IE -> CPU 100%

1

IE -> CPU 100%

offline
  • Pridružio: 21 Dec 2007
  • Poruke: 35

Logfile of HijackThis v1.99.1
Scan saved at 08:35:28, on 25.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\niSvcLoc.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
C:\Program Files\Common Files\Lenovo\Logger\logmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\FSRremoS.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ThinkVantage\AMSG\Amsg.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\WINDOWS\system32\Pelmiced.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\administrator-ivana\Desktop\ne diraj\iii.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = cg.rs/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = lenovo.com/welcome/thinkcentre
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe"
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program Files\Lenovo\System Update\sulauncher.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/thinkcentre
O17 - HKLM\System\CCS\Services\Tcpip\..\{F714A124-082A-4F99-8711-9C3C6A61D40B}: NameServer = 195.66.160.1,195.66.160.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
O23 - Service: NILM License manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments - C:\WINDOWS\system32\niSvcLoc.exe
O23 - Service: OracleOraHome90ClientCache - Unknown owner - C:\oracle\ora90\BIN\ONRSD.EXE
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
O23 - Service: ML-2010 Status Monitor Service (SM_ml1600_FUService) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe
O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

Pokretanje IE uspori znatno racunar ->CPU -100% 57 process-a.
Racunar je skeniran dr Web-om, Kasperskim ,Ad-Adware SE i Spybot-om....I uklonjeno je sve sto je nadjeno ali cini mi se da je sad stanje jos gore.
Pomoc bi dobro dosla.
Hvala!

Dopuna: 25 Dec 2007 9:14

Malo prije je Ksperski javio da su u pitanju 2 procesa:(C:\Windows\sistem32\svchost.exe) i (\\?\C:\Windows\sistem32\winlogon.exe).

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Log ne pokazuje znakove infekcije.

anaivana :: Malo prije je Ksperski javio da su u pitanju 2 procesa:(C:\Windows\sistem32\svchost.exe) i (\\?\C:\Windows\sistem32\winlogon.exe).
Ovo su legitimni file-ovi/procesi. Šta je KAV prijavio u vezi njih?
Koliko dugo traje opterećenost procesora od 100 % ? Samo pri pokretanju IE-a ili traje dok god je IE pokrenut?


Uradi sledeće:
Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard.
Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt.
Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt.


Iskopiraj nam ovde sadrzaj ta dva fajla koja smo malopre snimili.
Ako file-ovi budu preveliki za kopiranje u jednu poruku, pošalji ih i više delova.

offline
  • Pridružio: 21 Dec 2007
  • Poruke: 35

Evo ovako- Javio je nesto kao ''Process is traging to inject into another proces..This benavior is tipical malicious progra..' nijesam bas upamtila ali sad ih je dektetovao 'detected:riskware Invader -> Running process:c\windows\sistem32\svchost.exe...
dok god je IE pokrenut CPU je 100% a taj problem je poceo prije neko vrijeme pocela se pojavljivati neka poruka 'buy viagra...' koja je nako skeniranja nestala. Sad je toliko komp. spor kad je pokrenut IE da je skoro nemoguce na njemu i raditi...
Sad cu da slijedim tvoja upustva

Dopuna: 25 Dec 2007 13:06

prvi dio:

GMER 1.0.13.12551 - gmer.net
Rootkit scan 2007-12-25 12:23:43
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.13 ----

SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwClose
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwConnectPort
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateProcessEx
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateSymbolicLinkObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwCreateThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDeleteValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwDuplicateObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwEnumerateValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwFlushKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwInitializeRegistry
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadDriver
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwLoadKey2
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwNotifyChangeKey
SSDT kl1.sys ZwOpenFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwOpenSection
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryMultipleValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQuerySystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwQueryValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwReplaceKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwRequestWaitReplyPort
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwRestoreKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwResumeThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSaveKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetContextThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationFile
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetInformationKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetSecurityObject
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSetValueKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSuspendThread
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwSystemDebugControl
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwTerminateProcess
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwUnloadKey
SSDT \??\C:\WINDOWS\system32\drivers\klif.sys ZwWriteVirtualMemory

Code \??\C:\WINDOWS\system32\drivers\klif.sys FsRtlCheckLockForReadAccess
Code \??\C:\WINDOWS\system32\drivers\klif.sys IoIsOperationSynchronous

---- Kernel code sections - GMER 1.0.13 ----

.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804E9F60 5 Bytes JMP AA4AF2C0 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntkrnlpa.exe!IoIsOperationSynchronous 804EE844 5 Bytes JMP AA4AF7C0 \??\C:\WINDOWS\system32\drivers\klif.sys
.text ntkrnlpa.exe!ZwCallbackReturn + 24B8 805014D8 12 Bytes [ 10, AF, 4A, AA, E0, F5, 49, ... ]

---- User code sections - GMER 1.0.13 ----

.text C:\WINDOWS\Explorer.EXE[336] SHELL32.dll!StrStrW + FFE33495 7C9CFA48 4 Bytes [ 70, 0B, 4B, 7E ]
.text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] USER32.dll!VRipOutput + FFFA4C6F 7E412A78 4 Bytes [ D0, 11, 92, 00 ]
.text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[1932] USER32.dll!VRipOutput + FFFA4C6F 7E412A78 4 Bytes [ D0, 11, AB, 00 ]
.text C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE[3496] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 5 Bytes JMP 32605629 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll

---- Kernel IAT/EAT - GMER 1.0.13 ----

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] 81DA1C50
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] 81DA1C50

---- User IAT/EAT - GMER 1.0.13 ----

IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\user32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\user32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\user32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\user32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\advapi32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\advapi32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\advapi32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\advapi32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll

offline
  • Pridružio: 21 Dec 2007
  • Poruke: 35

Drugi dio:

C:\WINDOWS\system32\advapi32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\advapi32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\advapi32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[320] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\Explorer.EXE[336] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\Iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\spoolsv.exe[492] @ C:\WINDOWS\system32\Iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\IPSSVC.EXE[648] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleFileNameA] 00BB04A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] 00BB04D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] 00BB04FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 00BB0526
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 00BB0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB057A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 00BB05A4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 00BB05CE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 00BB05F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB0622
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 00BB064C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 00BB0676
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 00BB06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 00BB06CA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 00BB06F4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 00BB071E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 00BB0748
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] 00BB0772
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB079C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 00BB07C6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 00BB07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 00BB081A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 00BB0844
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB086E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 00BB0898
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 00BB08C2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 00BB08EC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 00BB0916
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 00BB0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB0D84
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 00BB0DAE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] 00BB0DD8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleFileNameW] 00BB0E02
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 00BB0E2C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 00BB0E56
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 00BB0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] 00BB0EAA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 00BB0ED4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] 00BB0EFE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB0F28
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 00BB0F52
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 00BB0F7C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 00BB0FA6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 00BB0FD0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 00BD0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] 00BD003A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] 00BD0064
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 00BD008E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 00BD00B8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 00BD00E2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 00BD010C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 00BD0136
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 00BD0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 00BD018A
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 00BD01B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleFileNameW] 00BD01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] 00BD0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] 00BD0232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] 00BD025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BD0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BD0454
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] 00BD047E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] 00BD04A8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 00BD04D2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 00BD04FC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] 00BD0844
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 00BD086E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 00BD0898
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 00BD08C2
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 00BD0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] 00BD0ABA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] 00BD0AE4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateProcessW] 00BD0B0E
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetModuleFileNameW] 00BD0B38
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 00BD0B62
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 00BD0B8C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] 00BD0BB6
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BD0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] 00BB0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB0358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] 00BB0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 00BB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 00BB025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetModuleFileNameA] 00BB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 00BB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 00BB025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 00BB0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB0358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 00BB02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 00BB02DA
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 00BB0232
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameA] 00BB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 00BB025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetModuleFileNameA] 00BB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] 00BB0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 00BB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB0358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 00BB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB0358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] 00BB0286
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleFileNameA] 00BB0208
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 00BB025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 00BB0358
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 00BB01DE
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 00BB025C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe[664] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] 00BB0286
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Bonjour\mDNSResponder.exe[676] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
I

offline
  • Pridružio: 21 Dec 2007
  • Poruke: 35

Treci dio od file1.txt

IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Documents and Settings\administrator-ivana\Desktop\dm\gmer.exe[692] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe[716] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Lenovo\AwayTask\AwaySch.EXE[812] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\ICO.EXE[848] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxtray.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\hkcmd.exe[864] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\igfxpers.exe[872] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\WINDOWS\system32\FSRremoS.EXE[880] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\ThinkVantage\AMSG\Amsg.exe[888] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe[896] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [7C883FC4] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [7C883FD8] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [7C883FEC] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [7C883F9C] C:\WINDOWS\system32\kernel32.dll
IAT C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe[908] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [7C883FB0] C:\WINDOWS\system32\ker

offline
  • Pridružio: 21 Dec 2007
  • Poruke: 35

I konacno file2.txt

GMER 1.0.13.12551 - gmer.net
Autostart scan 2007-12-25 12:26:29
Windows 5.1.2600 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>>
AwayNotify@DLLName = C:\Program Files\Lenovo\AwayTask\AwayNotify.dll
igfxcui@DLLName = igfxdev.dll
klogon@DLLName = C:\WINDOWS\system32\klogon.dll

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs = C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
AVP /*Kaspersky Anti-Virus 7.0*/@ = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r
Bonjour Service /*##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##*/@ = "C:\Program Files\Bonjour\mDNSResponder.exe"
Diskeeper /*Diskeeper*/@ = "C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe"
IPSSVC /*IPS Core Service*/@ = %SystemRoot%\system32\IPSSVC.EXE
niSvcLoc /*NI Service Locator*/@ = C:\WINDOWS\system32\niSvcLoc.exe -s
Spooler /*Print Spooler*/@ = %SystemRoot%\system32\spoolsv.exe
SUService /*System Update*/@ = c:\program files\lenovo\system update\suservice.exe
ThinkVantage Registry Monitor Service /*ThinkVantage Registry Monitor Service*/@ = "C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe"
TVT Backup Service /*TVT Backup Service*/@ = "C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe"
TVT Scheduler /*TVT Scheduler*/@ = "C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe"
tvtnetwk /*tvtnetwk*/@ = C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
UMWdf /*Windows User Mode Driver Framework*/@ = C:\WINDOWS\system32\wdfmgr.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@High Definition Audio Property Page ShortcutHDAShCut.exe = HDAShCut.exe
@Mouse Suite 98 DaemonICO.EXE = ICO.EXE
@IgfxTrayC:\WINDOWS\system32\igfxtray.exe = C:\WINDOWS\system32\igfxtray.exe
@HotKeysCmdsC:\WINDOWS\system32\hkcmd.exe = C:\WINDOWS\system32\hkcmd.exe
@PersistenceC:\WINDOWS\system32\igfxpers.exe = C:\WINDOWS\system32\igfxpers.exe
@AMSGC:\Program Files\ThinkVantage\AMSG\Amsg.exe = C:\Program Files\ThinkVantage\AMSG\Amsg.exe
@LPManagerC:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe = C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
@SunJavaUpdateSched"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" = "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
@AwaySchC:\Program Files\Lenovo\AwayTask\AwaySch.EXE = C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
@TVT Scheduler ProxyC:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe = C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
@Google Desktop Search"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup = "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
@DiskeeperSystray"C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" = "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
@Picasa Media DetectorC:\Program Files\Picasa2\PicasaMediaDetector.exe = C:\Program Files\Picasa2\PicasaMediaDetector.exe
@PDService.exe"C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" = "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe"
@cssauth"C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent = "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
@Samsung Common SM"C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun = "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
@ISUSPM Startup"C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup = "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
@ISUSScheduler"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
@GrooveMonitor"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" = "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
@NeroFilterCheckC:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe = C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
@TkBellExe"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
@AVP"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@ctfmon.exeC:\WINDOWS\system32\ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
@swgC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
@BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/deskpan.dll /*file not found*/ = deskpan.dll /*file not found*/
@{596AB062-B4D2-4215-9F74-E9109B0A8153} /*Previous Versions Property Page*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{9DB7A13C-F208-4981-8353-73CC61AE2783} /*Previous Versions*/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /*Extensions Manager Folder*/C:\WINDOWS\system32\extmgr.dll = C:\WINDOWS\system32\extmgr.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll
@{23170F69-40C1-278A-1000-000100020000} /*7-Zip Shell Extension*/C:\Program Files\ThinkVantage\SMA\7z\7-zip.dll = C:\Program Files\ThinkVantage\SMA\7z\7-zip.dll
@{F6A51CCC-6AA6-46ad-B726-97466F0A38BF} /*SafeGuard® PrivateDisk extension*/C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdshell.dll = C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdshell.dll
@{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Web Folders*/C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL = C:\Program Files\Common Files\Microsoft Shared\Web Folders\MSONSEXT.DLL
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll
@{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /*Messenger Sharing Folders*/C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll
@CorelDRAW Shell Extension Component /*CorelDRAW Shell Extension Component*/(null) =
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E} /*Groove GFS Browser Helper*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} /*Groove GFS Explorer Bar*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{A449600E-1DC6-4232-B948-9BD794D62056} /*Groove GFS Stub Icon Handler*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} /*Groove GFS Stub Execution Hook*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{6C467336-8281-4E60-8204-430CED96822D} /*Groove GFS Context Menu Handler*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{387E725D-DC16-4D76-B310-2C93ED4752A0} /*Groove XML Icon Handler*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{16F3DD56-1AF5-4347-846D-7C10C4192619} /*Groove Explorer Icon Overlay 3 (GFS Folder)*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} /*Groove Explorer Icon Overlay 2 (GFS Stub)*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} /*Groove Explorer Icon Overlay 4 (GFS Unread Mark)*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{99FD978C-D287-4F50-827F-B2C658EDA8E7} /*Groove Explorer Icon Overlay 1 (GFS Unread Stub)*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{920E6DB1-9907-4370-B3A0-BAFC03D81399} /*Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)*/C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/(null) =
@{00020D75-0000-0000-C000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
@{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} /*Microsoft Office OneNote Namespace Extension for Windows Desktop Search*/C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL = C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\Office12\msohevi.dll = C:\Program Files\Microsoft Office\Office12\msohevi.dll
@{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} /*Microsoft Office Metadata Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} /*Microsoft Office Thumbnail Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} /*Microsoft Browser Architecture*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\WINDOWS\system32\ieframe.dll = C:\WINDOWS\system32\ieframe.dll
@{B327765E-D724-4347-8B16-78AE18552FC3} /*NeroDigitalIconHandler*/C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
@{7F1CF152-04F8-453A-B34C-E609530A9DC8} /*NeroDigitalPropSheetHandler*/C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll
@{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /*Shell Extensions for RealOne Player*/C:\Program Files\Real\RealPlayer\rpshell.dll = C:\Program Files\Real\RealPlayer\rpshell.dll
@{36A21736-36C2-4C11-8ACB-D4136F2B57BD} /*AutoCAD Digital Signatures Icon Overlay Handler*/C:\WINDOWS\system32\AcSignIcon.dll = C:\WINDOWS\system32\AcSignIcon.dll
@{AC1DB655-4F9A-4c39-8AD2-A65324A4C446} /*Autodesk Drawing Preview*/C:\Program Files\Common Files\Autodesk Shared\Thumbnail\AcThumbnail16.dll = C:\Program Files\Common Files\Autodesk Shared\Thumbnail\AcThumbnail16.dll
@{99F3B825-BDAB-4231-8EDB-5A369C2A2F80} /*.LLB File Viewer and Icon Handler*/C:\Program Files\National Instruments\Shared\LabVIEW Run-Time\7.0\LVShellExt.dll = C:\Program Files\National Instruments\Shared\LabVIEW Run-Time\7.0\LVShellExt.dll
@{85E0B171-04FA-11D1-B7DA-00A0C90348D6} /*Web Anti-Virus statistics*/C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Autodesk.DWF.ContextMenu@{6C18531F-CA85-45F7-8278-FF33CF0A5964} = C:\Program Files\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll
Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll
SGPDMenu@{F6A51CCC-6AA6-46ad-B726-97466F0A38BF} = C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdshell.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

HKLM\Software\Classes\*\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll
SGPDMenu@{F6A51CCC-6AA6-46ad-B726-97466F0A38BF} = C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdshell.dll
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers@{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
@{22BF413B-C6D2-4d91-82A9-A0F997BA588C}C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll = C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
@{3049C3E9-B461-4BC5-8870-4C09146192CA}C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll = C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
@{53707962-6F74-2D53-2644-206D7942484F}C:\Program Files\Spybot - Search & Destroy\SDHelper.dll = C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E}C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll = C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
@{AA58ED58-01DD-4d91-8333-CF10577473F7}c:\program files\google\googletoolbar2.dll = c:\program files\google\googletoolbar2.dll
@{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll = C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
@{F040E541-A427-4CF7-85D8-75E3E0F476C5}C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll = C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

HKCU\Control Panel\Desktop@SCRNSAVE.EXE = logon.scr

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = go.microsoft.com/fwlink/?LinkId=69157
@Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.cg.rs/ = cg.rs/
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll
grooveLocalGWS@CLSID = C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
its@CLSID = C:\WINDOWS\system32\itss.dll
livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-help@CLSID = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
ms-its@CLSID = C:\WINDOWS\system32\itss.dll
msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
mso-offdap@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
skype4com@CLSID = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
tv@CLSID = C:\WINDOWS\system32\msvidctl.dll
wia@CLSID = C:\WINDOWS\system32\wiascr.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004@LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll

C:\Documents and Settings\administrator-ivana\Start Menu\Programs\Startup = Adobe Gamma.lnk

C:\Documents and Settings\All Users\Start Menu\Programs\Startup >>>
Adobe Reader Speed Launch.lnk = Adobe Reader Speed Launch.lnk
AutoCAD Startup Accelerator.lnk = AutoCAD Startup Accelerator.lnk

---- EOF - GMER 1.0.13 ----

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Svi logovi su čisti. Da proverimo još nešto...


Preuzmi Norman Malware Cleaner na Desktop.

Uraditi sledeće:
Dvoklikom pokrenuti Norman_Malware_Cleaner.exe
Kliknuti Accept da bi prešli na sledeći ekran
Pokrenuti skeniranje klikom na Start Scan i sačekati da se završi
Ukoliko se pojavi upit o restartovanju kompjutera:

Kliknuti Yes
Nakon restarta, skeniranje/čišćenje će biti nastavljeno

Kada proces bude završen, zatvoriti program klikom na Quit
Uz iduću poruku priložiti logfile NFix_datum_vreme.log koji se nalazi na Desktopu



-------------------------------------------------------------------------------------


Skini ComboFix sa jedne od sledecih adresa:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log koji ces nam ovde iskopirati.

offline
  • Pridružio: 21 Dec 2007
  • Poruke: 35

NFix_datum_vreme.log:

Norman Malware Cleaner
Copyright © 1990 - 2007, Norman ASA. Built 2007/12/21 00:58:18

Norman Scanner Engine Version: 5.91.08
Nvcbin.def Version: 5.90.00, Date: 2007/12/21 00:58:18, Variants: 1101322

Running pre-scan cleanup routine:
Operating System: Microsoft Windows XP Professional 5.1.2600 Service Pack 2
Logged on user: PCADMIN\administrator-ivana

Set registry value: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLS = "C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" -> ""

Scan started: 26/12/2007 08:20:02


Scanning running processes and process memory...

A fatal error occured whilst scanning.
0xC0000005 (1D59224)

Nazalost nije trazio da se restartuje a nije ni cistio nista.....
Idem sad na korak broj 2

Dopuna: 26 Dec 2007 10:26

Evo i Combo fix-a:
ComboFix 07-12-21.4 - administrator-ivana 2007-12-26 9:24:21.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.219 [GMT -8:00]
Running from: C:\Documents and Settings\administrator-ivana\Local Settings\Temporary Internet Files\Content.IE5\S2WMFY39\ComboFix[1].exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\x64

.
((((((((((((((((((((((((( Files Created from 2007-11-26 to 2007-12-26 )))))))))))))))))))))))))))))))
.

2007-12-25 12:02 . 2007-12-25 13:02 250 --a------ C:\WINDOWS\gmer.ini
2007-12-24 09:10 . 2007-12-24 09:10 <DIR> d-------- C:\Program Files\Lavasoft
2007-12-24 09:10 . 2007-12-24 09:10 <DIR> d-------- C:\Documents and Settings\administrator-ivana\Application Data\Lavasoft
2007-12-14 09:31 . 2007-12-21 08:01 91,492 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-12-14 09:31 . 2007-12-14 09:31 85,860 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-12-14 09:30 . 2007-12-14 09:30 <DIR> d-------- C:\Program Files\Kaspersky Lab
2007-12-14 09:30 . 2007-12-26 07:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-12-14 09:30 . 2007-12-26 09:46 6,143,008 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-14 09:30 . 2007-12-25 14:48 84,140 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-14 09:30 . 2007-12-26 09:42 44,320 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-12-14 09:30 . 2007-12-25 14:48 4,844 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2007-12-14 09:29 . 2007-12-14 09:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2007-12-13 08:18 . 2007-12-13 08:18 268 --ah----- C:\sqmdata05.sqm
2007-12-13 08:18 . 2007-12-13 08:18 244 --ah----- C:\sqmnoopt05.sqm
2007-12-13 08:17 . 2007-12-13 08:40 <DIR> d-------- C:\_SMA
2007-12-07 19:01 . 2007-12-07 19:01 219,664 --a------ C:\WINDOWS\system32\klogon.dll
2007-12-07 18:58 . 2007-12-07 18:58 23,396 --a------ C:\WINDOWS\system32\drivers\klopp.dat
2007-12-03 09:09 . 2007-12-25 14:11 <DIR> d-------- C:\Documents and Settings\administrator-ivana\Application Data\U3
2007-11-30 13:17 . 2007-12-05 12:38 170 --a------ C:\WINDOWS\MyDrivers.ini
2007-11-30 08:27 . 2007-11-30 11:00 <DIR> d-------- C:\driverizalenovo
2007-11-30 08:23 . 2007-11-30 08:23 <DIR> d-------- C:\Program Files\My Drivers
2007-11-29 13:40 . 2007-12-13 09:03 <DIR> d-------- C:\Documents and Settings\administrator-ivana\DoctorWeb

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-25 22:47 --------- d-----w C:\Documents and Settings\administrator-ivana\Application Data\Skype
2007-12-14 19:48 --------- d-----w C:\Program Files\Symantec Client Security
2007-12-14 18:09 --------- d-----w C:\Program Files\Symantec
2007-12-14 18:09 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-12-14 18:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-12-14 16:53 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-07 16:07 --------- d-----w C:\Program Files\Microsoft VM
2007-11-23 21:29 --------- d-----w C:\Documents and Settings\administrator-ivana\Application Data\SolidDocuments
2007-11-23 16:33 --------- d-----w C:\Program Files\Java
2007-11-13 10:25 20,480 ------w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-31 21:41 110,096 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2007-10-30 15:39 --------- d-----w C:\Documents and Settings\administrator-ivana\Application Data\MathWorks
2007-10-29 19:26 --------- d-----w C:\Program Files\Netscape
2007-10-29 19:25 --------- d-----w C:\Program Files\National Instruments
2007-05-18 20:58 56 --sh--r C:\WINDOWS\system32\C1CF669A00.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutoCAD Digital Signatures Icon Overlay Handler]
@={36A21736-36C2-4C11-8ACB-D4136F2B57BD}

[HKEY_CLASSES_ROOT\CLSID\{36A21736-36C2-4C11-8ACB-D4136F2B57BD}]
2006-03-05 03:55 185448 --a------ C:\WINDOWS\system32\AcSignIcon.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-21 12:34]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 16:03]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 C:\WINDOWS\system32\HdAShCut.exe]
"Mouse Suite 98 Daemon"="ICO.EXE" [2005-04-13 14:34 C:\WINDOWS\system32\ico.exe]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2006-06-23 11:41]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2006-06-23 11:44]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2006-06-23 11:40]
"AMSG"="C:\Program Files\ThinkVantage\AMSG\Amsg.exe" [2005-11-13 22:23]
"LPManager"="C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe" [2006-03-22 08:10]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"AwaySch"="C:\Program Files\Lenovo\AwayTask\AwaySch.EXE" [2006-04-18 09:05]
"TVT Scheduler Proxy"="C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2006-03-28 04:01]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-12-29 08:45]
"DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-05-18 16:24]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2005-10-28 10:08]
"PDService.exe"="C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe" [2006-03-13 16:38]
"cssauth"="C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" [2006-05-12 20:15]
"Samsung Common SM"="C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" [2005-07-02 23:20]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 15:30]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 15:30]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-10-15 08:30]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-12-07 18:59]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 04:00]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IETI"="C:\Program Files\Skype\Phone\IEPlugin\unins000.exe" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify]
C:\Program Files\Lenovo\AwayTask\AwayNotify.dll 2006-04-18 09:05 49152 C:\Program Files\Lenovo\AwayTask\AwayNotify.dll

R2 cvintdrv;cvintdrv;C:\WINDOWS\system32\drivers\cvintdrv.sys [2002-10-07 09:00]
R2 PrivateDisk;PrivateDisk;C:\Program Files\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys [2006-03-13 16:05]
R2 smi2;smi2;C:\Program Files\SMI2\smi2.sys [2006-05-12 18:10]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 13:58]
R3 pelmouse;Mouse Suite Driver;C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2003-01-10 13:55]
R3 pelusblf;USB Mouse Low Filter Driver;C:\WINDOWS\system32\DRIVERS\pelusblf.sys [2003-02-11 13:25]
S3 OracleOraHome90ClientCache;OracleOraHome90ClientCache;C:\oracle\ora90\BIN\ONRSD.EXE [2001-08-14 17:25]
S3 SM_ml1600_FUService;ML-2010 Status Monitor Service;"C:\Program Files\Samsung ML-2010 Series\CommonSM\ssmsrvc /Service []
S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;"C:\Program Files\MSN Messenger\usnsvc.exe" [2007-01-19 11:54]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\LaunchU3.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{462a8786-54b3-11dc-bb28-001558d1d582}]
\Shell\AutoRun\command - fooool.exe
\Shell\explore\Command - fooool.exe
\Shell\open\Command - fooool.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52695478-f99f-11db-ba59-001558d1d582}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2007-12-26 15:55:47 C:\WINDOWS\Tasks\RegCure Program Check.job"
"2007-09-09 05:16:11 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2007-12-26 09:54:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ne vdim ništa što bi prouzrokovalo pomenuti problem.

Imaš li instaliran program RegCure?

Pokušaj da pokreneš Norman Malware Cleaner iz Safe Mode-a.
http://www.mycity.rs/Uputstva-sa-ex-SuperSajta/Kako-uci-u-SAFE-MODE.html

offline
  • Pridružio: 21 Dec 2007
  • Poruke: 35

Imam.. da ga deinstaliram? U safe modu sam vec pokusavala sa Kasperskim sad cu da pokusam i sa Norman Malware Cleaner-rom

Ko je trenutno na forumu
 

Ukupno su 1275 korisnika na forumu :: 21 registrovanih, 6 sakrivenih i 1248 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Bane san, bestguarder, Djokislav, indja, jackreacher011011, krkalon, ladro, laki_bb, Lazarus, maCvele, Milometer, nenad81, Oscar2, panzerwaffe, sickmouse, SlaKoj, Trpe Grozni, vlad the impaler, W123, Zimbabwe, zzapNDjuric99