image Helper (Not verified) Microsoft Corporation c:\windows\system32\imagehlp.dll
+ lz32 LZ Expand/Compress API DLL (Not verified) Microsoft Corporation c:\windows\system32\lz32.dll
+ ole32 Microsoft OLE for Windows (Not verified) Microsoft Corporation c:\windows\system32\ole32.dll
+ olecli32 Object Linking and Embedding Client Library (Not verified) Microsoft Corporation c:\windows\system32\olecli32.dll
+ olecnv32 Microsoft OLE for Windows (Not verified) Microsoft Corporation c:\windows\system32\olecnv32.dll
+ olesvr32 Object Linking and Embedding Server Library (Not verified) Microsoft Corporation c:\windows\system32\olesvr32.dll
+ olethk32 Microsoft OLE for Windows (Not verified) Microsoft Corporation c:\windows\system32\olethk32.dll
+ version Version Checking and File Installation Libraries (Not verified) Microsoft Corporation c:\windows\system32\version.dll
+ wldap32 Win32 LDAP API DLL (Not verified) Microsoft Corporation c:\windows\system32\wldap32.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
+ logonui.exe Windows Logon UI (Not verified) Microsoft Corporation c:\windows\system32\logonui.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ crypt32chain Crypto API32 (Not verified) Microsoft Corporation c:\windows\system32\crypt32.dll
+ cryptnet Crypto Network Related API (Not verified) Microsoft Corporation c:\windows\system32\cryptnet.dll
+ cscdll Offline Network Agent (Not verified) Microsoft Corporation c:\windows\system32\cscdll.dll
+ klogon Logon Visualizer (Verified) Kaspersky Lab c:\windows\system32\klogon.dll
+ ScCertProp Common DLL to receive Winlogon notifications (Not verified) Microsoft Corporation c:\windows\system32\wlnotify.dll
+ Schedule Common DLL to receive Winlogon notifications (Not verified) Microsoft Corporation c:\windows\system32\wlnotify.dll
+ sclgntfy Secondary Logon Service Notification DLL (Not verified) Microsoft Corporation c:\windows\system32\sclgntfy.dll
+ SensLogn Common DLL to receive Winlogon notifications (Not verified) Microsoft Corporation c:\windows\system32\wlnotify.dll
+ termsrv Common DLL to receive Winlogon notifications (Not verified) Microsoft Corporation c:\windows\system32\wlnotify.dll
+ wlballoon Common DLL to receive Winlogon notifications (Not verified) Microsoft Corporation c:\windows\system32\wlnotify.dll
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{7CE79CE8-F2DB-4363-AF94-B22BED30A0C0}] DATAGRAM 3 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{7CE79CE8-F2DB-4363-AF94-B22BED30A0C0}] SEQPACKET 3 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{CCB14A84-8711-4A2E-8069-1A948B405FAF}] DATAGRAM 0 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{CCB14A84-8711-4A2E-8069-1A948B405FAF}] SEQPACKET 0 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{DB2E44C6-7F87-40CA-A5B9-991457698368}] DATAGRAM 2 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{DB2E44C6-7F87-40CA-A5B9-991457698368}] SEQPACKET 2 Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD Tcpip [RAW/IP] Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD Tcpip [TCP/IP] Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ MSAFD Tcpip [UDP/IP] Microsoft Windows Sockets 2.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\mswsock.dll
+ RSVP TCP Service Provider Microsoft Windows Rsvp 1.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\rsvpsp.dll
+ RSVP UDP Service Provider Microsoft Windows Rsvp 1.0 Service Provider (Not verified) Microsoft Corporation c:\windows\system32\rsvpsp.dll
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
+ Adobe PDF Port Acrobat ® PDF Port (Not verified) Adobe Systems Incorporated. c:\windows\system32\adobepdf.dll
+ BJ Language Monitor Langage Monitor for Canon Bubble-Jet Printer (Not verified) Microsoft Corporation c:\windows\system32\cnbjmon.dll
+ Local Port Local Spooler DLL (Not verified) Microsoft Corporation c:\windows\system32\localspl.dll
+ Microsoft Document Imaging Writer Monitor Microsoft® Document Imaging (Not verified) Microsoft Corporation c:\windows\system32\mdimon.dll
+ PJL Language Monitor PJL Language monitor (Not verified) Microsoft Corporation c:\windows\system32\pjlmon.dll
+ Standard TCP/IP Port Standard TCP/IP Port Monitor DLL (Not verified) Microsoft Corporation c:\windows\system32\tcpmon.dll
+ USB Monitor Standard Dynamic Printing Port Monitor DLL (Not verified) Microsoft Corporation c:\windows\system32\usbmon.dll
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
+ digest.dll Digest SSPI Authentication Package (Not verified) Microsoft Corporation c:\windows\system32\digest.dll
+ msapsspc.dll DPA Client for 32 bit platforms (Not verified) Microsoft Corporation c:\windows\system32\msapsspc.dll
+ msnsspc.dll MSN Internet Access (Not verified) Microsoft Corporation c:\windows\system32\msnsspc.dll
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
+ msv1_0 Microsoft Authentication Package v1.0 (Not verified) Microsoft Corporation c:\windows\system32\msv1_0.dll
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
+ scecli Windows Security Configuration Editor Client Engine (Not verified) Microsoft Corporation c:\windows\system32\scecli.dll
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
+ kerberos Kerberos Security Package (Not verified) Microsoft Corporation c:\windows\system32\kerberos.dll
+ msv1_0 Microsoft Authentication Package v1.0 (Not verified) Microsoft Corporation c:\windows\system32\msv1_0.dll
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
+ LanmanWorkstation Microsoft Windows Network (Not verified) Microsoft Corporation c:\windows\system32\ntlanman.dll
+ RDPNP Microsoft Terminal Services (Not verified) Microsoft Corporation c:\windows\system32\drprov.dll
+ WebClient Web Client Network (Not verified) Microsoft Corporation c:\windows\system32\davclnt.dll




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users