Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SMSS


  • Please log in to reply
13 replies to this topic

#1 Ndrameda81

Ndrameda81

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Albuquerque, NM
  • Local time:04:50 AM

Posted 12 August 2011 - 10:33 AM

I keep getting a Kaspersky pop up that says an generic host application is tring to use a "trusted" app to gain access to passwords. I can't delete that .exe because Windows XP says I need it. It just started 2 days ago. Help please. Thanks

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:50 AM

Posted 12 August 2011 - 11:16 AM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Ndrameda81

Ndrameda81
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Albuquerque, NM
  • Local time:04:50 AM

Posted 12 August 2011 - 11:34 AM

Notepad document from Security check


Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
Kaspersky Internet Security 2011
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Adobe Flash Player
Adobe Reader 9.1
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Kaspersky Lab Kaspersky Internet Security 2011 avp.exe
Kaspersky Lab Kaspersky Internet Security 2011 klwtblfs.exe
``````````End of Log````````````

#4 Ndrameda81

Ndrameda81
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Albuquerque, NM
  • Local time:04:50 AM

Posted 12 August 2011 - 11:37 AM

Mini tool box report



MiniToolBox by Farbar
Ran by HP_Administrator (administrator) on 12-08-2011 at 10:36:10
Microsoft Windows XP Service Pack 3 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : HPMainDesktop

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : domain.actdsltmp



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : domain.actdsltmp

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-15-F2-A6-7B-8E

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.4

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.1

205.171.3.25

Lease Obtained. . . . . . . . . . : Friday, August 12, 2011 10:19:33 AM

Lease Expires . . . . . . . . . . : Saturday, August 13, 2011 10:19:33 AM

Server: qwestmodem.domain
Address: 192.168.0.1

Name: google.com
Addresses: 74.125.224.82, 74.125.224.83, 74.125.224.84, 74.125.224.80
74.125.224.81



Pinging google.com [74.125.224.82] with 32 bytes of data:



Reply from 74.125.224.82: bytes=32 time=52ms TTL=56

Reply from 74.125.224.82: bytes=32 time=52ms TTL=56



Ping statistics for 74.125.224.82:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 52ms, Maximum = 52ms, Average = 52ms

Server: qwestmodem.domain
Address: 192.168.0.1

Name: yahoo.com
Addresses: 69.147.125.65, 72.30.2.43, 98.137.149.56, 209.191.122.70
67.195.160.76



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:



Reply from 72.30.2.43: bytes=32 time=55ms TTL=55

Reply from 72.30.2.43: bytes=32 time=54ms TTL=55



Ping statistics for 72.30.2.43:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 54ms, Maximum = 55ms, Average = 54ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 f2 a6 7b 8e ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.4 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.4 192.168.0.4 20
192.168.0.0 255.255.255.0 192.168.0.4 192.168.0.4 20
192.168.0.4 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.4 192.168.0.4 20
224.0.0.0 240.0.0.0 192.168.0.4 192.168.0.4 20
255.255.255.255 255.255.255.255 192.168.0.4 192.168.0.4 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/10/2011 01:10:27 PM) (Source: Application Hang) (User: )
Description: Hanging application Itibiti.exe, version 1.2.1423.349, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/08/2011 09:25:51 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2011/08/08 09:25:51.312]: [00000292]: GetDeviceIpAddress: GetAddressByName [BRW0022581E2C74] Error

Error: (08/06/2011 11:18:11 AM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2011/08/06 11:18:11.968]: [00002252]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.0.2]

Error: (08/03/2011 02:48:03 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2011/08/03 14:48:03.031]: [00000372]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.0.3]

Error: (08/02/2011 10:48:04 AM) (Source: SonicMCEBurnEngine) (User: )
Description: Exception occurred:
excp'n type: Microsoft.MediaCenter.AddIn.DiscWriter.NoMediaListMakerException
excp'n msg: CanProceed found no media
No stack trace available.

Error: (08/02/2011 10:47:57 AM) (Source: SonicMCEBurnEngine) (User: )
Description: Exception occurred:
excp'n type: Microsoft.MediaCenter.AddIn.DiscWriter.NoMediaListMakerException
excp'n msg: CanProceed found no media
No stack trace available.

Error: (08/02/2011 10:47:05 AM) (Source: SonicMCEBurnEngine) (User: )
Description: Exception occurred:
excp'n type: Microsoft.MediaCenter.AddIn.DiscWriter.NoMediaListMakerException
excp'n msg: CanProceed found no media
No stack trace available.

Error: (08/01/2011 10:38:47 AM) (Source: Application Error) (User: )
Description: Fault bucket -2101230888.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (08/01/2011 10:38:39 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x01775c10.
Processing media-specific event for [iexplore.exe!ws!]

Error: (07/27/2011 07:26:47 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2011/07/27 19:26:47.812]: [00001820]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.0.3]


System errors:
=============
Error: (08/12/2011 10:29:00 AM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverMARIAS-LAPNetBT_Tcpip_{60F349FA-4F52-4B9

Error: (08/12/2011 10:20:09 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ftsata2

Error: (08/12/2011 09:28:35 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 15 minutes.
NtpClient has no source of accurate time.

Error: (08/12/2011 09:28:35 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (08/12/2011 09:28:35 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (08/12/2011 09:28:35 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (08/11/2011 10:01:38 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverMARIAS-LAPNetBT_Tcpip_{60F349FA-4F52-4B9

Error: (08/11/2011 08:49:37 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverMARIAS-LAPNetBT_Tcpip_{60F349FA-4F52-4B9

Error: (08/11/2011 08:46:54 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ftsata2

Error: (08/11/2011 08:25:40 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverMARIAS-LAPNetBT_Tcpip_{60F349FA-4F52-4B9


Microsoft Office Sessions:
=========================
Error: (08/10/2011 01:10:27 PM) (Source: Application Hang)(User: )
Description: Itibiti.exe1.2.1423.349hungapp0.0.0.000000000

Error: (08/08/2011 09:25:51 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2011/08/08 09:25:51.312]: [00000292]: GetDeviceIpAddress: GetAddressByName [BRW0022581E2C74] Error

Error: (08/06/2011 11:18:11 AM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2011/08/06 11:18:11.968]: [00002252]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.0.2]

Error: (08/03/2011 02:48:03 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2011/08/03 14:48:03.031]: [00000372]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.0.3]

Error: (08/02/2011 10:48:04 AM) (Source: SonicMCEBurnEngine)(User: )
Description: Exception occurred:
excp'n type: Microsoft.MediaCenter.AddIn.DiscWriter.NoMediaListMakerException
excp'n msg: CanProceed found no media
No stack trace available.

Error: (08/02/2011 10:47:57 AM) (Source: SonicMCEBurnEngine)(User: )
Description: Exception occurred:
excp'n type: Microsoft.MediaCenter.AddIn.DiscWriter.NoMediaListMakerException
excp'n msg: CanProceed found no media
No stack trace available.

Error: (08/02/2011 10:47:05 AM) (Source: SonicMCEBurnEngine)(User: )
Description: Exception occurred:
excp'n type: Microsoft.MediaCenter.AddIn.DiscWriter.NoMediaListMakerException
excp'n msg: CanProceed found no media
No stack trace available.

Error: (08/01/2011 10:38:47 AM) (Source: Application Error)(User: )
Description: -2101230888

Error: (08/01/2011 10:38:39 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.001775c10

Error: (07/27/2011 07:26:47 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2011/07/27 19:26:47.812]: [00001820]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.0.3]


=========================== Installed Programs ============================

1Click DVD Copy 4.2.9.8
5 Card Slingo from HP Media Center (remove only)
Acrobat.com (Version: 1.7.186)
Adobe AIR (Version: 1.5.2.8870)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.5)
Adobe Reader 9.1 (Version: 9.1.0)
AiO_Scan_CDA (Version: 70.0.231.000)
AiOSoftwareNPI (Version: 70.0.231.000)
Amazon MP3 Downloader 1.0.5
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
AstroPop Deluxe from HP Media Center (remove only)
ATI Control Panel (Version: 6.14.10.5166)
ATI Display Driver (Version: 8.17-050813a1-025991C-HP)
Barnyard Invasion from HP Media Center (remove only)
Bejeweled 2 Deluxe from HP Media Center (remove only)
Blackhawk Striker 2 from HP Media Center (remove only)
Blasterball 2 from HP Media Center (remove only)
Blasterball 2 Remix from HP Media Center (remove only)
Boggle Supreme from HP Media Center (remove only)
Bonjour (Version: 3.0.0.2)
Bookworm Deluxe from HP Media Center (remove only)
Bounce Symphony from HP Media Center (remove only)
Brother MFL-Pro Suite MFC-J615W (Version: 1.0.4.0)
BufferChm (Version: 70.0.170.000)
C5100 (Version: 70.0.231.000)
c5100_Help (Version: 70.0.231.000)
CameraDrivers (Version: 5.0.0.290)
Chuzzle Deluxe from HP Media Center (remove only)
CopyToDVD (Version: 3.1.1)
CP_CalendarTemplates1 (Version: 70.0.170.000)
cp_OnlineProjectsConfig (Version: 70.0.170.000)
CP_Package_Basic1 (Version: 70.0.170.000)
CP_Panorama1Config (Version: 70.0.170.000)
cp_PosterPrintConfig (Version: 70.0.170.000)
Creative Vado AAC Codec
Creative Vado AAC Codec (Version: 1.0.0.1)
Creative Vado Effects Plugin
Creative Vado Effects Plugin (Version: 1.0.0.2)
Creative Vado HD Codec
Creative Vado HD Codec (Version: 1.0.0.4)
Creative Vado MP4 Reader
Creative Vado MP4 Reader (Version: 1.0.0.1)
Cricket Broadband (Version: 1.0.997)
Cricket EVDO Modem (Version: 1.0.902.4263)
Crystal Maze from HP Media Center (remove only)
CueTour (Version: 70.0.170.000)
Customer Experience Enhancement (Version: Customer Experience Enhancement -1.0.0.1680)
CustomerResearchQFolder (Version: 1.00.0000)
Data Fax SoftModem with SmartCP
Destinations (Version: 70.0.170.000)
DocProc (Version: 7.0.0.0)
DocProcQFolder (Version: 1.00.0000)
DocumentViewer (Version: 70.0.170.000)
DVD43 v4.6.0
Easy Internet Sign-up (Version: FE UI-4.1.0.1680)
Enhanced Multimedia Keyboard Solution
eSupportQFolder (Version: 1.00.0000)
Family Feud (Version: 10/24/2005 10:21 AM)
Fax_CDA (Version: 70.0.231.000)
FullDPAppQFolder (Version: 1.00.0000)
GemMaster Mystic
Google Earth Plug-in (Version: 6.0.3.2197)
Google Update Helper (Version: 1.3.21.65)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Boot Optimizer (Version: 2.0.5.1)
HP Customer Participation Program 7.0 (Version: 7.0)
HP DigitalMedia Archive (Version: 1.2)
HP Document Viewer 7.0 (Version: 7.0)
HP Game Console and games
HP Image Zone for Media Center PC
HP Imaging Device Functions 7.0 (Version: 7.0)
HP Photosmart Cameras 5.0 (Version: 5.0)
HP Photosmart Premier Software 6.5 (Version: 6.5)
HP Photosmart, Officejet and Deskjet 7.0.A
HP Product Assistant (Version: 100.000.001.000)
HP Software Update (Version: 3.0.7.014)
HP Solution Center 7.0 (Version: 7.0)
HPPhotoSmartExpress (Version: 70.0.170.000)
HPProductAssistant (Version: 53.0.13.000)
HpSdpAppCoreApp (Version: 3.00.0000)
Insaniquarium Deluxe from HP Media Center (remove only)
InstantShareAlert (Version: 1.00.0000)
InstantShareDevices (Version: 70.0.170.000)
InstantShareDevicesMFC (Version: 70.0.170.000)
InterVideo WinDVD Player
InterVideo WinDVD Player (Version: 5.0-B11.896)
Itibiti RTC (Version: 0.0.1)
iTunes (Version: 10.4.0.80)
J2SE Runtime Environment 5.0 Update 5 (Version: 1.5.0.50)
Kaspersky Internet Security 2011 (Version: 11.0.1.400)
Lemonade Tycoon 2 from HP Media Center (remove only)
Lexibox Deluxe from HP Media Center (remove only)
LightScribe 1.4.52.1 (Version: 1.4.52.1)
LiveUpdate 3.1 (Symantec Corporation) (Version: 3.1.0.99)
Mah Jong Quest from HP Media Center (remove only)
MarketResearch (Version: 70.0.170.000)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Away Mode (Version: 6.0.0160.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Money 2005 (Version: 14)
Microsoft Office Professional Edition 2003 - v 04.03.09 (Version: 11.0.5614.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (NR2007) (Version: 9.2.3042.00)
Microsoft SQL Server Native Client (Version: 9.00.3042.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.3042.00)
Microsoft SQL Server VSS Writer (Version: 9.00.3042.00)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Works (Version: 08.04.0623)
MSN
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
muvee autoProducer 4.5 (Version: 4.50.050)
muvee autoProducer unPlugged 1.2 (Version: 1.20.100)
NeatReceipts Database Controller (Version: 3.1.3.183)
NeatReceipts Professional (Version: 3.1.3.183)
NeatReceipts Professional 3.0 Core Files (Version: 3.1.3.183)
NetAssistant (Version: 3.8.3)
Netscape Browser (remove only)
NewCopy_CDA (Version: 70.0.231.000)
OCR Software by I.R.I.S 7.0 (Version: 7.0)
Otto
PanoStandAlone (Version: 70.0.170.000)
PaperPort Image Printer (Version: 1.00.0000)
PC-Doctor 5 for Windows (Version: 5.00.3187.03)
PhotoGallery (Version: 70.0.170.000)
Polar Bowler from HP Media Center (remove only)
Polar Golfer from HP Media Center (remove only)
ProductContextNPI (Version: 70.0.231.000)
PS2
Puzzle Express from HP Media Center (remove only)
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3 (Version: 2.2.3)
Quicken 2006 (Version: 15.1.1.29)
QuickTime (Version: 7.69.80.9)
RandMap (Version: 70.0.170.000)
Readme (Version: 70.0.231.000)
RealPlayer
Ricochet Lost Worlds from HP Media Center (remove only)
Scan (Version: 7.0.0.0)
ScannerCopy (Version: 7.0.0.0)
ScanSoft PaperPort 11 (Version: 11.2.0000)
SCRABBLE from HP Media Center (remove only)
Shooting Stars Pool from HP Media Center (remove only)
Shrek 2 Ogre Bowler from HP Media Center (remove only)
SkinsHP1 (Version: 70.0.170.000)
SlideShow (Version: 70.0.170.000)
Slingo Deluxe from HP Media Center (remove only)
Snowboard SuperJam from HP Media Center (remove only)
SolutionCenter (Version: 70.0.170.000)
Sonic Express Labeler (Version: 2.1.0)
Sonic MyDVD Plus (Version: 6.2.0)
Sonic RecordNow Audio (Version: 2.0.4)
Sonic RecordNow Copy (Version: 2.0.4)
Sonic RecordNow Data (Version: 2.0.4)
Sonic Update Manager (Version: 3.0.0)
Sonic_PrimoSDK (Version: 70.0.170.000)
Status (Version: 70.0.170.000)
Super Granny from HP Media Center (remove only)
Toolbox (Version: 70.0.170.000)
Tradewinds from HP Media Center (remove only)
TrayApp (Version: 70.0.170.000)
Unload (Version: 7.0.0)
Update Rollup 2 for Windows XP Media Center Edition 2005
Updates from HP (remove only)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 70.0.170.000)
WildTangent Web Driver
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
Yahoo! Software Update
Yahoo! Toolbar
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 3006.48 MB
Available physical RAM: 2356.12 MB
Total Pagefile: 4886.8 MB
Available Pagefile: 4358.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1997.79 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:453.99 GB) (Free:386.72 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.74 GB) (Free:4.78 GB) FAT32

========================= Users: ========================================

User accounts for \\HPMAINDESKTOP

Administrator Guest HelpAssistant
HP_Administrator SUPPORT_388945a0 SUPPORT_fddfa904


== End of log ==

#5 Ndrameda81

Ndrameda81
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Albuquerque, NM
  • Local time:04:50 AM

Posted 12 August 2011 - 12:21 PM

Malwarebytes log


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7446

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

8/12/2011 11:17:34 AM
mbam-log-2011-08-12 (11-17-34).txt

Scan type: Quick scan
Objects scanned: 198353
Time elapsed: 36 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#6 Ndrameda81

Ndrameda81
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Albuquerque, NM
  • Local time:04:50 AM

Posted 12 August 2011 - 03:12 PM

GMER.log


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-08-12 14:11:06
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD5000AACS-00G8B1 rev.05.04C05
Running: GMER.exe; Driver: C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\axlcaaog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xB3B0A558]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xB3B0AE5C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xB3B0BC90]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xB3B0C1DA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateFile [0xB3B0B138]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateKey [0xB3B093C8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xB3B0C0C0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0xB3B0A146]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xB3B0BF94]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xB3B0A2EE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xB3B0C2FA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xB3B0AAE4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xB3B0C02A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xB3B0D9E2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xB3B099D2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xB3B09D86]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xB3B0B5BA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xB3B0EBEE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xB3B09ED2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xB3B09F6A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwFsControlFile [0xB3B0B3C8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xB3B0DAD4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xB3B093A4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xB3B093B6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xB3B0E23C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xB3B0A096]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xB3B0C270]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenFile [0xB3B0AEDE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenKey [0xB3B09588]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xB3B0C150]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xB3B0A794]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xB3B0DFD6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xB3B0C390]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xB3B0A686]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xB3B0A002]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xB3B09C3A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xB3B0E576]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xB3B09864]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xB3B0DE68]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xB3B09AF4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xB3B08DDE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xB3B0C6F4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xB3B0C5BA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xB3B0D77C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xB3B09156]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xB3B0EA90]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xB3B08D76]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xB3B0B9D6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xB3B0AD00]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xB3B0D01C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSecurityObject [0xB3B0DC72]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xB3B0E6C6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xB3B096DE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xB3B0E7B8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xB3B0E8F2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xB3B0D906]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateProcess [0xB3B0A930]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xB3B0A890]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xB3B0E41A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xB3B0AA1A]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAF84 5 Bytes JMP B3AFCFE6 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!IoIsOperationSynchronous 804EF912 5 Bytes JMP B3AFD3C2 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!ZwCallbackReturn + 2D68 80504604 12 Bytes [D4, DA, B0, B3, A4, 93, B0, ...] {AAM 0xda; MOV AL, 0xb3; MOVSB ; XCHG EBX, EAX; MOV AL, 0xb3; MOV DH, 0x93; MOV AL, 0xb3}
.text ntkrnlpa.exe!ZwCallbackReturn + 2EE4 80504780 16 Bytes [F4, 9A, B0, B3, DE, 8D, B0, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 2F1C 805047B8 8 Bytes JMP 8D76B3B0
.text ntkrnlpa.exe!ZwCallbackReturn + 2FD8 80504874 12 Bytes [B8, E7, B0, B3, F2, E8, B0, ...] {MOV EAX, 0xf2b3b0e7; CALL 0xffffffffd906b3ba; MOV AL, 0xb3}

---- User code sections - GMER 1.0.15 ----

? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] USER32.dll!AlignRects 7E412A78 4 Bytes [E0, 13, 46, 6C] {LOOPNZ 0x15; INC ESI; INSB }
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AC9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD12D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB3C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E2546A6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5337 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5269 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E52D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E513A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E519C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E539A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E51FE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDB98 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1776] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E569F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] USER32.dll!AlignRects 7E412A78 4 Bytes [E0, 13, 46, 6C] {LOOPNZ 0x15; INC ESI; INSB }
.text C:\Program Files\Internet Explorer\iexplore.exe[2260] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2260] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB3C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2260] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5337 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2260] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5269 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2260] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E52D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2260] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E513A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2260] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E519C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2260] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E539A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2260] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E51FE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [B9839DA0] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [B9839DA0] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00BB0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 00BB02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 00BB0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00BB0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 00D909B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00D90A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 00D90A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 00D90B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 00D90B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 00D90BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 00D90C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 00D90CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00D90D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 00BB0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 00BB09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 00BB0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 00BB0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 00BB0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 00D90DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00D90EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00D90F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 00BB0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 7D1F07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7D1F0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 7D1F08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7D1F0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 00BB0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 00BB0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 00BB0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7D1E0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 7D1F0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 7D1F0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7D1F0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7D1F0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7D1E05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 7D1E0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 7D1E06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7D1E0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7D1E0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 7D1F0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7D1F0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7D1F0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7D1E07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 7D1E08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 00DA0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7D1E0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 7D1E09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7D1E0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DA0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00DA00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00DA0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 00DA01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00DA0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00DA02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00DA0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00DA0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7D1E0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00DA0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00DA0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 00DA04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7D1E0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DA0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00DA05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 00DA0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 00DA06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 00DA0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 00DA0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7D1E0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 00DA07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00DA0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7D1E0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00DA08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00DA0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 00DA09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 00DA0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DA0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 00DA0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 00DA0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 00DA0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 00DA0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00BC0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 00BC0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DA0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00DA0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00DA0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 00DA0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 00DA0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 00DA0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00DA0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00DB0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 00DB0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 00DB00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00DB0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00BC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 00BC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 00BC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00DB01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00DB0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00DB02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00DB0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 00DB0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00DB0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00DB0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00DB04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00DB0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 00BC0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00DB05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 00DB0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00DB06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 00BC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DB0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 00BC0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] 00DB0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 00DB0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 00DB0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00DB0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 00DD0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DD0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 00DD0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 00DD04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 00DD0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 00DD05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7D1E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00DE04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 00DE0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 00DE05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 00DE0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00DE06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00DE0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00DE0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00DE07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00DE0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 7D1E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7D1E0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7D1E02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[716] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Internet Explorer\iexplore.exe[1776] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] C:\Program Files\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 008E0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 008E02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 008E0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 008E0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 00BB09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 00BB0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] 00BB0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 00BB0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] 00BB0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] 00BB0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 00BB0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameA] 00BB0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 008E0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 008E09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 008E0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 008E0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 008E0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleFileNameW] 00BB0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00BB0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00BB0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 008E0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 7D1F07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7D1F0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 7D1F08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7D1F0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 008E0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 008E0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 008E0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7D1E0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 7D1F0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 7D1F0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7D1F0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7D1F0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7D1E05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 7D1E0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 7D1E06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7D1E0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7D1E0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7D1F0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 7D1F0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7D1F0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7D1F0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7D1E07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 7D1E08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 00BC0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7D1E0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 7D1E09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7D1E0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BC0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00BC00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00BC0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 00BC01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00BC0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00BC02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00BC0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00BC0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7D1E0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00BC0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00BC0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 00BC04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7D1E0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BC0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00BC05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 00BC0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 00BC06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 00BC0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 00BC0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7D1E0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 00BC07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00BC0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7D1E0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00BC08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00BC0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 00BC09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 00BC0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BC0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 00BC0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 00BC0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 00BC0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 00BC0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 008F0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 008F0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BC0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00BC0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00BC0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 00BC0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 00BC0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 00BC0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00BC0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00BD0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 00BD0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 00BD00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00BD0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 008F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 008F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 008F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00BD01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00BD0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00BD02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00BD0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 00BD0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00BD0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00BD0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00BD04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00BD0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 008F0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00BD05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 00BD0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00BD06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 008F04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BD0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 008F0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] 00BD0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 00BD0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 00BD0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00BD0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00BF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 00BF0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 00BF0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 00BF0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00BF0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00BF0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00BF0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00BF0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BF0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 7D1E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 7D1F04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7D1E0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7D1E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7D1E0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7D1E02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapCreate] 7D1E0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapDestroy] 7D1E02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 7D1E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 7D1E0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 7D1F0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 7D1F0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualFree] 7D1E0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualAlloc] 7D1E0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 7D1F04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] 7D1E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 7D1F0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 7D1F0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 7D1F02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 7D1F0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D1F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 7D1F0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 7D1F0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 7D1F0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 7D1F00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1884] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 7D1F01D0

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 arkbcfltr.sys (Microsoft AR PS/2 Keyboard Filter Driver (Beta 2 Release 2)/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 arkbcfltr.sys (Microsoft AR PS/2 Keyboard Filter Driver (Beta 2 Release 2)/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Ok, here are the logs you asked for. Thanks for your help. :)

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:50 AM

Posted 12 August 2011 - 03:15 PM

I keep getting a Kaspersky pop up that says an generic host application is tring to use a "trusted" app to gain access to passwords. I can't delete that .exe because Windows XP says I need it

What is the EXACT message and what .exe is mentioned there?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 Ndrameda81

Ndrameda81
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Albuquerque, NM
  • Local time:04:50 AM

Posted 12 August 2011 - 04:20 PM

Well, now it's not popping up anymore (imagine that) lol But, I think it was SMSS.exe in Windows32 or something like that.

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:50 AM

Posted 12 August 2011 - 04:22 PM

Keep me posted about it.

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 Ndrameda81

Ndrameda81
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Albuquerque, NM
  • Local time:04:50 AM

Posted 16 August 2011 - 11:26 AM

C:\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll Win32/Adware.Yontoo.A application
Operating memory Win32/Adware.Yontoo.A application

Sorry about the delay. I was out of town. Thanks again for all your help. :)

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:50 AM

Posted 16 August 2011 - 06:03 PM

Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

========================================================================

Your computer is clean Posted Image

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll remove all old restore points and create fresh, clean restore point.

Turn system restore off.
Restart computer.
Turn system restore back on.

If you don't know how to do it...
Windows XP: http://support.microsoft.com/kb/310405
Vista and Windows 7: http://www.howtogeek.com/howto/windows-vista/disable-system-restore-in-windows-vista/

2. Make sure, Windows Updates are current.

3. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

4. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

5. Run Temporary File Cleaner (TFC) weekly.

6. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

7. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

8. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

9. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#12 Ndrameda81

Ndrameda81
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Albuquerque, NM
  • Local time:04:50 AM

Posted 17 August 2011 - 11:53 AM

Is there a reason that my computer is running slower than usual?

#13 Ndrameda81

Ndrameda81
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Albuquerque, NM
  • Local time:04:50 AM

Posted 17 August 2011 - 03:32 PM

Posted ImageThe pop up is still popping up from Kaspersky. I'm going to try and attach an image so you can see exactly what it says.

Edited by Ndrameda81, 17 August 2011 - 04:14 PM.


#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:50 AM

Posted 17 August 2011 - 08:25 PM

It looks like something else may be hiding there.
Some more advanced tools will be needed.

With the information you have provided I believe you will need help from the malware removal team.
Please make sure that you read the information about getting started first.
Then start a new thread HERE and include or required logs.
Including a link to this thread will be helpful.

Good luck and be patient. Help is on the way!

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users