Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Very Slow User Startup


  • This topic is locked This topic is locked
23 replies to this topic

#1 grommit2117

grommit2117

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 06 December 2011 - 04:46 PM

I've probably put up with this for too long. My 9 year old PC, running XP SP3 has been taking close to ten minutes to load a user and while I've done some clean up and just did a defrag, it hasn't helped. I ran Spybot S&D and found nothing, then ran Avira in safe mode and found nothing. When I ran Avira in normal mode, I did get 91 warnings, each saying 'The file cound not be opened!'. Outside of the slow startup and some applications taking a while to start up, there doesn't seem to be anything wrong. May just be a case of an old PC not able to keep up as well these days, but should I be concerned with the warnings from the Avira scan?

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:10:35 AM

Posted 10 December 2011 - 03:15 PM

Please perform the following, so that we can get the exact specs of your computer. This will better assist us in helping you more.

Publish a Snapshot using Speccy

The below is for those who cannot get online

Please take caution when attaching a text file to your post if you cannot copy/paste the link to your post, you will need to edit it to make sure that your Windows Key is not present.

#3 grommit2117

grommit2117
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 10 December 2011 - 05:40 PM

Hey, thanks for the reply. Speccy snapshot below:

http://speccy.piriform.com/results/xB5rYBtCwYxmiTRObJVUwMU

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:10:35 AM

Posted 11 December 2011 - 06:12 AM

I recommend upgrading to 2 gigs of RAM, because 512Megs of RAM is hardly enough for Windows XP.

#5 grommit2117

grommit2117
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 12 December 2011 - 06:16 PM

Heh, 512Megs was good enough way back in the good old days. So you really think it's just a memory problem and I can safely ignore the Avira warnings?

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:10:35 AM

Posted 12 December 2011 - 07:13 PM

Upgrade your memory and we will take care of your Avira.

#7 grommit2117

grommit2117
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 14 December 2011 - 09:18 AM

Well, I guess I have already made a memory upgrade of sorts as I purchased a new pc a couple of weeks back. I had intended to move data and apps over from the old machine (while keeping the old pc to tinker around with). But, I haven't done so yet as I'm concerned about inadvertently moving infected files to the new machine.

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:10:35 AM

Posted 14 December 2011 - 12:19 PM

Well now that you have told me you have another machine, lets scan:

Hello,

And welcome to BleepingComputer.com, before we can assist you with your question of: Am I infected? You will need to perform the following tasks and post the logs of each if you can.

Please download and run Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Malwarebytes Anti-Malware

NOTEMalwarebytes is now offering a free trial of their program, if you want to accept it you will need to enter some billing information, so that at the end of the trial you would be charged the cost of the product. Please decline this offer, if you are unable to provide billing information. If you want to try it out, then provide the billing information.

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


SUPERAntiSpyware:

Please download and scan with SUPERAntiSpyware Free

  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are unchecked (leave all others checked):
    • Ignore files larger then 4mb
    • Ignore non-executable files

    Now Perform the scan with SUPERAntiSpyware as follows:
    • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    • On the left, make sure you check C:\Fixed Drive.
    • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes" and reboot normally.
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.[list]
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

SAS Portable
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now GMER

GMER does not work in 64bit Mode!!!!!!

Please download GMER from one of the following locations and save it to your desktop:

  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.


All scans above should be performed in regular boot mode, and if that is not possible then I will post instructions in a follow up reply on how to get into Safe Mode to perform the scans. Also all scans should be COMPLETE and not quick unless specifically instructed to do so.

#9 grommit2117

grommit2117
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 15 December 2011 - 06:13 AM

Hi again,

I'm in the process of running the requested scans and I have a question about the MBAM results. The MBAM scan is finished but I have not yet run the removal of the five infected items it identified because I'm concerned about false positives:

Backdoor.Padodoor
Registry Key
HKEY_CLASSES_ROOT\CLSID\{79FEACFF-FFCE-815E-A899-316290B5B738}

Trojan.Agent
File
c:\vb_dotnet_tutorial\chapter_01\Projects\windowsapplication2\windowsapplication2\bin\Debug\windowsapplication2.exe

Trojan.Agent
File
c:\vb_dotnet_tutorial\chapter_01\Projects\windowsapplication2\windowsapplication2\obj\Debug\windowsapplication2.exe

Backdoor.Bot
Registry Value
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cryptographic Service

PUM.Disabled.SecurityCenter
RegistryData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify

I am almost sure that two identified Trojan.Agent files are false positives though I wouldn't miss them anyway. The identifed Backdoor.Bot I'm wondering about - I thought cryptographic service was a necessary item to have. Can you verify that it's safe for me to remove this? Also, I believe Microsoft Security Center AntiVirus was disabled so that it would not interfere with Avira - shouldn't I leave the registry data alone for that?

#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:10:35 AM

Posted 15 December 2011 - 09:27 AM

Can post the full logs please?

#11 grommit2117

grommit2117
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 16 December 2011 - 03:21 PM

Alright, I decided to make sure my registry was backed up and went ahead with having MBAM remove all five of the identified items. Did SAS scan. GMER was a mess though. First attempt, it completed the scan, but I couldn't save a file or copy and paste contents as I got a series of warnings stating something similar to:
'insufficient system resources exist to complete requested service'

and:
'Windows was unable to save all the data for the file Device\HarddiskVolume2\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP973. The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Please try to save this file elsewhere.'

I got a log file with nothing in it. So I ran GMER again. It crashed almost immediately. Tried it again and got a BSOD. Tried again and unchecked Devices. It ran through and did save a file with a small amount of content, but I could not copy and paste anything. So then I tried in Safe Mode, got another BSOD. I tried one last time in Safe Mode while unchecking Devices. The scan ran all the way through, but again I could not save a log file or copy and paste contents as I got a series of warnings similar to the first scan I attempted.

I've attached the one GMER log that I was able to save, though I'm not sure if it is complete. The PC boots even more slowly now than before. Here are the logs:

SecurityCheck

Results of screen317's Security Check version 0.99.28
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Out of date Spybot installed!
MVPS Hosts File
Spybot - Search & Destroy 1.5.2.20
SpywareBlaster 4.5
Spybot - Search & Destroy
HijackThis 2.0.2
Java Advanced Imaging 1.1.3 for JDK
Java Advanced Imaging Image I/O Tools 1.1 for JDK
Java DB 10.5.3.0
Java™ 6 Update 19
Java™ SE Development Kit 6 Update 18
Java Advanced Imaging 1.1.3 for JDK
Java Advanced Imaging Image I/O Tools 1.1 for JDK
Java version out of date!
Adobe Flash Player 11.1.102.55
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox ((3.6.24)) Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````


MBAM

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8371

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/15/2011 4:11:27 PM
mbam-log-2011-12-15 (16-11-27).txt

Scan type: Full scan (C:\|)
Objects scanned: 479544
Time elapsed: 5 hour(s), 51 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{79FEACFF-FFCE-815E-A900-316290B5B738} (Backdoor.Padodor) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cryptographic Service (Backdoor.Bot) -> Value: Cryptographic Service -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\vb_dotnet_tutorials\chapter_01\Projects\windowsapplication2\windowsapplication2\bin\Debug\windowsapplication2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\vb_dotnet_tutorials\chapter_01\Projects\windowsapplication2\windowsapplication2\obj\Debug\windowsapplication2.exe (Trojan.Agent) -> Quarantined and deleted successfully.


SAS

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/15/2011 at 06:52 PM

Application Version : 5.0.1142

Core Rules Database Version : 8054
Trace Rules Database Version: 5866

Scan type : Complete Scan
Total Scan Time : 02:11:28

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 421
Memory threats detected : 0
Registry items scanned : 44870
Registry threats detected : 0
File items scanned : 106755
File threats detected : 82

Adware.Tracking Cookie
C:\DOCUMENTS AND SETTINGS\SEAN NEW II\Cookies\sean_new_ii@google[3].txt [ Cookie:sean new ii@google.com/accounts/ ]
2mdn.net [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
adknowledge.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
adsatt.espn.go.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
assets.bravenet.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
broadcast.piximedia.fr [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
cdn4.specificclick.net [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
cdn5.specificclick.net [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
cloudfront.mediamatters.org [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
ds.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
googleads.g.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
ia.media-imdb.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
input.insights.gravity.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
interclick.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
m1.2mdn.net [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
media.amateurs-gone-wild.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
media.crooksandliars.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
media.ign.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
media.king5.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
media.mtvnservices.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
media.productorial.com.edgesuite.net [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
media.scanscout.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
media.theonion.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
media01.kyte.tv [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
media1.break.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
media4.redlasso.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
medianewsgroup.a.mms.mavenapps.net [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
mediaonenetwork.net [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
msnbcmedia.msn.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
oddcast.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
polltracker.talkingpointsmemo.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
s0.2mdn.net [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
sas-origin.onstreammedia.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
serving-sys.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
spe.atdmt.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
speed.pointroll.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
udn.specificclick.net [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
video.pornhost.tv [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
web.adknowledge.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
zedo.com [ C:\DOCUMENTS AND SETTINGS\SEAN NEW II\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\FVKLFNL6 ]
.tacoda.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.tacoda.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.tacoda.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.tacoda.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.tacoda.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.chitika.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
rotator.adjuggler.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.mediamatters.org [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
z.blogads.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
rotator.adjuggler.com [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\DOCUMENTS AND SETTINGS\TEMP\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YIQJQCNC.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP974\A0132090.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP974\A0132091.EXE


GMER

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-12-16 09:32:05
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 IC35L090AVV207-0 rev.V23OA66A
Running: 4if9r2fc.exe; Driver: C:\DOCUME~1\SEANNE~1\LOCALS~1\Temp\fxtdrpoc.sys


---- System - GMER 1.0.15 ----

SSDT F8C5F7AC ZwClose
SSDT F8C5F766 ZwCreateKey
SSDT F8C5F7B6 ZwCreateSection
SSDT F8C5F75C ZwCreateThread
SSDT F8C5F76B ZwDeleteKey
SSDT F8C5F775 ZwDeleteValueKey
SSDT F8C5F7A7 ZwDuplicateObject
SSDT F8C5F77A ZwLoadKey
SSDT F8C5F748 ZwOpenProcess
SSDT F8C5F74D ZwOpenThread
SSDT F8C5F784 ZwReplaceKey
SSDT F8C5F77F ZwRestoreKey
SSDT F8C5F7BB ZwSetContextThread
SSDT F8C5F770 ZwSetValueKey
SSDT F8C5F757 ZwTerminateProcess

---- EOF - GMER 1.0.15 ----

#12 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:10:35 AM

Posted 16 December 2011 - 04:04 PM

download and run TDSSKiller and if prompted to fix something DO NOT FIX ANYTHING post the resulting log.

#13 grommit2117

grommit2117
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 16 December 2011 - 05:06 PM

Here's the TDSSKiller log:

23:00:55.0682 1720 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
23:00:57.0089 1720 ============================================================
23:00:57.0089 1720 Current date / time: 2011/12/16 23:00:57.0089
23:00:57.0089 1720 SystemInfo:
23:00:57.0089 1720
23:00:57.0089 1720 OS Version: 5.1.2600 ServicePack: 3.0
23:00:57.0089 1720 Product type: Workstation
23:00:57.0089 1720 ComputerName: RALPH
23:00:57.0089 1720 UserName: Sean New II
23:00:57.0089 1720 Windows directory: C:\WINDOWS
23:00:57.0089 1720 System windows directory: C:\WINDOWS
23:00:57.0089 1720 Processor architecture: Intel x86
23:00:57.0089 1720 Number of processors: 2
23:00:57.0089 1720 Page size: 0x1000
23:00:57.0089 1720 Boot type: Normal boot
23:00:57.0089 1720 ============================================================
23:00:59.0261 1720 Initialize success
23:01:19.0658 3052 ============================================================
23:01:19.0658 3052 Scan started
23:01:19.0658 3052 Mode: Manual;
23:01:19.0658 3052 ============================================================
23:01:20.0220 3052 A5AGU (7cd94733f81127159c974f6a963580f2) C:\WINDOWS\system32\DRIVERS\A5AGU.sys
23:01:20.0252 3052 A5AGU - ok
23:01:20.0580 3052 Abiosdsk - ok
23:01:20.0877 3052 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
23:01:20.0893 3052 abp480n5 - ok
23:01:21.0330 3052 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:01:21.0330 3052 ACPI - ok
23:01:21.0690 3052 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
23:01:21.0705 3052 ACPIEC - ok
23:01:22.0096 3052 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
23:01:22.0205 3052 adpu160m - ok
23:01:22.0581 3052 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
23:01:22.0596 3052 aeaudio - ok
23:01:23.0034 3052 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:01:23.0096 3052 aec - ok
23:01:23.0487 3052 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
23:01:23.0550 3052 AFD - ok
23:01:23.0940 3052 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\System32\DRIVERS\agp440.sys
23:01:23.0972 3052 agp440 - ok
23:01:24.0347 3052 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
23:01:24.0362 3052 agpCPQ - ok
23:01:24.0706 3052 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
23:01:24.0722 3052 Aha154x - ok
23:01:25.0113 3052 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
23:01:25.0128 3052 aic78u2 - ok
23:01:25.0488 3052 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
23:01:25.0519 3052 aic78xx - ok
23:01:25.0894 3052 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
23:01:25.0910 3052 AliIde - ok
23:01:26.0316 3052 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
23:01:26.0347 3052 alim1541 - ok
23:01:26.0754 3052 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
23:01:26.0769 3052 amdagp - ok
23:01:27.0113 3052 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
23:01:27.0113 3052 amsint - ok
23:01:27.0457 3052 ANIO (920298c7aef97d8168d219d35975d295) C:\WINDOWS\system32\ANIO.SYS
23:01:27.0457 3052 ANIO - ok
23:01:27.0832 3052 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
23:01:27.0848 3052 asc - ok
23:01:28.0192 3052 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
23:01:28.0207 3052 asc3350p - ok
23:01:28.0551 3052 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
23:01:28.0551 3052 asc3550 - ok
23:01:28.0958 3052 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:01:28.0973 3052 AsyncMac - ok
23:01:29.0333 3052 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:01:29.0333 3052 atapi - ok
23:01:29.0661 3052 Atdisk - ok
23:01:30.0005 3052 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:01:30.0020 3052 Atmarpc - ok
23:01:30.0380 3052 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:01:30.0395 3052 audstub - ok
23:01:30.0536 3052 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
23:01:30.0536 3052 avgio - ok
23:01:30.0942 3052 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
23:01:30.0974 3052 avgntflt - ok
23:01:31.0396 3052 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
23:01:31.0458 3052 avipbb - ok
23:01:31.0833 3052 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:01:31.0833 3052 Beep - ok
23:01:32.0130 3052 bvrp_pci - ok
23:01:32.0208 3052 catchme - ok
23:01:32.0537 3052 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
23:01:32.0552 3052 cbidf - ok
23:01:32.0912 3052 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:01:32.0912 3052 cbidf2k - ok
23:01:33.0256 3052 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
23:01:33.0256 3052 cd20xrnt - ok
23:01:33.0631 3052 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:01:33.0646 3052 Cdaudio - ok
23:01:34.0053 3052 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:01:34.0084 3052 Cdfs - ok
23:01:34.0475 3052 Cdr4_xp (297acc7d7c66ec86ee0b4eb5af9a8fd3) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
23:01:34.0490 3052 Cdr4_xp - ok
23:01:34.0866 3052 Cdralw2k (5e31abf467a6fd857710c0927c88ee4c) C:\WINDOWS\system32\drivers\Cdralw2k.sys
23:01:34.0881 3052 Cdralw2k - ok
23:01:35.0256 3052 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:01:35.0288 3052 Cdrom - ok
23:01:35.0725 3052 cdudf_xp (cfd81f2140193fc7f1812e6d6eaf6795) C:\WINDOWS\system32\drivers\cdudf_xp.sys
23:01:35.0819 3052 cdudf_xp - ok
23:01:36.0132 3052 Changer - ok
23:01:36.0460 3052 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys
23:01:36.0460 3052 CmdIde - ok
23:01:36.0804 3052 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
23:01:36.0819 3052 Cpqarray - ok
23:01:37.0210 3052 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
23:01:37.0288 3052 dac2w2k - ok
23:01:37.0632 3052 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
23:01:37.0648 3052 dac960nt - ok
23:01:38.0038 3052 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:01:38.0054 3052 Disk - ok
23:01:38.0679 3052 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
23:01:38.0945 3052 dmboot - ok
23:01:39.0351 3052 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
23:01:39.0414 3052 dmio - ok
23:01:39.0742 3052 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:01:39.0773 3052 dmload - ok
23:01:39.0820 3052 DMSKSSRh - ok
23:01:40.0211 3052 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:01:40.0227 3052 DMusic - ok
23:01:40.0570 3052 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
23:01:40.0586 3052 dpti2o - ok
23:01:40.0961 3052 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:01:40.0961 3052 drmkaud - ok
23:01:41.0164 3052 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
23:01:41.0196 3052 DSproct - ok
23:01:41.0586 3052 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
23:01:41.0586 3052 dsunidrv - ok
23:01:42.0008 3052 dvd_2K (677829f7010768eeeed8d0083e510dab) C:\WINDOWS\system32\drivers\dvd_2K.sys
23:01:42.0024 3052 dvd_2K - ok
23:01:42.0430 3052 E100B (98b46b331404a951cabad8b4877e1276) C:\WINDOWS\system32\DRIVERS\e100b325.sys
23:01:42.0430 3052 E100B - ok
23:01:42.0868 3052 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
23:01:42.0899 3052 EL90XBC - ok
23:01:43.0337 3052 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:01:43.0399 3052 Fastfat - ok
23:01:43.0759 3052 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
23:01:43.0774 3052 Fdc - ok
23:01:44.0134 3052 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
23:01:44.0150 3052 Fips - ok
23:01:44.0525 3052 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:01:44.0525 3052 Flpydisk - ok
23:01:44.0931 3052 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
23:01:44.0978 3052 FltMgr - ok
23:01:45.0369 3052 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:01:45.0369 3052 Fs_Rec - ok
23:01:45.0759 3052 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:01:45.0806 3052 Ftdisk - ok
23:01:46.0181 3052 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:01:46.0197 3052 Gpc - ok
23:01:46.0572 3052 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
23:01:46.0588 3052 hpn - ok
23:01:47.0010 3052 HSFHWBS2 (5bb6ce6c3fac28d4ef5c147e02c19e0b) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
23:01:47.0072 3052 HSFHWBS2 - ok
23:01:47.0791 3052 HSF_DP (842b23035f8f68e79675efb436b6aa94) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
23:01:48.0166 3052 HSF_DP - ok
23:01:48.0588 3052 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
23:01:48.0667 3052 HTTP - ok
23:01:49.0057 3052 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
23:01:49.0057 3052 i2omgmt - ok
23:01:49.0432 3052 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
23:01:49.0432 3052 i2omp - ok
23:01:49.0823 3052 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:01:49.0839 3052 i8042prt - ok
23:01:50.0276 3052 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
23:01:50.0339 3052 i81x - ok
23:01:50.0652 3052 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
23:01:50.0667 3052 iAimFP0 - ok
23:01:51.0042 3052 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
23:01:51.0042 3052 iAimFP1 - ok
23:01:51.0386 3052 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
23:01:51.0402 3052 iAimFP2 - ok
23:01:51.0792 3052 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
23:01:51.0792 3052 iAimFP3 - ok
23:01:52.0168 3052 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
23:01:52.0183 3052 iAimFP4 - ok
23:01:52.0558 3052 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
23:01:52.0574 3052 iAimTV0 - ok
23:01:52.0965 3052 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
23:01:52.0980 3052 iAimTV1 - ok
23:01:53.0277 3052 iAimTV2 - ok
23:01:53.0621 3052 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
23:01:53.0637 3052 iAimTV3 - ok
23:01:54.0059 3052 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
23:01:54.0074 3052 iAimTV4 - ok
23:01:54.0450 3052 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:01:54.0465 3052 Imapi - ok
23:01:54.0825 3052 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
23:01:54.0825 3052 ini910u - ok
23:01:55.0184 3052 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\System32\DRIVERS\intelide.sys
23:01:55.0184 3052 IntelIde - ok
23:01:55.0528 3052 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:01:55.0544 3052 intelppm - ok
23:01:55.0950 3052 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
23:01:55.0966 3052 ip6fw - ok
23:01:56.0325 3052 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:01:56.0341 3052 IpFilterDriver - ok
23:01:56.0747 3052 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:01:56.0763 3052 IpInIp - ok
23:01:57.0138 3052 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:01:57.0138 3052 IpNat - ok
23:01:57.0513 3052 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:01:57.0544 3052 IPSec - ok
23:01:57.0919 3052 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:01:57.0919 3052 IRENUM - ok
23:01:58.0279 3052 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:01:58.0294 3052 isapnp - ok
23:01:58.0654 3052 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:01:58.0670 3052 Kbdclass - ok
23:01:59.0029 3052 kjufjvpt - ok
23:01:59.0389 3052 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:01:59.0467 3052 kmixer - ok
23:01:59.0889 3052 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:01:59.0936 3052 KSecDD - ok
23:02:00.0264 3052 lbrtfdc - ok
23:02:00.0545 3052 MBAMSwissArmy - ok
23:02:00.0873 3052 mdmxsdk (aeb54ef22cb7c7e3f405f69f048d696c) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
23:02:00.0873 3052 mdmxsdk - ok
23:02:01.0264 3052 mmc_2K (9b90303a9c9405a6ce1466ff4aa20fdd) C:\WINDOWS\system32\drivers\mmc_2K.sys
23:02:01.0280 3052 mmc_2K - ok
23:02:01.0639 3052 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:02:01.0655 3052 mnmdd - ok
23:02:02.0077 3052 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
23:02:02.0077 3052 Modem - ok
23:02:02.0421 3052 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:02:02.0436 3052 Mouclass - ok
23:02:02.0843 3052 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:02:02.0858 3052 MountMgr - ok
23:02:03.0218 3052 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
23:02:03.0233 3052 mraid35x - ok
23:02:03.0640 3052 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:02:03.0718 3052 MRxDAV - ok
23:02:04.0343 3052 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:02:04.0515 3052 MRxSmb - ok
23:02:04.0890 3052 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:02:04.0906 3052 Msfs - ok
23:02:05.0281 3052 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:02:05.0281 3052 MSKSSRV - ok
23:02:05.0640 3052 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:02:05.0640 3052 MSPCLOCK - ok
23:02:06.0047 3052 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:02:06.0047 3052 MSPQM - ok
23:02:06.0391 3052 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:02:06.0391 3052 mssmbios - ok
23:02:06.0813 3052 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
23:02:06.0860 3052 Mup - ok
23:02:07.0250 3052 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:02:07.0328 3052 NDIS - ok
23:02:07.0688 3052 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:02:07.0688 3052 NdisTapi - ok
23:02:08.0063 3052 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:02:08.0079 3052 Ndisuio - ok
23:02:08.0469 3052 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:02:08.0501 3052 NdisWan - ok
23:02:08.0876 3052 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
23:02:08.0891 3052 NDProxy - ok
23:02:09.0251 3052 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:02:09.0266 3052 NetBIOS - ok
23:02:09.0688 3052 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:02:09.0751 3052 NetBT - ok
23:02:10.0126 3052 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:02:10.0142 3052 Npfs - ok
23:02:10.0673 3052 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:02:10.0876 3052 Ntfs - ok
23:02:11.0236 3052 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:02:11.0236 3052 Null - ok
23:02:12.0017 3052 nv (b93ee8e8ad859dd1890cd5177c49017d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:02:12.0455 3052 nv - ok
23:02:12.0814 3052 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:02:12.0814 3052 NwlnkFlt - ok
23:02:13.0174 3052 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:02:13.0190 3052 NwlnkFwd - ok
23:02:13.0580 3052 omci (53d5f1278d9edb21689bbbcecc09108d) C:\WINDOWS\system32\DRIVERS\omci.sys
23:02:13.0596 3052 omci - ok
23:02:14.0002 3052 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
23:02:14.0018 3052 P3 - ok
23:02:14.0393 3052 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
23:02:14.0424 3052 Parport - ok
23:02:14.0831 3052 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:02:14.0846 3052 PartMgr - ok
23:02:15.0221 3052 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
23:02:15.0237 3052 ParVdm - ok
23:02:15.0643 3052 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
23:02:15.0675 3052 PCI - ok
23:02:16.0019 3052 PCIDump - ok
23:02:16.0378 3052 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
23:02:16.0378 3052 PCIIde - ok
23:02:16.0784 3052 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
23:02:16.0831 3052 Pcmcia - ok
23:02:17.0191 3052 PDCOMP - ok
23:02:17.0519 3052 PDFRAME - ok
23:02:17.0800 3052 PDRELI - ok
23:02:18.0082 3052 PDRFRAME - ok
23:02:18.0410 3052 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
23:02:18.0426 3052 perc2 - ok
23:02:18.0785 3052 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
23:02:18.0785 3052 perc2hib - ok
23:02:19.0176 3052 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:02:19.0207 3052 PptpMiniport - ok
23:02:19.0566 3052 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
23:02:19.0582 3052 Processor - ok
23:02:19.0988 3052 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:02:20.0020 3052 PSched - ok
23:02:20.0410 3052 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:02:20.0426 3052 Ptilink - ok
23:02:20.0817 3052 pwd_2k (d8b90616a8bd53de281dbdb664c0984a) C:\WINDOWS\system32\drivers\pwd_2k.sys
23:02:20.0879 3052 pwd_2k - ok
23:02:21.0223 3052 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
23:02:21.0239 3052 ql1080 - ok
23:02:21.0598 3052 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
23:02:21.0614 3052 Ql10wnt - ok
23:02:22.0052 3052 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
23:02:22.0067 3052 ql12160 - ok
23:02:22.0458 3052 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
23:02:22.0474 3052 ql1240 - ok
23:02:22.0864 3052 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
23:02:22.0880 3052 ql1280 - ok
23:02:23.0255 3052 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:02:23.0271 3052 RasAcd - ok
23:02:23.0630 3052 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:02:23.0646 3052 Rasl2tp - ok
23:02:24.0068 3052 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:02:24.0083 3052 RasPppoe - ok
23:02:24.0474 3052 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:02:24.0474 3052 Raspti - ok
23:02:24.0927 3052 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:02:24.0990 3052 Rdbss - ok
23:02:25.0365 3052 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:02:25.0381 3052 RDPCDD - ok
23:02:25.0803 3052 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:02:25.0865 3052 rdpdr - ok
23:02:26.0303 3052 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
23:02:26.0365 3052 RDPWD - ok
23:02:26.0725 3052 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:02:26.0741 3052 redbook - ok
23:02:26.0866 3052 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
23:02:26.0881 3052 SASDIFSV - ok
23:02:26.0944 3052 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
23:02:26.0975 3052 SASKUTIL - ok
23:02:27.0366 3052 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:02:27.0381 3052 Secdrv - ok
23:02:27.0756 3052 Sentinel (8627c992b8a80504fc477b2e8ff8ec4f) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
23:02:27.0788 3052 Sentinel - ok
23:02:28.0147 3052 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
23:02:28.0163 3052 serenum - ok
23:02:28.0538 3052 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
23:02:28.0569 3052 Serial - ok
23:02:29.0007 3052 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:02:29.0007 3052 Sfloppy - ok
23:02:29.0351 3052 Simbad - ok
23:02:29.0663 3052 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
23:02:29.0679 3052 sisagp - ok
23:02:30.0226 3052 smwdm (31fd0707c7dbe715234f2823b27214fe) C:\WINDOWS\system32\drivers\smwdm.sys
23:02:30.0413 3052 smwdm - ok
23:02:30.0773 3052 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
23:02:30.0789 3052 Sparrow - ok
23:02:31.0132 3052 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:02:31.0132 3052 splitter - ok
23:02:31.0523 3052 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
23:02:31.0554 3052 sr - ok
23:02:32.0148 3052 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
23:02:32.0273 3052 Srv - ok
23:02:32.0633 3052 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
23:02:32.0649 3052 ssmdrv - ok
23:02:33.0055 3052 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:02:33.0071 3052 swenum - ok
23:02:33.0446 3052 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:02:33.0461 3052 swmidi - ok
23:02:33.0852 3052 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
23:02:33.0852 3052 symc810 - ok
23:02:34.0227 3052 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
23:02:34.0243 3052 symc8xx - ok
23:02:34.0618 3052 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
23:02:34.0618 3052 symlcbrd - ok
23:02:35.0040 3052 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
23:02:35.0056 3052 sym_hi - ok
23:02:35.0431 3052 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
23:02:35.0446 3052 sym_u3 - ok
23:02:35.0853 3052 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:02:35.0884 3052 sysaudio - ok
23:02:36.0368 3052 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:02:36.0493 3052 Tcpip - ok
23:02:36.0869 3052 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:02:36.0884 3052 TDPIPE - ok
23:02:37.0259 3052 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:02:37.0275 3052 TDTCP - ok
23:02:37.0619 3052 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:02:37.0650 3052 TermDD - ok
23:02:38.0056 3052 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys
23:02:38.0056 3052 TosIde - ok
23:02:38.0494 3052 UdfReadr_xp (4e75005b74be901c30f2636df40b0c15) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
23:02:38.0572 3052 UdfReadr_xp - ok
23:02:38.0994 3052 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:02:39.0025 3052 Udfs - ok
23:02:39.0401 3052 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
23:02:39.0416 3052 ultra - ok
23:02:39.0901 3052 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:02:40.0026 3052 Update - ok
23:02:40.0385 3052 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:02:40.0401 3052 usbccgp - ok
23:02:40.0760 3052 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:02:40.0776 3052 usbehci - ok
23:02:41.0167 3052 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:02:41.0198 3052 usbhub - ok
23:02:41.0557 3052 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:02:41.0573 3052 usbprint - ok
23:02:41.0979 3052 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:02:41.0979 3052 usbscan - ok
23:02:42.0370 3052 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:02:42.0386 3052 USBSTOR - ok
23:02:42.0808 3052 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:02:42.0823 3052 usbuhci - ok
23:02:43.0183 3052 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:02:43.0199 3052 VgaSave - ok
23:02:43.0558 3052 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
23:02:43.0589 3052 viaagp - ok
23:02:43.0964 3052 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
23:02:43.0980 3052 ViaIde - ok
23:02:44.0340 3052 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
23:02:44.0371 3052 VolSnap - ok
23:02:44.0746 3052 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:02:44.0762 3052 Wanarp - ok
23:02:45.0121 3052 wanatw - ok
23:02:45.0387 3052 WDICA - ok
23:02:45.0731 3052 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:02:45.0777 3052 wdmaud - ok
23:02:46.0340 3052 winachsf (bcdcc21314add47e26f1dfa1605e11c9) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
23:02:46.0559 3052 winachsf - ok
23:02:47.0028 3052 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:02:47.0059 3052 WudfPf - ok
23:02:47.0465 3052 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:02:47.0512 3052 WudfRd - ok
23:02:47.0544 3052 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
23:02:47.0778 3052 \Device\Harddisk0\DR0 - ok
23:02:47.0778 3052 Boot (0x1200) (51291a519927dfaeaa42d782d2420fbc) \Device\Harddisk0\DR0\Partition0
23:02:47.0778 3052 \Device\Harddisk0\DR0\Partition0 - ok
23:02:47.0778 3052 ============================================================
23:02:47.0778 3052 Scan finished
23:02:47.0778 3052 ============================================================
23:02:47.0794 3048 Detected object count: 0
23:02:47.0794 3048 Actual detected object count: 0

#14 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:10:35 AM

Posted 19 December 2011 - 10:05 AM

Ok nothing detected there.

#15 grommit2117

grommit2117
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 19 December 2011 - 04:02 PM

Alright - is it safe to say at this point that I have a clean and slow PC?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users