Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

cant open files as admin kaspersky says 28 days until scan finishes


  • Please log in to reply
23 replies to this topic

#1 Exactly

Exactly

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 25 March 2012 - 03:21 PM

I ran tdsskiller found two rootkits sure if they are good or bad so I left alone until I could post here Malwarebytes came up negative and as I said Kaspersky won't finish says 28 days until finishing...I tried to scan in safe mode same out come..computer won't let me run file as admin but I am the admin and browsing files in 'my computer' is.very slow...any help is very much appreciated thanks

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:28 AM

Posted 25 March 2012 - 09:19 PM

Can you post the TDSSkiller log.It should be in your C drive.

Thanks

#3 Exactly

Exactly
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 25 March 2012 - 11:08 PM

Hello Narenxp I will add I tried rkill and went ahead and did a Kaspersky scan still slow but instead of 28 days till finish it says 21 hours

Log






19:25:13.0109 1544 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
19:25:13.0640 1544 ============================================================
19:25:13.0640 1544 Current date / time: 2012/03/24 19:25:13.0640
19:25:13.0640 1544 SystemInfo:
19:25:13.0640 1544
19:25:13.0640 1544 OS Version: 5.1.2600 ServicePack: 3.0
19:25:13.0640 1544 Product type: Workstation
19:25:13.0640 1544 ComputerName: YOUR-0C38505533
19:25:13.0640 1544 UserName: Joshua Crumpton
19:25:13.0640 1544 Windows directory: C:\WINDOWS
19:25:13.0640 1544 System windows directory: C:\WINDOWS
19:25:13.0640 1544 Processor architecture: Intel x86
19:25:13.0640 1544 Number of processors: 2
19:25:13.0640 1544 Page size: 0x1000
19:25:13.0640 1544 Boot type: Normal boot
19:25:13.0640 1544 ============================================================
19:25:15.0328 1544 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:25:15.0328 1544 \Device\Harddisk0\DR0:
19:25:15.0328 1544 MBR used
19:25:15.0328 1544 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
19:25:15.0421 1544 Initialize success
19:25:15.0421 1544 ============================================================
19:25:19.0156 3148 ============================================================
19:25:19.0156 3148 Scan started
19:25:19.0156 3148 Mode: Manual;
19:25:19.0156 3148 ============================================================
19:25:21.0484 3148 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
19:25:21.0484 3148 !SASCORE - ok
19:25:21.0734 3148 Abiosdsk - ok
19:25:21.0812 3148 abp480n5 - ok
19:25:21.0921 3148 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:25:21.0953 3148 ACPI - ok
19:25:22.0015 3148 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:25:22.0015 3148 ACPIEC - ok
19:25:22.0234 3148 AdobeFlashPlayerUpdateSvc (300b79deceef4f385523765acc4f351a) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:25:22.0250 3148 AdobeFlashPlayerUpdateSvc - ok
19:25:22.0328 3148 adpu160m - ok
19:25:22.0484 3148 AdvancedSystemCareService (18ba414c06b667fa2cb48dc3e27c8f97) C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
19:25:22.0484 3148 AdvancedSystemCareService - ok
19:25:22.0640 3148 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:25:22.0640 3148 aec - ok
19:25:22.0781 3148 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
19:25:22.0781 3148 AFD - ok
19:25:22.0875 3148 Aha154x - ok
19:25:22.0921 3148 aic78u2 - ok
19:25:23.0015 3148 aic78xx - ok
19:25:23.0531 3148 Akamai (31bd294dc6ddbc0f16356d958d0743a4) c:\program files\common files\akamai/netsession_win_7de0ed9.dll
19:25:23.0531 3148 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_7de0ed9.dll. md5: 31bd294dc6ddbc0f16356d958d0743a4
19:25:23.0546 3148 Akamai ( HiddenFile.Multi.Generic ) - warning
19:25:23.0546 3148 Akamai - detected HiddenFile.Multi.Generic (1)
19:25:23.0796 3148 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
19:25:23.0796 3148 Alerter - ok
19:25:23.0953 3148 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
19:25:23.0953 3148 ALG - ok
19:25:24.0062 3148 AliIde - ok
19:25:24.0328 3148 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
19:25:24.0328 3148 Ambfilt - ok
19:25:24.0437 3148 AmdK8 (0a4d13b388c814560bd69c3a496ecfa8) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
19:25:24.0437 3148 AmdK8 - ok
19:25:24.0546 3148 amsint - ok
19:25:24.0656 3148 AnyDVD (2859c5ec3943911bf1e6458089a75f35) C:\WINDOWS\system32\Drivers\AnyDVD.sys
19:25:24.0656 3148 AnyDVD - ok
19:25:24.0812 3148 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:25:24.0812 3148 Apple Mobile Device - ok
19:25:24.0890 3148 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
19:25:24.0890 3148 AppMgmt - ok
19:25:24.0953 3148 asc - ok
19:25:25.0000 3148 asc3350p - ok
19:25:25.0062 3148 asc3550 - ok
19:25:25.0156 3148 ASPI32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\ASPI32.sys
19:25:25.0156 3148 ASPI32 - ok
19:25:25.0500 3148 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
19:25:25.0500 3148 aspnet_state - ok
19:25:25.0765 3148 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:25:25.0765 3148 AsyncMac - ok
19:25:25.0906 3148 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:25:25.0906 3148 atapi - ok
19:25:25.0984 3148 Atdisk - ok
19:25:26.0093 3148 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:25:26.0093 3148 Atmarpc - ok
19:25:26.0203 3148 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
19:25:26.0203 3148 AudioSrv - ok
19:25:26.0312 3148 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:25:26.0312 3148 audstub - ok
19:25:26.0421 3148 AVP (2718dc27571bd1e37813f5759d2dc118) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
19:25:26.0421 3148 AVP - ok
19:25:26.0515 3148 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:25:26.0515 3148 Beep - ok
19:25:26.0593 3148 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
19:25:26.0593 3148 BITS - ok
19:25:26.0640 3148 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:25:26.0640 3148 Bonjour Service - ok
19:25:26.0718 3148 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
19:25:26.0718 3148 Browser - ok
19:25:26.0812 3148 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:25:26.0812 3148 cbidf2k - ok
19:25:26.0843 3148 cd20xrnt - ok
19:25:26.0937 3148 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:25:26.0937 3148 Cdaudio - ok
19:25:27.0062 3148 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:25:27.0062 3148 Cdfs - ok
19:25:27.0109 3148 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:25:27.0125 3148 Cdrom - ok
19:25:27.0156 3148 Changer - ok
19:25:27.0218 3148 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
19:25:27.0218 3148 CiSvc - ok
19:25:27.0375 3148 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys
19:25:27.0390 3148 CLEDX - ok
19:25:27.0437 3148 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
19:25:27.0437 3148 ClipSrv - ok
19:25:27.0531 3148 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:25:27.0546 3148 clr_optimization_v2.0.50727_32 - ok
19:25:27.0687 3148 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:25:27.0687 3148 clr_optimization_v4.0.30319_32 - ok
19:25:27.0734 3148 CmdIde - ok
19:25:27.0765 3148 COMSysApp - ok
19:25:27.0812 3148 Cpqarray - ok
19:25:27.0906 3148 cpuz135 (3411fdf098aa20193eee5ffa36ba43b2) C:\WINDOWS\system32\drivers\cpuz135_x32.sys
19:25:27.0906 3148 cpuz135 - ok
19:25:27.0953 3148 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
19:25:27.0953 3148 CryptSvc - ok
19:25:27.0984 3148 dac2w2k - ok
19:25:28.0078 3148 dac960nt - ok
19:25:28.0203 3148 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
19:25:28.0203 3148 DcomLaunch - ok
19:25:28.0437 3148 DELTAII (c5b7ac8d8a9237a2510a1092d19a5fa9) C:\WINDOWS\system32\DRIVERS\MAudioDelta.sys
19:25:28.0437 3148 DELTAII - ok
19:25:28.0562 3148 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
19:25:28.0562 3148 Dhcp - ok
19:25:28.0687 3148 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:25:28.0687 3148 Disk - ok
19:25:28.0765 3148 dmadmin - ok
19:25:28.0843 3148 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
19:25:28.0843 3148 dmboot - ok
19:25:29.0015 3148 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
19:25:29.0015 3148 dmio - ok
19:25:29.0140 3148 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:25:29.0140 3148 dmload - ok
19:25:29.0234 3148 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
19:25:29.0250 3148 dmserver - ok
19:25:29.0328 3148 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:25:29.0328 3148 DMusic - ok
19:25:29.0421 3148 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
19:25:29.0421 3148 Dnscache - ok
19:25:29.0609 3148 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
19:25:29.0609 3148 Dot3svc - ok
19:25:29.0640 3148 dpti2o - ok
19:25:29.0687 3148 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:25:29.0687 3148 drmkaud - ok
19:25:29.0734 3148 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
19:25:29.0734 3148 EapHost - ok
19:25:29.0796 3148 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
19:25:29.0796 3148 ElbyCDIO - ok
19:25:29.0875 3148 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
19:25:29.0875 3148 ERSvc - ok
19:25:29.0968 3148 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:25:29.0968 3148 Eventlog - ok
19:25:30.0078 3148 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
19:25:30.0078 3148 EventSystem - ok
19:25:30.0218 3148 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:25:30.0234 3148 Fastfat - ok
19:25:30.0375 3148 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:25:30.0375 3148 FastUserSwitchingCompatibility - ok
19:25:30.0437 3148 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:25:30.0437 3148 Fdc - ok
19:25:30.0609 3148 FET5X86V (ef88fbdbb2c2ab084dcae4388921c898) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
19:25:30.0609 3148 FET5X86V - ok
19:25:30.0750 3148 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
19:25:30.0750 3148 FETNDIS - ok
19:25:30.0796 3148 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
19:25:30.0796 3148 Fips - ok
19:25:30.0890 3148 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:25:30.0921 3148 FLEXnet Licensing Service - ok
19:25:31.0031 3148 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:25:31.0031 3148 Flpydisk - ok
19:25:31.0218 3148 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:25:31.0218 3148 FltMgr - ok
19:25:31.0359 3148 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:25:31.0359 3148 FontCache3.0.0.0 - ok
19:25:31.0421 3148 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:25:31.0421 3148 Fs_Rec - ok
19:25:31.0484 3148 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:25:31.0484 3148 Ftdisk - ok
19:25:31.0578 3148 gagp30kx (3a74c423cf6bcca6982715878f450a3b) C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
19:25:31.0578 3148 gagp30kx - ok
19:25:31.0640 3148 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:25:31.0656 3148 GEARAspiWDM - ok
19:25:31.0750 3148 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
19:25:31.0750 3148 giveio - ok
19:25:31.0828 3148 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:25:31.0828 3148 Gpc - ok
19:25:31.0921 3148 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
19:25:31.0921 3148 gupdate - ok
19:25:31.0937 3148 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
19:25:31.0937 3148 gupdatem - ok
19:25:32.0000 3148 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:25:32.0000 3148 HDAudBus - ok
19:25:32.0093 3148 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:25:32.0093 3148 helpsvc - ok
19:25:32.0171 3148 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
19:25:32.0171 3148 HidServ - ok
19:25:32.0250 3148 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:25:32.0250 3148 hidusb - ok
19:25:32.0328 3148 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
19:25:32.0328 3148 hkmsvc - ok
19:25:32.0406 3148 hpn - ok
19:25:32.0500 3148 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
19:25:32.0515 3148 HTCAND32 - ok
19:25:32.0593 3148 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys
19:25:32.0593 3148 htcnprot - ok
19:25:32.0703 3148 htcusbnet (f878fa356f8864f8581b327f95731ccd) C:\WINDOWS\system32\DRIVERS\htcusbnet.sys
19:25:32.0703 3148 htcusbnet - ok
19:25:32.0812 3148 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:25:32.0812 3148 HTTP - ok
19:25:32.0921 3148 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
19:25:32.0921 3148 HTTPFilter - ok
19:25:33.0031 3148 HWiNFO32 (6d1fe3a24a49ee8a3e0f5f589813e934) C:\Program Files\HWiNFO32\HWiNFO32.SYS
19:25:33.0031 3148 HWiNFO32 - ok
19:25:33.0109 3148 i2omgmt - ok
19:25:33.0156 3148 i2omp - ok
19:25:33.0250 3148 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
19:25:33.0250 3148 i8042prt - ok
19:25:33.0406 3148 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:25:33.0421 3148 idsvc - ok
19:25:33.0468 3148 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:25:33.0468 3148 Imapi - ok
19:25:33.0515 3148 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
19:25:33.0515 3148 ImapiService - ok
19:25:33.0562 3148 ini910u - ok
19:25:33.0875 3148 IntcAzAudAddService (b29781b9a90cd55fc5d859c0b1c243bc) C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:25:33.0890 3148 IntcAzAudAddService - ok
19:25:33.0968 3148 IntelIde - ok
19:25:34.0062 3148 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:25:34.0062 3148 Ip6Fw - ok
19:25:34.0203 3148 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:25:34.0203 3148 IpFilterDriver - ok
19:25:34.0265 3148 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:25:34.0265 3148 IpInIp - ok
19:25:34.0312 3148 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:25:34.0312 3148 IpNat - ok
19:25:34.0421 3148 iPod Service (33642c17c232aa272c68e446a2619899) C:\Program Files\iPod\bin\iPodService.exe
19:25:34.0437 3148 iPod Service - ok
19:25:34.0515 3148 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:25:34.0531 3148 IPSec - ok
19:25:34.0562 3148 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:25:34.0562 3148 IRENUM - ok
19:25:34.0640 3148 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:25:34.0640 3148 isapnp - ok
19:25:34.0703 3148 iWinTrusted (1ec613da589cc6785dd7c6eacf8b4b31) C:\Program Files\iWin Games\iWinTrusted.exe
19:25:34.0703 3148 iWinTrusted - ok
19:25:34.0875 3148 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe
19:25:34.0875 3148 JavaQuickStarterService - ok
19:25:34.0937 3148 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:25:34.0937 3148 Kbdclass - ok
19:25:35.0031 3148 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:25:35.0031 3148 kbdhid - ok
19:25:35.0093 3148 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\kl1.sys
19:25:35.0093 3148 KL1 - ok
19:25:35.0171 3148 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\WINDOWS\system32\DRIVERS\kl2.sys
19:25:35.0171 3148 kl2 - ok
19:25:35.0250 3148 KLIF (5d92a03045a6a98708975b3d77b39a36) C:\WINDOWS\system32\DRIVERS\klif.sys
19:25:35.0250 3148 KLIF - ok
19:25:35.0328 3148 klim5 (96a7ec308a93da26dfe481308baac2a2) C:\WINDOWS\system32\DRIVERS\klim5.sys
19:25:35.0328 3148 klim5 - ok
19:25:35.0375 3148 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
19:25:35.0375 3148 klmouflt - ok
19:25:35.0437 3148 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:25:35.0437 3148 kmixer - ok
19:25:35.0546 3148 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:25:35.0562 3148 KSecDD - ok
19:25:35.0625 3148 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
19:25:35.0625 3148 lanmanserver - ok
19:25:35.0734 3148 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
19:25:35.0734 3148 lanmanworkstation - ok
19:25:35.0781 3148 lbrtfdc - ok
19:25:35.0906 3148 libusb0 (34d6730e198a5b0fce0790a6b4769ef2) C:\WINDOWS\system32\drivers\libusb0.sys
19:25:35.0906 3148 libusb0 - ok
19:25:36.0000 3148 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
19:25:36.0000 3148 LmHosts - ok
19:25:36.0203 3148 lxdnCATSCustConnectService (6ec65465744c0b9495aea4d51947db49) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
19:25:36.0203 3148 lxdnCATSCustConnectService - ok
19:25:36.0250 3148 lxdn_device - ok
19:25:36.0531 3148 LxrSII1d (7c12f93c005021861a36c11df951891a) C:\WINDOWS\system32\Drivers\LxrSII1d.sys
19:25:36.0546 3148 LxrSII1d - ok
19:25:36.0546 3148 LxrSII1s - ok
19:25:37.0109 3148 M4iPodWPDService (6e715ee7eeb0bb6cfb367ea2629d5a7a) C:\Program Files\Common Files\Mediafour\iPod\M4iPodWPDService.exe
19:25:37.0109 3148 M4iPodWPDService - ok
19:25:37.0468 3148 MDFSYSNT (33b8e7b152156802f897ed57cf3f1ddc) C:\WINDOWS\system32\drivers\MDFSYSNT.sys
19:25:37.0468 3148 MDFSYSNT - ok
19:25:37.0609 3148 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
19:25:37.0609 3148 Messenger - ok
19:25:37.0750 3148 Microsoft SharePoint Workspace Audit Service - ok
19:25:37.0812 3148 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:25:37.0812 3148 mnmdd - ok
19:25:37.0890 3148 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
19:25:37.0890 3148 mnmsrvc - ok
19:25:38.0031 3148 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
19:25:38.0031 3148 Modem - ok
19:25:38.0187 3148 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
19:25:38.0187 3148 Monfilt - ok
19:25:38.0281 3148 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:25:38.0281 3148 Mouclass - ok
19:25:38.0390 3148 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:25:38.0390 3148 mouhid - ok
19:25:38.0468 3148 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:25:38.0468 3148 MountMgr - ok
19:25:38.0546 3148 mraid35x - ok
19:25:38.0593 3148 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:25:38.0593 3148 MRxDAV - ok
19:25:38.0640 3148 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:25:38.0656 3148 MRxSmb - ok
19:25:38.0750 3148 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
19:25:38.0750 3148 MSDTC - ok
19:25:38.0812 3148 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:25:38.0812 3148 Msfs - ok
19:25:38.0859 3148 MSIServer - ok
19:25:38.0906 3148 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:25:38.0906 3148 MSKSSRV - ok
19:25:38.0937 3148 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:25:38.0937 3148 MSPCLOCK - ok
19:25:38.0984 3148 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:25:38.0984 3148 MSPQM - ok
19:25:39.0031 3148 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:25:39.0031 3148 mssmbios - ok
19:25:39.0218 3148 MSSQL$SONY_MEDIAMGR - ok
19:25:39.0296 3148 MSSQLServerADHelper (cb7524c21727404bd3140dca32deb7de) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
19:25:39.0296 3148 MSSQLServerADHelper - ok
19:25:39.0453 3148 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
19:25:39.0453 3148 MTsensor - ok
19:25:40.0015 3148 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
19:25:40.0015 3148 Mup - ok
19:25:40.0250 3148 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
19:25:40.0250 3148 napagent - ok
19:25:40.0468 3148 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:25:40.0468 3148 NDIS - ok
19:25:40.0578 3148 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:25:40.0578 3148 NdisTapi - ok
19:25:40.0656 3148 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:25:40.0656 3148 Ndisuio - ok
19:25:40.0718 3148 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:25:40.0718 3148 NdisWan - ok
19:25:40.0843 3148 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
19:25:40.0843 3148 NDProxy - ok
19:25:41.0062 3148 Nero BackItUp Scheduler 3 (c5052fb77aa42ed440f9f6b4e37145a9) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
19:25:41.0062 3148 Nero BackItUp Scheduler 3 - ok
19:25:41.0125 3148 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:25:41.0125 3148 NetBIOS - ok
19:25:41.0250 3148 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:25:41.0250 3148 NetBT - ok
19:25:41.0375 3148 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:25:41.0375 3148 NetDDE - ok
19:25:41.0468 3148 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
19:25:41.0468 3148 NetDDEdsdm - ok
19:25:41.0578 3148 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:25:41.0578 3148 Netlogon - ok
19:25:41.0734 3148 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
19:25:41.0734 3148 Netman - ok
19:25:42.0000 3148 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
19:25:42.0000 3148 NetTcpPortSharing - ok
19:25:42.0125 3148 NitroReaderDriverReadSpool2 (6676071f33ae0a2fb59207bbc01ee03a) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
19:25:42.0125 3148 NitroReaderDriverReadSpool2 - ok
19:25:42.0343 3148 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
19:25:42.0343 3148 Nla - ok
19:25:42.0468 3148 NMIndexingService (74149bcf0307bb76d68c0f8912df731c) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
19:25:42.0468 3148 NMIndexingService - ok
19:25:42.0687 3148 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:25:42.0687 3148 Npfs - ok
19:25:42.0812 3148 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:25:42.0828 3148 Ntfs - ok
19:25:42.0921 3148 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:25:42.0921 3148 NtLmSsp - ok
19:25:43.0015 3148 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
19:25:43.0015 3148 NtmsSvc - ok
19:25:43.0093 3148 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:25:43.0109 3148 Null - ok
19:25:43.0265 3148 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:25:43.0265 3148 NwlnkFlt - ok
19:25:43.0343 3148 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:25:43.0343 3148 NwlnkFwd - ok
19:25:43.0453 3148 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:25:43.0453 3148 ose - ok
19:25:43.0812 3148 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:25:43.0843 3148 osppsvc - ok
19:25:44.0156 3148 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
19:25:44.0156 3148 Parport - ok
19:25:44.0296 3148 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:25:44.0296 3148 PartMgr - ok
19:25:44.0406 3148 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:25:44.0406 3148 ParVdm - ok
19:25:44.0500 3148 PassThru Service (a1e779a0cf7a21b42e8fd3e8856d8481) C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
19:25:44.0500 3148 PassThru Service - ok
19:25:44.0562 3148 pbfilter (f678cd9e3afcc9264a514b941a85a9d4) C:\Program Files\PeerBlock\pbfilter.sys
19:25:44.0562 3148 pbfilter - ok
19:25:44.0640 3148 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
19:25:44.0656 3148 PCI - ok
19:25:44.0734 3148 PCIDump - ok
19:25:44.0843 3148 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:25:44.0843 3148 PCIIde - ok
19:25:44.0937 3148 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:25:44.0937 3148 Pcmcia - ok
19:25:45.0109 3148 Pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\Pcouffin.sys
19:25:45.0109 3148 Pcouffin - ok
19:25:45.0187 3148 PDCOMP - ok
19:25:45.0281 3148 PDFRAME - ok
19:25:45.0343 3148 PDRELI - ok
19:25:45.0421 3148 PDRFRAME - ok
19:25:45.0515 3148 perc2 - ok
19:25:45.0578 3148 perc2hib - ok
19:25:45.0734 3148 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
19:25:45.0734 3148 PlugPlay - ok
19:25:45.0859 3148 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:25:45.0859 3148 PolicyAgent - ok
19:25:46.0000 3148 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:25:46.0000 3148 PptpMiniport - ok
19:25:46.0156 3148 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
19:25:46.0156 3148 Processor - ok
19:25:46.0218 3148 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:25:46.0234 3148 ProtectedStorage - ok
19:25:46.0312 3148 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:25:46.0312 3148 PSched - ok
19:25:46.0390 3148 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\WINDOWS\system32\DRIVERS\psi_mf.sys
19:25:46.0390 3148 PSI - ok
19:25:46.0609 3148 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:25:46.0609 3148 Ptilink - ok
19:25:46.0796 3148 ql1080 - ok
19:25:46.0875 3148 Ql10wnt - ok
19:25:46.0937 3148 ql12160 - ok
19:25:47.0000 3148 ql1240 - ok
19:25:47.0062 3148 ql1280 - ok
19:25:47.0140 3148 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:25:47.0140 3148 RasAcd - ok
19:25:47.0328 3148 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
19:25:47.0328 3148 RasAuto - ok
19:25:47.0453 3148 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:25:47.0453 3148 Rasl2tp - ok
19:25:47.0531 3148 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
19:25:47.0531 3148 RasMan - ok
19:25:47.0656 3148 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:25:47.0656 3148 RasPppoe - ok
19:25:47.0750 3148 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:25:47.0750 3148 Raspti - ok
19:25:47.0875 3148 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:25:47.0875 3148 Rdbss - ok
19:25:47.0953 3148 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:25:47.0953 3148 RDPCDD - ok
19:25:48.0031 3148 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:25:48.0031 3148 rdpdr - ok
19:25:48.0171 3148 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
19:25:48.0171 3148 RDPWD - ok
19:25:48.0234 3148 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
19:25:48.0234 3148 RDSessMgr - ok
19:25:48.0328 3148 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:25:48.0328 3148 redbook - ok
19:25:48.0390 3148 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
19:25:48.0390 3148 RemoteAccess - ok
19:25:48.0453 3148 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
19:25:48.0453 3148 RemoteRegistry - ok
19:25:48.0593 3148 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
19:25:48.0593 3148 RpcLocator - ok
19:25:48.0703 3148 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
19:25:48.0703 3148 RpcSs - ok
19:25:48.0828 3148 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
19:25:48.0843 3148 RSVP - ok
19:25:48.0984 3148 S3GIGP (5e9378f9893ede2db887ea0281ffdff5) C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys
19:25:48.0984 3148 S3GIGP - ok
19:25:49.0046 3148 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
19:25:49.0062 3148 SamSs - ok
19:25:49.0156 3148 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:25:49.0156 3148 SASDIFSV - ok
19:25:49.0187 3148 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:25:49.0187 3148 SASKUTIL - ok
19:25:49.0250 3148 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
19:25:49.0250 3148 SCardSvr - ok
19:25:49.0359 3148 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
19:25:49.0359 3148 Schedule - ok
19:25:49.0531 3148 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:25:49.0531 3148 Secdrv - ok
19:25:49.0578 3148 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
19:25:49.0578 3148 seclogon - ok
19:25:49.0796 3148 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files\Secunia\PSI\PSIA.exe
19:25:49.0812 3148 Secunia PSI Agent - ok
19:25:49.0843 3148 Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files\Secunia\PSI\sua.exe
19:25:49.0859 3148 Secunia Update Agent - ok
19:25:50.0281 3148 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
19:25:50.0281 3148 SENS - ok
19:25:50.0500 3148 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:25:50.0500 3148 serenum - ok
19:25:50.0593 3148 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
19:25:50.0593 3148 Serial - ok
19:25:50.0718 3148 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:25:50.0718 3148 Sfloppy - ok
19:25:50.0921 3148 SgtSch2Svc (c240035fb95c2faef99cfc2403edcd46) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
19:25:50.0937 3148 SgtSch2Svc - ok
19:25:51.0109 3148 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
19:25:51.0109 3148 SharedAccess - ok
19:25:51.0218 3148 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:25:51.0218 3148 ShellHWDetection - ok
19:25:51.0296 3148 Simbad - ok
19:25:51.0375 3148 SmartDefragDriver (14bb60a4f1c5291217a05d5728c403e6) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
19:25:51.0375 3148 SmartDefragDriver - ok
19:25:51.0500 3148 snapman (c3bf55189aa92b8f919108ef9e4accae) C:\WINDOWS\system32\DRIVERS\snapman.sys
19:25:51.0500 3148 snapman - ok
19:25:51.0609 3148 Sparrow - ok
19:25:51.0671 3148 speedfan (3fa2e254bfbce52b3c6f1bf23aab6911) C:\WINDOWS\system32\speedfan.sys
19:25:51.0671 3148 speedfan - ok
19:25:51.0750 3148 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:25:51.0750 3148 splitter - ok
19:25:51.0859 3148 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
19:25:51.0859 3148 Spooler - ok
19:25:51.0984 3148 sptd (d390675b8ce45e5fb359338e5e649329) C:\WINDOWS\system32\Drivers\sptd.sys
19:25:51.0984 3148 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329
19:25:51.0984 3148 sptd ( LockedFile.Multi.Generic ) - warning
19:25:51.0984 3148 sptd - detected LockedFile.Multi.Generic (1)
19:25:52.0203 3148 SQLAgent$SONY_MEDIAMGR - ok
19:25:52.0578 3148 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
19:25:52.0578 3148 sr - ok
19:25:52.0765 3148 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
19:25:52.0765 3148 srservice - ok
19:25:52.0921 3148 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
19:25:52.0921 3148 Srv - ok
19:25:53.0109 3148 sscdbus (d6870895fe46a464a19141440eb6cc1e) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
19:25:53.0109 3148 sscdbus - ok
19:25:53.0218 3148 sscdmdfl (0fe167362e4689b716cdc8d93adedda8) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
19:25:53.0218 3148 sscdmdfl - ok
19:25:53.0328 3148 sscdmdm (55a15707e32b6709242ad127e62ca55a) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
19:25:53.0328 3148 sscdmdm - ok
19:25:53.0375 3148 sscdserd (9fa66e361a99f8920c7609bae6814a0e) C:\WINDOWS\system32\DRIVERS\sscdserd.sys
19:25:53.0375 3148 sscdserd - ok
19:25:53.0453 3148 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
19:25:53.0453 3148 SSDPSRV - ok
19:25:53.0671 3148 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
19:25:53.0671 3148 stisvc - ok
19:25:53.0750 3148 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:25:53.0750 3148 swenum - ok
19:25:53.0828 3148 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:25:53.0828 3148 swmidi - ok
19:25:53.0859 3148 SwPrv - ok
19:25:53.0906 3148 symc810 - ok
19:25:53.0937 3148 symc8xx - ok
19:25:53.0968 3148 sym_hi - ok
19:25:54.0000 3148 sym_u3 - ok
19:25:54.0093 3148 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:25:54.0093 3148 sysaudio - ok
19:25:54.0125 3148 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
19:25:54.0140 3148 SysmonLog - ok
19:25:54.0187 3148 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
19:25:54.0203 3148 TapiSrv - ok
19:25:54.0281 3148 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:25:54.0281 3148 Tcpip - ok
19:25:54.0328 3148 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:25:54.0328 3148 TDPIPE - ok
19:25:54.0437 3148 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
19:25:54.0437 3148 tdrpman - ok
19:25:54.0484 3148 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:25:54.0484 3148 TDTCP - ok
19:25:54.0531 3148 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:25:54.0531 3148 TermDD - ok
19:25:54.0578 3148 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
19:25:54.0578 3148 TermService - ok
19:25:54.0640 3148 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
19:25:54.0656 3148 Themes - ok
19:25:54.0703 3148 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
19:25:54.0703 3148 tifsfilter - ok
19:25:54.0796 3148 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
19:25:54.0796 3148 timounter - ok
19:25:54.0875 3148 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
19:25:54.0875 3148 TlntSvr - ok
19:25:54.0921 3148 TosIde - ok
19:25:54.0968 3148 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
19:25:54.0984 3148 TrkWks - ok
19:25:55.0046 3148 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:25:55.0046 3148 Udfs - ok
19:25:55.0093 3148 ultra - ok
19:25:55.0187 3148 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:25:55.0203 3148 Update - ok
19:25:55.0250 3148 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
19:25:55.0250 3148 upnphost - ok
19:25:55.0296 3148 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
19:25:55.0296 3148 UPS - ok
19:25:55.0578 3148 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:25:55.0578 3148 USBAAPL - ok
19:25:55.0921 3148 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
19:25:55.0921 3148 usbaudio - ok
19:25:56.0312 3148 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:25:56.0312 3148 usbccgp - ok
19:25:56.0421 3148 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:25:56.0421 3148 usbehci - ok
19:25:56.0578 3148 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:25:56.0578 3148 usbhub - ok
19:25:56.0718 3148 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:25:56.0718 3148 usbprint - ok
19:25:56.0796 3148 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:25:56.0796 3148 usbscan - ok
19:25:56.0843 3148 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:25:56.0843 3148 USBSTOR - ok
19:25:56.0937 3148 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:25:56.0937 3148 usbuhci - ok
19:25:57.0015 3148 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
19:25:57.0015 3148 usb_rndisx - ok
19:25:57.0062 3148 uts_bus (df8bb0e93518f74d943046a1162bbcdd) C:\WINDOWS\system32\DRIVERS\uts_bus.sys
19:25:57.0062 3148 uts_bus - ok
19:25:57.0156 3148 uts_mdfl (3427fe9a31e50d0dac3e062f8dd3be41) C:\WINDOWS\system32\DRIVERS\uts_mdfl.sys
19:25:57.0156 3148 uts_mdfl - ok
19:25:57.0234 3148 uts_mdm (8fa13cd6a1cf2612ddbc056d23c5c0ad) C:\WINDOWS\system32\DRIVERS\uts_mdm.sys
19:25:57.0234 3148 uts_mdm - ok
19:25:57.0296 3148 uts_serd (edd4d6275289014457e84ecb60ad5c2d) C:\WINDOWS\system32\DRIVERS\uts_serd.sys
19:25:57.0312 3148 uts_serd - ok
19:25:57.0390 3148 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\WINDOWS\system32\DRIVERS\VClone.sys
19:25:57.0390 3148 VClone - ok
19:25:57.0468 3148 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:25:57.0468 3148 VgaSave - ok
19:25:57.0531 3148 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:25:57.0531 3148 ViaIde - ok
19:25:57.0625 3148 videX32 (f95c0fcfbcbda6d8f202d2df4052f88d) C:\WINDOWS\system32\DRIVERS\videX32.sys
19:25:57.0625 3148 videX32 - ok
19:25:57.0812 3148 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe
19:25:57.0812 3148 Viewpoint Manager Service - ok
19:25:57.0890 3148 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
19:25:57.0890 3148 VolSnap - ok
19:25:57.0984 3148 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
19:25:57.0984 3148 VSS - ok
19:25:58.0250 3148 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
19:25:58.0250 3148 W32Time - ok
19:25:58.0500 3148 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:25:58.0500 3148 Wanarp - ok
19:25:58.0578 3148 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
19:25:58.0578 3148 Wdf01000 - ok
19:25:58.0609 3148 WDICA - ok
19:25:58.0687 3148 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:25:58.0687 3148 wdmaud - ok
19:25:58.0734 3148 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
19:25:58.0734 3148 WebClient - ok
19:25:58.0843 3148 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
19:25:58.0843 3148 winmgmt - ok
19:25:58.0984 3148 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
19:25:59.0000 3148 WinRM - ok
19:25:59.0078 3148 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
19:25:59.0078 3148 WmdmPmSN - ok
19:25:59.0218 3148 WMDrive (c71dd2cce94aed0b873164ac14f5609e) C:\WINDOWS\system32\drivers\WMDrive.sys
19:25:59.0218 3148 WMDrive - ok
19:25:59.0343 3148 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
19:25:59.0343 3148 Wmi - ok
19:25:59.0609 3148 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:25:59.0609 3148 WmiApSrv - ok
19:26:00.0281 3148 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
19:26:00.0281 3148 WMPNetworkSvc - ok
19:26:00.0640 3148 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:26:00.0640 3148 WpdUsb - ok
19:26:01.0062 3148 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:26:01.0078 3148 WPFFontCache_v0400 - ok
19:26:01.0343 3148 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:26:01.0343 3148 WS2IFSL - ok
19:26:01.0468 3148 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
19:26:01.0468 3148 wscsvc - ok
19:26:01.0531 3148 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
19:26:01.0546 3148 wuauserv - ok
19:26:01.0671 3148 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:26:01.0671 3148 WudfPf - ok
19:26:01.0750 3148 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\WUDFRd.SYS
19:26:01.0750 3148 WUDFRd - ok
19:26:01.0796 3148 WudfSvc (575a4190d989f64732119e4114045a4f) C:\WINDOWS\System32\WUDFSvc.dll
19:26:01.0796 3148 WudfSvc - ok
19:26:01.0906 3148 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
19:26:01.0906 3148 WZCSVC - ok
19:26:01.0968 3148 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
19:26:01.0968 3148 xmlprov - ok
19:26:02.0062 3148 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
19:26:02.0062 3148 YahooAUService - ok
19:26:02.0093 3148 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
19:26:03.0734 3148 \Device\Harddisk0\DR0 - ok
19:26:03.0750 3148 Boot (0x1200) (7a80ea5d9190db726a97b5c06fac5658) \Device\Harddisk0\DR0\Partition0
19:26:03.0750 3148 \Device\Harddisk0\DR0\Partition0 - ok
19:26:03.0750 3148 ============================================================
19:26:03.0750 3148 Scan finished
19:26:03.0750 3148 ============================================================
19:26:03.0765 2268 Detected object count: 2
19:26:03.0765 2268 Actual detected object count: 2
19:28:02.0562 2268 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
19:28:02.0562 2268 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
19:28:02.0562 2268 sptd ( LockedFile.Multi.Generic ) - skipped by user
19:28:02.0562 2268 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
19:28:22.0015 1656 Deinitialize success

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:28 AM

Posted 26 March 2012 - 03:34 AM

Lets ignore kaspersky issue and see if your PC is infected


DOwnload

http://support.kaspersky.com/downloads/utils/kavremover.exe

I would recommend you to uninstall kaspersky and reinstall it later

Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Edited by narenxp, 26 March 2012 - 03:45 AM.


#5 Exactly

Exactly
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 26 March 2012 - 05:00 PM

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-26 18:03:00
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST2000DL003-9VT166 rev.CC32
Running: 1tt748e2.exe; Driver: C:\DOCUME~1\JOSHUA~1\LOCALS~1\Temp\fgadqfow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xB3B40FBA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xB3B418B4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xB3B5AAEE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xB3B41E26]
SSDT sptd.sys ZwCreateKey [0xB9EBE0D0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xB3B41D14]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xB3B5AE06]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateProcess [0xB3B42056]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateProcessEx [0xB3B4221E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xB3B40D76]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xB3B41F3E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xB3B5C110]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xB3B415E6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xB3B5AECE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xB3B4253C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xB3B55084]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xB3B5688E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xB3B418F6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xB3B4353C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xB3B56088]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xB3B56A38]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xB3B4262E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xB3B55BC0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xB3B55E1C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xB3B5C130]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xB3B5930A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xB3B41EB8]
SSDT sptd.sys ZwOpenKey [0xB9EBE0B0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xB3B41DA0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xB3B411F4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xB3B4297E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xB3B41FD0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xB3B410E8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwPlugPlayControl [0xB3B5C120]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xB3B54EB8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xB3B56698]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryObject [0xB3B59500]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xB3B42EC0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xB3B56488]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xB3B427CE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xB3B55198]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xB3B5580C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xB3B5B048]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xB3B5AF96]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xB3B5B0B4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xB3B55A14]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xB3B433DE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xB3B5533E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKeyEx [0xB3B554D4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveMergedKeys [0xB3B55670]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xB3B5AC76]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xB3B41756]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xB3B423E8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xB3B43010]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xB3B56248]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xB3B43104]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xB3B4323E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xB3B4245E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateProcess [0xB3B41392]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xB3B412EA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xB3B42D78]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xB3B4147C]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAF84 5 Bytes JMP B3B339F0 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!IoIsOperationSynchronous 804EF912 5 Bytes JMP B3B33DCC \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!ZwCallbackReturn + 2C9C 80504538 12 Bytes [06, AE, B5, B3, 56, 20, B4, ...] {PUSH ES; SCASB ; MOV CH, 0xb3; PUSH ESI; AND [EBX+ESI*4-0x4c4bdde2], DH}
.text ntkrnlpa.exe!ZwCallbackReturn + 2CAC 80504548 16 Bytes [76, 0D, B4, B3, 3E, 1F, B4, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 2D68 80504604 12 Bytes [2E, 26, B4, B3, C0, 5B, B5, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 2EE4 80504780 16 Bytes [98, 51, B5, B3, 0C, 58, B5, ...] {CWDE ; PUSH ECX; MOV CH, 0xb3; OR AL, 0x58; MOV CH, 0xb3; DEC EAX; MOV AL, 0xb5; MOV BL, 0x96; SCASD ; MOV CH, 0xb3}
.text ntkrnlpa.exe!ZwCallbackReturn + 2F1C 805047B8 20 Bytes [DE, 33, B4, B3, 3E, 53, B5, ...]
.text ...
? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload B81048AC 5 Bytes JMP 8ADA9500

---- User code sections - GMER 1.0.15 ----

? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 6AC91765 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll (Ushata module/Kaspersky Lab ZAO)
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] USER32.dll!AlignRects 7E412A78 4 Bytes [E0, 13, 54, 67]
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 6AC91765 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll (Ushata module/Kaspersky Lab ZAO)
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] USER32.dll!AlignRects 7E412A78 4 Bytes [E0, 13, 54, 67]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EBEAD4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EBEC1A] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EBEB9C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EBF748] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EBF61E] sptd.sys
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [B96EEDC0] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [B96EEDC0] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 7DFF05F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 7DFF0664
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF06D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0370
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[960] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 7DFF05F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 7DFF0664
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF06D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0370
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[3108] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 7DFF0BE0

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8AF881E8
Device \FileSystem\Ntfs \Ntfs MDFSYSNT.sys (MacDrive file system driver/Mediafour Corporation)
Device \FileSystem\Udfs \UdfsCdRom 8AE1C790
Device \FileSystem\Udfs \UdfsDisk 8AE1C790

AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

Device \Driver\usbuhci \Device\USBPDO-0 8ADA8520
Device \Driver\usbuhci \Device\USBPDO-1 8ADA8520
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8AF8B1E8
Device \Driver\dmio \Device\DmControl\DmConfig 8AF8B1E8
Device \Driver\dmio \Device\DmControl\DmPnP 8AF8B1E8
Device \Driver\dmio \Device\DmControl\DmInfo 8AF8B1E8
Device \Driver\usbuhci \Device\USBPDO-2 8ADA8520
Device \Driver\usbuhci \Device\USBPDO-3 8ADA8520
Device \Driver\usbehci \Device\USBPDO-4 8AD541E8

AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

Device \Driver\Ftdisk \Device\HarddiskVolume1 8AF8C1E8

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)

Device \Driver\Cdrom \Device\CdRom0 8ADB61E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [B9E12B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B9E12B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B9E12B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [B9E12B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [B9E12B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 [B9E12B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A8C8790
Device \Driver\NetBT \Device\NetbiosSmb 8A8C8790

AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

Device \Driver\NetBT \Device\NetBT_Tcpip_{57D2E7BB-FE30-4219-A80E-64F1A67A56D1} 8A8C8790
Device \Driver\usbuhci \Device\USBFDO-0 8ADA8520
Device \Driver\usbuhci \Device\USBFDO-1 8ADA8520
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A809790
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver MDFSYSNT.sys (MacDrive file system driver/Mediafour Corporation)
Device \Driver\usbuhci \Device\USBFDO-2 8ADA8520
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A809790
Device \FileSystem\MRxSmb \Device\LanmanRedirector MDFSYSNT.sys (MacDrive file system driver/Mediafour Corporation)
Device \Driver\usbuhci \Device\USBFDO-3 8ADA8520
Device \Driver\usbehci \Device\USBFDO-4 8AD541E8
Device \Driver\Ftdisk \Device\FtControl 8AF8C1E8
Device \Driver\VClone \Device\Scsi\VClone1 8AC1C1E8
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer MDFSYSNT.sys (MacDrive file system driver/Mediafour Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer MDFSYSNT.sys (MacDrive file system driver/Mediafour Corporation)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer MDFSYSNT.sys (MacDrive file system driver/Mediafour Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer MDFSYSNT.sys (MacDrive file system driver/Mediafour Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer MDFSYSNT.sys (MacDrive file system driver/Mediafour Corporation)
Device \FileSystem\Cdfs \Cdfs 8A733790

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xD1 0x4F 0x23 0x75 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xD1 0x4F 0x23 0x75 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xD1 0x4F 0x23 0x75 ...

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\Joshua Crumpton\My Documents\Downloads\IK.Multimedia Mega Collection\IK.Multimedia.SampleTron.VSTi.RTAS.v1.0.Incl.Keygen-AiR\IK.Multimedia.SampleTron.VSTi.RTAS.v1.0.Incl.Keygen-AiR\IK.Multimedia.SampleTron.VSTi.RTAS.v1.0.Incl.Keygen-AiR\air.nfo.bd.ren 5883 bytes
File C:\Documents and Settings\Joshua Crumpton\My Documents\Downloads\IK.Multimedia Mega Collection\IK.Multimedia.SampleTron.VSTi.RTAS.v1.0.Incl.Keygen-AiR\IK.Multimedia.SampleTron.VSTi.RTAS.v1.0.Incl.Keygen-AiR\IK.Multimedia.SampleTron.VSTi.RTAS.v1.0.Incl.Keygen-AiR\file_id.diz.bd.ren 452 bytes
File C:\Documents and Settings\Joshua Crumpton\My Documents\Downloads\IK.Multimedia Mega Collection\IK.Multimedia.SampleTron.VSTi.RTAS.v1.0.Incl.Keygen-AiR\IK.Multimedia.SampleTron.VSTi.RTAS.v1.0.Incl.Keygen-AiR\IK.Multimedia.SampleTron.VSTi.RTAS.v1.0.Incl.Keygen-AiR\SampleTron Instruments Setup.exe.bd.ren 90747814 bytes

---- EOF - GMER 1.0.15 ----

#6 Exactly

Exactly
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 26 March 2012 - 05:03 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-26 18:04:52
-----------------------------
18:04:52.062 OS Version: Windows 5.1.2600 Service Pack 3
18:04:52.062 Number of processors: 2 586 0x4303
18:04:52.062 ComputerName: YOUR-0C38505533 UserName: Joshua Crumpton
18:04:52.078 Initialze error C0000022 - driver not loaded
18:05:09.953 AVAST engine download error: 0
18:05:47.484 Service scanning
18:05:48.390 Modules scanning
18:05:48.390 Disk 0 trace - called modules:
18:05:48.390
18:05:48.390 Scan finished successfully
18:06:07.375 The log file has been saved successfully to "C:\Documents and Settings\Joshua Crumpton\My Documents\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-26 18:07:53
-----------------------------
18:07:53.343 OS Version: Windows 5.1.2600 Service Pack 3
18:07:53.343 Number of processors: 2 586 0x4303
18:07:53.343 ComputerName: YOUR-0C38505533 UserName: Joshua Crumpton
18:07:53.359 Initialze error C0000022 - driver not loaded
18:07:59.640 AVAST engine download error: 0
18:08:10.734 Service scanning
18:08:12.015 Modules scanning
18:08:12.015 Disk 0 trace - called modules:
18:08:12.015
18:08:12.015 Scan finished successfully
18:08:15.781 The log file has been saved successfully to "C:\Documents and Settings\Joshua Crumpton\My Documents\aswMBR.txt"





I am assuming something stopped aswMBR from updating? so it didnt scan I am going o run rkill then try to download and scan again

rkill ran sucessfully and aswMBR ran but driver didnt load and definitions didnt download

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 03/27/2012 at 1:34:42.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:

C:\Documents and Settings\Joshua Crumpton\Local Settings\Application Data\Lexar Media\LxrAutorun.exe
C:\Documents and Settings\Joshua Crumpton\Local Settings\Application Data\Akamai\netsession_win.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Documents and Settings\Joshua Crumpton\Local Settings\Application Data\Akamai\netsession_win.exe


Rkill completed on 03/27/2012 at 1:34:54.

Edited by Exactly, 27 March 2012 - 12:34 AM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:28 AM

Posted 27 March 2012 - 02:00 AM

Try running aswmbr in safemode

#8 Exactly

Exactly
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 27 March 2012 - 02:32 AM

Safe mode updated running now and finished

#9 Exactly

Exactly
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 27 March 2012 - 02:35 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-27 03:33:30
-----------------------------
03:33:30.687 OS Version: Windows 5.1.2600 Service Pack 3
03:33:30.687 Number of processors: 2 586 0x4303
03:33:30.687 ComputerName: YOUR-0C38505533 UserName: Administrator
03:33:48.078 Initialize success
03:35:31.640 AVAST engine defs: 12032602
03:35:36.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
03:35:36.281 Disk 0 Vendor: ST2000DL003-9VT166 CC32 Size: 1907729MB BusType: 3
03:35:36.359 Disk 0 MBR read successfully
03:35:36.406 Disk 0 MBR scan
03:35:36.468 Disk 0 Windows XP default MBR code
03:35:36.515 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1907726 MB offset 63
03:35:36.562 Disk 0 scanning sectors +3907024065
03:35:36.734 Disk 0 scanning C:\WINDOWS\system32\drivers
03:36:05.375 Service scanning
03:36:57.984 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
03:37:07.109 Modules scanning
03:37:17.359 Disk 0 trace - called modules:
03:37:17.468 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x8b34f8ac]<<
03:37:21.750 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b2efab8]
03:37:22.000 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\0000008a[0x8b2e2ba8]
03:37:22.234 5 ACPI.sys[f74ac620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8b2d6d98]
03:37:57.421 AVAST engine scan C:\WINDOWS
03:38:05.218 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Joshua Crumpton\My Documents\MBR.dat"
03:38:05.453 The log file has been saved successfully to "C:\Documents and Settings\Joshua Crumpton\My Documents\1111.txt"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:28 AM

Posted 27 March 2012 - 02:43 AM

That looks clean

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#11 Exactly

Exactly
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 27 March 2012 - 02:54 AM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Administrator (administrator) on 27-03-2012 at 03:57:00
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Nerwork
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Could not flush the DNS Resolver Cache: Function failed during execution.




========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================







127.0.0.1 localhost
127.0.0.1 rond.starsdoor.com
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 www.aaa-livedoor.net 127.0.0.1 www.abcsearcher.com 127.0.0.1 abc-search.info
127.0.0.1 abloga.info 127.0.0.1 www.abx4.com 127.0.0.1 www.acezip.net 127.0.0.1 phpadsnew.abac.com
127.0.0.1 a.abnad.net
127.0.0.1 b.abnad.net
127.0.0.1 c.abnad.net 127.0.0.1 d.abnad.net
127.0.0.1 e.abnad.net
127.0.0.1 t.abnad.net
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 a-commando.info 127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 gtcc1.acecounter.com
127.0.0.1 gtp1.acecounter.com
127.0.0.1 acestats.com

There are 10330 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

VIA Rhine II Fast Ethernet Adapter = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : your-0c38505533

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Mixed

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : buffalo.rr.com



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : buffalo.rr.com

Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter

Physical Address. . . . . . . . . : 00-1D-60-B7-BF-43

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.104

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

209.18.47.61

209.18.47.62

Lease Obtained. . . . . . . . . . : Tuesday, March 27, 2012 3:31:47 AM

Lease Expires . . . . . . . . . . : Wednesday, March 28, 2012 3:31:47 AM

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 173.194.43.34, 173.194.43.35, 173.194.43.36, 173.194.43.37
173.194.43.38, 173.194.43.39, 173.194.43.40, 173.194.43.41, 173.194.43.46
173.194.43.32, 173.194.43.33



Pinging google.com [173.194.43.33] with 32 bytes of data:



Reply from 173.194.43.33: bytes=32 time=79ms TTL=51

Reply from 173.194.43.33: bytes=32 time=70ms TTL=51



Ping statistics for 173.194.43.33:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 70ms, Maximum = 79ms, Average = 74ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24, 209.191.122.70, 72.30.38.140



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=129ms TTL=47

Reply from 98.139.183.24: bytes=32 time=179ms TTL=47



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 129ms, Maximum = 179ms, Average = 154ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 60 b7 bf 43 ...... VIA Compatable Fast Ethernet Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.104 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.104 192.168.1.104 20
192.168.1.104 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.104 192.168.1.104 20
224.0.0.0 240.0.0.0 192.168.1.104 192.168.1.104 20
255.255.255.255 255.255.255.255 192.168.1.104 192.168.1.104 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/27/2012 00:37:02 AM) (Source: JavaQuickStarterService) (User: )
Description: Unable to open C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory

Error: (03/26/2012 06:22:53 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to open C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory

Error: (03/26/2012 01:13:46 PM) (Source: JavaQuickStarterService) (User: )
Description: Unable to open C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf: No such file or directory

Error: (03/26/2012 01:28:00 AM) (Source: Application Error) (User: )
Description: Faulting application javara.exe, version 1.16.1.1763, faulting module msvcrt.dll, version 7.0.2600.5512, fault address 0x00032a16.
Processing media-specific event for [javara.exe!ws!]

Error: (03/24/2012 07:25:12 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x063233ec.
Processing media-specific event for [explorer.exe!ws!]

Error: (03/22/2012 00:39:35 AM) (Source: Application Error) (User: )
Description: Faulting application winmount3.exe, version 3.2.0.1, faulting module mountplug.dll, version 3.1.0.1, fault address 0x00003557.
Processing media-specific event for [winmount3.exe!ws!]

Error: (03/01/2012 09:01:26 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x064f33ec.
Processing media-specific event for [explorer.exe!ws!]

Error: (02/16/2012 05:37:16 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (02/13/2012 07:13:04 PM) (Source: Application Error) (User: )
Description: Faulting application fl.exe, version 0.0.0.0, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00011689.
Processing media-specific event for [fl.exe!ws!]

Error: (01/18/2012 09:14:52 PM) (Source: MsiInstaller) (User: Joshua Crumpton)Joshua Crumpton
Description: Product: Dealio Toolbar v4.1 -- Error 1316.A network error occurred while attempting to read from the file C:\WINDOWS\Installer\dealioToolbar.msi


System errors:
=============
Error: (03/27/2012 03:46:40 AM) (Source: DCOM) (User: Administrator)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/27/2012 03:40:18 AM) (Source: DCOM) (User: Administrator)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/27/2012 03:38:01 AM) (Source: DCOM) (User: Administrator)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/27/2012 03:33:09 AM) (Source: DCOM) (User: Administrator)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/27/2012 03:32:59 AM) (Source: DCOM) (User: Administrator)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/27/2012 03:32:48 AM) (Source: DCOM) (User: Administrator)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (03/27/2012 03:32:34 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AmdK8
ASPI32
ElbyCDIO
Fips
HWiNFO32
KLIF
MDFSYSNT
SASDIFSV
SASKUTIL

Error: (03/27/2012 03:32:24 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/27/2012 00:37:06 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated with service-specific error 1 (0x1).

Error: (03/26/2012 06:22:58 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated with service-specific error 1 (0x1).


Microsoft Office Sessions:
=========================
Error: (06/20/2009 02:40:20 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 6Microsoft Office Outlook12.0.6504.500012.0.6215.100020

Error: (06/20/2009 02:40:13 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 6Microsoft Office Outlook12.0.6504.500012.0.6215.100030

Error: (06/20/2009 02:40:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 6Microsoft Office Outlook12.0.6504.500012.0.6215.100010

Error: (06/20/2009 02:39:31 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: 6Microsoft Office Outlook12.0.6504.500012.0.6215.100050


=========================== Installed Programs ============================

A-PDF Merger
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Adobe AIR (Version: 3.2.0.1320)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Dreamweaver CS3 (Version: 9)
Adobe Dreamweaver CS3 (Version: 9.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.160)
Adobe Flash Player 11 Plugin (Version: 11.2.202.160)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Adobe® CreatePDF Desktop (Version: 1.015)
Advanced SystemCare 4 (Version: 4.0.1)
AIM 7
Akamai NetSession Interface Service
AnyDVD (Version: 6.7.1.0)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
Ares 2.1.6 (Version: 2.1.6-Build#3040)
ASIO4ALL (Version: 2.10)
AviSynth 2.5
BassStation (Version: 01.30.0000)
BearShare
Collab
ConvertXtoDVD 3.0.0.1 (Version: 3.0.0.1)
CPUID HWMonitor 1.19
Data Lifeguard Diagnostic for Windows (Version: 1.13)
Dealio Toolbar v4.1 (Version: 4.1)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Delta (Version: 5.10.00.5069v3)
Download Updater (AOL LLC)
ESET Online Scanner v3
File Shredder 2.0
FileHippo.com Update Checker
FL Studio 10
FL Studio 9
Gladiator v1.2.2
Gladiator v1.2.2.0
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.111)
HTC Driver Installer (Version: 3.0.0.007)
HWiNFO32 Version 3.93 (Version: 3.93)
IL Download Manager
ImgBurn (Version: 2.5.6.0)
Imikimi Plugin
IMM4 VCM Codec 4.0.0.2
iTunes (Version: 10.5.0.142)
iWin Games (remove only)
iZotope Ozone 3 (Version: 3.05)
iZotope Ozone 4 (Version: 4.00)
iZotope Stutter Edit (Version: 1.00)
iZotope Vinyl (Version: 1.61)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 30 (Version: 6.0.300)
Java™ 7 Update 3 (Version: 7.0.30)
Kaspersky Internet Security 2012 (Version: 12.0.0.374)
KORG USB MIDI Driver Tool (Version: 1.00.0000)
Lazesoft Recover My Password version 1.0 Professional Edition (Version: 1.0)
Lexmark 2600 Series
LibUSB-Win32-0.1.12.1 (Version: 0.1.12.1)
LUXONIX Purity (Version: 1.2.1)
Macromedia Extension Manager (Version: 1.7.240)
Macromedia Flash 8 (Version: 8.00.0000)
Macromedia Flash 8 Video Encoder (Version: 1.00.0000)
Magic DVD Ripper V5.4.2
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Media Player Utilities 4.24 (Version: 4.24)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft ActiveSync (Version: 4.5.5096.0)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Silverlight (Version: 5.0.61118.0)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.4734.1000)
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) (Version: 8.00.761)
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft WinUsb 1.0
Microsoft XML Parser (Version: 8.70.1104.04)
mIRC (Version: 7.22)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
Mp3 Song Plays Increaser
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
MySpaceIM (Version: 1.0.754.0)
Native Instruments Absynth 4
Native Instruments Kontakt 5
Native Instruments Kontakt 5 (Version: 5.0.1.5371)
Native Instruments Service Center
Native Instruments Service Center (Version: 2.2.6.676)
Nero 8 (Version: 8.2.89)
neroxml (Version: 1.0.0)
Nitro Reader 2 (Version: 2.1.1.3)
Notepad++ (Version: 5.9)
PC Washer 2.2.5 Build 040409
PDF Settings (Version: 1.0)
PeerBlock 1.0+ (r484) (Version: 1.0.0.484)
Platform (Version: 1.21)
PoiZone
QuickLink Mobile (Version: 4.8.0)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver (Version: 5.10.0.6526)
ReCycle 2.2.1 (Version: 2.2.1)
reFX Nexus VSTi RTAS v2.2.0
RS Somnífero (Version: 2.7.2005.4163)
SAMSUNG Mobile Modem Driver Set
Sawer
Seagate DiscWizard (Version: 11.0.8326)
SeaTools for Windows (Version: 1.2.0.6)
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
Segoe UI (Version: 14.0.4327.805)
Skype Toolbars (Version: 5.3.7555)
Skype™ 5.3 (Version: 5.3.120)
Sony Media Manager 2.0 (Version: 2.0.30)
Sony Sound Forge 8.0b (Version: 8.0.110)
Sony Vegas Pro 8.0 (Version: 8.0.217)
SopCast 3.4.8 (Version: 3.4.8)
SpeedFan (remove only)
Steinberg Hypersonic 2
SUPERAntiSpyware (Version: 4.42.1000)
swMSM (Version: 12.0.0.1)
Sylenth1 v1.01.3
Syncrosoft's License Control
SyncroSoft Emu (Remove only)
Tone2 Firebird VSTi v1.2.1
TouchCopy 09 (Version: 9.30)
Toxic Biohazard
Trapster Mobile 2
Trilogy
UltraISO Premium V8.51
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2010 (KB2553092)
Update for Windows Internet Explorer 8 (KB971930) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
UTStarcom USB Modem Software
VCRedistSetup (Version: 1.0.0)
Veetle TV 0.9.18 (Version: 0.9.18)
VIA Chrome9 HC IGP Family Display 6.14.10.0133
VIA Platform Device Manager (Version: 1.21)
VIA Rhine-Family Fast-Ethernet Adapter
VIA/S3G Display Driver 6.14.10.0075
Viewpoint Media Player
VirtualCloneDrive
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 2.0.1 (Version: 2.0.1)
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) (Version: 05/27/2006 1.3.2.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.8.0031.9)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Mobile® Device Handbook (Version: 1.0)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinMount V3.2.0319 (Version: 3.2.0319)
WinRAR archiver
WinX DVD Ripper 5.5.3
WinZip 12.1 (Version: 12.1.8519)
WModem Driver Installer (Version: 2.0.6.9)
XML Paper Specification Shared Components Pack 1.0
XP Codec Pack
XPlay 3 (Version: 3.0.1)
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 3071.21 MB
Available physical RAM: 2361.28 MB
Total Pagefile: 4954.95 MB
Available Pagefile: 4480.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.82 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:1863.01 GB) (Free:1487.23 GB) NTFS

========================= Users: ========================================

User accounts for \\YOUR-0C38505533

Administrator ASPNET Guest
HelpAssistant Joshua Crumpton SUPPORT_388945a0
vic


**** End of log ****

#12 Exactly

Exactly
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 27 March 2012 - 03:02 AM

i got a log from avast and posted it ..it kept scanning and i got an error..program closed

ESET still scanning

#13 Exactly

Exactly
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 27 March 2012 - 10:43 AM

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.27.02

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
Administrator :: YOUR-0C38505533 [administrator]

3/27/2012 4:13:31 AM
mbam-log-2012-03-27 (04-13-31).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 498474
Time elapsed: 2 hour(s), 49 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#14 Exactly

Exactly
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 27 March 2012 - 10:45 AM

Not sure where eset log saves to but it came back clean

#15 Exactly

Exactly
  • Topic Starter

  • Members
  • 95 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:28 AM

Posted 27 March 2012 - 10:48 AM

I dont know why but sptd.sys bothers me and Akainetsessions i think its called i think something has attached itself to that when i run safe mode i noticed it loads what is needs but specifically ask if i want sptd to load and akainetsessions is always rkill'd to let me scan something




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users