dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1193
BlueJay
join:2007-11-06

BlueJay

Member

A question before proceeding with mandatory steps

Can I preform the steps in Safe Mode? I am using that now because a strange blue screen knocked me out.

Thanks. bj

LoPhatPhuud
MVM
join:2002-01-06
Albuquerque, NM

LoPhatPhuud

MVM

Yes you can.
BlueJay
join:2007-11-06

BlueJay

Member

Thanks LPP, as it turned out, I was able to get out of the safe mode and do the steps in regular mode..

A little background.. My husband got a strange blue screen, vertical columns of blue squares, looked like dashes, with some sort of message which flashed by so fast I couldn't read.. I did a number of scans while in safe mode and couldn't find anything.. So figured all was OK.. Went back and was clearing my mind with Spider Solitaire, and I got hit with the same thing.. Here are my logs.. And many thanks in advance for any help and insight.. ciao, bj

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.07.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19272
user :: USER-PC [administrator]

8/7/2012 4:08:43 PM
mbam-log-2012-08-07 (16-08-43).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 358803
Time elapsed: 1 hour(s), 11 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

OTL logfile created on: 8/7/2012 5:25:11 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\user\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 49.27% Memory free
4.23 Gb Paging File | 3.13 Gb Available in Paging File | 73.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290.30 Gb Total Space | 205.57 Gb Free Space | 70.81% Space Free | Partition Type: NTFS
Drive D: | 7.79 Gb Total Space | 0.72 Gb Free Space | 9.22% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 261.22 Gb Free Space | 87.63% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012/08/07 16:00:31 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
PRC - [2012/05/15 05:27:34 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/04/24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/06/02 19:50:34 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/06/02 19:50:32 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/01/15 12:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/11/20 07:34:52 | 000,155,648 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/09/28 09:42:24 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2006/09/03 14:32:28 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2011/04/24 23:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll
MOD - [2011/04/24 23:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll
MOD - [2011/04/24 23:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll
MOD - [2011/04/24 23:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll
MOD - [2011/04/24 23:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll
MOD - [2011/04/24 23:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll
MOD - [2011/04/20 19:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Auto | Stopped] -- C:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/04/24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2008/06/02 19:50:34 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/09/11 20:02:44 | 000,544,256 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2006/09/11 20:01:04 | 000,167,936 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2006/09/11 19:56:32 | 000,075,264 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2006/09/11 19:56:20 | 000,188,416 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2006/09/03 14:32:28 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/01 03:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2006/05/10 13:13:52 | 000,029,696 | R--- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Internet Explorer\SABProcEnum.sys -- (SABProcEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys -- (BOCDRIVE)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/05/15 06:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/04/14 14:52:30 | 000,570,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/03/10 18:36:18 | 000,023,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2011/03/04 13:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2011/03/04 13:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2010/07/27 04:14:58 | 006,842,464 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2010/07/27 04:12:50 | 000,282,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/07/27 04:07:10 | 000,020,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/02/01 02:55:10 | 000,690,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/01/15 03:43:28 | 000,354,432 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hcw18bda.sys -- (hcw18bda)
DRV - [2005/12/12 12:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://129.164.179.22/apod/astropix.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {47609517-63FA-46B5-A6CE-BBE9F4B62693}
IE - HKCU\..\SearchScopes\{47609517-63FA-46B5-A6CE-BBE9F4B62693}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012/05/04 09:35:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012/05/04 09:35:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012/05/04 09:35:20 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2012/08/07 13:22:05 | 000,443,859 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15247 more lines...
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CCUTRAYICON] FactoryMode File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Value error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6CF6F285-8254-44B5-BBCD-7C39E3653AEB}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 0
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012/08/07 16:00:30 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2012/08/07 15:58:26 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\TFC.exe
[2012/08/07 11:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/08/07 11:30:44 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2012/08/07 11:30:44 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2012/08/07 11:30:44 | 015,322,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2012/08/07 11:30:44 | 011,354,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2012/08/07 11:30:44 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2012/08/07 11:30:44 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2012/08/07 11:30:44 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2012/08/07 11:30:44 | 002,368,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2012/08/07 11:30:44 | 001,000,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2012/08/07 11:30:44 | 000,883,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll
[2012/08/07 11:27:58 | 124,586,272 | ---- | C] (NVIDIA Corporation) -- C:\Users\user\Desktop\301.42-desktop-win7-winvista-32bit-english-whql.exe
[2012/07/11 15:12:44 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/07/11 15:07:07 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/07/10 00:09:24 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\how to run tracert
[2012/07/08 23:55:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/07/08 23:54:32 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/07/08 23:53:56 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/07/08 23:53:56 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/07/08 23:53:13 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/07/08 23:53:13 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012/08/07 16:12:10 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/07 16:12:10 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/07 16:04:49 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/07 16:04:49 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/07 16:04:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/07 16:00:47 | 000,881,494 | ---- | M] () -- C:\Users\user\Desktop\SecurityCheck.exe
[2012/08/07 16:00:31 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2012/08/07 15:58:27 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\TFC.exe
[2012/08/07 14:25:02 | 000,376,712 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/07 14:18:37 | 000,000,680 | ---- | M] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2012/08/07 13:22:05 | 000,443,859 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/08/07 13:00:11 | 352,212,132 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/07 11:27:58 | 124,586,272 | ---- | M] (NVIDIA Corporation) -- C:\Users\user\Desktop\301.42-desktop-win7-winvista-32bit-english-whql.exe
[2012/08/06 15:45:05 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForuser.job
[2012/08/04 14:40:36 | 040,152,773 | ---- | M] () -- C:\Users\user\Desktop\GSR-08.03.12-c.mp3
[2012/07/31 11:11:58 | 000,475,849 | ---- | M] () -- C:\Users\user\Documents\bookmark 7~31~12.htm
[2012/07/30 13:07:26 | 000,443,859 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120807-132205.backup
[2012/07/30 10:11:08 | 000,136,192 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/28 09:54:40 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/28 09:54:40 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/23 10:10:09 | 000,116,189 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2012/07/23 10:10:09 | 000,098,168 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2012/07/18 20:49:22 | 000,443,556 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120730-130726.backup
[2012/07/12 09:45:25 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/08 23:53:01 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/07/08 23:53:01 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/08/07 16:00:46 | 000,881,494 | ---- | C] () -- C:\Users\user\Desktop\SecurityCheck.exe
[2012/08/04 14:40:35 | 040,152,773 | ---- | C] () -- C:\Users\user\Desktop\GSR-08.03.12-c.mp3
[2012/07/31 11:11:46 | 000,475,849 | ---- | C] () -- C:\Users\user\Documents\bookmark 7~31~12.htm
[2012/04/14 14:59:16 | 000,017,408 | ---- | C] () -- C:\Users\user\AppData\Local\WebpageIcons.db
[2012/04/14 14:56:42 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2012/04/14 14:56:42 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2011/03/11 12:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2010/11/25 16:10:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/06/05 20:57:03 | 000,024,227 | ---- | C] () -- C:\Users\user\AppData\Roaming\UserTile.png
[2007/06/17 14:47:28 | 000,003,046 | ---- | C] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2007/05/14 19:24:52 | 000,136,192 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/20 15:45:31 | 000,000,680 | ---- | C] () -- C:\Users\user\AppData\Local\d3d9caps.dat

[color=#E56717]========== LOP Check ==========[/color]

[2009/03/07 20:26:27 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Foxit
[2010/08/06 09:28:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Foxit Software
[2007/08/06 15:55:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Grisoft
[2010/11/25 16:19:39 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Leadertech
[2010/11/14 18:28:31 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\OpenOffice.org
[2008/06/05 20:57:03 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PeerNetworking
[2011/03/02 18:03:12 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\QuickScan
[2007/06/17 14:47:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Template
[2007/05/12 20:09:05 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WinBatch
[2012/08/07 16:03:41 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34

OTL Extras logfile created on: 8/7/2012 5:25:11 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\user\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 49.27% Memory free
4.23 Gb Paging File | 3.13 Gb Available in Paging File | 73.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290.30 Gb Total Space | 205.57 Gb Free Space | 70.81% Space Free | Partition Type: NTFS
Drive D: | 7.79 Gb Total Space | 0.72 Gb Free Space | 9.22% Space Free | Partition Type: NTFS
Drive E: | 298.09 Gb Total Space | 261.22 Gb Free Space | 87.63% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{AA299B76-AB28-48BF-856D-EF410CEFD860}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{B7EC48E5-CE0F-4C07-9508-EA449C4B8DD6}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CC678C5-2AA8-4FB2-93CA-7C01AEF2DD2B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1088F676-6614-4214-9D06-CE620175434C}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{12DD79F1-5DB0-4098-9A00-75983CDC1932}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{35C8F422-D8E2-42EE-BE44-A3CF815CE269}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{3A2C0C4D-DCF4-4602-96D4-A1AAC8A4792B}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{77835890-0A4F-480F-BFD7-6A0F59F5854B}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{786CE00B-75E3-441D-994C-B21A4BA48112}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{7FA77F65-2A96-4389-BF08-E6BC81074E3D}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{83508E32-7654-41C8-B4DC-6FC180FBB39D}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{890053C6-F692-4305-A0A9-59AE7B30D7B2}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{8CD5ADC5-2EC3-4878-B207-9168A8D12514}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{8D4F5BBD-C56C-4B5E-8DEA-5AB7AE237884}" = dir=in | app=c:\program files\hp connections\6811507\program\hp connections |
"{9C87B66F-CEB2-4C65-A56D-00C202CDD216}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{B945B534-3BC5-407E-BBE4-FB03BA8F51BC}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{DDF5DB28-98F0-4943-8015-4ACA780B6BFA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{ECFE0557-06A6-405F-B7DA-3A4CE727D434}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{F945D9B0-F7EB-4589-9E37-9AA519942EC9}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"TCP Query User{78F72ABD-6A22-4161-B4E6-BF0329B14A78}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{885C9993-E4B0-4603-9CA6-EA507256EF04}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00422D27-AAF5-493F-8232-EA1D1D920025}" = Foxit Reader
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EC7C406-B592-4686-BAC1-AD29A85EAE6A}" = HP Driver Diagnostics
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}" = IntelĀ® Viiv™ Software
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{77CA976C-403C-47E2-940B-733ECAB6F62B}" = muvee autoProducer 5.0
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BA248A92-1136-497E-8E1A-2591CBFB18EB}" = HP Smart Web Printing
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E4A02A3F-4F8A-4D94-BB99-68BC1D1CF6DB}" = Roxio MyDVD Basic v9
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Belarc Advisor" = Belarc Advisor 8.1
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"Foxit Reader" = Foxit Reader
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012
"Intel(R) Configuration Center" = IntelĀ® Viiv™ Software
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"OsdMaestro" = HP On-Screen Caps/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"Picasa 3" = Picasa 3
"RealFlightG3Pro" = RealFlight G3 R/C Simulator
"RealPlayer 6.0" = RealPlayer
"Rhapsody" = Rhapsody
"SpywareBlaster_is1" = SpywareBlaster 4.6
"SystemRequirementsLab" = System Requirements Lab

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 7/10/2012 5:37:10 AM | Computer Name = user-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.19272 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: e38 Start Time: 01cd5e76a0984ba9 Termination Time: 0

Error - 7/16/2012 9:07:50 AM | Computer Name = user-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.19272 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: f84 Start Time: 01cd6353266b2449 Termination Time: 16

Error - 7/21/2012 5:06:15 PM | Computer Name = user-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19272, time stamp
0x4fb1cd10, faulting module Flash32_11_3_300_257.ocx, version 11.3.300.257, time
stamp 0x4fc82006, exception code 0xc0000005, fault offset 0x001cf8d9, process id
0x684, application start time 0x01cd6784a6471136.

Error - 8/3/2012 2:50:29 PM | Computer Name = user-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.19272 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: fa0 Start Time: 01cd7192f701d0e4 Termination Time: 40

Error - 8/3/2012 3:32:56 PM | Computer Name = user-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.19272 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1374 Start Time: 01cd71aea19c7bc4 Termination Time: 16

Error - 8/6/2012 9:42:22 AM | Computer Name = user-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/6/2012 12:22:49 PM | Computer Name = user-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/7/2012 11:12:07 AM | Computer Name = user-PC | Source = EventSystem | ID = 4609
Description =

Error - 8/7/2012 11:30:54 AM | Computer Name = user-PC | Source = System Restore | ID = 8193
Description =

Error - 8/7/2012 1:01:10 PM | Computer Name = user-PC | Source = EventSystem | ID = 4609
Description =

[ IntelDH Events ]
Error - 6/4/2007 7:42:57 PM | Computer Name = user-PC | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::XMLDoc could not
create the MSXML DOM Object

Error - 6/4/2007 7:42:57 PM | Computer Name = user-PC | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::XMLDoc could not
create the MSXML DOM Object

Error - 6/4/2007 7:42:57 PM | Computer Name = user-PC | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::XMLDoc could not
create the MSXML DOM Object

Error - 6/4/2007 7:42:57 PM | Computer Name = user-PC | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::XMLDoc could not
create the MSXML DOM Object

Error - 6/4/2007 7:42:57 PM | Computer Name = user-PC | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::XMLDoc could not
create the MSXML DOM Object

Error - 6/4/2007 7:42:57 PM | Computer Name = user-PC | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::XMLDoc could not
create the MSXML DOM Object

Error - 6/4/2007 7:42:57 PM | Computer Name = user-PC | Source = AlertService | ID = 15
Description = A CCU internal function detected an error: XMLDoc::LoadXML failed
- exception

Error - 6/4/2007 7:42:57 PM | Computer Name = user-PC | Source = AlertService | ID = 16
Description = The DataManager failed to create the XML data store. Function = ICS
Log failed

Error - 6/4/2007 7:43:02 PM | Computer Name = user-PC | Source = CCU_Engine | ID = 15
Description = A CCU internal function detected an error: CCUEngine failed to create
the DataManager

Error - 6/4/2007 7:43:02 PM | Computer Name = user-PC | Source = UIMgr | ID = 17
Description = A CCU interface function returned an error: CCUUIManager could not
create an instance of the CCU Engine

[ Media Center Events ]
Error - 6/6/2009 1:30:04 PM | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/9/2009 11:30:48 AM | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 8/7/2012 2:26:18 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/7/2012 2:26:18 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/7/2012 2:26:18 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/7/2012 3:43:35 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/7/2012 3:43:35 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/7/2012 3:43:35 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/7/2012 4:02:38 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 8/7/2012 4:05:07 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/7/2012 4:05:07 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/7/2012 4:05:07 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7026
Description =

Results of screen317's Security Check version 0.99.43
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 8 [color=red]Out of date![/color]
[u]``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Disabled!
Kaspersky Internet Security
Antivirus up to date! (On Access scanning disabled!)
[u]`````````Anti-malware/Other Utilities Check:`````````[/u]
MVPS Hosts File
SpywareBlaster 4.6
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.62.0.1300
CCleaner
JavaFX 2.1.1
Java(TM) 7 Update 5
[u]````````Process Check: objlist.exe by Laurent````````[/u]
Kaspersky Lab Kaspersky Internet Security 2012 avp.exe
[u]`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 0 %
[u]````````````````````End of Log``````````````````````[/u]

Did an ESET on line scan, but somehow lost the log when I closed out window.. Was not where instructions said it would be., but it did indicate no problems.

LoPhatPhuud
MVM
join:2002-01-06
Albuquerque, NM

1 recommendation

LoPhatPhuud to BlueJay

MVM

to BlueJay
A quick scan does not show anything. I'll go over the logs closer first thing in the morning but in the meantime I want to check for Rootkits.

Download and run GMER. Post the log in this thread, even if nothing is found.

You find link(s) and instructions here:
»Security Cleanup FAQ »Rootkit Detection Applications
BlueJay
join:2007-11-06

BlueJay

Member

Thanks so much LPP.. I've downloaded GMER, but am at a loss as to how to disconnect from the internet to perform the scan.. Know how to disable KIS..

Disconnect the modem??
BlueJay

BlueJay

Member

Well, disconnect the modem did it.. Took me 3 tries to complete the scan, hope I was successful.. Here's the log, and thanks again ..
ciao, bj

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-08-08 00:29:35
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST332082 rev.3.AH
Running: tee1fr57.exe; Driver: C:\Users\user\AppData\Local\Temp\kwldapob.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x9843E28A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x98458342]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x98458678]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x984589EE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x9843ED04]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x9845802A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x9843F276]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x9843F164]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x984584E8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x9843E046]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x9843F38E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x9843E8BA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x984585B0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x9843F74E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0x9843ED46]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x98440750]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x9843F840]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x9843FDAC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwNotifyChangeKey [0x98456840]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x9843F308]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x9843F1F0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x9843E4C4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x9843FB90]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x9843F420]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x9843E3B8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x9843F55C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryObject [0x98456A38]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x984400D2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x9843F9E0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x984587DC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x9845872A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x98458848]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x984405F2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x984581B2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x9843EBA4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x9843F5FA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x98440222]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x98440316]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x98440450]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x9843F670]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x9843E664]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x9843E5BA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x9843FF8A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x9843E750]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x9843EA2A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateUserProcess [0x9843F4A6]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 119 87AF97DC 4 Bytes [8A, E2, 43, 98] {MOV AH, DL; INC EBX; CWDE }
.text ntkrnlpa.exe!KeSetEvent + 13D 87AF9800 8 Bytes [42, 83, 45, 98, 78, 86, 45, ...] {INC EDX; ADD DWORD [EBP-0x68], 0x78; XCHG [EBP-0x68], AL}
.text ntkrnlpa.exe!KeSetEvent + 181 87AF9844 4 Bytes [EE, 89, 45, 98] {OUT DX, AL ; MOV [EBP-0x68], EAX}
.text ntkrnlpa.exe!KeSetEvent + 1A9 87AF986C 4 Bytes [04, ED, 43, 98] {ADD AL, 0xed; INC EBX; CWDE }
.text ntkrnlpa.exe!KeSetEvent + 1C1 87AF9884 4 Bytes [2A, 80, 45, 98]
.text ...

---- User code sections - GMER 1.0.15 ----

? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] C:\Windows\system32\ntdll.dll time/date stamp mismatch; unknown module: secserv.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] ntdll.dll!NtProtectVirtualMemory 77C24BA4 5 Bytes JMP 6AC91765 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll (Ushata module/Kaspersky Lab ZAO)
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] C:\Windows\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] USER32.dll!SetScrollInfo + 7A8 76967980 4 Bytes [E0, 13, 54, 67]
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] C:\Windows\system32\ntdll.dll time/date stamp mismatch; unknown module: secserv.dll
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] ntdll.dll!NtProtectVirtualMemory 77C24BA4 5 Bytes JMP 6AC91765 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ushata.dll (Ushata module/Kaspersky Lab ZAO)
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] C:\Windows\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] USER32.dll!SetScrollInfo + 7A8 76967980 4 Bytes [E0, 13, 54, 67]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74BD7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74C1B4E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74BDBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74BCF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74BD75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74BCE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74C073F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [74BDDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74BCFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74BCFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74BC71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74C5CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74BFC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74BCD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74BC6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74BC687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1448] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74BD2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 7DFF05F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 7DFF0664
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 7DFF06D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF073C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 7DFF03DC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0370
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USERENV.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetErrorMode] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0370
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2264] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 7DFF05F8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 7DFF0664
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 7DFF06D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF073C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] 7DFF03DC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0370
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USERENV.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetErrorMode] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapDestroy] 7DFF0520
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!HeapCreate] 7DFF04B4
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] 7DFF0370
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlAllocateHeap] 7DFF0298
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\NETAPI32.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!CreateThread] 7DFF0448
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!SetErrorMode] 7DFF0DFC
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleHandleA] 7DFF0CB8
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetModuleHandleW] 7DFF0D24
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!HeapFree] 7DFF058C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SAMLIB.dll [ntdll.dll!RtlFreeHeap] 7DFF0304
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!FreeLibrary] 7DFF0C4C
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress] 7DFF0D90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe[2860] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7DFF0E68

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

---- EOF - GMER 1.0.15 ----
BlueJay

BlueJay

Member

I should also add that during the course of one of the safe modes, I installed a new driver for my NVIDIA.

LoPhatPhuud
MVM
join:2002-01-06
Albuquerque, NM

1 recommendation

LoPhatPhuud to BlueJay

MVM

to BlueJay
You did great with GMER. Nothing adverse! The logs do not show anything adverse on your computer. I don't see any "questionable" software remains, nor signs of exploit activity.

All we need to do is cleanup and we are done!!!

Cleaning Up:

Delete TFC:
  • Delete the TFC icon on your Desktop

Delete OTL:
  • Double click the OTL icon on your Desktop
  • Press the 'Cleanup' button

Delete Security Check:
  • Delete the SecurityCheck icon on your Desktop

Delete Malware Bytes:
  • We recommend that you keep MalwareBytes (MBAM) and run it every week. There is no charge to keep the program however the real time protection will stop after the trial period. Be sure to update the definitions before each use. If you decide not to keep MBAM, use Add/Remove Programs to uninstall it.

Delete Sophos AntiRootkit
  • If we asked you to run Sophos AntiRootkit program, uninstall it thru Add/Remove Programs.

Other Programs:
  • If we asked you to install any other programs that are not removed by the OTL cleanup procedure, we will provide separate removal instructions.
BlueJay
join:2007-11-06

BlueJay

Member

Thanks LPP, Is GMER deleted by the icon on desktop also?

I saw mentioned in one of the scans that IE 8 is out of date.. As far as I know, all Windows updates have been installed. Is that telling me to upgrade to IE9?

Also, memory was showing as 2. g with .98 g available. In your opinion, should I get more memory? Could low memory cause the strange blue screens?

Again, many thanks for your help and being here when we need you.

ciao,bj

LoPhatPhuud
MVM
join:2002-01-06
Albuquerque, NM

LoPhatPhuud to BlueJay

MVM

to BlueJay
OK, answers to your questions.

1. The OTL removal process should uninstall GMER as well. If it leaves an icon on the desktop, you can just delete it.

2. For Windows XP, IE8 is the furthest you can go. For Vista, and Windows 7, IE9 is the current version and I recommend upgrading. It's more secure.

3. For 32bit systems (yours) the max usable ram is ~3.5gb. More memory never hurts. Increasing to 3gb if its cost efficient. I onlyh have 2gb in my laptop (XP) and netbook (Win7). For 64bit systems I generally recommend 8gb.

Low memory should not cause the strange blue screen you are seeing.
LoPhatPhuud

1 recommendation

LoPhatPhuud to BlueJay

MVM

to BlueJay
If the blue screens continue try running the HP Driver Diagnostics program, and post the output, along with a link to this forum in the DSLR Hardware forum.
BlueJay
join:2007-11-06

BlueJay

Member

Again, my thanks LPP.. IE9 has been sitting in Windows update for a while and as you recommended I should install.

Will look into adl memory..

And will checkout the HP Driver Diagnostics program, have to figure which one to use.. Google listed a bunch.. Or is it something that I have on my machine and I don't know?

ciao, bj

LoPhatPhuud
MVM
join:2002-01-06
Albuquerque, NM

LoPhatPhuud to BlueJay

MVM

to BlueJay
The OTL logs show "HP Driver Diagnostics" in the uninstall list, so it should already be installed on your computer.
BlueJay
join:2007-11-06

BlueJay

Member

Thanks, LPP... I spent a while trying to locate that diagnostic program, but no luck.. I did find it listed in SbS&D's uninstall listings.. It wasn't in bold letters, so am assuming that it is no longer on my mach..

I really, really do appreciate your assistance in this..

ciao, bj

lilhurricane
Crunchin' For Cures
Numquam oblita
join:2003-01-11
Purple Zone

lilhurricane

Numquam oblita

BJ.. download a copy from the manufacturer website I've linked below.

»h10025.www1.hp.com/ewfrf ··· -68106-1

Our forum scope is limited to assisting victims with active infections, so I'd like to thank you for allowing us the opportunity to examine your issues.

Now that you have full clearance from the Security Cleanup forum..

....(and this is a good thing)...

...please know that any additional hardware related questions can still be addressed in our »Computer Hardware Help forum

Note: Our Security Clean-Up logs, are not a silver bullet for diagnosis, so please when re-posting to that area, do not include any, - you might, however add a link to this thread for reference.

Safe surfing!
BlueJay
join:2007-11-06

1 recommendation

BlueJay

Member

Bless you Lil,

You and LPP have gone above and beyond the call and are very much in my debt..

I'll download that copy and give it a shot.. Just hope my aim is good..

ciao, bj