Inactive Computer running slow

keith 1000 · 2012/10/10

[Inactive] Computer running slow

Hi Guys

Well its been almost exactly a year since i have written. my CPU has been seeming slow lately. i have Kaspersky IS 2011. i have done full system scan it quarentined 3 items i think) now i tried and tried to follow the instruction to do all the scans, well i "could not" get DDS to load, and read that im not the only one and read a few pages where that scan got replaced with combofix so i went on my own and did it. also i missed the part about unchecking the free pro on malwarebytes, so i deleted it and loaded it again but couldnt cancel the trial, sorry.
thx for the help
keith

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-10-08 23:29:10
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDT725032VLA380 rev.V54OA73A
Running: 3jbcm0ib.exe; Driver: C:\Users\KEITH&~1\AppData\Local\Temp\fgloqpow.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x89EF0D50]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x89EF2F8E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x89EF3208]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x89EF347E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x89EF1664]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x89EF2498]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x89EF29E2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x89EF1940]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x89EF28C8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x89EF093E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x89EF279C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x89EF0AE6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x89EF2B02]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSymbolicLinkObject [0x89F0A1F0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x89EF12EA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x89EF13E8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateUserProcess [0x89EF36C8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x89EF2832]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x89EF41F0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0x89EF1DC2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x89EF53FE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x89EF1BD0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x89EF42E2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x89F0A220]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x89EF2A78]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x89EF16E6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x89EF2958]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x89EF0F8E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x89EF47E4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x89EF2B98]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x89EF0E7E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwPlugPlayControl [0x89F0A200]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x89EF3782]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x89EF4D84]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x89EF4676]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplaceKey [0x89EEF5F8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x89EF2EFC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x89EF2DC2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x89EF3F8A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRestoreKey [0x89EEF970]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x89EF52A0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSaveKey [0x89EEF590]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x89EF21DE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x89EF1506]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x89EF3824]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSecurityObject [0x89EF4480]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x89EF4ED4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x89EF4FC6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x89EF5100]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x89EF4114]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x89EF1134]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x89EF108A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x89EF4C28]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x89EF1220]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82E763C9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82EAFD52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10D7 82EB6D8C 4 Bytes [50, 0D, EF, 89]
.text ntkrnlpa.exe!KeRemoveQueueEx + 10FF 82EB6DB4 8 Bytes [8E, 2F, EF, 89, 08, 32, EF, ...]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1143 82EB6DF8 4 Bytes [7E, 34, EF, 89]
.text ntkrnlpa.exe!KeRemoveQueueEx + 116F 82EB6E24 4 Bytes [64, 16, EF, 89]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1193 82EB6E48 4 Bytes [98, 24, EF, 89]
.text ...

---- User code sections - GMER 1.0.15 ----

? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] C:\Windows\SYSTEM32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: KERNELBASE.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] USER32.dll!NotifyWinEvent + 6AE 7607D66C 4 Bytes [E0, 13, 46, 6C] {LOOPNZ 0x15; INC ESI; INSB }
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] C:\Windows\SYSTEM32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] C:\Windows\system32\kernel32.dll time/date stamp mismatch; unknown module: KERNELBASE.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] USER32.dll!NotifyWinEvent + 6AE 7607D66C 4 Bytes [E0, 13, 46, 6C] {LOOPNZ 0x15; INC ESI; INSB }

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 00240240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 002402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 00240320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 00240390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 779E0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 779E0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 779E07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 779E08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 76220E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 76220E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 76220EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 76220F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 01340010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 01340080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 013400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 779E0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExA] 01340160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013401D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 01340240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 779E0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 779E0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 002502B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 01340A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 01340B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 01340B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 00250320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 00250400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 01340BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 01340C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 01340CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 01340D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 01340DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 01340E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 01340E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 01340EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 01340F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 01350010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01350080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 00250470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 002504E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013500F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 01350160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 013501D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 01350240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 013502B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 01350320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetModuleHandleA] 01350390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 00250550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 002505C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 00250630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 002506A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 01350400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 01350470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 00250710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 013504E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 01350550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 013505C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] 01350630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013506A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 01350710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 01350780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 013507F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 01350860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 002509B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 00250A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 00250A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 01360010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 01360080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 779E0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 779E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlFreeHeap] 779E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[3544] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlAllocateHeap] 779E0010
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [746C24CB] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [746A562E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [746A56EC] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [746C2546] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [746B85AA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [746B4D5E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [746B5105] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [746B51DA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [746B6707] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [746B8301] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [746B8850] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [746B90B1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [746BE254] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[3896] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [746B4C90] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 003B0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 003B02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 003B0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 003B0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 779E0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 779E0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 779E07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 779E08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleFileNameW] 76220E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] 76220E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 76220EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 76220F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] 004B0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 004B0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] 004B00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 779E0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExA] 004B0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 004B01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 004B0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 779E0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 779E0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 003C02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] 004B0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] 004B0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] 004B0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 003C0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 003C0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameA] 004B0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleFileNameW] 004B0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 004B0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 004B0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] 004B0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] 004B0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 004B0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 004B0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] 004B0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 004C0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 004C0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 003C0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 003C04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 004C00F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] 004C0160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] 004C01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] 004C0240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 004C02B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 004C0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetModuleHandleA] 004C0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 003C0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 003C05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 003C0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 003C06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 004C0400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] 004C0470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 003C0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateProcessW] 004C04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameA] 004C0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 004C05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] 004C0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 004C06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 004C0710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 004C0780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] 004C07F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleFileNameW] 004C0860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 003C09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 003C0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 003C0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] 004D0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] 004D0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 779E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 779E0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 779E0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 779E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlFreeHeap] 779E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlAllocateHeap] 779E0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 779E0080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 779E0010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!HeapFree] 779E0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleW] 762202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!VirtualAlloc] 779E0390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 762205C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleFileNameW] 762201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] 76220470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] 76220400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] 76220390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 76220320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 762200F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryExA] 76220400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 762200F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 762202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 76220320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 762205C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!HeapFree] 779E0320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] 762204E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 762205C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] 76220470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 76220320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] 76220390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 762200F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameW] 762201D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 762202B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleFileNameA] 76220160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateThread] 779E01D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[6632] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 76220240

---- Devices - GMER 1.0.15 ----

Device \Driver\ACPI_HAL \Device\00000051 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume8 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

---- EOF - GMER 1.0.15 ----

keith 1000 · 2012/10/10

ComboFix 12-10-09.01 - Keith&Carrie 10/09/2012 23:03:08.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2047.1144 [GMT -4:00]
Running from: c:\users\Keith&Carrie\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\KEITH&~1\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
c:\users\Keith&Carrie\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-09-10 to 2012-10-10 )))))))))))))))))))))))))))))))
.
.
2012-10-10 03:38 . 2012-10-10 03:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-10 03:09 . 2012-10-10 04:41 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F91F7DA-3736-42D7-805F-054890A3269F}\offreg.dll
2012-10-09 15:51 . 2012-09-19 04:59 6980552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F91F7DA-3736-42D7-805F-054890A3269F}\mpengine.dll
2012-10-09 02:14 . 2012-10-09 02:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-09 02:14 . 2012-09-07 21:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-08 23:43 . 2012-10-08 23:43 -------- d-----w- c:\users\Keith&Carrie\AppData\Roaming\Malwarebytes
2012-10-08 23:42 . 2012-10-08 23:42 -------- d-----w- c:\programdata\Malwarebytes
2012-10-08 19:00 . 2012-10-09 02:33 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-10-08 19:00 . 2012-10-08 19:03 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-10-08 18:23 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-08 18:23 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-10-08 18:23 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-10-08 18:23 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-10-08 18:23 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-10-08 18:23 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-10-08 18:23 . 2012-08-02 16:57 490496 ----a-w- c:\windows\system32\d3d10level9.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-18 17:47 . 2012-08-20 02:48 2345984 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail "= "c:\program files\IncrediMail\bin\IncMail.exe" [2012-03-22 366024]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"SpybotSD TeaTimer "= "c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update "= "c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon "= "c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"IntelliPoint "= "c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 1797008]
"itype "= "c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 1778064]
"InstaLAN "= "c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208]
"AVP "= "c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2012-01-19 352976]
"SunJavaUpdateSched "= "c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM "= "c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
c:\users\Keith&Carrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin "= 5 (0x5)
"ConsentPromptBehaviorUser "= 3 (0x3)
"EnableUIADesktopToggle "= 0 (0x0)
"PromptOnSecureDesktop "= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs "=c:\progra~1\KASPER~1\KASPER~2\mzvkbd3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring "=dword:00000001
.
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\DRIVERS\VSTBS23.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vpcuxd;USB Virtualization Stub Service;c:\windows\system32\drivers\vpcuxd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [x]
S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - (no file)
WebBrowser-{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial "=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5668)
c:\program files\Spybot - Search & Destroy\SDHelper.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe
c:\windows\system32\slserv.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Belkin\Belkin USB Print and Storage Center\connect.exe
c:\program files\Belkin\Router Setup and Monitor\BelkinSetup.exe
c:\program files\Belkin\Router Setup and Monitor\dlnaPlugin.exe
c:\program files\IncrediMail\Bin\ImApp.exe
c:\program files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
c:\program files\IncrediMail\Bin\ImNotfy.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Completion time: 2012-10-10 12:30:51 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-10 16:30
.
Pre-Run: 117,208,092,672 bytes free
Post-Run: 115,988,365,312 bytes free
.
- - End Of File - - A8522BA41DB1962F0073EC7D15C580A6

keith 1000 · 2012/10/10

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-09 21:41:45
-----------------------------
21:41:45.833 OS Version: Windows 6.1.7601 Service Pack 1
21:41:45.833 Number of processors: 2 586 0x6B02
21:41:45.849 ComputerName: KEITH-PC UserName:
21:42:03.650 Initialize success
21:43:55.427 AVAST engine defs: 12100901
21:44:06.831 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:44:06.831 Disk 0 Vendor: Hitachi_HDT725032VLA380 V54OA73A Size: 305245MB BusType: 3
21:44:06.862 Disk 0 MBR read successfully
21:44:06.862 Disk 0 MBR scan
21:44:06.862 Disk 0 Windows 7 default MBR code
21:44:06.878 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 9993 MB offset 63
21:44:06.893 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 147761 MB offset 20466810
21:44:06.909 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 76850 MB offset 323083215
21:44:06.924 Disk 0 Partition - 00 0F Extended LBA 70629 MB offset 480472020
21:44:06.940 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 70629 MB offset 480472083
21:44:06.940 Disk 0 scanning sectors +625121280
21:44:07.002 Disk 0 scanning C:\Windows\system32\drivers
21:44:29.560 Service scanning
21:44:38.780 Service kl1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
21:44:38.827 Service kl2 C:\Windows\system32\DRIVERS\kl2.sys **LOCKED** 5
21:44:38.998 Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
21:44:39.045 Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
21:44:58.077 Modules scanning
21:45:08.623 Disk 0 trace - called modules:
21:45:08.638 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:45:08.654 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86702590]
21:45:08.654 3 CLASSPNP.SYS[89b9459e] -> nt!IofCallDriver -> [0x86593898]
21:45:08.669 5 ACPI.sys[83f543d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x86586908]
21:45:09.184 AVAST engine scan C:\Windows
21:45:11.540 AVAST engine scan C:\Windows\system32
21:49:42.148 AVAST engine scan C:\Windows\system32\drivers
21:50:18.699 AVAST engine scan C:\Users\Keith&Carrie
21:55:05.314 Disk 0 MBR has been saved successfully to "C:\Users\Keith&Carrie\Documents\MBR.dat "
21:55:05.329 The log file has been saved successfully to "C:\Users\Keith&Carrie\Documents\aswMBR.txt "

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.09.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Keith&Carrie :: KEITH-PC [administrator]

Protection: Disabled

10/8/2012 10:16:01 PM
mbam-log-2012-10-08 (22-16-01).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 191424
Time elapsed: 7 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

broni · 2012/10/10

We're not dealing with any infection here.

Please create new topic in Windows forum.

keith 1000 · 2012/10/10

hi there.
thankyou very very much. so out of all that data you conclude there is no virus? well that is great. what should i say in another window thread?
again thankyou.

broni · 2012/10/10

Describe your issues and let people know that malware check came up clean.

keith 1000 · 2012/10/10

ok thx

broni · 2012/10/10

You're very welcome

Log in or Sign up

Inactive Computer running slow

keith 1000 Inactive Thread Starter

keith 1000 Inactive Thread Starter

keith 1000 Inactive Thread Starter

broni Moderator Malware Analyst

keith 1000 Inactive Thread Starter

broni Moderator Malware Analyst

keith 1000 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Inactive Computer running slow

keith 1000 Inactive Thread Starter

keith 1000 Inactive Thread Starter

keith 1000 Inactive Thread Starter

broni Moderator Malware Analyst

keith 1000 Inactive Thread Starter

broni Moderator Malware Analyst

keith 1000 Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches